gnsi icon indicating copy to clipboard operation
gnsi copied to clipboard
verified publisher icon openconfig

Need clarity on authentication-policy under certz.proto

Open ManikBhasin opened this issue 2 years ago • 3 comments

Hi,

I need some clarification on authentication policy. what exactly will be send as part of rotation of AuthenticationPolicy? will it be the some sort of certificate identifier(like sha-256 signature or RDN or AKID) for issuing CA which will be allowed to sign the leaf certificate for that particular SSL profile?

Thanks, Manik

ManikBhasin avatar Jun 27 '23 15:06 ManikBhasin

@marcushines,@tomek-US can you please help here. Thanks

ManikBhasin avatar Jun 28 '23 10:06 ManikBhasin

We need clarification on this policy's structure, fields and how it needs to be enforced.

gsibaja4 avatar Oct 12 '24 10:10 gsibaja4

I think we are still debating what/if this policy is to be used... I believe it was supposed to be a policy (in what is clearly a protobuf form, but not specifically which protobuf) about which Certificate Authorities would be accepted as signers of certificates.

morrowc avatar Oct 14 '24 03:10 morrowc