|
|
 |
Re: [ca-tf] Further CA work
-
To: Nigel Titley <nigel.titley@localhost
-
From: Robert Kisteleki robert@localhost
-
Date: Mon, 18 May 2009 12:59:49 +0200
-
Organization: RIPE NCC
(Speaking as an individual.)
Nigel Titley wrote:
Bearing in mind Russ's question in the NCC services group. When are we
likely to be taking steps beyond the first PKI portal? As he points out,
this is only the first step and is not really very useful on its own.
The way I interpreted his words (and as I agree with him) is that having
your own certificates about your address space, and maybe even issuing ROAs
is not a useful exercise on its own. But then, the NCC can only go that far
- we can only encourage actual real life usage and provide the basics for
our members. They are the ones that have to decide if and how they want to
use it...
Assuming this goes forward, the CA-TF needs to start chasing things like
the up-down protocol. Do we have plans for this?
The up-down protocol has been relatively stable as an IETF draft for quite
some time now. I think that the real question is prioritisation: when do we
need to implement it? I would assume that most of our members (from the
subset of them that would actually be interested in RPKI) will be relatively
happy with the hosted service. We'll have some number of requests for the
up-down service. So what's the threshold to start working on this? One
member request, or five or ten? Or zero?
Robert
Nigel
|
|
|
|
