20 Sep
2021
20 Sep
'21
3:39 p.m.
In recent mail threads the concepts of "Hosted RPKI" and "Delegated RPKI" came up, but as mentioned by Tim and Rubens, another flavor also exists! A "hybrid" between Delegated and Hosted, informally known as "publish in parent" (aka RFC 8181 compliant Publication Services).
a delegated CA may publish at their parent or anywhere else. a hosted CA may publish in an arbitrary repo, their host or in bialystok (though i am not aware of a CA which currently supports this). publication and hosting are orthogonal. randy --- randy@psg.com `gpg --locate-external-keys --auto-key-locate wkd randy@psg.com` signatures are back, thanks to dmarc header butchery