RPKI Signed Object for Trust Anchor Keys
draft-ietf-sidrops-signed-tal-02
| Document | Type | Expired Internet-Draft (sidrops WG) | |
|---|---|---|---|
| Authors | Tim Bruijnzeels , Carlos M. Martínez , Rob Austein | ||
| Last updated | 2019-04-22 (Latest revision 2018-10-19) | ||
| Replaces | draft-tbruijnzeels-sidrops-signed-tal | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Stream | WG state | In WG Last Call | |
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-ietf-sidrops-signed-tal-02.txt
Abstract
Trust Anchor Locators (TALs) [I-D.ietf-sidrops-https-tal] are used by Relying Parties in the RPKI to locate and validate Trust Anchor certificates used in RPKI validation. This document defines an RPKI signed object for Trust Anchor Keys (TAK), that can be used by Trust Anchors to signal their set of current keys and the location(s) of the accompanying CA certiifcates to Relying Parties, as well as changes to this set in the form of revoked keys and new keys, in order to support both planned and unplanned key rolls without impacting RPKI validation.
Authors
Tim Bruijnzeels
Carlos M. Martínez
Rob Austein
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)