North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)
>> [0] - i'll want the business cert to have the ca bit if i am >> large enough to have internal authorization process, and >> thus want to create and manage different certs for dns, >> billing, ... > > We are discussing how we can do subsidiary certificate services like > this in APNIC but I think this goes outside of routing policy and into > registry business practices which are unlikely to be common for all RIR > and NIR in the ways that resource certificates *have* to be. if it is not common across registries, and if my certs do not work across registries, then something is very very broken, and a major pita at the isps', aka your members', expense. randy
|