RPKI Signed Object for Trust Anchor Keys
draft-ietf-sidrops-signed-tal-02
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
|
|
---|---|---|---|
Authors | Tim Bruijnzeels , Carlos M. Martínez , Rob Austein | ||
Last updated | 2019-04-22 (Latest revision 2018-10-19) | ||
Replaces | draft-tbruijnzeels-sidrops-signed-tal | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Reviews |
OPSDIR Last Call Review due 2024-04-26
Incomplete
SECDIR Last Call Review due 2024-04-26
Incomplete
GENART Last Call Review due 2024-04-26
Incomplete
|
||
Additional resources | Mailing list discussion | ||
Stream | WG state | In WG Last Call | |
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Trust Anchor Locators (TALs) [I-D.ietf-sidrops-https-tal] are used by Relying Parties in the RPKI to locate and validate Trust Anchor certificates used in RPKI validation. This document defines an RPKI signed object for Trust Anchor Keys (TAK), that can be used by Trust Anchors to signal their set of current keys and the location(s) of the accompanying CA certiifcates to Relying Parties, as well as changes to this set in the form of revoked keys and new keys, in order to support both planned and unplanned key rolls without impacting RPKI validation.
Authors
Tim Bruijnzeels
Carlos M. Martínez
Rob Austein
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)