[Sidrops] I-D Action: draft-ietf-sidrops-cms-signing-time-06.txt
internet-drafts@ietf.org Sat, 10 February 2024 12:21 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: sidrops@ietf.org
Delivered-To: sidrops@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id ED91CC157938; Sat, 10 Feb 2024 04:21:17 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: sidrops@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.5.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: sidrops@ietf.org
Message-ID: <170756767795.35002.9483018673789980293@ietfa.amsl.com>
Date: Sat, 10 Feb 2024 04:21:17 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/4W330ItqwDB6FJbHGlDMKvZHq5M>
Subject: [Sidrops] I-D Action: draft-ietf-sidrops-cms-signing-time-06.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Feb 2024 12:21:18 -0000
Internet-Draft draft-ietf-sidrops-cms-signing-time-06.txt is now available. It
is a work item of the SIDR Operations (SIDROPS) WG of the IETF.
Title: On the use of the CMS signing-time attribute in RPKI Signed Objects
Authors: Job Snijders
Tom Harrison
Name: draft-ietf-sidrops-cms-signing-time-06.txt
Pages: 12
Dates: 2024-02-10
Abstract:
In the Resource Public Key Infrastructure (RPKI), Signed Objects are
defined as Cryptographic Message Syntax (CMS) protected content types
by way of a standard template (RFC 6488). That template includes an
optional CMS signing-time attribute, representing the purported time
at which the object was signed by its issuer. At the time when the
standard template was defined, rsync was the only distribution
mechanism for RPKI repositories.
Since the publication of the standard template, a new, additional
protocol for distribution of RPKI repositories has been developed:
the RPKI Repository Delta Protocol (RRDP). While RPKI repository
operators must provide rsync service, RRDP is typically deployed
alongside it as well, and preferred by default by most Relying Party
(RP) implementations. However, RP implementations also support
fallback to rsync in the event of problems with the RRDP service. As
deployment experience with RRDP has increased, the usefulness of
optimizing switchovers by RPs from one mechanism to the other has
become apparent.
This document describes how Publishers and RPs can use the CMS
signing-time attribute to minimize the burden of switching over from
RRDP to rsync. Additionally, this document updates RFC 6488 by
mandating the presence of the CMS signing-time attribute and
disallowing the use of the binary-signing-time attribute.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-sidrops-cms-signing-time/
There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-cms-signing-time-06
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-sidrops-cms-signing-time-06
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
- [Sidrops] I-D Action: draft-ietf-sidrops-cms-sign… internet-drafts