North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)
According to what I understand, there have to be two certificates per entity: one is the CA-bit enabled certificate, used to sign subsidiary certificates about resources being given to other people to use. the other is a self-signed NON-CA certificate, used to sign route assertions you are attesting to yourself: you make this cert using the CA cert you get from your logical parent. -George
|