Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-17.txt
Sandra Murphy <sandy@tislabs.com> Thu, 02 June 2016 15:10 UTC
Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A35512D757 for <sidr@ietfa.amsl.com>; Thu, 2 Jun 2016 08:10:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.327
X-Spam-Level:
X-Spam-Status: No, score=-3.327 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AfOvE_sAonWE for <sidr@ietfa.amsl.com>; Thu, 2 Jun 2016 08:10:36 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B2A512D17E for <sidr@ietf.org>; Thu, 2 Jun 2016 08:10:36 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id 5A54F28B0043; Thu, 2 Jun 2016 11:10:35 -0400 (EDT)
Received: from [IPv6:::1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 3A50D1F8055; Thu, 2 Jun 2016 11:10:35 -0400 (EDT)
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_90F4FE0D-42CD-4F13-BBF3-2C78CD8D735E"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5.2
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <B6845C12-D36A-4AD3-ABBB-57E0D9EF8013@sn3rd.com>
Date: Thu, 02 Jun 2016 10:54:39 -0400
Message-Id: <43EA7FA8-64EB-4FAA-BDE1-1153E62D62E5@tislabs.com>
References: <20160601191106.16131.55765.idtracker@ietfa.amsl.com> <B6845C12-D36A-4AD3-ABBB-57E0D9EF8013@sn3rd.com>
To: Sean Turner <sean@sn3rd.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/Gcgxk0ipyGJoPudouLkUvWRLyXw>
Cc: sidr <sidr@ietf.org>, Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-17.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2016 15:10:42 -0000
Thanks for the new draft! I can do a pub request. This, algs, and protocol are a cluster, by normative refs. There are others that are informative refs, but I think they can go later. —Sandy On Jun 1, 2016, at 3:12 PM, Sean Turner <sean@sn3rd.com> wrote: > Updated with a new 3.4 section as per Sandy’s direction. > > spt > >> On Jun 01, 2016, at 15:11, internet-drafts@ietf.org wrote: >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the Secure Inter-Domain Routing of the IETF. >> >> Title : A Profile for BGPsec Router Certificates, Certificate Revocation Lists, and Certification Requests >> Authors : Mark Reynolds >> Sean Turner >> Stephen Kent >> Filename : draft-ietf-sidr-bgpsec-pki-profiles-17.txt >> Pages : 13 >> Date : 2016-06-01 >> >> Abstract: >> This document defines a standard profile for X.509 certificates used >> to enable validation of Autonomous System (AS) paths in the Border >> Gateway Protocol (BGP), as part of an extension to that protocol >> known as BGPsec. BGP is the standard for inter-domain routing in the >> Internet; it is the "glue" that holds the Internet together. BGPsec >> is being developed as one component of a solution that addresses the >> requirement to provide security for BGP. The goal of BGPsec is to >> provide full AS path validation based on the use of strong >> cryptographic primitives. The end-entity (EE) certificates specified >> by this profile are issued (to routers within an Autonomous System). >> Each of these certificates is issued under a Resource Public Key >> Infrastructure (RPKI) Certification Authority (CA) certificate. >> These CA certificates and EE certificates both contain the AS >> Identifier Delegation extension. An EE certificate of this type >> asserts that the router(s) holding the corresponding private key are >> authorized to emit secure route advertisements on behalf of the >> AS(es) specified in the certificate. This document also profiles the >> format of certification requests, and specifies Relying Party (RP) >> certificate path validation procedures for these EE certificates. >> This document extends the RPKI; therefore, this documents updates the >> RPKI Resource Certificates Profile (RFC 6487). >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-pki-profiles/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-sidr-bgpsec-pki-profiles-17 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-bgpsec-pki-profiles-17 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> sidr mailing list >> sidr@ietf.org >> https://www.ietf.org/mailman/listinfo/sidr > > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr
- [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-pro… internet-drafts
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sean Turner
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sandra Murphy