< draft-ietf-sidrops-bgpsec-algs-rfc8208-bis-00.txt		draft-ietf-sidrops-bgpsec-algs-rfc8208-bis-01.txt >
	Internet Engineering Task Force (IETF) S. Turner		Internet Engineering Task Force (IETF) S. Turner
	Internet-Draft sn3rd		Internet-Draft sn3rd
	Updates: 8208 (if approved) O. Borchert		Updates: 8208 (if approved) O. Borchert
	Intended status: Standards Track NIST		Intended status: Standards Track NIST
	Expires: September 2, 2018 March 1, 2018		Expires: September 6, 2018 March 5, 2018
	BGPsec Algorithms, Key Formats, and Signature Formats		BGPsec Algorithms, Key Formats, and Signature Formats
	draft-ietf-sidrops-bgpsec-algs-rfc8208-bis-00		draft-ietf-sidrops-bgpsec-algs-rfc8208-bis-01
	Abstract		Abstract
	This document specifies the algorithms, algorithm parameters,		This document specifies the algorithms, algorithm parameters,
	asymmetric key formats, asymmetric key sizes, and signature formats		asymmetric key formats, asymmetric key sizes, and signature formats
	used in BGPsec (Border Gateway Protocol Security). This document		used in BGPsec (Border Gateway Protocol Security). This document
	updates RFC 8208 ("BGPsec Algorithms, Key Formats, and Signature		updates RFC 8208 ("BGPsec Algorithms, Key Formats, and Signature
	Formats") by adding Special-Use Algorithm IDs and correcting the		Formats") by adding Special-Use Algorithm IDs and correcting the
	range of unassigned algorithms IDs to fill the complete range.		range of unassigned algorithms IDs to fill the complete range.
	skipping to change at page 2, line 37 ¶		skipping to change at page 2, line 37 ¶
	2.2. Signature Algorithms . . . . . . . . . . . . . . . . . . . 5		2.2. Signature Algorithms . . . . . . . . . . . . . . . . . . . 5
	2.2.1. Algorithm ID 0x01 - (ECDSA-P256) . . . . . . . . . . . 5		2.2.1. Algorithm ID 0x01 - (ECDSA-P256) . . . . . . . . . . . 5
	3. Asymmetric Key Pair Formats . . . . . . . . . . . . . . . . . 6		3. Asymmetric Key Pair Formats . . . . . . . . . . . . . . . . . 6
	3.1. Asymmetric Key Pair for Algorithm ID 0x01 - (ECDSA-p256) . 6		3.1. Asymmetric Key Pair for Algorithm ID 0x01 - (ECDSA-p256) . 6
	3.1.1. Public Key Format . . . . . . . . . . . . . . . . . . 6		3.1.1. Public Key Format . . . . . . . . . . . . . . . . . . 6
	3.1.2. Private Key Format . . . . . . . . . . . . . . . . . . 6		3.1.2. Private Key Format . . . . . . . . . . . . . . . . . . 6
	4. Signature Formats . . . . . . . . . . . . . . . . . . . . . . 6		4. Signature Formats . . . . . . . . . . . . . . . . . . . . . . 6
	5. Additional Requirements . . . . . . . . . . . . . . . . . . . 6		5. Additional Requirements . . . . . . . . . . . . . . . . . . . 6
	6. Security Considerations . . . . . . . . . . . . . . . . . . . 7		6. Security Considerations . . . . . . . . . . . . . . . . . . . 7
	7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7		7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
	8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8		8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9
	8.1. Normative References . . . . . . . . . . . . . . . . . . . 8		8.1. Normative References . . . . . . . . . . . . . . . . . . . 9
	8.2. Informative References . . . . . . . . . . . . . . . . . . 10		8.2. Informative References . . . . . . . . . . . . . . . . . . 11
	Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 11		Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 12
	A.1. Topology and Experiment Description . . . . . . . . . . . 11		A.1. Topology and Experiment Description . . . . . . . . . . . 12
	A.2. Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . 11		A.2. Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
	A.3. BGPsec IPv4 . . . . . . . . . . . . . . . . . . . . . . . 15		A.3. BGPsec IPv4 . . . . . . . . . . . . . . . . . . . . . . . 16
	A.4. BGPsec IPv6 . . . . . . . . . . . . . . . . . . . . . . . 18		A.4. BGPsec IPv6 . . . . . . . . . . . . . . . . . . . . . . . 19
	Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 21		Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 22
	Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 21		Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 22
	1. Introduction		1. Introduction
	This document specifies the following:		This document specifies the following:
	o the digital signature algorithm and parameters,		o the digital signature algorithm and parameters,
	o the hash algorithm and parameters,		o the hash algorithm and parameters,
	o the algorithm identifier assignment and classification,		o the algorithm identifier assignment and classification,
	skipping to change at page 7, line 31 ¶		skipping to change at page 7, line 31 ¶
	"BGPsec Algorithm Suite Registry" in the Resource Public Key		"BGPsec Algorithm Suite Registry" in the Resource Public Key
	Infrastructure (RPKI) group. The one-octet "BGPsec Algorithm Suite		Infrastructure (RPKI) group. The one-octet "BGPsec Algorithm Suite
	Registry" identifiers assigned by IANA identify the digest algorithm		Registry" identifiers assigned by IANA identify the digest algorithm
	and signature algorithm used in the BGPsec Signature_Block List's		and signature algorithm used in the BGPsec Signature_Block List's
	Algorithm Suite Identifier field.		Algorithm Suite Identifier field.
	IANA has registered a single algorithm suite identifier for the		IANA has registered a single algorithm suite identifier for the
	digest algorithm SHA-256 [SHS] and for the signature algorithm ECDSA		digest algorithm SHA-256 [SHS] and for the signature algorithm ECDSA
	on the P-256 curve [RFC6090] [DSS].		on the P-256 curve [RFC6090] [DSS].
			IANA is asked to modify the previously registered "Unassigned"
			address space.
			Algorithm Digest Signature Specification
			Suite Algorithm Algorithm Pointer
			Identifier
			+------------+---------------+--------------+-----------------------+
			| 0x2-0xEF | Unassigned | Unassigned | |
			+------------+---------------+--------------+-----------------------+
			To be modified into:
			Algorithm Digest Signature Specification
			Suite Algorithm Algorithm Pointer
			Identifier
			+------------+---------------+--------------+-----------------------+
			| 0x2-0xFA | Unassigned | Unassigned | |
			+------------+---------------+--------------+-----------------------+
			In addition IANA is asked to register the following address space for
			"Special-Use":
			Algorithm Digest Signature Specification
			Suite Algorithm Algorithm Pointer
			Identifier
			+------------+---------------+--------------+-----------------------+
			| 0xFB-0xFE | Special-Use | Special-Use | This Document |
			+------------+---------------+--------------+-----------------------+
			After the requested modification, the "BGPsec Algorithm Suite
			Registry" in the RPKI group should contain the following values:
	BGPsec Algorithm Suite Registry		BGPsec Algorithm Suite Registry
	Algorithm Digest Signature Specification		Algorithm Digest Signature Specification
	Suite Algorithm Algorithm Pointer		Suite Algorithm Algorithm Pointer
	Identifier		Identifier
	+------------+---------------+--------------+-----------------------+		+------------+---------------+--------------+-----------------------+
	| 0x00 | Reserved | Reserved | This document |		| 0x00 | Reserved | Reserved | This document |
	+------------+---------------+--------------+-----------------------+		+------------+---------------+--------------+-----------------------+
	| 0x01 | SHA-256 | ECDSA P-256 | [SHS] [DSS] [RFC6090] |		| 0x01 | SHA-256 | ECDSA P-256 | [SHS] [DSS] [RFC6090] |
	| | | | This document |		| | | | This document |
End of changes. 4 change blocks.
	12 lines changed or deleted		43 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/