A Default Validation Policy for the use of RPKI Manifests in the global Internet Routing System.
|Document||Type||Expired Internet-Draft (individual)|
|Last updated||2020-11-16 (latest revision 2020-05-04)|
|Intended RFC status||(None)|
Expired & archivedplain text xml htmlized pdfized bibtex
|Stream||Stream state||(No stream defined)|
|RFC Editor Note||(None)|
|Send notices to||(None)|
Manifests are a critical cornerstone to the global Resource Public Key Infrastructure (RPKI). RFC 6486 describes a validation decision tree which introduced the notion of 'local policy', creating space for ambiguity. This ambiguity has led to various RPKI implementations producing different output when presented with the same input, but also leads to severe operational security implications. This document updates RFC 6486 and introduces the notion of a default policy for Manifest validation to encourage harmony between implementations.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)