A Default Validation Policy for the use of RPKI Manifests in the global Internet Routing System.
draft-spaghetti-sidrops-rpki-manifest-validation-01

Document Type Expired Internet-Draft (individual)
Author Job Snijders 
Last updated 2020-11-16 (latest revision 2020-05-04)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text xml htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-spaghetti-sidrops-rpki-manifest-validation-01.txt

Abstract

Manifests are a critical cornerstone to the global Resource Public Key Infrastructure (RPKI). RFC 6486 describes a validation decision tree which introduced the notion of 'local policy', creating space for ambiguity. This ambiguity has led to various RPKI implementations producing different output when presented with the same input, but also leads to severe operational security implications. This document updates RFC 6486 and introduces the notion of a default policy for Manifest validation to encourage harmony between implementations.

Authors

Job Snijders (job@ntt.net)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)