Skip to main content

RPKI Signed Object for Trust Anchor Key

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: The IESG <>,,,,,,,
Subject: Protocol Action: 'RPKI Signed Object for Trust Anchor Key' to Proposed Standard (draft-ietf-sidrops-signed-tal-16.txt)

The IESG has approved the following document:
- 'RPKI Signed Object for Trust Anchor Key'
  (draft-ietf-sidrops-signed-tal-16.txt) as Proposed Standard

This document is the product of the SIDR Operations Working Group.

The IESG contact persons are Warren Kumari and Mahesh Jethanandani.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

   A Trust Anchor Locator (TAL) is used by Relying Parties (RPs) in the
   Resource Public Key Infrastructure (RPKI) to locate and validate a
   Trust Anchor (TA) Certification Authority (CA) certificate used in
   RPKI validation.  This document defines an RPKI signed object for a
   Trust Anchor Key (TAK), that can be used by a TA to signal the
   location(s) of the accompanying CA certificate for the current key to
   RPs, as well as the successor key and the location(s) of its CA
   certificate.  This object helps to support planned key rolls without
   impacting RPKI validation.

Working Group Summary

   There is consensus for this document in the SIDRops WG.

Document Quality

   There are multiple implementations of this, documented in Section 13v of the draft.


   Russ Housley is DS
   Warren "Ace" Kumari

RFC Editor Note