[Sidrops] BCP 224, RFC 8634 on BGPsec Router Certificate Rollover

rfc-editor@rfc-editor.org Wed, 07 August 2019 22:24 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id DFFC61200DF; Wed, 7 Aug 2019 15:24:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id qA_cyS1yDzWn; Wed, 7 Aug 2019 15:24:41 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BD03120047; Wed, 7 Aug 2019 15:24:41 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 01046B816B6; Wed, 7 Aug 2019 15:24:15 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, sidrops@ietf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20190807222416.01046B816B6@rfc-editor.org>
Date: Wed, 07 Aug 2019 15:24:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/Q2b_0dftTMIunKvNzgQzIxTtu50>
Subject: [Sidrops] BCP 224, RFC 8634 on BGPsec Router Certificate Rollover
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 22:24:43 -0000

A new Request for Comments is now available in online RFC libraries.

        BCP 224        
        RFC 8634

        Title:      BGPsec Router Certificate Rollover 
        Author:     B. Weis, 
                    R. Gagliano,
                    K. Patel
        Status:     Best Current Practice
        Stream:     IETF
        Date:       August 2019
        Mailbox:    bew.stds@gmail.com, 
        Pages:      11
        Characters: 26170
        See Also:   BCP 224

        I-D Tag:    draft-ietf-sidrops-bgpsec-rollover-04.txt

        URL:        https://www.rfc-editor.org/info/rfc8634

        DOI:        10.17487/RFC8634

Certification Authorities (CAs) within the Resource Public Key
Infrastructure (RPKI) manage BGPsec router certificates as well as
RPKI certificates.  The rollover of BGPsec router certificates must
be carefully performed in order to synchronize the distribution of
router public keys with BGPsec UPDATE messages verified with those
router public keys.  This document describes a safe rollover process,
and it discusses when and why the rollover of BGPsec router
certificates is necessary.  When this rollover process is followed,
the rollover will be performed without routing information being

This document is a product of the SIDR Operations Working Group of the IETF.

BCP: This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for 
improvements. Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

The RFC Editor Team
Association Management Solutions, LLC