IETF Logo Mail Archive

Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-08.txt

Sean Turner <TurnerS@ieca.com> Wed, 13 August 2014 00:47 UTC

Return-Path: <TurnerS@ieca.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55C101A6F6E for <sidr@ietfa.amsl.com>; Tue, 12 Aug 2014 17:47:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.107
X-Spam-Level:
X-Spam-Status: No, score=0.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FSL_HELO_BARE_IP_2=1.674, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WMWERR1XL1xT for <sidr@ietfa.amsl.com>; Tue, 12 Aug 2014 17:47:41 -0700 (PDT)
Received: from gateway14.websitewelcome.com (gateway14.websitewelcome.com [69.56.150.9]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21AC71A00F0 for <sidr@ietf.org>; Tue, 12 Aug 2014 17:47:41 -0700 (PDT)
Received: by gateway14.websitewelcome.com (Postfix, from userid 5007) id 5D8C8E33BA819; Tue, 12 Aug 2014 19:47:40 -0500 (CDT)
Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway14.websitewelcome.com (Postfix) with ESMTP id 4AF80E33BA7C3 for <sidr@ietf.org>; Tue, 12 Aug 2014 19:47:40 -0500 (CDT)
Received: from [96.231.227.95] (port=59005 helo=192.168.1.6) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <TurnerS@ieca.com>) id 1XHMj5-0008QZ-Ox for sidr@ietf.org; Tue, 12 Aug 2014 19:47:39 -0500
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <TurnerS@ieca.com>
In-Reply-To: <20140813004442.10560.45299.idtracker@ietfa.amsl.com>
Date: Tue, 12 Aug 2014 20:47:35 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <B97A6E28-4EDB-4EC5-B8DA-9803C7B21900@ieca.com>
References: <20140813004442.10560.45299.idtracker@ietfa.amsl.com>
To: sidr wg list <sidr@ietf.org>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source-IP: 96.231.227.95
X-Exim-ID: 1XHMj5-0008QZ-Ox
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (192.168.1.6) [96.231.227.95]:59005
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 4
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/nC8ymb5fEC9ZAcxsYs1HzTazHA4
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-08.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Aug 2014 00:47:42 -0000

This version incorporates the change discussed at IETF 90 - namely include one and only one AS in the certificate.

The working version is also available at:
   https://github.com/seanturner/draft-ietf-sidr-bgpsec-pki-profiles

spt

On Aug 12, 2014, at 20:44, internet-drafts@ietf.org wrote:

> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Secure Inter-Domain Routing Working Group of the IETF.
> 
>        Title           : A Profile for BGPSEC Router Certificates, Certificate Revocation Lists, and Certification Requests
>        Authors         : Mark Reynolds
>                          Sean Turner
>                          Steve Kent
> 	Filename        : draft-ietf-sidr-bgpsec-pki-profiles-08.txt
> 	Pages           : 13
> 	Date            : 2014-08-12
> 
> Abstract:
>   This document defines a standard profile for X.509 certificates for
>   the purposes of supporting validation of Autonomous System (AS) paths
>   in the Border Gateway Protocol (BGP), as part of an extension to that
>   protocol known as BGPSEC.  BGP is a critical component for the proper
>   operation of the Internet as a whole.  The BGPSEC protocol is under
>   development as a component to address the requirement to provide
>   security for the BGP protocol.  The goal of BGPSEC is to design a
>   protocol for full AS path validation based on the use of strong
>   cryptographic primitives.  The End-Entity (EE) certificates specified
>   by this profile are issued under Resource Public Key Infrastructure
>   (RPKI) Certification Authority (CA) certificates, containing the AS
>   Identifier Delegation extension, to routers within the Autonomous
>   System (AS).  The certificate asserts that the router(s) holding the
>   private key are authorized to send out secure route advertisements on
>   behalf of the specified AS.  This document also profiles the
>   Certificate Revocation List (CRL), profiles the format of
>   certification requests, and specifies Relying Party certificate path
>   validation procedures.  The document extends the RPKI; therefore,
>   this documents updates the RPKI Resource Certificates Profile (RFC
>   6487).
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-pki-profiles/
> 
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-pki-profiles-08
> 
> A diff from the previous version is available at:
> http://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-bgpsec-pki-profiles-08
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> I-D-Announce mailing list
> I-D-Announce@ietf.org
> https://www.ietf.org/mailman/listinfo/i-d-announce
> Internet-Draft directories: http://www.ietf.org/shadow.html
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

v2.23.0 | Report a Bug | By Email