From ed043f3916911f92aa6059facc23fd066f009815 Mon Sep 17 00:00:00 2001 From: Nicola Rustignoli Date: Fri, 18 Oct 2024 14:01:36 +0200 Subject: [PATCH] clarfiy text representation --- draft-dekater-scion-pki.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-dekater-scion-pki.md b/draft-dekater-scion-pki.md index bfd2f8e..de4e705 100644 --- a/draft-dekater-scion-pki.md +++ b/draft-dekater-scion-pki.md @@ -601,7 +601,7 @@ where `id-scion` specifies the root SCION object identifier (OID). **Note**: The root SCION object identifier (OID) for the SCION open-source implementation is the IANA Private Enterprise Number '55324':
`id-scion ::= OBJECT IDENTIFIER {1 3 6 1 4 1 55324}` -The string representation of the `ISD-AS number` attribute MUST follow the text representation defined in {{I-D.dekater-scion-controlplane}} section "Text Representation". +The string representation of the `ISD-AS number` attribute MUST follow the text representation defined in {{I-D.dekater-scion-controlplane}}, section "Text Representation". The canonical string formatting of AS numbers in the AS range (0, 232-1) MUST use the decimal form. Larger AS numbers, i.e., from 232 to 248-1, MUST use a 16-bit, colon-separated, lower-case, hex encoding with leading zeros omitted: `1:0:0` to `ffff:ffff:ffff`. The `ISD-AS number` attribute MUST be present exactly once in the distinguished name of the certificate issuer or owner, specified in the `issuer` or `subject` field respectively. Implementations MUST NOT create nor successfully verify certificates whose `issuer` and `subject` fields do not include the ISD-AS number at all, or include it more than once.