Technical Summary
This document defines a Trust Anchor Locator (TAL) for the Resource
Public Key Infrastructure (RPKI). TALs allow Relying Parties in the
RPKI to download the current Trust Anchor (TA) CA certificate from
one or more locations, and verify that the key of this self-signed
certificate matches the key on the TAL. Thus, Relying Parties can be
configured with TA keys, but allow these TAs to change the content of
their CA certificate. In particular it allows TAs to change the set
of Internet Number Resources included in the RFC3779 extension of
their certificate.
This document obsoletes the previous definition of Trust Anchor
Locators in RFC 7730 by adding support for HTTPS URIs.
Working Group Summary
Nothing in the WG that was overly noteworthy,
good discussion and back/forth on changes.
Document Quality
This document obsoletes an existing implementation replacing it with new implementations.
Personnel
Shepherd: Chris Morrow - morrowc@ops-netman.net
AD: Warren Kumari - warren@kumari.net