[sidr] I-D Action: draft-ietf-sidr-ltamgmt-03.txt

internet-drafts@ietf.org Sat, 03 December 2011 17:25 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5AE1021F9309; Sat, 3 Dec 2011 09:25:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.555
X-Spam-Status: No, score=-102.555 tagged_above=-999 required=5 tests=[AWL=0.044, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id J2nKtz7USxZA; Sat, 3 Dec 2011 09:25:09 -0800 (PST)
Received: from ietfa.amsl.com (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D211021F930B; Sat, 3 Dec 2011 09:25:05 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 3.64
Message-ID: <20111203172505.5294.23033.idtracker@ietfa.amsl.com>
Date: Sat, 03 Dec 2011 09:25:05 -0800
Cc: sidr@ietf.org
Subject: [sidr] I-D Action: draft-ietf-sidr-ltamgmt-03.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Dec 2011 17:25:10 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Inter-Domain Routing Working Group of the IETF.

	Title           : Local Trust Anchor Management for the Resource Public Key Infrastructure
	Author(s)       : Mark Reynolds
                          Stephen Kent
	Filename        : draft-ietf-sidr-ltamgmt-03.txt
	Pages           : 28
	Date            : 2011-12-03

   This document describes a facility to enable a relying party (RP) to
   manage trust anchors (TAs) in the context of the Resource Public Key
   Infrastructure (RPKI). It is common to allow an RP to import TA
   material in the form of self-signed certificates. The facility
   described in this document allows an RP to impose constraints on such
   TAs. Because this mechanism is designed to operate in the RPKI
   context, the relevant constraints are the RFC 3779 extensions that
   bind address spaces and/or autonomous system (AS) numbers to
   entities. The primary motivation for this facility is to enable an RP
   to ensure that resource allocation information that it has acquired
   via some trusted channel is not overridden by the information
   acquired from the RPKI repository system or by the putative TAs that
   the RP imports. Specifically, the mechanism allows an RP to specify a
   set of bindings between public key identifiers and RFC 3779 extension
   data and will override any conflicting bindings expressed via the
   putative TAs and the certificates downloaded from the RPKI repository
   system. Although this mechanism is designed for local use by an RP,
   an entity that is accorded administrative control over a set of RPs
   may use this mechanism to convey its view of the RPKI to a set of RPs
   within its jurisdiction. The means by which this latter use case is
   effected is outside the scope of this document.

A URL for this Internet-Draft is:

Internet-Drafts are also available by anonymous FTP at:

This Internet-Draft can be retrieved at: