Skip to main content

On the use of the CMS signing-time attribute in RPKI Signed Objects
draft-ietf-sidrops-cms-signing-time-07

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-sidrops-cms-signing-time@ietf.org, housley@vigilsec.com, rfc-editor@rfc-editor.org, sidrops-chairs@ietf.org, sidrops@ietf.org, warren@kumari.net
Subject: Protocol Action: 'On the use of the CMS signing-time attribute in RPKI Signed Objects' to Proposed Standard (draft-ietf-sidrops-cms-signing-time-07.txt)

The IESG has approved the following document:
- 'On the use of the CMS signing-time attribute in RPKI Signed Objects'
  (draft-ietf-sidrops-cms-signing-time-07.txt) as Proposed Standard

This document is the product of the SIDR Operations Working Group.

The IESG contact persons are Warren Kumari and Mahesh Jethanandani.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-sidrops-cms-signing-time/


Ballot Text

Technical Summary

      In the Resource Public Key Infrastructure (RPKI), Signed Objects are
   defined as Cryptographic Message Syntax (CMS) protected content types
   using the template that is published in RFC 6488, which includes an
   optional CMS signing-time attribute.  When the template was defined,
   rsync was the only distribution mechanism for RPKI repositories.
   Today, the RPKI Repository Delta Protocol (RRDP) is also used.  While
   RPKI repository operators must provide rsync service, RRDP is also
   typically deployed and preferred by most relying parties (RPs).  When
   fetches with RRDP fail, PRs fallback to rsync.  This document
   describes how Publishers and RPs can use the CMS signing-time
   attribute to minimize the burden of switching over from
   RRDP to rsync.  Additionally, this document updates RFC 6488 to
   mandate the presence of the CMS signing-time attribute and
   disallow the use of the alternative binary-signing-time attribute.

Working Group Summary

  There is consensus for this document in the SIDRops WG.
  Many people indicated that they are looking forward to the
  performance improvement associated with this document.

  


Document Quality

   There are multiple implementations available today.

Personnel

   Russ Housley is DS.
   Warren "Ace" Kumari is RAD!!!!!11!1!


RFC Editor Note