BGPsec Algorithms, Key Formats, and Signature Formats
RFC 8608

Document Type RFC - Proposed Standard (June 2019; No errata)
Obsoletes RFC 8208
Updates RFC 7935
Last updated 2019-06-19
Replaces draft-borchert-sidrops-bgpsec-algs-rfc8208-bis
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Chris Morrow
Shepherd write-up Show (last changed 2019-02-27)
IESG IESG state RFC 8608 (Proposed Standard)
Consensus Boilerplate Yes
Telechat date
Responsible AD Warren Kumari
Send notices to Chris Morrow <morrowc@ops-netman.net>
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                         S. Turner
Request for Comments: 8608                                         sn3rd
Obsoletes: 8208                                              O. Borchert
Updates: 7935                                                       NIST
Category: Standards Track                                      June 2019
ISSN: 2070-1721

         BGPsec Algorithms, Key Formats, and Signature Formats

Abstract

   This document specifies the algorithms, algorithm parameters,
   asymmetric key formats, asymmetric key sizes, and signature formats
   used in BGPsec (Border Gateway Protocol Security).  This document
   updates RFC 7935 ("The Profile for Algorithms and Key Sizes for Use
   in the Resource Public Key Infrastructure") and obsoletes RFC 8208
   ("BGPsec Algorithms, Key Formats, and Signature Formats") by adding
   Documentation and Experimentation Algorithm IDs, correcting the range
   of unassigned algorithms IDs to fill the complete range, and
   restructuring the document for better reading.

   This document also includes example BGPsec UPDATE messages as well as
   the private keys used to generate the messages and the certificates
   necessary to validate those signatures.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8608.

Turner & Borchert            Standards Track                    [Page 1]
RFC 8608          BGPsec Algs, Key & Signature Formats         June 2019

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
     1.2.  Changes from RFC 8208 . . . . . . . . . . . . . . . . . .   4
   2.  Algorithms  . . . . . . . . . . . . . . . . . . . . . . . . .   4
     2.1.  Algorithm ID Types  . . . . . . . . . . . . . . . . . . .   4
     2.2.  Signature Algorithms  . . . . . . . . . . . . . . . . . .   6
       2.2.1.  Algorithm ID 0x01 (1) - (ECDSA P-256) . . . . . . . .   6
   3.  Asymmetric Key Pair Formats . . . . . . . . . . . . . . . . .   6
     3.1.  Asymmetric Key Pair for Algorithm ID 0x01 (1) - (ECDSA
           P-256)  . . . . . . . . . . . . . . . . . . . . . . . . .   6
       3.1.1.  Public Key Format . . . . . . . . . . . . . . . . . .   6
       3.1.2.  Private Key Format  . . . . . . . . . . . . . . . . .   7
   4.  Signature Formats . . . . . . . . . . . . . . . . . . . . . .   7
   5.  Additional Requirements . . . . . . . . . . . . . . . . . . .   7
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   9
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  11
   Appendix A.  Examples . . . . . . . . . . . . . . . . . . . . . .  12
     A.1.  Topology and Experiment Description . . . . . . . . . . .  12
     A.2.  Keys  . . . . . . . . . . . . . . . . . . . . . . . . . .  12
     A.3.  BGPsec IPv4 . . . . . . . . . . . . . . . . . . . . . . .  16
     A.4.  BGPsec IPv6 . . . . . . . . . . . . . . . . . . . . . . .  18
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  21
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  21

Turner & Borchert            Standards Track                    [Page 2]
RFC 8608          BGPsec Algs, Key & Signature Formats         June 2019

1.  Introduction

   This document specifies the following:

   o  the digital signature algorithm and parameters,

   o  the hash algorithm and parameters,

   o  the algorithm identifier assignment and classification,

   o  the public and private key formats, and
Show full document text