Dear colleagues, We received no comments or questions on the draft of the "RIPE NCC Certification Practice Statement (CPS) for the Resource Public Key Infrastructure (RPKI)”. This document was published as RIPE-824: https://www.ripe.net/publications/docs/ripe-824/ Kind regards, Tim Bruijnzeels Principal Engineer RPKI RIPE NCC
On 16 Apr 2024, at 21:32, Tim Bruijnzeels <tbruijnzeels@ripe.net> wrote:
Dear colleagues,
We have published an updated draft of the "RIPE NCC Certification Practice Statement (CPS) for the Resource Public Key Infrastructure (RPKI)" for review: https://www.ripe.net/publications/docs/draft-update-of-the-ripe-ncc-certific...
The CPS provides a detailed outline of the implementation of RPKI by the RIPE NCC, following the template defined in RFC 6484. The current CPS no longer accurately describes this implementation so we have updated it.
The most significant changes in the new version are: - Updated description of the offline TA signing process - The maximum latency for CRL publication now matches that of other object types* - We updated roles and job descriptions where applicable - We fixed some minor inaccuracies - We made some small editorial improvements
*We changed the value to a maximum eight hour latency between issuance and publication, also used for other types. It is only in the event of multiple failures in our redundant infrastructure that we can expect significant latency. In practice, publication of RPKI data happens well within 10 minutes after issuance.
For reference, the current CPS is RIPE Document ripe-751: https://www.ripe.net/publications/docs/ripe-751/. Though the CPS is published as a RIPE Document, it is not subject to the RIPE Policy Development Process (PDP). The CPS documents the RIPE NCC's implementation of RPKI and is provided for transparency.
We invite everyone to review the updated draft and let us know on the mailing list if they have any comments, questions or concerns. If no significant issues are raised then we plan to publish the draft CPS as a RIPE Document on 30 April 2024.
Kind regards,
Tim Bruijnzeels Principal Engineer RPKI RIPE NCC