From d21fc216806e1a1abd0b6c572545c28c4ce0b43c Mon Sep 17 00:00:00 2001 From: Ximon Eighteen <3304436+ximon18@users.noreply.github.com> Date: Wed, 22 Feb 2023 12:26:29 +0100 Subject: [PATCH 1/3] Add linking sentence about TAs. Specifically, introduce the terms "certificate" and "root" before they are used in the next sentence. --- source/rpki/using-rpki-data.rst | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/source/rpki/using-rpki-data.rst b/source/rpki/using-rpki-data.rst index e42741c..92fa509 100644 --- a/source/rpki/using-rpki-data.rst +++ b/source/rpki/using-rpki-data.rst @@ -20,15 +20,17 @@ trust. In the case of RPKI, these are the five Regional Internet Registries. Connecting to the Trust Anchor ------------------------------ -When you want to retrieve all RPKI data, you connect to the trust anchor that -each RIR provides. The root certificate contains pointers to its children, which -contain pointers to their children, and so on. These certificates, and other -cryptographic material such as ROAs, can be published in the repository that the -RIR provides, or a repository operated by an organisation who either runs -delegated RPKI themselves, or hosts a repository as a service. As a person who -wants to fetch and validate the data, formally known as a relying party, it is -not a concern where data is published. By simply connecting to the trust anchor, -the chain of trust is followed automatically. +When you want to retrieve all RPKI data, you connect to the trust anchor +that each RIR provides. The trust anchor is an :RFC:`6487` compliant X.509 +certificate used to 'anchor' the 'root' of a certificate hierarchy The root +certificate contains pointers to its children, which contain pointers to their +children, and so on. These certificates, and other cryptographic material +such as ROAs, can be published in the repository that the RIR provides, +or a repository operated by an organisation who either runs delegated RPKI +themselves, or hosts a repository as a service. As a person who wants to fetch +and validate the data, formally known as a relying party, it is not a concern +where data is published. By simply connecting to the trust anchor, the chain +of trust is followed automatically. The RIR trust anchor is found through a static trust anchor locator (TAL), which is a very simple file that contains a URL to retrieve the trust anchor and a From 9d034606ca444977716b7d9f4906d3173383f44b Mon Sep 17 00:00:00 2001 From: Ximon Eighteen <3304436+ximon18@users.noreply.github.com> Date: Wed, 22 Feb 2023 12:31:57 +0100 Subject: [PATCH 2/3] Add missing period. --- source/rpki/using-rpki-data.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/rpki/using-rpki-data.rst b/source/rpki/using-rpki-data.rst index 92fa509..2af75e7 100644 --- a/source/rpki/using-rpki-data.rst +++ b/source/rpki/using-rpki-data.rst @@ -22,7 +22,7 @@ Connecting to the Trust Anchor When you want to retrieve all RPKI data, you connect to the trust anchor that each RIR provides. The trust anchor is an :RFC:`6487` compliant X.509 -certificate used to 'anchor' the 'root' of a certificate hierarchy The root +certificate used to 'anchor' the 'root' of a certificate hierarchy. The root certificate contains pointers to its children, which contain pointers to their children, and so on. These certificates, and other cryptographic material such as ROAs, can be published in the repository that the RIR provides, From 73d547d481970a6697db67ce15bf3b3a0ffa66b8 Mon Sep 17 00:00:00 2001 From: Ximon Eighteen <3304436+ximon18@users.noreply.github.com> Date: Wed, 22 Feb 2023 12:35:29 +0100 Subject: [PATCH 3/3] Use italics instead of single quotes. --- source/rpki/using-rpki-data.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/rpki/using-rpki-data.rst b/source/rpki/using-rpki-data.rst index 2af75e7..b005062 100644 --- a/source/rpki/using-rpki-data.rst +++ b/source/rpki/using-rpki-data.rst @@ -22,7 +22,7 @@ Connecting to the Trust Anchor When you want to retrieve all RPKI data, you connect to the trust anchor that each RIR provides. The trust anchor is an :RFC:`6487` compliant X.509 -certificate used to 'anchor' the 'root' of a certificate hierarchy. The root +certificate used to *anchor* the *root* of a certificate hierarchy. The root certificate contains pointers to its children, which contain pointers to their children, and so on. These certificates, and other cryptographic material such as ROAs, can be published in the repository that the RIR provides,