[arin-discuss] Question about the ARIN Relying Party Agreement - RPKI 'everyone must sign' and such...
Christopher Morrow
morrowc.lists at gmail.com
Wed Dec 5 01:40:21 EST 2012
On Tue, Dec 4, 2012 at 4:43 PM, John Curran <jcurran at arin.net> wrote:
> On Dec 4, 2012, at 3:18 PM, Christopher Morrow <morrowc.lists at gmail.com> wrote:
>
>> This seems, to me, mean that people outside the ARIN region, those
>> like in RIPE area, will have to sign something they don't know they
>> have to sign and ??
>
> Chris -
>
> The only parties that need to acknowledge that RPA are relying parties,
> and the need to do this once to obtain the TAL.
right, it's not clear to me that they'll know they need to do it
though? and they don't in many cases have a relationship with ARIN
either.
> This step insures that relying parties are aware of the terms and
> conditions associated with ARIN's CA prior to building reliance upon
doesn't the CPS do this though as well? It's part of the point of the
CPS really, I thought.
> its capabilities, and is baseline requirement contained in RFC 5280
> for prospective relying parties prior to them relying on the
> authentication or non-repudiation services associated with the public
> key in a particular certificate.
5280 is an rfc about CRLs and basic pkix x509 certs...
> Acknowledging the RPA occurs once with the download of ARIN's TAL;
> while it is an additional step, it's likely to be relatively small
> compared to the myriad of other tasks involved in setup of any RPKI-
> based validation.
sure, maybe. it seems like an unnecessary step though, since the same
sort of data is in the CPS, i think.
>
> This is also important to ARIN as an organization, as having a record
> that parties will not rely on the RPKI services at this time for life-
> critical or environmentally critical (as an example) could be important
> in some circumstances, and protecting ARIN in the rollout of this new
> service was deemed a priority by the Board.
this is covered in the cps, I think...you could certainly add in the
'do not rely on this for life relevant services' if you wanted, but
really 8.8 seems to cover it, to me.
> I encourage discussion of this topic, both here and at our April meeting;
> I hope this information is helpful input to that process.
thanks! ... april meeting, must put that on the calendar :)
> Thanks!
> /John
>
> John Curran
> President and CEO
> ARIN
>
>
>
>
>
>
>
More information about the ARIN-discuss
mailing list