@techreport{dekater-scion-pki-02,
    number =    {draft-dekater-scion-pki-02},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-dekater-scion-pki/02/},
        author =    {Corine de Kater and Nicola Rustignoli},
    title =     {{SCION Control-Plane PKI}},
    pagetotal = 63,
    year =      2023,
    month =     feb,
    day =       28,
    abstract =  {This document presents the trust concept and design of the SCION \_control-plane Public Key Infrastructure (PKI)\_, SCION's public key infrastructure model. SCION (Scalability, Control, and Isolation On Next-generation networks) is a path-aware, inter-domain network architecture. The control-plane PKI, or short CP-PKI, handles cryptographic material and lays the foundation for the authentication procedures in SCION. It is used by SCION's control plane to authenticate and verify path information, and builds the basis for SCION's special trust model based on so-called Isolation Domains. This document first introduces the trust model behind the SCION's control-plane PKI, as well as clarifications to the concepts used in it. This is followed by specifications of the different types of certificates and the Trust Root Configuration. The document then specifies how to deploy the whole infrastructure.},
}