Sign in
Version 5.9.0, 2014-12-18
Report a bug

Router Keying for BGPsec

Document type: Expired Internet-Draft (sidr WG)
Document stream: IETF
Last updated: 2014-11-24 (latest revision 2014-05-23)
Intended RFC status: Unknown
Other versions: (expired, archived): plain text, pdf, html

IETF State: WG Document
Document shepherd: No shepherd assigned

IESG State: Expired
Responsible AD: (None)
Send notices to: No addresses provided

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found here:


BGPsec-speaking routers are provisioned with private keys to sign BGP messages; the corresponding public keys are published in the global RPKI (Resource Public Key Infrastructure) thereby enabling verification of BGPsec messages. This document describes two ways of provisioning the public-private key-pairs: router-driven and operator-driven.


Sean Turner <>
Keyur Patel <>
Randy Bush <>

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid)