An RPKI and IPsec-based AS-to-AS Approach for Source Address Validation
draft-xu-risav-02
Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Ke Xu , Jianping Wu , Yangfei Guo , Benjamin M. Schwartz , Haiyang Wang | ||
Last updated | 2022-10-20 | ||
Replaced by | draft-xu-ipsecme-risav | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources |
GitHub Repository
|
||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Replaced by draft-xu-ipsecme-risav | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document presents RISAV, a protocol for establishing and using IPsec security between Autonomous Systems (ASes) using the RPKI identity system. In this protocol, the originating AS adds authenticating information to each outgoing packet at its Border Routers (ASBRs), and the receiving AS verifies and strips this information at its ASBRs. Packets that fail validation are dropped by the ASBR. RISAV achieves Source Address Validation among all participating ASes.
Authors
Ke Xu
Jianping Wu
Yangfei Guo
Benjamin M. Schwartz
Haiyang Wang
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)