| < draft-ietf-sidr-iana-objects-02.txt | draft-ietf-sidr-iana-objects-03.txt > | |||
|---|---|---|---|---|
| Network Working Group T. Manderson | Network Working Group T. Manderson | |||
| Internet-Draft L. Vegoda | Internet-Draft L. Vegoda | |||
| Intended status: Standards Track ICANN | Intended status: Standards Track ICANN | |||
| Expires: October 10, 2011 S. Kent | Expires: November 12, 2011 S. Kent | |||
| BBN | BBN | |||
| April 8, 2011 | May 11, 2011 | |||
| RPKI Objects issued by IANA | RPKI Objects issued by IANA | |||
| draft-ietf-sidr-iana-objects-02.txt | draft-ietf-sidr-iana-objects-03.txt | |||
| Abstract | Abstract | |||
| This document provides specific direction to IANA as to the Resource | This document provides specific direction to IANA as to the Resource | |||
| Public Key Infrastructure (RPKI) objects it should issue. | Public Key Infrastructure (RPKI) objects it should issue. | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 10, 2011. | This Internet-Draft will expire on November 12, 2011. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2011 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3 | 1. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 3. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . 5 | 3. Required Reading . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 5. Reserved Resources . . . . . . . . . . . . . . . . . . . . . . 7 | 5. Reserved Resources . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 6. Unallocated Resources . . . . . . . . . . . . . . . . . . . . 8 | 6. Unallocated Resources . . . . . . . . . . . . . . . . . . . . 8 | |||
| 7. Special Purpose Registry Resources . . . . . . . . . . . . . . 9 | 7. Special Purpose Registry Resources . . . . . . . . . . . . . . 9 | |||
| 8. Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 8. Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 9. Informational Objects . . . . . . . . . . . . . . . . . . . . 11 | 9. Informational Objects . . . . . . . . . . . . . . . . . . . . 11 | |||
| 10. Certificates and CRLs . . . . . . . . . . . . . . . . . . . . 12 | 10. Certificates and CRLs . . . . . . . . . . . . . . . . . . . . 12 | |||
| 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 | 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 12. Security Considerations . . . . . . . . . . . . . . . . . . . 14 | 12. Security Considerations . . . . . . . . . . . . . . . . . . . 14 | |||
| 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 | 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| skipping to change at page 4, line 10 ¶ | skipping to change at page 4, line 10 ¶ | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||
| 2. Introduction | 2. Introduction | |||
| An Infrastructure to Support Secure Internet Routing | An Infrastructure to Support Secure Internet Routing | |||
| [I-D.ietf-sidr-arch] directs IANA [RFC2860] to issue Resource Public | [I-D.ietf-sidr-arch] directs IANA [RFC2860] to issue Resource Public | |||
| Key Infrastructure (RPKI) objects for which it is authoritative. | Key Infrastructure (RPKI) objects for which it is authoritative. | |||
| This document describes the objects IANA will issue. | This document describes the objects IANA will issue. If IANA is | |||
| directed to issue additional RPKI objects in future, this document | ||||
| will be revised and a new version issued. | ||||
| The signed objects described here that IANA will issue are the | The signed objects described here that IANA will issue are the | |||
| unallocated, reserved, special use IPv4 and IPv6 address blocks, and | unallocated, reserved, special use IPv4 and IPv6 address blocks, and | |||
| reserved Autonomous System numbers. These number resources are | the unallocated and reserved Autonomous System numbers. These number | |||
| managed by IANA for the IETF, and thus IANA bears the responsibility | resources are managed by IANA for the IETF, and thus IANA bears the | |||
| of issuing the corresponding RPKI objects. The reader is encouraged | responsibility of issuing the corresponding RPKI objects. The reader | |||
| to consider the technical effects on the public routing system of the | is encouraged to consider the technical effects on the public routing | |||
| signed object issuance proposed for IANA in this document. | system of the signed object issuance proposed for IANA in this | |||
| document. | ||||
| This document does not deal with localized BGP [RFC4271] routing | This document does not deal with BGP [RFC4271] routing systems as | |||
| systems as those are under the policy controls of the organizations | those are under the policy controls of the organizations that operate | |||
| that operate them. Readers are directed to Local Trust Anchor | them. Readers are directed to Local Trust Anchor Management for the | |||
| Management for the Resource Public Key Infrastructure | Resource Public Key Infrastructure [I-D.ietf-sidr-ltamgmt] for a | |||
| [I-D.ietf-sidr-ltamgmt] for a description of how to locally override | description of how to locally override IANA issued objects, e.g. to | |||
| IANA issued objects, e.g. to enable use of unallocated, reserved, and | enable use of unallocated, reserved, and special use IPv4 and IPv6 | |||
| special use IPv4 and IPv6 address blocks in a local context. | address blocks in a local context. | |||
| The direction to IANA contained herein follows the ideal that it | The direction to IANA contained herein follows the ideal that it | |||
| should represent the perfect technical behavior in registry, and | should represent the ideal technical behavior for registry, and | |||
| related registry, actions. | related registry, actions. | |||
| 3. Suggested Reading | 3. Required Reading | |||
| Readers should be familiar with the RPKI, the RPKI Repository | Readers should be familiar with the RPKI, the RPKI Repository | |||
| Structure, and the various RPKI objects, uses and interpretations | Structure, and the various RPKI objects, uses and interpretations | |||
| described in the following: [I-D.ietf-sidr-arch], | described in the following: [I-D.ietf-sidr-arch], | |||
| [I-D.ietf-sidr-res-certs], [I-D.ietf-sidr-roa-format], | [I-D.ietf-sidr-res-certs], [I-D.ietf-sidr-roa-format], | |||
| [I-D.ietf-sidr-ghostbusters], [I-D.ietf-sidr-ltamgmt], | [I-D.ietf-sidr-ghostbusters], [I-D.ietf-sidr-ltamgmt], | |||
| [I-D.ietf-sidr-roa-validation], [I-D.ietf-sidr-usecases], | [I-D.ietf-sidr-roa-validation], [I-D.ietf-sidr-usecases], | |||
| [I-D.ietf-sidr-cp], and [I-D.ietf-sidr-rpki-manifests]. | [I-D.ietf-sidr-cp], and [I-D.ietf-sidr-rpki-manifests]. | |||
| NOTE: The addresses used in this document are not example addresses | NOTE: The addresses used in this document are not example addresses | |||
| therefore they are not compliant with [RFC3849], [RFC5735], and | therefore they are not compliant with [RFC3849], [RFC5735], and | |||
| [RFC5771]. This is intentional as the practices described in this | [RFC5771]. This is intentional as the practices described in this | |||
| document affect real world addresses. | document are directed to specific instances of real world addresses. | |||
| 4. Definitions | 4. Definitions | |||
| Internet Number Resources (INR): The number identifiers for IPv4 | Internet Number Resources (INR): The number identifiers for IPv4 | |||
| [RFC0791] and IPv6 [RFC2460] addresses, and for Autonomous Systems. | [RFC0791] and IPv6 [RFC2460] addresses, and for Autonomous Systems. | |||
| IANA: Internet Assigned Numbers Authority (a traditional name, used | IANA: Internet Assigned Numbers Authority (a traditional name, used | |||
| here to refer to the technical team making and publishing the | here to refer to the technical team making and publishing the | |||
| assignments of Internet protocol technical parameters). The | assignments of Internet protocol technical parameters). The | |||
| technical team of IANA is currently a part of ICANN [RFC2860]. | technical team of IANA is currently a part of ICANN [RFC2860]. | |||
| RPKI: Resource Public Key Infrastructure. A Public Key | RPKI: Resource Public Key Infrastructure. A Public Key | |||
| Infrastructure designed to provide a secure basis for assertions | Infrastructure designed to provide a secure basis for assertions | |||
| about holdings of Internet numeric resources. Certificates issued | about holdings of Internet numeric resources. Certificates issued | |||
| under the RPKI contain additional attributes that identify IPv4, | under the RPKI contain additional attributes that identify IPv4, | |||
| IPv6, and Autonomous System Number (ASN) resources. | IPv6, and Autonomous System Number (ASN) resources | |||
| [I-D.ietf-sidr-arch]. | ||||
| ROA: Route Origination Authorization. A ROA is an RPKI object that | ROA: Route Origination Authorization. A ROA is an RPKI object that | |||
| enables the holder of the address prefix to specify an AS that is | enables the holder of the address prefix to specify an AS that is | |||
| permitted to originate (in BGP) routes for that prefix. | permitted to originate (in BGP) routes for that prefix | |||
| [I-D.ietf-sidr-roa-format]. | ||||
| AS0 ROA: Validation of Route Origination using the Resource | AS0 ROA: A ROA containing a value of 0 in the ASID field. Validation | |||
| Certificate PKI and ROAs [I-D.ietf-sidr-roa-validation] states "A ROA | of Route Origination using the Resource Certificate PKI and ROAs | |||
| with a subject of AS0 (AS0-ROA) is an attestation by the holder of a | [I-D.ietf-sidr-roa-validation] states "A ROA with a subject of AS0 | |||
| prefix that the prefix described in the ROA, and any more specific | (AS0-ROA) is an attestation by the holder of a prefix that the prefix | |||
| prefix, should not be used in a routing context." | described in the ROA, and any more specific prefix, should not be | |||
| used in a routing context." | ||||
| "Not intended to be (publicly) routed": This phrase refers to | "Not intended to be (publicly) routed": This phrase refers to | |||
| prefixes that are not meant to be represented in the global Internet | prefixes that are not meant to be represented in the global Internet | |||
| routing table (for example 192.168/16, [RFC1918]). | routing table (for example 192.168/16, [RFC1918]). | |||
| 5. Reserved Resources | 5. Reserved Resources | |||
| Reserved IPv4 and IPv6 resources are held back for various reasons by | Reserved IPv4 and IPv6 resources are held back for various reasons by | |||
| IETF action. Generally such resources are not intended to be | IETF action. Generally such resources are not intended to be | |||
| globally routed. An example of such a reservation is 127.0.0.0/8 | globally routed. An example of such a reservation is 127.0.0.0/8 | |||
| [RFC5735]. See Appendix A (Appendix A) and B (Appendix B) for IANA | [RFC5735]. See Appendix A (Appendix A) and B (Appendix B) for IANA | |||
| reserved resources. | reserved resources. | |||
| IANA SHOULD issue an AS0 ROA for all reserved IPv4 and IPv6 resources | IANA SHOULD issue an AS0 ROA for all reserved IPv4 and IPv6 resources | |||
| not intended to be routed. | not intended to be routed. The selection of the [RFC2119] | |||
| terminology is intentional as there may be situations where the ASO | ||||
| ROA is removed or not issued prior to an IANA registry action. It is | ||||
| not appropriate to place IANA into a situation where, through normal | ||||
| interal operations, its bahavior contradicts IETF standards. | ||||
| There are a small number of reserved resources which are intended to | There are a small number of reserved resources that are intended to | |||
| be routed, for example 192.88.99.0/24 [RFC3068]. See Appendix A | be routed, for example 192.88.99.0/24 [RFC3068]. See Appendix A | |||
| (Appendix A) and B (Appendix B) for IANA reserved resources. | (Appendix A) and B (Appendix B) for IANA reserved resources. | |||
| IANA MUST NOT issue any ROAs (AS0 or otherwise) for reserved | IANA MUST NOT issue any ROAs (AS0 or otherwise) for reserved | |||
| resources that are expected to be globally routed. | resources that are expected to be globally routed. | |||
| 6. Unallocated Resources | 6. Unallocated Resources | |||
| Internet Number Resources that have not yet been allocated for | Internet Number Resources that have not yet been allocated for | |||
| special purposes [RFC5736], to Regional Internet Registries (RIRs), | special purposes [RFC5736], to Regional Internet Registries (RIRs), | |||
| or to others are considered as not intended to be globally routed. | or to others are considered as not intended to be globally routed. | |||
| IANA MUST issue an AS0 ROA for all Unallocated Resources. | IANA SHOULD issue an AS0 ROA for all Unallocated Resources. The | |||
| selection of the [RFC2119] terminology is intentional as there may be | ||||
| situations where the ASO ROA is removed or not issued prior to an | ||||
| IANA registry action. It is not appropriate to place IANA into a | ||||
| situation where, through normal interal operations, its bahavior | ||||
| contradicts IETF standards. | ||||
| 7. Special Purpose Registry Resources | 7. Special Purpose Registry Resources | |||
| Special Registry Resources [RFC5736] fall into one of two categories | Special Registry Resources [RFC5736] fall into one of two categories | |||
| in terms of routing. Either the resource is intended to be seen in | in terms of routing. Either the resource is intended to be seen in | |||
| the global Internet routing table in some fashion, or it isn't. An | the global Internet routing table in some fashion, or it isn't. An | |||
| example of a special purpose registry INR that is intended for global | example of a special purpose registry INR that is intended for global | |||
| routing is 2001:0000::/32 [RFC4380]. An example of an INR not | routing is 2001:0000::/32 [RFC4380]. An example of an INR not | |||
| intended to be seen would be 2001:002::/48 [RFC5180]. | intended to be seen would be 2001:002::/48 [RFC5180]. | |||
| IANA MUST NOT issue any ROAs (AS0 or otherwise) for Special Purpose | IANA MUST NOT issue any ROAs (AS0 or otherwise) for Special Purpose | |||
| Registry Resources that are intended to be globally routed. | Registry Resources that are intended to be globally routed. | |||
| IANA MUST issue an AS0 ROA for Special Purpose Registry Resources | IANA SHOULD issue an AS0 ROA for Special Purpose Registry Resources | |||
| that are not intended to be globally routed. | that are not intended to be globally routed. | |||
| 8. Multicast | 8. Multicast | |||
| Within the IPv4 Multicast [RFC5771] and IPv6 Multicast [RFC4291] | Within the IPv4 Multicast [RFC5771] and IPv6 Multicast [RFC4291] | |||
| registries there are a number of Multicast registrations that are not | registries there are a number of Multicast registrations that are not | |||
| intended to be globally routed. | intended to be globally routed. | |||
| IANA MUST issue an AS0 ROA covering the following IPv4 and IPv6 | IANA MUST issue an AS0 ROA covering the following IPv4 and IPv6 | |||
| multicast INRs: | multicast INRs: | |||
| skipping to change at page 12, line 7 ¶ | skipping to change at page 12, line 7 ¶ | |||
| One informational object that can exist at a publication point of an | One informational object that can exist at a publication point of an | |||
| RPKI repository is the Ghostbusters Record | RPKI repository is the Ghostbusters Record | |||
| [I-D.ietf-sidr-ghostbusters]. | [I-D.ietf-sidr-ghostbusters]. | |||
| IANA MUST issue a ghostbusters object appropriate in content for the | IANA MUST issue a ghostbusters object appropriate in content for the | |||
| resources IANA maintains. | resources IANA maintains. | |||
| 10. Certificates and CRLs | 10. Certificates and CRLs | |||
| Before IANA can issue a ROA it MUST first establish a RPKI | Before IANA can issue a ROA it MUST first establish an RPKI | |||
| Certificate Authority (CA) that covers unallocated, reserved, and | Certification Authority (CA) that covers unallocated, reserved, and | |||
| special use INRs by containing RFC 3379 extensions [RFC3779] for | special use INRs. A CA that covers these INRs MUST contain contain | |||
| those corresponding number resources in the CA Certificate. This CA | RFC 3379 extensions [RFC3779] for those corresponding number | |||
| MUST issue single use End Entity (EE) certificates for each ROA. The | resources in its Certificate. This CA MUST issue single-use End | |||
| EE certificate will conform to the Resource Certificate Profile | Entity (EE) certificates for each ROA that it generates. The EE | |||
| certificate will conform to the Resource Certificate Profile | ||||
| [I-D.ietf-sidr-res-certs] and the additional constraints specified in | [I-D.ietf-sidr-res-certs] and the additional constraints specified in | |||
| [I-D.ietf-sidr-roa-format]. IANA MUST maintain a publication point | [I-D.ietf-sidr-roa-format]. IANA MUST maintain a publication point | |||
| for this CA's use and publish manifests | for this CA's use and MIUST publish manifests | |||
| [I-D.ietf-sidr-rpki-manifests] (with its corresponding EE | [I-D.ietf-sidr-rpki-manifests] (with its corresponding EE | |||
| certificate). A Certificate Revocation List (CRL) will be issued | certificate) for this publication point. IANA MUST issue a | |||
| under this CA certificate. All objects issued by this CA will | Certificate Revocation List (CRL) under this CA certificate for the | |||
| conform to a published Certificate Policy [I-D.ietf-sidr-cp]. | EE certificates noted above. All objects issued by this CA will | |||
| conform to the RPKI Certificate Policy [I-D.ietf-sidr-cp]. | ||||
| 11. IANA Considerations | 11. IANA Considerations | |||
| This document directs IANA to issue, or refrain from issuing, the | This document directs IANA to issue, or refrain from issuing, the | |||
| specific objects described here for the current set of reserved, | specific RPKI objects described here for the current set of reserved, | |||
| unallocated, and special registry Internet Number Resources. Further | unallocated, and special registry Internet Number Resources. Further | |||
| it MUST notify all other INR registries that RPKI objects have been | IANA MUST notify all other INR registries that RPKI objects have been | |||
| issued for specific Internet Number Resources to avoid duplicates | issued for the Internet Number Resources described in this document | |||
| being issued thus reducing the burden on any relying party. | to avoid the potential for issuance of duplicate objects that might | |||
| confuse relying parties. | ||||
| 12. Security Considerations | 12. Security Considerations | |||
| This document does not alter the security profile of the RPKI from | This document does not alter the security profile of the RPKI from | |||
| that already discussed in SIDR-WG documents. | that already discussed in SIDR-WG documents. | |||
| 13. Acknowledgements | 13. Acknowledgements | |||
| The authors acknowledge Dave Meyer for helpful direction with regard | The authors acknowledge Dave Meyer for helpful direction with regard | |||
| to multicast assignments. | to multicast assignments. | |||
| skipping to change at page 16, line 17 ¶ | skipping to change at page 16, line 17 ¶ | |||
| 14.1. Normative References | 14.1. Normative References | |||
| [I-D.ietf-sidr-arch] | [I-D.ietf-sidr-arch] | |||
| Lepinski, M. and S. Kent, "An Infrastructure to Support | Lepinski, M. and S. Kent, "An Infrastructure to Support | |||
| Secure Internet Routing", draft-ietf-sidr-arch-12 (work in | Secure Internet Routing", draft-ietf-sidr-arch-12 (work in | |||
| progress), February 2011. | progress), February 2011. | |||
| [I-D.ietf-sidr-cp] | [I-D.ietf-sidr-cp] | |||
| Kent, S., Kong, D., Seo, K., and R. Watro, "Certificate | Kent, S., Kong, D., Seo, K., and R. Watro, "Certificate | |||
| Policy (CP) for the Resource PKI (RPKI", | Policy (CP) for the Resource PKI (RPKI", | |||
| draft-ietf-sidr-cp-16 (work in progress), December 2010. | draft-ietf-sidr-cp-17 (work in progress), April 2011. | |||
| [I-D.ietf-sidr-ghostbusters] | [I-D.ietf-sidr-ghostbusters] | |||
| Bush, R., "The RPKI Ghostbusters Record", | Bush, R., "The RPKI Ghostbusters Record", | |||
| draft-ietf-sidr-ghostbusters-03 (work in progress), | draft-ietf-sidr-ghostbusters-03 (work in progress), | |||
| March 2011. | March 2011. | |||
| [I-D.ietf-sidr-res-certs] | [I-D.ietf-sidr-res-certs] | |||
| Huston, G., Michaelson, G., and R. Loomans, "A Profile for | Huston, G., Michaelson, G., and R. Loomans, "A Profile for | |||
| X.509 PKIX Resource Certificates", | X.509 PKIX Resource Certificates", | |||
| draft-ietf-sidr-res-certs-21 (work in progress), | draft-ietf-sidr-res-certs-22 (work in progress), May 2011. | |||
| December 2010. | ||||
| [I-D.ietf-sidr-roa-format] | [I-D.ietf-sidr-roa-format] | |||
| Lepinski, M., Kent, S., and D. Kong, "A Profile for Route | Lepinski, M., Kent, S., and D. Kong, "A Profile for Route | |||
| Origin Authorizations (ROAs)", | Origin Authorizations (ROAs)", | |||
| draft-ietf-sidr-roa-format-10 (work in progress), | draft-ietf-sidr-roa-format-12 (work in progress), | |||
| February 2011. | May 2011. | |||
| [I-D.ietf-sidr-roa-validation] | [I-D.ietf-sidr-roa-validation] | |||
| Huston, G. and G. Michaelson, "Validation of Route | Huston, G. and G. Michaelson, "Validation of Route | |||
| Origination using the Resource Certificate PKI and ROAs", | Origination using the Resource Certificate PKI and ROAs", | |||
| draft-ietf-sidr-roa-validation-10 (work in progress), | draft-ietf-sidr-roa-validation-10 (work in progress), | |||
| November 2010. | November 2010. | |||
| [I-D.ietf-sidr-rpki-manifests] | [I-D.ietf-sidr-rpki-manifests] | |||
| Austein, R., Huston, G., Kent, S., and M. Lepinski, | Austein, R., Huston, G., Kent, S., and M. Lepinski, | |||
| "Manifests for the Resource Public Key Infrastructure", | "Manifests for the Resource Public Key Infrastructure", | |||
| draft-ietf-sidr-rpki-manifests-09 (work in progress), | draft-ietf-sidr-rpki-manifests-11 (work in progress), | |||
| November 2010. | May 2011. | |||
| 14.2. Informative References | 14.2. Informative References | |||
| [I-D.ietf-sidr-ltamgmt] | [I-D.ietf-sidr-ltamgmt] | |||
| Kent, S. and M. Reynolds, "Local Trust Anchor Management | Kent, S. and M. Reynolds, "Local Trust Anchor Management | |||
| for the Resource Public Key Infrastructure", | for the Resource Public Key Infrastructure", | |||
| draft-ietf-sidr-ltamgmt-00 (work in progress), | draft-ietf-sidr-ltamgmt-00 (work in progress), | |||
| November 2010. | November 2010. | |||
| [I-D.ietf-sidr-usecases] | [I-D.ietf-sidr-usecases] | |||
| End of changes. 27 change blocks. | ||||
| 53 lines changed or deleted | 70 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||