Protocol Action: 'CA Key Rollover in the RPKI' to BCP (draft-ietf-sidr-keyroll-08.txt)
The IESG <iesg-secretary@ietf.org> Tue, 19 July 2011 17:12 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBD9A5E8004; Tue, 19 Jul 2011 10:12:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.519
X-Spam-Level:
X-Spam-Status: No, score=-102.519 tagged_above=-999 required=5 tests=[AWL=0.080, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QvARXJkF2ikl; Tue, 19 Jul 2011 10:12:00 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17C805E800A; Tue, 19 Jul 2011 10:11:44 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'CA Key Rollover in the RPKI' to BCP (draft-ietf-sidr-keyroll-08.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 3.55
Message-ID: <20110719171144.20155.48369.idtracker@ietfa.amsl.com>
Date: Tue, 19 Jul 2011 10:11:44 -0700
Cc: sidr mailing list <sidr@ietf.org>, sidr chair <sidr-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2011 17:12:00 -0000
The IESG has approved the following document: - 'CA Key Rollover in the RPKI' (draft-ietf-sidr-keyroll-08.txt) as a BCP This document is the product of the Secure Inter-Domain Routing Working Group. The IESG contact persons are Stewart Bryant and Adrian Farrel. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-sidr-keyroll/ Technical Summary This document describes how a Certification Authority (CA) in the Resource Public Key Infrastructure (RPKI) performs a planned rollover of its key pair. This document also notes the implications of this key rollover procedure for Relying Parties (RPs). In general, RPs are expected to maintain a local cache of the objects that have been published in the RPKI repository, and thus the way in which a CA performs key rollover impacts RPs. Working Group Summary The most contentious issue in the progress of this draft was an issue raised shortly after the wglc ended. The issue was discussed vigorously on the list (between a small number of members) and a change in requirements level was made, but that did not totally answer the original commenter. There was broad support for the draft during the wglc and consensus was not reached on the technical change suggested in this last discussion, so the document was progressed with the compromise requirement change only. The member bringing the issue to the list is resigned to the outcome. Document Quality This is another case in this working group in which a section of a document of long standing has been lifted out to be a draft of its own. This draft had been a topic in the res-certs profile and was extracted when the working group was asked by the security ADs to provide a plan for algorithm agility and key rollover. As such it has had the benefit of a long history of reviews of the parent document. Personnel Sandra Murphy (Sandra.Murphy@sparta.com) is the Document Shepherd for this document. Stewart Bryant (stbryant@cisco.com) is the Responsible Area Director.