[ppml] Policy Proposal: Documentation of the X.509Authentication Method

I would suggest ARIN signed vs. ARIN "provided".  Signed has a specific meaning.  Provided does not and the likely meanings I consider for it are NOT what I think is intended.  ORG should generate key-pair and CSR. ARIN should sign and return signed cert.


-----Original Message-----

From:  Leo Bicknell <bicknell at>
Subj:  Re: [ppml] Policy Proposal: Documentation of the X.509Authentication Method
Date:  Tue 2006 Oct 24 18:29
Size:  705 bytes
To:  ppml at

I'm supportive of this additional clarity in the NRPM, however I think
the X.509 documentation is missing two key points:

1) ARIN accepts only ARIN provided certificates, so users who want
to use this method will need to request a certificate from ARIN.

2) Some sort of pointer to where to find more information about how
to get an ARIN certificate.  I'm not sure we want a URL in the text,
but the information is at  It may be better
to reference the location via the name of some document, or other

       Leo Bicknell - bicknell at - CCIE 3440
        PGP keys at
Read TMBG List - tmbg-list-request at,