Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-01.txt

Mon, 05 Dec 2011 10:24:14 -0800

This version adds an ASN.1 module. It still needs the official oids (one for the module and one for the EKU), but I figure we shouldn't ask for those until we're sure we're done. 

spt

On 12/5/11 1:20 PM, internet-dra...@ietf.org wrote:


A New Internet-Draft is available from the on-line Internet-Drafts directories. 
This draft is a work item of the Secure Inter-Domain Routing Working Group of 
the IETF.

        Title           : A Profile for BGPSEC Router Certificates, Certificate 
Revocation Lists, and Certification Requests
        Author(s)       : Mark Reynolds
                           Sean Turner
                           Steve Kent
        Filename        : draft-ietf-sidr-bgpsec-pki-profiles-01.txt
        Pages           : 11
        Date            : 2011-12-05

    This document defines a standard profile for X.509 certificates for
    the purposes of supporting validation of Autonomous System (AS) paths
    in the Border Gateway Protocol (BGP), as part of an extension to that
    protocol known as BGPSEC.  BGP is a critical component for the proper
    operation of the Internet as a whole.  The BGPSEC protocol is under
    development as a component to address the requirement to provide
    security for the BGP protocol.  The goal of BGPSEC is to design a
    protocol for full AS path validation based on the use of strong
    cryptographic primitives.  The end-entity (EE) certificates specified
    by this profile are issued under Resource Public Key Infrastructure
    (RPKI) Certification Authority (CA) certificates, containing the AS
    Identifier Delegation extension, to routers within the Autonomous
    System (AS).  The certificate asserts that the router(s) holding the
    private key are authorized to send out secure route advertisements on
    behalf of the specified AS.  This document also profiles the
    Certificate Revocation List (CRL), profiles the format of
    certification requests, and specifies Relying Party certificate path
    validation procedures.  The document extends the RPKI; therefore,
    this documents updates the RPKI Resource Certificates Profile (draft-
    ietf-sidr-res-cert-profile).


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sidr-bgpsec-pki-profiles-01.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-ietf-sidr-bgpsec-pki-profiles-01.txt

_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr


_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr

Reply via email to