[sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-18.txt
internet-drafts@ietf.org Thu, 21 July 2016 08:49 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: sidr@ietf.org
Delivered-To: sidr@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9493A12DC24; Thu, 21 Jul 2016 01:49:39 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.29.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160721084939.4433.46916.idtracker@ietfa.amsl.com>
Date: Thu, 21 Jul 2016 01:49:39 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/fWdcxzhIWhykXRg_Uagrjgvl4J8>
Cc: sidr@ietf.org
Subject: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-18.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2016 08:49:39 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Secure Inter-Domain Routing of the IETF.
Title : A Profile for BGPsec Router Certificates, Certificate Revocation Lists, and Certification Requests
Authors : Mark Reynolds
Sean Turner
Stephen Kent
Filename : draft-ietf-sidr-bgpsec-pki-profiles-18.txt
Pages : 13
Date : 2016-07-21
Abstract:
This document defines a standard profile for X.509 certificates used
to enable validation of Autonomous System (AS) paths in the Border
Gateway Protocol (BGP), as part of an extension to that protocol
known as BGPsec. BGP is the standard for inter-domain routing in the
Internet; it is the "glue" that holds the Internet together. BGPsec
is being developed as one component of a solution that addresses the
requirement to provide security for BGP. The goal of BGPsec is to
provide full AS path validation based on the use of strong
cryptographic primitives. The end-entity (EE) certificates specified
by this profile are issued (to routers within an Autonomous System).
Each of these certificates is issued under a Resource Public Key
Infrastructure (RPKI) Certification Authority (CA) certificate.
These CA certificates and EE certificates both contain the AS
Identifier Delegation extension. An EE certificate of this type
asserts that the router(s) holding the corresponding private key are
authorized to emit secure route advertisements on behalf of the
AS(es) specified in the certificate. This document also profiles the
format of certification requests, and specifies Relying Party (RP)
certificate path validation procedures for these EE certificates.
This document extends the RPKI; therefore, this documents updates the
RPKI Resource Certificates Profile (RFC 6487).
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-pki-profiles/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-sidr-bgpsec-pki-profiles-18
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-bgpsec-pki-profiles-18
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sean Turner
- [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-pro… internet-drafts