errata logo graphic

Found 1 record.

Status: Verified (1)

RFC6482, "A Profile for Route Origin Authorizations (ROAs)", February 2012

Source of RFC: sidr (rtg)

Errata ID: 3166

Status: Verified
Type: Technical

Reported By: Andrew Chi
Date Reported: 2012-03-25
Verifier Name: Stewart Bryant
Date Verified: 2012-10-26

Section 4 says:

...EE certificate's IP address delegation extension.

It should say:

...EE certificate's IP address delegation extension.  The EE certificate
MUST NOT use "inherit" elements as described in [RFC3779].

Notes:

Having spoken to the authors, the authors' intent was to disallow "inherit" in ROA EE certificates in order to simplify validation of ROAs. Implementers agree, and as of March 2012, the three public validator implementations already enforce this.

This erratum simply states it explicitly, whereas the original text might be misread as leaving room for indirectly-specified resources via "inherit".

This errata was discussed by the WG, please see SIDR list archive.


Report New Errata