ARIN-PPML Message

[ppml] Policy Proposal: Documentation of the X.509Authentication Method

I would suggest ARIN signed vs. ARIN "provided".  Signed has a specific meaning.  Provided does not and the likely meanings I consider for it are NOT what I think is intended.  ORG should generate key-pair and CSR. ARIN should sign and return signed cert.

Owen


-----Original Message-----

From:  Leo Bicknell <bicknell at ufp.org>
Subj:  Re: [ppml] Policy Proposal: Documentation of the X.509Authentication Method
Date:  Tue 2006 Oct 24 18:29
Size:  705 bytes
To:  ppml at arin.net



I'm supportive of this additional clarity in the NRPM, however I think
the X.509 documentation is missing two key points:

1) ARIN accepts only ARIN provided certificates, so users who want
to use this method will need to request a certificate from ARIN.

2) Some sort of pointer to where to find more information about how
to get an ARIN certificate.  I'm not sure we want a URL in the text,
but the information is at http://www.arin.net/CA/.  It may be better
to reference the location via the name of some document, or other
reference.

-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org