Skip to main content

A Profile for Bogon Origin Attestations (BOAs)

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Geoff Huston , Terry Manderson , George G. Michaelson
Last updated 2011-01-24 (Latest revision 2008-04-22)
Replaced by draft-ietf-sidr-bogons
RFC stream (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-sidr-bogons
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document defines a standard profile for Bogon Origin Attestations (BOAs). A BOA is a digitally signed object that provides a means of verifying that an IP address block holder has not authorized any Autonomous System (AS) to originate routes that are equivalent to any of the addresses listed in the BOA, and also provides a means of verifying that BGP speaker is not using an AS as a BGP speaker without appropriate authority to use that AS. The proposed application of BOAs is intended to fit within the requirements for adding security measures to inter-domain routing, including the ability to support incremental and piecemeal deployment of such measures, and does not require any changes to the specification of BGP.


Geoff Huston
Terry Manderson
George G. Michaelson

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)