< draft-ietf-opsawg-finding-geofeeds-09.txt   draft-ietf-opsawg-finding-geofeeds-10.txt >
Network Working Group R. Bush Network Working Group R. Bush
Internet-Draft IIJ & Arrcus Internet-Draft IIJ & Arrcus
Intended status: Standards Track M. Candela Intended status: Standards Track M. Candela
Expires: November 16, 2021 NTT Expires: November 18, 2021 NTT
W. Kumari W. Kumari
Google Google
R. Housley R. Housley
Vigil Security Vigil Security
May 15, 2021 May 17, 2021
Finding and Using Geofeed Data Finding and Using Geofeed Data
draft-ietf-opsawg-finding-geofeeds-09 draft-ietf-opsawg-finding-geofeeds-10
Abstract Abstract
This document specifies how to augment the Routing Policy This document specifies how to augment the Routing Policy
Specification Language inetnum: class to refer specifically to Specification Language inetnum: class to refer specifically to
geofeed data CSV files, and describes an optional scheme to use the geofeed data CSV files, and describes an optional scheme to use the
Routing Public Key Intrastructure to authenticate the geofeed data Routing Public Key Intrastructure to authenticate the geofeed data
CSV files. CSV files.
Status of This Memo Status of This Memo
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 16, 2021. This Internet-Draft will expire on November 18, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 21 skipping to change at page 2, line 21
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. Geofeed Files . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Geofeed Files . . . . . . . . . . . . . . . . . . . . . . . . 3
3. inetnum: Class . . . . . . . . . . . . . . . . . . . . . . . 3 3. inetnum: Class . . . . . . . . . . . . . . . . . . . . . . . 3
4. Authenticating Geofeed Data . . . . . . . . . . . . . . . . . 5 4. Authenticating Geofeed Data . . . . . . . . . . . . . . . . . 5
5. Operational Considerations . . . . . . . . . . . . . . . . . 7 5. Operational Considerations . . . . . . . . . . . . . . . . . 7
6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8 6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8
7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
10.1. Normative References . . . . . . . . . . . . . . . . . . 9 10.1. Normative References . . . . . . . . . . . . . . . . . . 9
10.2. Informative References . . . . . . . . . . . . . . . . . 10 10.2. Informative References . . . . . . . . . . . . . . . . . 10
Appendix A. Example . . . . . . . . . . . . . . . . . . . . . . 11 Appendix A. Example . . . . . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20
1. Introduction 1. Introduction
Providers of Internet content and other services may wish to Providers of Internet content and other services may wish to
customize those services based on the geographic location of the user customize those services based on the geographic location of the user
skipping to change at page 3, line 37 skipping to change at page 3, line 37
prefixes, dual IPv4/IPv6 spaces are represented, etc. prefixes, dual IPv4/IPv6 spaces are represented, etc.
Geofeed data do have privacy considerations, see Section 6. Geofeed data do have privacy considerations, see Section 6.
This document also suggests optional signature, which authenticates This document also suggests optional signature, which authenticates
the data when present, for geofeed files to provide stronger the data when present, for geofeed files to provide stronger
authenticity to the data. authenticity to the data.
3. inetnum: Class 3. inetnum: Class
The original RPSL specifications starting with [RIPE81], [RIPE181],
and a trail of subsequent documents were done by the RIPE community.
The IETF standardardized RPSL in [RFC2622] and [RFC4012]. Since
then, it has been modified and extensively enhanced in the RIR
community, mostly by RIPE, [RIPE-DB]. Currently, change contol
effectively lies in the operator community.
The Routing Policy Specification Language (RPSL), and [RFC2622] and The Routing Policy Specification Language (RPSL), and [RFC2622] and
[RFC4012] used by the Regional Internet Registries (RIRs) specifies [RFC4012] used by the Regional Internet Registries (RIRs) specifies
the inetnum: database class. Each of these objects describes an IP the inetnum: database class. Each of these objects describes an IP
address range and its attributes. The inetnum: objects form a address range and its attributes. The inetnum: objects form a
hierarchy ordered on the address space. hierarchy ordered on the address space.
Ideally, RPSL would be augmented to define a new RPSL geofeed: Ideally, RPSL would be augmented to define a new RPSL geofeed:
attribute in the inetnum: class. Until such time, this document attribute in the inetnum: class. Until such time, this document
defines the syntax of a Geofeed remarks: attribute which contains an defines the syntax of a Geofeed remarks: attribute which contains an
HTTPS URL of a geofeed file. The format of the inetnum: geofeed HTTPS URL of a geofeed file. The format of the inetnum: geofeed
skipping to change at page 11, line 30 skipping to change at page 11, line 34
"Inventory and Analysis of WHOIS Registration Objects", "Inventory and Analysis of WHOIS Registration Objects",
RFC 7485, DOI 10.17487/RFC7485, March 2015, RFC 7485, DOI 10.17487/RFC7485, March 2015,
<https://www.rfc-editor.org/info/rfc7485>. <https://www.rfc-editor.org/info/rfc7485>.
[RFC7909] Kisteleki, R. and B. Haberman, "Securing Routing Policy [RFC7909] Kisteleki, R. and B. Haberman, "Securing Routing Policy
Specification Language (RPSL) Objects with Resource Public Specification Language (RPSL) Objects with Resource Public
Key Infrastructure (RPKI) Signatures", RFC 7909, Key Infrastructure (RPKI) Signatures", RFC 7909,
DOI 10.17487/RFC7909, June 2016, DOI 10.17487/RFC7909, June 2016,
<https://www.rfc-editor.org/info/rfc7909>. <https://www.rfc-editor.org/info/rfc7909>.
[RIPE-DB] RIPE, "RIPE Database Documentation",
<https://www.ripe.net/manage-ips-and-
asns/db/support/documentation/ripe-database-
documentation>.
[RIPE181] RIPE, "Representation Of IP Routing Policies In A Routing
Registry",
<https://www.ripe.net/publications/docs/ripe-181>.
[RIPE81] RIPE, "Representation Of IP Routing Policies In The RIPE
Database",
<https://www.ripe.net/publications/docs/ripe-081>.
Appendix A. Example Appendix A. Example
This appendix provides an example, including a trust anchor, a CA This appendix provides an example, including a trust anchor, a CA
certificate subordinate to the trust anchor, an end-entity certificate subordinate to the trust anchor, an end-entity
certificate subordinate to the CA for signing the geofeed, and a certificate subordinate to the CA for signing the geofeed, and a
detached signature. detached signature.
The trust anchor is represented by a self-signed certificate. As The trust anchor is represented by a self-signed certificate. As
usual in the RPKI, the trust anchor has authority over all IPv4 usual in the RPKI, the trust anchor has authority over all IPv4
address blocks, all IPv6 address blocks, and all AS numbers. address blocks, all IPv6 address blocks, and all AS numbers.
 End of changes. 7 change blocks. 
5 lines changed or deleted 25 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/