| < draft-ietf-sidr-ghostbusters-15.txt | draft-ietf-sidr-ghostbusters-16.txt > | |||
|---|---|---|---|---|
| Network Working Group R. Bush | Network Working Group R. Bush | |||
| Internet-Draft Internet Initiative Japan | Internet-Draft Internet Initiative Japan | |||
| Intended status: Standards Track October 17, 2011 | Intended status: Standards Track December 29, 2011 | |||
| Expires: April 19, 2012 | Expires: July 1, 2012 | |||
| The RPKI Ghostbusters Record | The RPKI Ghostbusters Record | |||
| draft-ietf-sidr-ghostbusters-15 | draft-ietf-sidr-ghostbusters-16 | |||
| Abstract | Abstract | |||
| In the Resource Public Key Infrastructure (RPKI), resource | In the Resource Public Key Infrastructure (RPKI), resource | |||
| certificates completely obscure names or any other information which | certificates completely obscure names or any other information which | |||
| might be useful for contacting responsible parties to deal with | might be useful for contacting responsible parties to deal with | |||
| issues of certificate expiration, maintenance, roll-overs, | issues of certificate expiration, maintenance, roll-overs, | |||
| compromises, etc. This draft describes the RPKI Ghostbusters Record | compromises, etc. This draft describes the RPKI Ghostbusters Record | |||
| containing human contact information which may be verified | containing human contact information which may be verified | |||
| (indirectly) by a CA certificate. The data in the record are those | (indirectly) by a CA certificate. The data in the record are those | |||
| skipping to change at page 1, line 43 ¶ | skipping to change at page 1, line 43 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on April 19, 2012. | This Internet-Draft will expire on July 1, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2011 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 42 ¶ | skipping to change at page 3, line 42 ¶ | |||
| Note that the Ghostbusters Record is not an identity certificate, but | Note that the Ghostbusters Record is not an identity certificate, but | |||
| rather an attestation to the contact data made by the maintainer of | rather an attestation to the contact data made by the maintainer of | |||
| the CA certificate issuing the EE certificate whose corresponding | the CA certificate issuing the EE certificate whose corresponding | |||
| private key signs the Ghostbusters Record. | private key signs the Ghostbusters Record. | |||
| This record is not meant to supplant or be used as resource registry | This record is not meant to supplant or be used as resource registry | |||
| whois data. It gives information about an RPKI CA certificate | whois data. It gives information about an RPKI CA certificate | |||
| maintainer not a resource holder. | maintainer not a resource holder. | |||
| The Ghostbusters Record is optional, CA certificates in the RPKI MAY | The Ghostbusters Record is optional, CA certificates in the RPKI may | |||
| have zero or more associated Ghostbuster Records. | have zero or more associated Ghostbuster Records. | |||
| Given a certificate, to find the closest Ghostbuster Record, go up | Given a certificate, to find the closest Ghostbuster Record, go up | |||
| until a CA certificate is reached, which may be the object itself of | until a CA certificate is reached, which may be the object itself of | |||
| course. That CA certificate will have an SIA to the publication | course. That CA certificate will have an SIA to the publication | |||
| point where all subsidiary objects (until you hit a down-chain CA | point where all subsidiary objects (until you hit a down-chain CA | |||
| certificate's signed objects) are published. The publication point | certificate's signed objects) are published. The publication point | |||
| will contain zero or more Ghostbuster Records. | will contain zero or more Ghostbuster Records. | |||
| This specification has three main sections. The first, Section 4, is | This specification has three main sections. The first, Section 4, is | |||
| skipping to change at page 5, line 6 ¶ | skipping to change at page 5, line 6 ¶ | |||
| concern. | concern. | |||
| The Ghostbusters vCard payload is a minimalist subset of the vCard as | The Ghostbusters vCard payload is a minimalist subset of the vCard as | |||
| described in [RFC6350]. | described in [RFC6350]. | |||
| BEGIN - pro forma packaging which MUST be the first line in the | BEGIN - pro forma packaging which MUST be the first line in the | |||
| vCard and MUST have the value "BEGIN:VCARD" as described in | vCard and MUST have the value "BEGIN:VCARD" as described in | |||
| [RFC6350]. | [RFC6350]. | |||
| VERSION - pro forma packaging which MUST be the second line in the | VERSION - pro forma packaging which MUST be the second line in the | |||
| vCard and MUST have the value "VERSION:4.0" as described in 3.6.9 | vCard and MUST have the value "VERSION:4.0" as described in 3.7.9 | |||
| of [RFC6350]. | of [RFC6350]. | |||
| FN - the name, as described in 6.2.1 of [RFC6350], of a contactable | FN - the name, as described in 6.2.1 of [RFC6350], of a contactable | |||
| person or role who is responsible for the CA certificate. | person or role who is responsible for the CA certificate. | |||
| ORG - an organization as described in 6.6.4 of [RFC6350]. | ORG - an organization as described in 6.6.4 of [RFC6350]. | |||
| ADR - a postal address as described in 6.3 of [RFC6350]. | ADR - a postal address as described in 6.3 of [RFC6350]. | |||
| TEL - a voice and/or fax phone as described in 6.4.1 of [RFC6350]. | TEL - a voice and/or fax phone as described in 6.4.1 of [RFC6350]. | |||
| End of changes. 5 change blocks. | ||||
| 6 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||