[apwg-chairs] Re: [ca-tf] Certification-Policy Proposal - next steps?
Sander Steffann sander at steffann.nl
Fri Mar 26 11:15:08 CET 2010
Hi, > I must observe that none of the secure routing drafts say "you must reject an invalid signed route" -- they only affect the preferences in best path selection. That is a big difference, as revoking a certificate does _not_ tell anyone they should drop that announcement, merely that it's not as attractive as others may be. > > And even that only applies to direct path selection in the routers themselves, they have got nothing to do with filter constructions, where the choice is 100% up to the individual ISPs. This is what the community needs to hear. If everybody understands this there will be a lot less resistance. Sander
[ Ca-tf Archive ]