| < draft-ietf-sidr-bgpsec-algs-06.txt | draft-ietf-sidr-bgpsec-algs-07.txt > | |||
|---|---|---|---|---|
| Secure Inter-Domain Routing Working Group S. Turner | Secure Inter-Domain Routing Working Group S. Turner | |||
| Internet-Draft IECA | Internet-Draft IECA, Inc. | |||
| Updates: 6485 (if approved) March 27, 2014 | Updates: 6485 (if approved) July 2, 2014 | |||
| Intended Status: Standards Track | Intended status: BCP | |||
| Expires: September 28, 2014 | Expires: January 3, 2015 | |||
| BGP Algorithms, Key Formats, & Signature Formats | BGP Algorithms, Key Formats, & Signature Formats | |||
| draft-ietf-sidr-bgpsec-algs-06 | draft-ietf-sidr-bgpsec-algs-07 | |||
| Abstract | Abstract | |||
| This document specifies the algorithms, algorithms' parameters, | This document specifies the algorithms, algorithms' parameters, | |||
| asymmetric key formats, asymmetric key size and signature format used | asymmetric key formats, asymmetric key size and signature format used | |||
| in BGPSEC (Border Gateway Protocol Security). This document updates | in BGPSEC (Border Gateway Protocol Security). This document updates | |||
| the Profile for Algorithms and Key Sizes for use in the Resource | the Profile for Algorithms and Key Sizes for use in the Resource | |||
| Public Key Infrastructure (RFC 6485). | Public Key Infrastructure (RFC 6485). | |||
| Status of this Memo | Status of this Memo | |||
| skipping to change at page 3, line 30 ¶ | skipping to change at page 3, line 30 ¶ | |||
| identifiers [RFC6487]. | identifiers [RFC6487]. | |||
| To support BGPSEC, the algorithms are identified as follows: | To support BGPSEC, the algorithms are identified as follows: | |||
| o In certificates and CRLs, an Object Identifier (OID) is used. | o In certificates and CRLs, an Object Identifier (OID) is used. | |||
| The value and locations are as specified in section 2 of | The value and locations are as specified in section 2 of | |||
| [RFC6485]. | [RFC6485]. | |||
| o In certification request, an OID is used. The ecdsa-with-SHA256 | o In certification request, an OID is used. The ecdsa-with-SHA256 | |||
| OID [RFC5480] MUST appear in the PKCS #10 signatureAlgorithm | OID [RFC5480] MUST appear in the PKCS #10 signatureAlgorithm | |||
| field [RFC4211] or in Certificate Request Message Format (CRMF) | field [RFC2986] or in Certificate Request Message Format (CRMF) | |||
| POPOSigningKey signature field [RFC2986]. | POPOSigningKey algoirthm field [RFC4211]. | |||
| o In BGPSEC Update messages, the ECDSA with SHA-256 Algorithm Suite | o In BGPSEC Update messages, the ECDSA with SHA-256 Algorithm Suite | |||
| Identifier from Section 7 is included in the Signature-Block | Identifier from Section 7 is included in the Signature-Block | |||
| List's Algorithm Suite Identifier field. | List's Algorithm Suite Identifier field. | |||
| 3. Asymmetric Key Format | 3. Asymmetric Key Format | |||
| The RSA key pairs used to compute signatures on CA certificates, | The RSA key pairs used to compute signatures on CA certificates, | |||
| BGPSEC Router Certificates, and CRLs are as specified in section 3 of | BGPSEC Router Certificates, and CRLs are as specified in section 3 of | |||
| [RFC6485]. The remainder of this section addresses key formats found | [RFC6485]. The remainder of this section addresses key formats found | |||
| skipping to change at page 7, line 7 ¶ | skipping to change at page 7, line 7 ¶ | |||
| Specification", draft-ietf-sidr-bgpsec-protocol, work-in- | Specification", draft-ietf-sidr-bgpsec-protocol, work-in- | |||
| progress. | progress. | |||
| [ID.sidr-bgpsec-pki-profiles] Reynolds, M. and S. Turner, "A Profile | [ID.sidr-bgpsec-pki-profiles] Reynolds, M. and S. Turner, "A Profile | |||
| for BGPSEC Router Certificates, Certificate Revocation | for BGPSEC Router Certificates, Certificate Revocation | |||
| Lists, and Certification Requests", draft-ietf-sidr-bgpsec- | Lists, and Certification Requests", draft-ietf-sidr-bgpsec- | |||
| pki-profiles, work-in-progress. | pki-profiles, work-in-progress. | |||
| 11.1. Informative References | 11.1. Informative References | |||
| None. | None. | |||
| Authors' Addresses | Authors' Addresses | |||
| Sean Turner | Sean Turner | |||
| IECA, Inc. | IECA, Inc. | |||
| 3057 Nutley Street, Suite 106 | 3057 Nutley Street, Suite 106 | |||
| Fairfax, VA 22031 | Fairfax, VA 22031 | |||
| USA | USA | |||
| EMail: turners@ieca.com | EMail: turners@ieca.com | |||
| End of changes. 4 change blocks. | ||||
| 8 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||