From: job Date: Wed, 28 Jul 2021 00:46:05 +0000 (+0000) Subject: Remove outdated information X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=c8cdb72bb03d01c78f101c3566d4a9a514986bf1;p=openbsd Remove outdated information --- diff --git a/usr.sbin/rpki-client/TODO.md b/usr.sbin/rpki-client/TODO.md deleted file mode 100644 index d8b4708f425..00000000000 --- a/usr.sbin/rpki-client/TODO.md +++ /dev/null @@ -1,22 +0,0 @@ - -The following are unclear to me. - -- Following up on validating AS numbers for certificates. The - specification is not clear on what happens with empty AS extensions in - a chain of certificates. Do we consider that inheritence? If so, - what's the point of having an inheritence clause? - -- I get that ASid 0 has special meaning for ROAs (see RFC 6483 sec 4), - but it doesn't make sense that some top-level certificates (e.g., - Afrinic) have a range inclusive of zero, since it's reserved. In this - system, I let the range through but don't let a specific ASid of 0 in - certificates---only ROAs. - -- VRP duplication. When run as-is, there are duplicate VRPs and - that doesn't seem right. It happens when two ROAs have their validity - period overlap. I need to see if there's a more programmatic way to - check before commiting the routes to output. - -- (**Important**.) Stipulating `X509_V_FLAG_IGNORE_CRITICAL` might be - dangerous. Which extensions are being ignored should be - double-checked.