datatracker.ietf.org
Sign In
Version 4.50, 2013-05-15
Report a bug

Template for a Certification Practice Statement (CPS) for the Resource PKI (RPKI)
draft-ietf-sidr-cps-01

Active Internet-Draft (sidr WG)
Document Stream: IETF
Last updated: 2013-01-23
Intended RFC status: (None)
Other versions: plain text, pdf, html
IETF State: Waiting for WG Chair Go-Ahead (sidr)
Document shepherd:(None)
Shepherd writeup
Consensus:Unknown
IESG State: I-D Exists
Responsible AD: (None)
Send notices to: No addresses provided 
Secure Inter-Domain Routing (sidr)                             Kent, S.
Internet Draft                                                 Kong, D.
Expires: July 2013                                              Seo, K.
Intended Status: BCP                                   BBN Technologies
                                                           January 2013

       Template for a Certification Practice Statement (CPS) for the
                            Resource PKI (RPKI)
                        draft-ietf-sidr-cps-01.txt

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with
   the provisions of BCP 78 and BCP 79.

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

   This Internet-Draft will expire on July 31, 2013.

   Abstract

   This document contains a template to be used for creating a
   Certification Practice Statement (CPS) for an Organization that is
   part of the Resource Public Key Infrastructure (RPKI), e.g., a
   resource allocation registry or an ISP.

Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119 [RFC2119].

Kong, Seo & Kent          Expires July 2013                    [Page 1]
Internet-Draft        Template CPS for the RPKI            January 2013

Table of Contents

   Preface...........................................................7
   1. Introduction...................................................8
      1.1. Overview..................................................8
      1.2. Document Name and Identification..........................9
      1.3. PKI Participants..........................................9
         1.3.1. Certification Authorities............................9
         1.3.2. Registration Authorities.............................9
         1.3.3. Subscribers.........................................10
         1.3.4. Relying Parties.....................................10
         1.3.5. Other Participants..................................10
      1.4. Certificate Usage........................................10
         1.4.1. Appropriate Certificate Uses........................10
         1.4.2. Prohibited Certificate Uses.........................10
      1.5. Policy Administration....................................11
         1.5.1. Organization administering the document.............11
         1.5.2. Contact Person......................................11
         1.5.3. Person Determining CPS Suitability for the Policy...11
         1.5.4. CPS Approval Procedures.............................11
      1.6. Definitions and Acronyms.................................11
   2. Publication and Repository Responsibilities...................14
      2.1. Repositories.............................................14
      2.2. Publication of Certification Information.................14
      2.3. Time or Frequency of Publication.........................14
      2.4. Access Controls on Repositories..........................14
   3. Identification And Authentication.............................15
      3.1. Naming...................................................15
         3.1.1. Types of Names......................................15
         3.1.2. Need for Names to be Meaningful.....................15
         3.1.3. Anonymity or Pseudonymity of Subscribers............15
         3.1.4. Rules for Interpreting Various Name Forms...........15
         3.1.5. Uniqueness of Names.................................15
         3.1.6. Recognition, Authentication, and Role of Trademarks.16
      3.2. Initial Identity Validation..............................16
         3.2.1. Method to Prove Possession of Private Key...........16
         3.2.2. Authentication of Organization Identity.............16
         3.2.3. Authentication of Individual Identity...............16
         3.2.4. Non-verified Subscriber Information.................17