Skip to main content

Origin Validation Signaling

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Randy Bush , Keyur Patel
Last updated 2020-01-03 (Latest revision 2019-07-02)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Within a trust boundary, e.g. an operator's PoP, it may be useful to have only a few central devices do full Origin Validation using the Resource Public Key Infrastructure, and be able to signal to an internal sender that a received route fails Origin Validation. E.g. route reflectors could perform Origin Validation for a cluster and signal back to a sending client that it sent an invalid route. Routers capable of sending and receiving this signal can use the extended community described in [RFC8097].


Randy Bush
Keyur Patel

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)