BGPsec Router Certificate Rollover
draft-ietf-sidr-bgpsec-rollover-04

The information below is for an old version of the document
Document Type Expired Internet-Draft (sidr WG)
Last updated 2016-01-07 (latest revision 2015-07-06)
Replaces draft-rogaglia-sidr-bgpsec-rollover
Replaced by rfc8634, draft-ietf-sidrops-bgpsec-rollover
Stream IETF
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-sidr-bgpsec-rollover-04.txt

Abstract

BGPsec will need to address the impact from regular and emergency rollover processes for the BGPsec End-Entity (EE) certificates that will be performed by Certificate Authorities (CAs) participating at the Resource Public Key Infrastructure (RPKI). Rollovers of BGPsec EE certificates must be carefully managed in order to synchronize distribution of router public keys and the usage of those pubic keys by BGPsec routers. This document provides general recommendations for that process, as well as describing reasons why the rollover of BGPsec EE certificates might be necessary.

Authors

Roque Gagliano (rogaglia@cisco.com)
Keyur Patel (keyupate@cisco.com)
Brian Weis (bew@cisco.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)