subject:"rpki\-client\: disallow inherit in ROA EE IP Resources extension"

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-19 Thread Claudio Jeker

On Sat, Aug 13, 2022 at 04:51:05PM +0200, Theo Buehler wrote: > On Fri, Aug 12, 2022 at 09:59:11PM +0200, Theo Buehler wrote: > > On Wed, Aug 10, 2022 at 06:16:30PM +0200, Theo Buehler wrote: > > > On Wed, Aug 10, 2022 at 03:10:19PM +, Job Snijders wrote: > > > > Hi all, > > > > > > > > An err

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-18 Thread Job Snijders

On Sat, Aug 13, 2022 at 04:51:05PM +0200, Theo Buehler wrote: > job mentioned that it might be preferable to do the validation in > parse_{roa,rsc,aspa}(). So here's a diff that does this. It reworks > valid_{roa,rsc}() to compare only against the EE cert's resources > since it doesn't really make

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-13 Thread Theo Buehler

On Fri, Aug 12, 2022 at 09:59:11PM +0200, Theo Buehler wrote: > On Wed, Aug 10, 2022 at 06:16:30PM +0200, Theo Buehler wrote: > > On Wed, Aug 10, 2022 at 03:10:19PM +, Job Snijders wrote: > > > Hi all, > > > > > > An errata exists for RFC 6482, which informs us: """The EE certificate > > > MUS

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-12 Thread Theo Buehler

On Wed, Aug 10, 2022 at 06:16:30PM +0200, Theo Buehler wrote: > On Wed, Aug 10, 2022 at 03:10:19PM +, Job Snijders wrote: > > Hi all, > > > > An errata exists for RFC 6482, which informs us: """The EE certificate > > MUST NOT use "inherit" elements as described in [RFC3779].""" Read the > > fu

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-10 Thread Job Snijders

On Wed, Aug 10, 2022 at 06:16:30PM +0200, Theo Buehler wrote: > On Wed, Aug 10, 2022 at 03:10:19PM +, Job Snijders wrote: > > An errata exists for RFC 6482, which informs us: """The EE certificate > > MUST NOT use "inherit" elements as described in [RFC3779].""" Read the > > full report here: h

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-10 Thread Theo Buehler

On Wed, Aug 10, 2022 at 03:10:19PM +, Job Snijders wrote: > Hi all, > > An errata exists for RFC 6482, which informs us: """The EE certificate > MUST NOT use "inherit" elements as described in [RFC3779].""" Read the > full report here: https://www.rfc-editor.org/errata/eid3166 > > Although it

rpki-client: disallow inherit in ROA EE IP Resources extension

2022-08-10 Thread Job Snijders

Hi all, An errata exists for RFC 6482, which informs us: """The EE certificate MUST NOT use "inherit" elements as described in [RFC3779].""" Read the full report here: https://www.rfc-editor.org/errata/eid3166 Although it might seem a bit 'wasteful' to d2i the IP Resources extension in multiple p

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

Re: rpki-client: disallow inherit in ROA EE IP Resources extension

rpki-client: disallow inherit in ROA EE IP Resources extension

7 matches

Site Navigation

Mail list logo

Footer information