On 9 Feb 2011, at 15:22, Jac Kloots wrote:
On Wed, 9 Feb 2011, Gert Doering wrote:
Dear Working Group,
as you might have noticed, this proposal is nicknamed "the icelandic saga" because it goes on and on and on and on...
We'd really like to bring this to conclusion, and for that, we need *feedback from the community*. So please let us know:
- this is what you want to see implemented
want to see this implemented.
One question; what happens after the validity period of the certificate expires?
The validity set on a certificate is 18 months, but it is automatically renewed every 12 months for as long as you have resources registered. Like it says in the Policy proposal:
Certificates will at all times reflect the registration status of the resource.
This means when new resources are added to your registry, an updated certificate listing the new set of resources is automatically issued. When you return resources to the RIPE NCC, a new, updated certificate is issued and the old one is revoked. It is not possible for a resource certificate to exist listing no resources at all. So when you seize to be an LIR and all of your resources are returned to the RIPE NCC, the result is that the certificate and all child objects automatically disappear from the repository. This exactly matches the business processes of the RIPE NCC. Cheers, Alex