Policy Qualifiers in Resource Public Key Infrastructure (RPKI) Certificates
RFC 7318

Note: This ballot was opened for revision 01 and is now closed.

(Alia Atlas) Yes

(Adrian Farrel) Yes

(Jari Arkko) No Objection

(Richard Barnes) No Objection

(Benoît Claise) No Objection

Comment (2014-05-26 for -01)
No email
send info
I have the exact same comment as Alissa: It would be useful if there was a sentence in this section that explained why this change to RFC6487 is being made.

Alissa Cooper No Objection

Comment (2014-05-24 for -01)
No email
send info
Section 2:

It would be useful if there was a sentence in this section that explained why this change to RFC6487 is being made.

s/any optional policy qualifiers/any optional policy qualifier/
(the whole point is that there can only be one policy qualifier, right?)

(Spencer Dawkins) No Objection

(Stephen Farrell) No Objection

Comment (2014-05-26 for -01)
No email
send info
- general: Adding more to policy stuff in certs seems like a bad
plan.  However, since a CPS pointer URI doesn't impose any more
processing on the client, I'm ok with it, if those are the certs
with which RPs have to handle. (I assume this is the reason to
add this - that CAs are issuing such certs, right?)

- Section 4 says: "Checking of the URI might allow
denial-of-service (DoS) attacks, where the target host may be
subjected to bogus work resolving the URI." I think that's a little
unclear. It might be better to say "While de-referencing the URI is
not required for certificate validation, doing so could provide a
denial-of-service (DoS) vector, where the target host may be
subjected to bogus work de-referencing the URI."  Additionally, you
could also re-state a RECOMMENDATION that RPs don't de-ref the URI.
(Note: If you'd rather not make this change that's fine, its 
almost a nit.)

(Brian Haberman) No Objection

Comment (2014-05-27 for -01)
No email
send info
I agree with Alissa that having a brief description of why this change is needed would be useful.

(Joel Jaeggli) No Objection

Barry Leiba No Objection

(Ted Lemon) No Objection

(Kathleen Moriarty) No Objection

Comment (2014-05-27 for -01)
No email
send info
I support Stephen's comments.

(Martin Stiemerling) No Objection