Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles

"Murphy, Sandra" <> Thu, 28 June 2012 20:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9909211E808A; Thu, 28 Jun 2012 13:50:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.41
X-Spam-Status: No, score=-102.41 tagged_above=-999 required=5 tests=[AWL=0.189, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1PsiribkSrwt; Thu, 28 Jun 2012 13:50:24 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id A471A21F8526; Thu, 28 Jun 2012 13:50:24 -0700 (PDT)
Received: from ( []) by (8.14.4/8.14.4) with ESMTP id q5SKoGFU010357; Thu, 28 Jun 2012 15:50:19 -0500
Received: from ([]) by (8.13.8/8.13.8) with ESMTP id q5SKnr08030072; Thu, 28 Jun 2012 15:50:00 -0500
Received: from ([2002:9db9:506b::9db9:506b]) by ([2002:9db9:506b::9db9:506b]) with mapi id 14.01.0355.002; Thu, 28 Jun 2012 16:49:28 -0400
From: "Murphy, Sandra" <>
To: Christopher Morrow <>, "" <>, "" <>
Thread-Topic: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles
Thread-Index: AQHNGbJYVFqjinwqf0u680pkRvsHwZcQlJer
Date: Thu, 28 Jun 2012 20:49:28 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 28 Jun 2012 20:50:25 -0000

This last call has ended.  There were only three comments during the wglc.  

Two noted that the document was solid, but that it was premature to advance the draft when the protocols spec was still undergoing changes and might produce new required features for the router certificates.

So what is the desire of the working group:

- put the document on hold, refreshing versions numbers as necessary to keep it on the secretariat list of current drafts, until we are more certain no further features will be needed

- publish the draft now and amend if new features should pop up

If the later, more support for publication is needed.

--Sandy, speaking as wg co-chair
From: [] on behalf of Christopher Morrow []
Sent: Friday, April 13, 2012 4:16 PM
Subject: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles

Helo WG peoples,
The following update posted today. Sean and Tom have come to agreement
on their differences, I believe this closes the last open items on
this document.

Let's start a WGLC for this, ending: 4/27/2012 or 27/4/2012


On Fri, Apr 13, 2012 at 3:03 PM,  <> wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Inter-Domain Routing Working Group of the IETF.
>        Title           : A Profile for BGPSEC Router Certificates, Certificate Revocation Lists, and Certification Requests
>        Author(s)       : Mark Reynolds
>                          Sean Turner
>                          Steve Kent
>        Filename        : draft-ietf-sidr-bgpsec-pki-profiles-03.txt
>        Pages           : 11
>        Date            : 2012-04-13
>   This document defines a standard profile for X.509 certificates for
>   the purposes of supporting validation of Autonomous System (AS) paths
>   in the Border Gateway Protocol (BGP), as part of an extension to that
>   protocol known as BGPSEC.  BGP is a critical component for the proper
>   operation of the Internet as a whole.  The BGPSEC protocol is under
>   development as a component to address the requirement to provide
>   security for the BGP protocol.  The goal of BGPSEC is to design a
>   protocol for full AS path validation based on the use of strong
>   cryptographic primitives.  The end-entity (EE) certificates specified
>   by this profile are issued under Resource Public Key Infrastructure
>   (RPKI) Certification Authority (CA) certificates, containing the AS
>   Identifier Delegation extension, to routers within the Autonomous
>   System (AS).  The certificate asserts that the router(s) holding the
>   private key are authorized to send out secure route advertisements on
>   behalf of the specified AS.  This document also profiles the
>   Certificate Revocation List (CRL), profiles the format of
>   certification requests, and specifies Relying Party certificate path
>   validation procedures.  The document extends the RPKI; therefore,
>   this documents updates the RPKI Resource Certificates Profile (RFC
>   6487).
> A URL for this Internet-Draft is:
> Internet-Drafts are also available by anonymous FTP at:
> This Internet-Draft can be retrieved at:
> _______________________________________________
> sidr mailing list
sidr mailing list