A Default Validation Policy for the use of RPKI Manifests in the global Internet Routing System.
Expired & archived
|Last updated||2020-11-16 (Latest revision 2020-05-04)|
|Intended RFC status||(None)|
|Stream||Stream state||(No stream defined)|
|RFC Editor Note||(None)|
|Send notices to||(None)|
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Manifests are a critical cornerstone to the global Resource Public Key Infrastructure (RPKI). RFC 6486 describes a validation decision tree which introduced the notion of 'local policy', creating space for ambiguity. This ambiguity has led to various RPKI implementations producing different output when presented with the same input, but also leads to severe operational security implications. This document updates RFC 6486 and introduces the notion of a default policy for Manifest validation to encourage harmony between implementations.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)