@techreport{dekater-scion-pki-07, number = {draft-dekater-scion-pki-07}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-dekater-scion-pki/07/}, author = {Corine de Kater and Nicola Rustignoli and Samuel Hitz}, title = {{SCION Control Plane PKI}}, pagetotal = 68, year = 2024, month = oct, day = 19, abstract = {This document presents the trust concept and design of the SCION \_Control Plane Public Key Infrastructure (CP-PKI)\_. SCION (Scalability, Control, and Isolation On Next-generation networks) is a path-aware, inter-domain network architecture where the Control Plane PKI handles cryptographic material and lays the foundation for the authentication procedures in SCION. It is used by SCION's Control Plane to authenticate and verify path information, and builds the basis for SCION's trust model based on Isolation Domains. This document describes the trust model behind the SCION's Control Plane PKI, including specifications of the different types of certificates and the Trust Root Configuration. It also specifies how to deploy the Control Plane PKI infrastructure.}, }