aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--rpkid/README14
1 files changed, 11 insertions, 3 deletions
diff --git a/rpkid/README b/rpkid/README
index bcdcf7f7..308a6228 100644
--- a/rpkid/README
+++ b/rpkid/README
@@ -54,9 +54,17 @@ TO DO:
APNIC is now proposing a CMS-signed ASN.1 blob containing a
version number and an RPKI certificate. Kent and Housley have
- not bought into this yet. Need to do analysis to make sure
- this is adequate for our needs, if so just use it. This would
- involve minor changes to rcynic.
+ not bought into this yet.
+
+ RIPE is proposing that trust anchors just be a URL and a
+ public key, which one would use by fetching a self-signed RPKI
+ cert from the URL and comparing the public key.
+
+ If everybody homes under IANA, none of this is necessary and
+ what rcynic already does should suffice.
+
+ Need to pick something and go with it. All but "home under
+ IANA" would require minor changes to rcynic.
PRIORITY: Required for pilot (usability issue for relying parties)
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-29 13:45:24 +0000
n.net> 2007-04-17 18:04:37 +0000 Move discussion of publication protocol to publication-protocol document.' href='/sra/rpki.net/commit/docs/publication-protocol?id=8296cbd062c2bf9e17e00a3617633e924de12620'>8296cbd0 
5744f309









8296cbd0

085c4d1f

085c4d1f

5744f309





dace9895


5744f309




dace9895

085c4d1f









1

2

3

4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

23

24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

52
53
54

55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

114
115
116
117
118
119
120
121
122

123

124

125

126
127
128
129
130

131
132

133
134
135
136

137

138
139
140
141
142
143
144
145
146