The Resource Public Key Infrastructure (RPKI) to Router Protocol, Version 2
draft-ietf-sidrops-8210bis-02
Network Working Group R. Bush
Internet-Draft IIJ & Arrcus
Updates: 8210 (if approved) R. Austein
Intended status: Standards Track Dragon Research Labs
Expires: August 22, 2021 February 18, 2021
The Resource Public Key Infrastructure (RPKI) to Router Protocol,
Version 2
draft-ietf-sidrops-8210bis-02
Abstract
In order to verifiably validate the origin Autonomous Systems and
Autonomous System Paths of BGP announcements, routers need a simple
but reliable mechanism to receive Resource Public Key Infrastructure
(RFC 6480) prefix origin data and router keys from a trusted cache.
This document describes a protocol to deliver them.
This document describes version 2 of the RPKI-Router protocol. RFC
6810 describes version 0, and RFC 8210 describes version 1. This
document updates RFC 8210.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 22, 2021.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
Bush & Austein Expires August 22, 2021 [Page 1]
Internet-Draft RPKI-Router Protocol February 2021
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
1.2. Changes from RFC 8210 . . . . . . . . . . . . . . . . . . 3
2. Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Deployment Structure . . . . . . . . . . . . . . . . . . . . 4
4. Operational Overview . . . . . . . . . . . . . . . . . . . . 5
5. Protocol Data Units (PDUs) . . . . . . . . . . . . . . . . . 6
5.1. Fields of a PDU . . . . . . . . . . . . . . . . . . . . . 6
5.2. Serial Notify . . . . . . . . . . . . . . . . . . . . . . 9
5.3. Serial Query . . . . . . . . . . . . . . . . . . . . . . 9
5.4. Reset Query . . . . . . . . . . . . . . . . . . . . . . . 10
5.5. Cache Response . . . . . . . . . . . . . . . . . . . . . 11
5.6. IPv4 Prefix . . . . . . . . . . . . . . . . . . . . . . . 11
5.7. IPv6 Prefix . . . . . . . . . . . . . . . . . . . . . . . 13
5.8. End of Data . . . . . . . . . . . . . . . . . . . . . . . 13
5.9. Cache Reset . . . . . . . . . . . . . . . . . . . . . . . 15
5.10. Router Key . . . . . . . . . . . . . . . . . . . . . . . 15
5.11. Error Report . . . . . . . . . . . . . . . . . . . . . . 17
5.12. ASPA PDU . . . . . . . . . . . . . . . . . . . . . . . . 18
6. Protocol Timing Parameters . . . . . . . . . . . . . . . . . 20
7. Protocol Version Negotiation . . . . . . . . . . . . . . . . 21
8. Protocol Sequences . . . . . . . . . . . . . . . . . . . . . 22
8.1. Start or Restart . . . . . . . . . . . . . . . . . . . . 22
8.2. Typical Exchange . . . . . . . . . . . . . . . . . . . . 23
8.3. No Incremental Update Available . . . . . . . . . . . . . 24
8.4. Cache Has No Data Available . . . . . . . . . . . . . . . 25
9. Transport . . . . . . . . . . . . . . . . . . . . . . . . . . 25
9.1. SSH Transport . . . . . . . . . . . . . . . . . . . . . . 26
9.2. TLS Transport . . . . . . . . . . . . . . . . . . . . . . 27
9.3. TCP MD5 Transport . . . . . . . . . . . . . . . . . . . . 28
9.4. TCP-AO Transport . . . . . . . . . . . . . . . . . . . . 28
10. Router-Cache Setup . . . . . . . . . . . . . . . . . . . . . 28
11. ROA PDU Race Minimization . . . . . . . . . . . . . . . . . . 30
Show full document text