Steve, I'd like to thank you for working through these issues with me.
I think the new texxt you added before approval is very helpful. You
indicated you could add an additional sentence pointing out that
multiple signed objects would need to be used in order to deal with
phase 2 for end-entity certificates. While I think that would be
reasonable to add, I also don't think it is necessary.
I'm sorry the upgrade approach was not more obvious from the beginning.
"Stephen" == Stephen Kent <kent(_at_)bbn(_dot_)com> writes:
Stephen> I find your last sentence above confusing. I would say
Stephen> that the BGPSEC protocol will have to define how it deals
Stephen> with alg changes for the signed objects it defines, with
Stephen> key changes for RPKI certs, with alg changes for all RPKI
Stephen> objects, and with format changes for RPKI objects and for
Stephen> its own objects.
Excellent. Please consider it early input to the WG process that how
the protocol deals with all of these issues should be documented. The
sort of structure you adopted for the text added to cert profile seems
like a fine style to use, although of course there are others that would
also work. What I think is important is that the IESG and community at
large be able to evaluate these transition issues when the protocol
comes up for IETf review.
In conclusion, thanks again for your help. I see you're giving a talk
next Thursday on these issues at an ISOC chapter meeting; I hope to attend and
better come up to
speed.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf