[address-policy-wg] 2008-08 New Version and Draft Document Published (Initial Certification Policy for Provider Aggregatable Address Space Holders)
- Previous message (by thread): [address-policy-wg] 2008-08 New Version and Draft Document Published (Initial Certification Policy for Provider Aggregatable Address Space Holders)
- Next message (by thread): [address-policy-wg] 2008-08 New Version and Draft Document Published (Initial Certification Policy for Provider Aggregatable Address Space Holders)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Erik Bais
ebais at a2b-internet.com
Wed Feb 9 16:50:20 CET 2011
> - you're in favour of the general principle, want some details changed, > but agree to pospone that to the next round of certificate-related > proposals (like "this proposal does not cover PI" - yes, we know, the > plan was to "start with the easy bits = PA"). Why is it stated : > This proposal only applies to IPv4 ALLOCATED PA blocks that were issued by the RIPE NCC and excludes early registration and legacy space, as well as > blocks marked as ALLOCATED UNSPECIFIED or ALLOCATED PI. That was one of the topics I noticed when I used the certification website for my own LIR. ( After some peer pressure by a guy named Alex B. ) I would think/argue that this would be more useful for specifically PI, rather than just doing it for PA. And to make things probably worse for the discussion, I would think that having the LIR manage this on behalf of their PI customers, might not be a bad idea, also because the location of the online certification site is in the LIR portal and this could be seen as one of the tasks a LIR does on behalf for their customers. PI LIR customers that doesn't want their specific LIR to deal with their certification process, could either change LIR or change to a Direct Assignment End-User, but I'm guessing that would be a very small group of all PI customers. It is my experience that PI customers don't want to deal with the 'RIPE stuff' and/or are not very responsive into sorting their stuff out, as long as they have access to their addresses/objects. And yes, I do realize that having a third party in the middle (the LIR) might be seen as an additional security risk, specifically in dealing with certificates, but that could be a different discussion. If the CA-TF isn't planning to change the policy to include ALLOCATED PI, is there a set time-frame on when this will be proposed / implemented ? Regards, Erik Bais Erik Bais | A2B Internet BV | +31 299 707 115 ( Office ) | +31 6 5122 1952 ( Dutch cell ) | ebais at a2b-internet.com |
- Previous message (by thread): [address-policy-wg] 2008-08 New Version and Draft Document Published (Initial Certification Policy for Provider Aggregatable Address Space Holders)
- Next message (by thread): [address-policy-wg] 2008-08 New Version and Draft Document Published (Initial Certification Policy for Provider Aggregatable Address Space Holders)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]