[dbwg] X.509 Extensions for IP Addresses and AS Identifiers

[Edward Lewis]

As far as whether "any consideration [is] being given to supporting 
these extensions in ARIN's implementation of X.509?"

Stopping well short of saying that whether ARIN will commit to 
implementing (or deploying) these extensions or not, we are looking 
at them - and other options.  As Paul Wilson stated, in APNIC's 
experience, they have noticed "a fundamental problem with this draft" 
as described in his reply.  Although we are continuing  our research 
into this, it appears unlikely that we will implement to the 
(now-expired) internet draft based (at least) on APNIC's input.

Also, note that document is expired and it is 'just' an internet 
draft.  If/when a new version is distributed, it we will consider it. 
It is always risky committing to implementing anything based on an 
IETF internet draft, as such a document hasn't completed a full 
review by the IETF community.

And, of course, if we are asked for input on that document and we 
happen to have something to contribute, we will.

At 11:24 -0400 4/11/03, Larry J. Blunk wrote:
>     There's an Internet Draft available from BBN Technologies
>which describes extensions to X.509 certificicates to
>incorporate IP and AS allocation information.  See --
>
>http://www.net-tech.bbn.com/sbgp/draft-ietf-pkix-x509-ipaddr-as-extn-00.txt
>
>     This draft was produced as part of the Secure BGP project.
>Is there any consideration being given to supporting these
>extensions in ARIN's implementation of X.509?

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                            +1-703-227-9854
ARIN Research Engineer

"I'm sorry, sir, your flight is delayed for maintenance.  We are
pounding out the dents from the last landing."