Note: This ballot was opened for revision 08 and is now closed.
Summary: Has enough positions to pass.
I agree that this document should be published as a record of one way of doing
the LISP mapping. The following commentary is really meant for the IESG and
Given that there does not appear to be any effort to actually implement this
specification, does it make sense to publish it as Experimental? It would seem
that Informational would be a fine way to document this approach. If I follow
some of the arguments that Pete and Ron have made recently, I would even
support the publication of this document as Historical, but I am not sure if
the ISE can do that.
- I think a paragraph putting this into context (as per Eliot's
mail) would be very valuable for the reader who might otherwise
think this is the "mainstream" experiment.
- Do you really want to refer to ITU-T x.509 rather than rfc5280 for
- I think you could note that key roll-over and key distribution
generally are for future study.
- You could even mention the potential for using DANE if you wanted
as a different PKI as another possibility for future study.
- CMS is widely deployed (all S/MIME clients include it) but you
could still say pkcs#7 is more widely supported by libraries and
- There doesn't seem to be any way to limit an authority to certain
EIDs and/or RLOCs, such as is done by SIDR. Might be worth noting?
- If you need revocation checks as part of signature validation,
then you probably ought say that that's not included in the analysis
in section 5.
I support Stewart's DISCUSS. The distinction between this document and the
other LISP documents, which are also EXPERIMENTAL, is subtle and likely to be
lost on the reader.