ARIN-PPML Message

[ppml] Policy Proposal 2007-3: Documentation of the X.509 Authentication Method

On 15 February 2007 the ARIN Advisory Council (AC) concluded its review
of 'Documentation of the X.509 Authentication Method' and accepted it as
a formal policy proposal for discussion by the community.

The proposal is designated Policy Proposal 2007-3: Documentation of the
X.509 Authentication Method. The proposal text is below and can be found
at: http://www.arin.net/policy/proposals/2007_3.html

All persons in the community are encouraged to discuss Policy Proposal
2007-3 prior to it being presented at the ARIN Public Policy Meeting in
San Juan, Puerto Rico, 23-24 April 2007. Both the discussion on the
Public Policy Mailing List and at the Public Policy Meeting will be used
to determine the community consensus regarding this policy proposal.

The ARIN Internet Resource Policy Evaluation Process can be found at:
http://www.arin.net/policy/irpep.html

ARIN's Policy Proposal Archive can be found at:
http://www.arin.net/policy/proposals/proposal_archive.html

Regards,

Member Services
American Registry for Internet Numbers (ARIN)


## * ##


Policy Proposal 2007-3: Documentation of the X.509 Authentication Method

Authors:
Paul Vixie,
Mark Kosters,
Chris Morrow,
Jared Mauch,
Bill Woodcock

Proposal type: New

Policy term: Permanent

Policy statement:

DELETION FROM THE NRPM

12.3 X.509
This section intentionally left blank.

ADDITION TO THE NRPM

12.3 X.509
ARIN accepts X.509-signed transactions as authentic communication from
authorized Points of Contact. POCs may denote their records
"crypt-auth," subsequent to which unsigned communications shall not be
deemed authentic with regard to those records.

Rationale:

This policy complements the previously-proposed "Reinstatement of PGP
Authentication Method" which introduces section 12 to the NRPM. Section
12 relates the existence of three authentication methods. Two of those,
mail-from and X.509, were preexisting but not documented within the NRPM.

This policy proposal simply seeks to provide brief documentation of the
existence of the X.509 authentication method. Because the specific
wording of the documentation may be subject to debate, and is in no way
interdependent upon the documentation of the other two methods, it is
being proposed in a separate policy, so that consensus may be more
easily reached.

Timetable for implementation: Immediate