Adverse Actions by a Certification Authority (CA) or Repository Manager in the Resource Public Key Infrastructure (RPKI)
RFC 8211
Document Type RFC - Informational (September 2017; No errata)
Last updated 2017-09-27
Replaces draft-kent-sidr-adverse-actions
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
OPSDIR Last Call Review (of -03): Has Issues
GENART Last Call Review (of -03): Ready with Nits
SECDIR Last Call Review (of -03): Has Nits
Stream WG state Submitted to IESG for Publication
Document shepherd Chris Morrow
Shepherd write-up Show (last changed 2016-10-25)
IESG IESG state RFC 8211 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Alvaro Retana
Send notices to "Chris Morrow" <morrowc@ops-netman.net>, aretana@cisco.com
IANA IANA review state IANA OK - No Actions Needed
IANA action state No IANA Actions
Email authors Email WG IPR References Referenced by Nits 
Internet Engineering Task Force (IETF)                           S. Kent
Request for Comments: 8211                              BBN Technologies
Category: Informational                                            D. Ma
ISSN: 2070-1721                                                     ZDNS
                                                          September 2017

Adverse Actions by a Certification Authority (CA) or Repository Manager
            in the Resource Public Key Infrastructure (RPKI)

Abstract

   This document analyzes actions by or against a Certification
   Authority (CA) or an independent repository manager in the RPKI that
   can adversely affect the Internet Number Resources (INRs) associated
   with that CA or its subordinate CAs.  The analysis is done from the
   perspective of an affected INR holder.  The analysis is based on
   examination of the data items in the RPKI repository, as controlled
   by a CA (or an independent repository manager) and fetched by Relying
   Parties (RPs).  The analysis does not purport to be comprehensive; it
   does represent an orderly way to analyze a number of ways that errors
   by or attacks against a CA or repository manager can affect the RPKI
   and routing decisions based on RPKI data.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It has been approved for publication by the Internet
   Engineering Steering Group (IESG).  Not all documents approved by the
   IESG are a candidate for any level of Internet Standard; see
   Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8211.

Kent & Ma                     Informational                     [Page 1]
RFC 8211                 RPKI Adverse CA Actions          September 2017

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Analysis of RPKI Repository Objects . . . . . . . . . . . . .   4
     2.1.  CA Certificates . . . . . . . . . . . . . . . . . . . . .   6
     2.2.  Manifest  . . . . . . . . . . . . . . . . . . . . . . . .   9
     2.3.  Certificate Revocation List . . . . . . . . . . . . . . .  12
     2.4.  ROA . . . . . . . . . . . . . . . . . . . . . . . . . . .  15
     2.5.  Ghostbusters Record . . . . . . . . . . . . . . . . . . .  17
     2.6.  Router Certificates . . . . . . . . . . . . . . . . . . .  18
   3.  Analysis of Actions Relative to Scenarios . . . . . . . . . .  19
     3.1.  Scenario A  . . . . . . . . . . . . . . . . . . . . . . .  21
     3.2.  Scenario B  . . . . . . . . . . . . . . . . . . . . . . .  21
     3.3.  Scenario C  . . . . . . . . . . . . . . . . . . . . . . .  21
     3.4.  Scenario D  . . . . . . . . . . . . . . . . . . . . . . .  22
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .  22
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  23
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  23
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .  23
     6.2.  Informative References  . . . . . . . . . . . . . . . . .  25
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  26
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  26

Kent & Ma                     Informational                     [Page 2]
RFC 8211                 RPKI Adverse CA Actions          September 2017

1.  Introduction

   In the context of this document, any change to the Resource Public
   Key Infrastructure (RPKI) [RFC6480] that diminishes the set of
   Internet Number Resources (INRs) associated with an INR holder, and
   that is contrary to the holder's wishes, is termed "adverse".  This
   analysis is done from the perspective of an affected INR holder.  An
   action that results in an adverse charge (as defined above) may be
   the result of an attack on a CA [RFC7132], an error by a CA, or an
   error by or an attack on a repository operator.  Note that the CA
   that allocated the affected INRs may be acting in accordance with
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools