[Sidrops] BCP 224, RFC 8634 on BGPsec Router Certificate Rollover
rfc-editor@rfc-editor.org Wed, 07 August 2019 22:24 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFFC61200DF; Wed, 7 Aug 2019 15:24:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qA_cyS1yDzWn; Wed, 7 Aug 2019 15:24:41 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BD03120047; Wed, 7 Aug 2019 15:24:41 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 01046B816B6; Wed, 7 Aug 2019 15:24:15 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, sidrops@ietf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20190807222416.01046B816B6@rfc-editor.org>
Date: Wed, 07 Aug 2019 15:24:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/Q2b_0dftTMIunKvNzgQzIxTtu50>
Subject: [Sidrops] BCP 224, RFC 8634 on BGPsec Router Certificate Rollover
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 22:24:43 -0000
A new Request for Comments is now available in online RFC libraries. BCP 224 RFC 8634 Title: BGPsec Router Certificate Rollover Author: B. Weis, R. Gagliano, K. Patel Status: Best Current Practice Stream: IETF Date: August 2019 Mailbox: bew.stds@gmail.com, rogaglia@cisco.com, keyur@arrcus.com Pages: 11 Characters: 26170 See Also: BCP 224 I-D Tag: draft-ietf-sidrops-bgpsec-rollover-04.txt URL: https://www.rfc-editor.org/info/rfc8634 DOI: 10.17487/RFC8634 Certification Authorities (CAs) within the Resource Public Key Infrastructure (RPKI) manage BGPsec router certificates as well as RPKI certificates. The rollover of BGPsec router certificates must be carefully performed in order to synchronize the distribution of router public keys with BGPsec UPDATE messages verified with those router public keys. This document describes a safe rollover process, and it discusses when and why the rollover of BGPsec router certificates is necessary. When this rollover process is followed, the rollover will be performed without routing information being lost. This document is a product of the SIDR Operations Working Group of the IETF. BCP: This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC