The 'I' in RPKI Does Not Stand for Identity
draft-ietf-sidrops-rpki-has-no-identity-07

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-sidrops-rpki-has-no-identity@ietf.org, morrowc@ops-netman.net, rfc-editor@rfc-editor.org, sidrops-chairs@ietf.org, sidrops@ietf.org, warren@kumari.net
Subject: Protocol Action: 'The I in RPKI does not stand for Identity' to Proposed Standard (draft-ietf-sidrops-rpki-has-no-identity-07.txt)

The IESG has approved the following document:
- 'The I in RPKI does not stand for Identity'
  (draft-ietf-sidrops-rpki-has-no-identity-07.txt) as Proposed Standard

This document is the product of the SIDR Operations Working Group.

The IESG contact persons are Warren Kumari and Robert Wilton.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpki-has-no-identity/

Ballot Text

Technical Summary

   There is a false notion that Internet Number Resources (INRs) in the
   RPKI can be associated with the real world identity of the 'owner' of
   an INR.  This document attempts to put that notion to rest.

Working Group Summary

   The WG consensus was strong enough, without any real dissenting discussion.


Document Quality

 The document is clear, well written, and solves a real-world problem.
 Ideally the document would not be needed - RFC6480 - "An Infrastructure to Support Secure Internet Routing", Section 2.1 says explicitly "An
important property of this PKI is that certificates do not attest to the identity of the subject."
However, people continue to assume that they may be able to use this PKI to for all sorts of things unrelated to the RPKI / INRs - this document
clarifies and restates existing information to help prevent people falling into this trap.




Personnel

Shepherd: Chris Morrow (morrowc@ops-netman.net)
RAD!!!:  Warren Kumari (warren@kumari.net)

RFC Editor Note