Resource Public Key Infrastructure (RPKI) Repository Requirements
draft-ietf-sidrops-prefer-rrdp-00

Document Type Active Internet-Draft (sidrops WG)
Authors Tim Bruijnzeels  , Randy Bush  , George Michaelson 
Last updated 2021-02-22
Replaces draft-ietf-sidrops-deprecate-rsync
Stream Internent Engineering Task Force (IETF)
Intended RFC status (None)
Formats plain text xml pdf htmlized (tools) htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state I-D Exists
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                     T. Bruijnzeels
Internet-Draft                                                NLnet Labs
Updates: 6841, 8182 (if approved)                                R. Bush
Intended status: Standards TrackInternet Initiative Japan & Arrcus, Inc.
Expires: August 26, 2021                                   G. Michaelson
                                                                   APNIC
                                                       February 22, 2021

   Resource Public Key Infrastructure (RPKI) Repository Requirements
                   draft-ietf-sidrops-prefer-rrdp-00

Abstract

   This document formulates a plan of a phased transition to a state
   where RPKI repositories and Relying Party software performing RPKI
   Validation will use the RPKI Repository Delta Protocol (RRDP)
   [RFC8182] as the only mandatory to implement access protocol.

   The first objective is to make RRDP the preferred access protocol,
   and require rsync as a fallback option only.  This will greatly
   reduce the operational burden and concerns for RPKI repository
   operators.

   In phase 0, today's deployment, RRDP is supported by most, but not
   all Repositories, and most but not all RP software.

   In the proposed phase 1 RRDP will become mandatory to implement for
   Repositories, in addition to rsync.  This phase can start as soon as
   this document is published.

   Once the proposed updates are implemented by all Repositories phase 2
   will start.  In this phase RRDP will become mandatory to implement
   for all RP software, and rsync will be required as a fallback option
   only.

   It should be noted that although this document currently includes
   descriptions and updates to RFCs for each of these phases, we may
   find that it will be beneficial to have one or more separate
   documents for these phases, so that it might be more clear to all
   when the updates to RFCs take effect.

   Furthermore, this document currently includes an early discussion of
   a future objective, which would be to change the RPKI standards such
   that names in RPKI objects are no longer tightly coupled to rsync.
   By using transport independent names and validation, we will obtain
   the agility needed to phase out rsync altogether and/or introduce
   other future access protocols.

Bruijnzeels, et al.      Expires August 26, 2021                [Page 1]
Internet-Draft        RPKI Repository Requirements         February 2021

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 26, 2021.

Copyright Notice

   Copyright (c) 2021 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Requirements notation . . . . . . . . . . . . . . . . . . . .   3
   2.  Motivation  . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Plan to prefer RRDP . . . . . . . . . . . . . . . . . . . . .   4
     3.1.  Phase 0 - RPKI repositories support rsync, and optionally
           RRDP  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
       3.1.1.  Updates to RFC 8182 . . . . . . . . . . . . . . . . .   4
       3.1.2.  Updates to RFC 6481 . . . . . . . . . . . . . . . . .   5
     3.2.  Phase 1 - RPKI repositories support both rsync and RRDP .   6
       3.2.1.  Updates to RFC 6481 . . . . . . . . . . . . . . . . .   6
       3.2.2.  Measurements  . . . . . . . . . . . . . . . . . . . .   7
     3.3.  Phase 2 - All RP software prefers RRDP  . . . . . . . . .   7
       3.3.1.  Updates to RFC 8182 . . . . . . . . . . . . . . . . .   7
       3.3.2.  Rsync URIs as object identifiers  . . . . . . . . . .   7
       3.3.3.  Measurements  . . . . . . . . . . . . . . . . . . . .   8

Bruijnzeels, et al.      Expires August 26, 2021                [Page 2]
Show full document text