Skip to main content

An Infrastructure to Support Secure Internet Routing

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    sidr mailing list <>,
    sidr chair <>
Subject: Document Action: 'An Infrastructure to Support Secure Internet Routing' to Informational RFC (draft-ietf-sidr-arch-13.txt)

The IESG has approved the following document:
- 'An Infrastructure to Support Secure Internet Routing'
  (draft-ietf-sidr-arch-13.txt) as an Informational RFC

This document is the product of the Secure Inter-Domain Routing Working

The IESG contact persons are Stewart Bryant and Adrian Farrel.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

This document describes an architecture for an infrastructure to
support improved security of Internet routing. The foundation of this
architecture is a public key infrastructure (PKI) that represents the
allocation hierarchy of IP address space and Autonomous System (AS)
Numbers; and a distributed repository system for storing and
disseminating the data objects that comprise the PKI, as well as
other signed objects necessary for improved routing security. As an
initial application of this architecture, the document describes how
a legitimate holder of IP address space can explicitly and verifiably
authorize one or more ASes to originate routes to that address space.
Such verifiable authorizations could be used, for example, to more
securely construct BGP route filters. 

Working Group Summary

This draft's first version came early in the working group history.
It has been presented many times and has gone through many versions
but the outline remains essentially the same, indicating consistency
in the working group thinking.  

Document Quality

The document is well written and clear. It does not describe a protocol,
so there are no "implementations" per se. However, it serves as the
reference point for the other working group drafts, so the authors of
this draft and the authors of the other drafts have worked to ensure
that they remain mutually consistent.

Several implementations exist of the PKI expressed in this architecture.
Implementation experience has been reflected in changes in the


Sandra Murphy is the Document Shepherd for this document.
Stewart Bryant is the Responsible Area Director.

RFC Editor Note