An Infrastructure to Support Secure Internet Routing
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com>, sidr mailing list <firstname.lastname@example.org>, sidr chair <email@example.com> Subject: Document Action: 'An Infrastructure to Support Secure Internet Routing' to Informational RFC (draft-ietf-sidr-arch-13.txt) The IESG has approved the following document: - 'An Infrastructure to Support Secure Internet Routing' (draft-ietf-sidr-arch-13.txt) as an Informational RFC This document is the product of the Secure Inter-Domain Routing Working Group. The IESG contact persons are Stewart Bryant and Adrian Farrel. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-sidr-arch/
Technical Summary This document describes an architecture for an infrastructure to support improved security of Internet routing. The foundation of this architecture is a public key infrastructure (PKI) that represents the allocation hierarchy of IP address space and Autonomous System (AS) Numbers; and a distributed repository system for storing and disseminating the data objects that comprise the PKI, as well as other signed objects necessary for improved routing security. As an initial application of this architecture, the document describes how a legitimate holder of IP address space can explicitly and verifiably authorize one or more ASes to originate routes to that address space. Such verifiable authorizations could be used, for example, to more securely construct BGP route filters. Working Group Summary This draft's first version came early in the working group history. It has been presented many times and has gone through many versions but the outline remains essentially the same, indicating consistency in the working group thinking. Document Quality The document is well written and clear. It does not describe a protocol, so there are no "implementations" per se. However, it serves as the reference point for the other working group drafts, so the authors of this draft and the authors of the other drafts have worked to ensure that they remain mutually consistent. Several implementations exist of the PKI expressed in this architecture. Implementation experience has been reflected in changes in the architecture. Personnel Sandra Murphy is the Document Shepherd for this document. Stewart Bryant is the Responsible Area Director.