idnits 2.17.1
draft-ietf-sidr-slurm-08.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== The document seems to lack the recommended RFC 2119 boilerplate, even if
it appears to use RFC 2119 keywords -- however, there's a paragraph with
a matching beginning. Boilerplate error?
(The document does seem to have the reference to RFC 2119 which the
ID-Checklist requires).
-- The document date (April 26, 2018) is 2192 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
** Obsolete normative reference: RFC 8208 (Obsoleted by RFC 8608)
Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 SIDR D. Ma
3 Internet-Draft ZDNS
4 Intended status: Standards Track D. Mandelberg
5 Expires: October 28, 2018 Unaffiliated
6 T. Bruijnzeels
7 RIPE NCC
8 April 26, 2018
10 Simplified Local internet nUmber Resource Management with the RPKI
11 (SLURM)
12 draft-ietf-sidr-slurm-08
14 Abstract
16 The Resource Public Key Infrastructure (RPKI) is a global
17 authorization infrastructure that allows the holder of Internet
18 Number Resources (INRs) to make verifiable statements about those
19 resources. Network operators, e.g., Internet Service Providers
20 (ISPs), can use the RPKI to validate BGP route origin assertions.
21 ISPs can also use the RPKI to validate the path of a BGP route.
22 However, ISPs may want to establish a local view of exceptions to the
23 RPKI data in the form of local filters and additions. The mechanisms
24 described in this document provide a simple way to enable INR holders
25 to establish a local, customized view of the RPKI, overriding global
26 RPKI repository data as needed.
28 Status of This Memo
30 This Internet-Draft is submitted in full conformance with the
31 provisions of BCP 78 and BCP 79.
33 Internet-Drafts are working documents of the Internet Engineering
34 Task Force (IETF). Note that other groups may also distribute
35 working documents as Internet-Drafts. The list of current Internet-
36 Drafts is at https://datatracker.ietf.org/drafts/current/.
38 Internet-Drafts are draft documents valid for a maximum of six months
39 and may be updated, replaced, or obsoleted by other documents at any
40 time. It is inappropriate to use Internet-Drafts as reference
41 material or to cite them other than as "work in progress."
43 This Internet-Draft will expire on October 28, 2018.
45 Copyright Notice
47 Copyright (c) 2018 IETF Trust and the persons identified as the
48 document authors. All rights reserved.
50 This document is subject to BCP 78 and the IETF Trust's Legal
51 Provisions Relating to IETF Documents
52 (https://trustee.ietf.org/license-info) in effect on the date of
53 publication of this document. Please review these documents
54 carefully, as they describe your rights and restrictions with respect
55 to this document. Code Components extracted from this document must
56 include Simplified BSD License text as described in Section 4.e of
57 the Trust Legal Provisions and are provided without warranty as
58 described in the Simplified BSD License.
60 Table of Contents
62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
63 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
64 2. RP with SLURM . . . . . . . . . . . . . . . . . . . . . . . . 4
65 3. SLURM File and Mechanisms . . . . . . . . . . . . . . . . . . 4
66 3.1. Use of JSON . . . . . . . . . . . . . . . . . . . . . . . 4
67 3.2. SLURM File Overview . . . . . . . . . . . . . . . . . . . 5
68 3.3. Validation Output Filters . . . . . . . . . . . . . . . . 6
69 3.3.1. Validated ROA Prefix Filters . . . . . . . . . . . . 6
70 3.3.2. BGPsec Assertion Filters . . . . . . . . . . . . . . 7
71 3.4. Locally Added Assertions . . . . . . . . . . . . . . . . 9
72 3.4.1. ROA Prefix Assertions . . . . . . . . . . . . . . . . 9
73 3.4.2. BGPsec Assertions . . . . . . . . . . . . . . . . . . 10
74 3.5. Example of a SLURM File with Filters and Assertions . . . 11
75 4. SLURM File Configuration . . . . . . . . . . . . . . . . . . 13
76 4.1. SLURM File Atomicity . . . . . . . . . . . . . . . . . . 13
77 4.2. Multiple SLURM Files . . . . . . . . . . . . . . . . . . 13
78 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
79 6. Security Considerations . . . . . . . . . . . . . . . . . . . 14
80 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14
81 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 15
82 8.1. Informative References . . . . . . . . . . . . . . . . . 15
83 8.2. Normative References . . . . . . . . . . . . . . . . . . 16
84 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
86 1. Introduction
88 The Resource Public Key Infrastructure (RPKI) is a global
89 authorization infrastructure that allows the holder of Internet
90 Number Resources (INRs) to make verifiable statements about those
91 resources. For example, the holder of a block of IP(v4 or v6)
92 addresses can issue a Route Origin Authorization (ROA) [RFC6482] to
93 authorize an Autonomous System (AS) to originate routes for that
94 block. Internet Service Providers (ISPs) can then use the RPKI to
95 validate BGP routes. (Validation of the origin of a route is
96 described in [RFC6811], and validation of the path of a route is
97 described in [RFC8205].)
99 However, an "RPKI relying party" (RP) may want to override some of
100 the information expressed via configured Trust Anchors (TAs) and the
101 certificates downloaded from the RPKI repository system. For
102 instances, [RFC6491] recommends the creation of ROAs that would
103 invalidate public routes for reserved and unallocated address space,
104 yet some ISPs might like to use BGP and the RPKI with private address
105 space ([RFC1918], [RFC4193], [RFC6598]) or private AS numbers
106 ([RFC1930], [RFC6996]). Local use of private address space and/or AS
107 numbers is consistent with the RFCs cited above, but such use cannot
108 be verified by the global RPKI. This motivates creation of
109 mechanisms that enable a network operator to publish exception to the
110 RPKI in the form of filters and additions (for its own use and that
111 of its customers) at its discretion. Additionally, a network
112 operator might wish to make use of a local override capability to
113 protect routes from adverse actions [RFC8211], until the results of
114 such actions have been addressed. The mechanisms developed to
115 provide this capability to network operators are hereby called
116 Simplified Local internet nUmber Resource Management with the RPKI
117 (SLURM).
119 SLURM allows an operator to create a local view of the global RPKI by
120 generating sets of assertions. For Origin Validation [RFC6811], an
121 assertion is a tuple of {IP prefix, prefix length, maximum length, AS
122 number (ASN)} as used by rpki-rtr (the RPKI to Router Protocol)
123 version 0 [RFC6810] and rpki-rtr version 1 [RFC8210]. For BGPsec
124 [RFC8205], an assertion is a tuple of {ASN, subject key identifier,
125 router public key} as used by rpki-rtr version 1. (For the remainder
126 of this document, these assertions are called ROA Prefix Assertions
127 and BGPsec Assertions, respectively.)
129 1.1. Terminology
131 The key words "MUST", "MUST NOT","REQUIRED", "SHALL", "SHALL NOT",
132 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
133 "OPTIONAL" in this document are to be interpreted as described in BCP
134 14 [RFC2119] [RFC8174] when, and only when, they appear in all
135 capitals, as shown here.
137 2. RP with SLURM
139 SLURM provides a simple way to enable an RP to establish a local,
140 customized view of the RPKI, by overriding RPKI repository data if
141 needed. To that end, an RP with SLURM filters out (removes from
142 consideration for routing decisions) any assertions in the RPKI that
143 are overridden by local ROA Prefix Assertions and BGPsec Assertions.
145 In general, the primary output of an RP is the data it sends to
146 routers over the rpki-rtr protocol [RFC8210]. The rpki-rtr protocol
147 enables routers to query an RP for all assertions it knows about
148 (Reset Query) or for an update of only the changes in assertions
149 (Serial Query). The mechanisms specified in this document are to be
150 applied to the result set for a Reset Query, and to both the old and
151 new sets that are compared for a Serial Query. RP software may
152 modify other forms of output in comparable ways, but that is outside
153 the scope of this document.
155 +--------------+ +---------------------------+ +------------+
156 | | | | | |
157 | Repositories +--->Local cache of RPKI objects+---> Validation |
158 | | | | | |
159 +--------------+ +---------------------------+ +-----+------+
160 |
161 +-------------------------------------------------+
162 |
163 +------v-------+ +------------+ +----------+ +-------------+
164 | | | | | | | |
165 | SLURM +---> SLURM +---> rpki-rtr +---> BGP Speakers|
166 | Filters | | Assertions | | | | |
167 +--------------+ +------------+ +----------+ +-------------+
169 Figure 1: SLURM's Position in the RP Stack
171 3. SLURM File and Mechanisms
173 3.1. Use of JSON
175 SLURM filters and assertions are specified in JSON [RFC8259] format.
176 JSON members that are not defined here MUST NOT be used in SLURM
177 Files. An RP MUST consider any deviations from the specification
178 errors. Future additions to the specifications in this document MUST
179 use an incremented value for the "slurmVersion" member.
181 3.2. SLURM File Overview
183 A SLURM file consists of a single JSON object containing the
184 following members:
186 o A "slurmVersion" member that MUST be set to 1, encoded as a number
188 o A "validationOutputFilters" member (Section 3.3), whose value is
189 an object. The object MUST contain exactly two members:
191 * A "prefixFilters" member, whose value is described in
192 Section 3.3.1.
194 * A "bgpsecFilters" member, whose value is described in
195 Section 3.3.2.
197 o A "locallyAddedAssertions" member (Section 3.4), whose value is an
198 object. The object MUST contain exactly two members:
200 * A "prefixAssertions" member, whose value is described in
201 Section 3.4.1.
203 * A "bgpsecAssertions" member, whose value is described in
204 Section 3.4.2.
206 In the envisioned typical use case, an RP uses both Validation Output
207 Filters and Locally Added Assertions. In this case, the resulting
208 assertions MUST be the same as if output filtering were performed
209 before locally adding assertions. i.e. locally added assertions
210 MUST NOT be removed by output filtering.
212 The following JSON structure with JSON members represents a SLURM
213 file that has no filters or assertions:
215 {
216 "slurmVersion": 1,
217 "validationOutputFilters": {
218 "prefixFilters": [],
219 "bgpsecFilters": []
220 },
221 "locallyAddedAssertions": {
222 "prefixAssertions": [],
223 "bgpsecAssertions": []
224 }
225 }
227 Empty SLURM File
229 3.3. Validation Output Filters
231 3.3.1. Validated ROA Prefix Filters
233 The RP can configure zero or more Validated ROA Prefix Filters
234 (Prefix Filters in short). Each Prefix Filter can contain either an
235 IPv4 or IPv6 prefix and/or an ASN. It is RECOMMENDED that an
236 explanatory comment is included with each Prefix Filter, so that it
237 can be shown to users of the RP software.
239 The above is expressed as a value of the "prefixFilters" member, as
240 an array of zero or more objects. Each object MUST contain one of
241 either, or one each of both following members:
243 o A "prefix" member, whose value is string representing either an
244 IPv4 prefix (Section 3.1 of [RFC4632]) or an IPv6 prefix
245 ([RFC5952]).
247 o An "asn" member, whose value is a number.
249 In addition, each object MAY contain one optional "comment" member,
250 whose value is a string.
252 The following example JSON structure represents a "prefixFilters"
253 member with an array of example objects for each use case listed
254 above:
256 "prefixFilters": [
257 {
258 "prefix": "192.0.2.0/24",
259 "comment": "All VRPs encompassed by prefix"
260 },
261 {
262 "asn": 64496,
263 "comment": "All VRPs matching ASN"
264 },
265 {
266 "prefix": "198.51.100.0/24",
267 "asn": 64497,
268 "comment": "All VRPs encompassed by prefix, matching ASN"
269 }
270 ]
272 prefixFilters examples
274 Any Validated ROA Prefix (VRP, [RFC6811]) that matches any configured
275 Prefix Filter MUST be removed from the RP's output.
277 A VRP is considered to match with a Prefix Filter if one of the
278 following cases applies:
280 1. If the Prefix Filter contains an IPv4 or IPv6 Prefix only, the
281 VRP is considered to match the filter if the VRP prefix is equal
282 to or covered by the Prefix Filter prefix.
284 2. If Prefix Filter contains an ASN only, the VRP is considered to
285 match the filter if the VRP ASN matches the Prefix Filter ASN.
287 3. If Prefix Filter contains both an IPv4 or IPv6 prefix and an ASN,
288 the VRP is considered to match if the VRP prefix is equal to or
289 covered by the Prefix Filter prefix and the VRP ASN matches the
290 Prefix Filter ASN.
292 3.3.2. BGPsec Assertion Filters
294 The RP can configure zero or more BGPsec Assertion Filters (BGPsec
295 Filters in short). Each BGPsec Filter can contain an ASN and/or the
296 Base64 [RFC4648] encoding of a Router Subject Key Identifier (SKI),
297 as described in [RFC8209] and [RFC6487]. It is RECOMMENDED that an
298 explanatory comment is also included with each BGPSec Filter, so that
299 it can be shown to users of the RP software.
301 The above is expressed as a value of the "bgpsecFilters" member, as
302 an array of zero or more objects. Each object MUST contain one of
303 either, or one each of both following members:
305 o An "asn" member, whose value is a number
307 o An "SKI" member, whose value is the Base64 encoding without
308 trailing '=' (Section 5 of [RFC4648]) of the certificate's Subject
309 Public Key as described in Section 4.8.2. of [RFC6487] (This is
310 the value of the ASN.1 OCTET STRING without the ASN.1 tag or
311 length fields.)
313 In addition, each object MAY contain one optional "comment" member,
314 whose value is a string.
316 The following example JSON structure represents a "bgpsecFilters"
317 member with an array of example objects for each use case listed
318 above:
320 "bgpsecFilters": [
321 {
322 "asn": 64496,
323 "comment": "All keys for ASN"
324 },
325 {
326 "SKI": "",
327 "comment": "Key matching Router SKI"
328 },
329 {
330 "asn": 64497,
331 "SKI": "",
332 "comment": "Key for ASN 64497 matching Router SKI"
333 }
334 ]
336 bgpsecFilters examples
338 Any BGPsec Assertion that matches any configured BGPsec Filter MUST
339 be removed from the RP's output. A BGPsec Assertion is considered to
340 match with a BGPsec Filter if one of the following cases applies:
342 1. If the BGPsec Filter contains an ASN only, a BGPsec Assertion is
343 considered to match if the Assertion ASN matches the Filter ASN.
345 2. If the BGPsec Filter contains an SKI only, a BGPsec Assertion is
346 considered to match if the Assertion Router SKI matches the
347 Filter SKI.
349 3. If the BGPsec Filter contains both an ASN and a Router SKI, then
350 a BGPsec Assertion is considered to match if both the Assertion
351 ASN matches the Filter ASN and the Assertion Router SKI matches
352 the Filter Router SKI.
354 3.4. Locally Added Assertions
356 3.4.1. ROA Prefix Assertions
358 Each RP is locally configured with a (possibly empty) array of ROA
359 Prefix Assertions (Prefix Assertion in short). Each ROA Prefix
360 Assertion MUST contain an IPv4 or IPv6 prefix and an ASN. It MAY
361 include a value for the maximum length. It is RECOMMENDED that an
362 explanatory comment is also included with each, so that it can be
363 shown to users ofthe RP software.
365 The above is expressed as a value of the "prefixAssertions" member,
366 as an array of zero or more objects. Each object MUST contain one
367 each of both following members:
369 o A "prefix" member, whose value is string representing either an
370 IPv4 prefix (Section 3.1 of [RFC4632]) or an IPv6 prefix
371 ([RFC5952]).
373 o An "asn" member, whose value is a number.
375 In addition, each object MAY contain one of each of the following
376 members:
378 o A "maxPrefixLength" member, whose value is a number.
380 o A "comment" member, whose value is a string.
382 The following example JSON structure represents a "prefixAssertions"
383 member with an array of example objects for each use case listed
384 above:
386 "prefixAssertions": [
387 {
388 "asn": 64496,
389 "prefix": "198.51.100.0/24",
390 "comment": "My other important route"
391 },
392 {
393 "asn": 64496,
394 "prefix": "2001:DB8::/32",
395 "maxPrefixLength": 48,
396 "comment": "My other important de-aggregated routes"
397 }
398 ]
400 prefixAssertions examples
402 Note that the combination of the prefix, ASN and optional maximum
403 length describes a VRP as described in [RFC6811]. The RP MUST add
404 all Prefix Assertions found this way to the VRP found through RPKI
405 validation, and ensure that it sends the complete set of PDUs,
406 excluding duplicates when using the rpki-rtr protocol, see
407 Section 5.6 and 5.7 of [RFC8210].
409 3.4.2. BGPsec Assertions
411 Each RP is locally configured with a (possibly empty) array of BGPsec
412 Assertions. Each BGPsec Assertion MUST contain an AS number, a
413 Router SKI, and the Router Public Key. It is RECOMMENDED that an
414 explanatory comment is also included, so that it can be shown to
415 users of the RP software.
417 The above is expressed as a value of the "bgpsecAssertions" member,
418 as an array of zero or more objects. Each object MUST contain one
419 each of all of the following members:
421 An "asn" member, whose value is a number.
423 An "SKI" member, whose value is the Base64 encoding without
424 trailing '=' (Section 5 of RFC4648 ) of the router's public key
425 equivalent to a certificate's Subject Public Key as described in
426 Section 4.8.2. of [RFC6487]. This is the value of the ASN.1 OCTET
427 STRING without the ASN.1 tag or length fields.
429 A "routerPublicKey" member, whose value is is the Base64 encoding
430 without trailing '=' (Section 5 of [RFC4648]) of the equivalent to
431 a router certificate's public key's subjectPublicKeyInfo value, as
432 described in [RFC8208]. This is the full ASN.1 DER encoding of
433 the subjectPublicKeyInfo, including the ASN.1 tag and length
434 values of the subjectPublicKeyInfo SEQUENCE.
436 The following JSON structure represents an array of
437 "bgpsecAssertions" with one element as described above:
439 "bgpsecAssertions": [
440 {
441 "asn": 64496,
442 "SKI": "",
443 "publicKey": "",
444 "comment": "My known key for my important ASN"
445 }
446 ]
448 bgpsecAssertions examples
450 Note that a bgpsecAssertion matches the syntax of the Router Key PDU
451 described in section 5.10 of [RFC8210]. Relying Parties MUST add any
452 bgpsecAssertion thus found to the set of Router PDUs, excluding
453 duplicates, when using the RPKI-RTR protocol [RFC8210].
455 3.5. Example of a SLURM File with Filters and Assertions
457 The following JSON structure represents an example of a SLURM file
458 that uses all the elements described in the previous sections:
460 {
461 "slurmVersion": 1,
462 "validationOutputFilters": {
463 "prefixFilters": [
464 {
465 "prefix": "192.0.2.0/24",
466 "comment": "All VRPs encompassed by prefix"
467 },
468 {
469 "asn": 64496,
470 "comment": "All VRPs matching ASN"
471 },
472 {
473 "prefix": "198.51.100.0/24",
474 "asn": 64497,
475 "comment": "All VRPs encompassed by prefix, matching ASN"
476 }
477 ],
478 "bgpsecFilters": [
479 {
480 "asn": 64496,
481 "comment": "All keys for ASN"
482 },
483 {
484 "SKI": "Zm9v",
485 "comment": "Key matching Router SKI"
486 },
487 {
488 "asn": 64497,
489 "SKI": "YmFy",
490 "comment": "Key for ASN 64497 matching Router SKI"
491 }
492 ]
493 },
494 "locallyAddedAssertions": {
495 "prefixAssertions": [
496 {
497 "asn": 64496,
498 "prefix": "198.51.100.0/24",
499 "comment": "My other important route"
500 },
501 {
502 "asn": 64496,
503 "prefix": "2001:DB8::/32",
504 "maxPrefixLength": 48,
505 "comment": "My other important de-aggregated routes"
506 }
507 ],
508 "bgpsecAssertions": [
509 {
510 "asn": 64496,
511 "comment" : "My known key for my important ASN",
512 "SKI": "",
513 "publicKey": ""
514 }
515 ]
516 }
517 }
519 Example of Full SLURM File
521 4. SLURM File Configuration
523 4.1. SLURM File Atomicity
525 To ensure local consistency, the effect of SLURM MUST be atomic.
526 That is, the output of the RP MUST be either the same as if SLURM
527 file were not used, or it MUST reflect the entire SLURM
528 configuration. For an example of why this is required, consider the
529 case of two local routes for the same prefix but different origin
530 ASNs. Both routes are configured with Locally Added Assertions. If
531 neither addition occurs, then both routes could be in the unknown
532 state [RFC6811]. If both additions occur then both routes would be
533 in the valid state. However, if one addition occurs and the other
534 does not, then one could be invalid while the other is valid.
536 4.2. Multiple SLURM Files
538 An implementation MAY support the concurrent use of multiple SLURM
539 files. In this case, the resulting inputs to Validation Output
540 Filters and Locally Added Assertions are the respective unions of the
541 inputs from each file. The envisioned typical use case for multiple
542 files is when the files have distinct scopes. For instance,
543 operators of two distinct networks may resort to one RP system to
544 frame routing decisions. As such, they probably deliver SLURM files
545 to this RP respectively. Before an RP configures SLURM files from
546 different sources it MUST make sure there is no internal conflict
547 among the INR assertions in these SLURM files. To do so, the RP
548 SHOULD check the entries of SLURM file with regard to overlaps of the
549 INR assertions and report errors to the sources that created these
550 SLURM files in question. The RP gets multiple SLURM files as a set,
551 and the whole set MUST be rejected in case of any overlaps among
552 SLURM files.
554 If a problem is detected with the INR assertions in these SLURM
555 files, the RP MUST NOT use them, and SHOULD issue a warning as error
556 report in the following cases:
558 1. There may be conflicting changes to ROA Prefix Assertions if
559 there exists an IP address X and distinct SLURM files Y, Z
560 such that X is contained by any prefix in any
561 or in file Y and X is
562 contained by any prefix in any or
563 in file Z.
565 2. There may be conflicting changes to BGPsec Assertions if there
566 exists an ASN X and distinct SLURM files Y, Z such that X is
567 used in any or in file Y
568 and X is used in any or in
569 file Z.
571 5. IANA Considerations
573 None
575 6. Security Considerations
577 The mechanisms described in this document provide a network operator
578 with additional ways to control use of RPKI data while preserving
579 autonomy in address space and ASN management. These mechanisms are
580 applied only locally; they do not influence how other network
581 operators interpret RPKI data. Nonetheless, care should be taken in
582 how these mechanisms are employed. Note that it also is possible to
583 use SLURM to (locally) manipulate assertions about non-private INRs,
584 e.g., allocated address space that is globally routed. For example,
585 a SLURM file may be used to override RPKI data that a network
586 operator believes has been corrupted by an adverse action. Network
587 operators who elect to use SLURM in this fashion should use extreme
588 caution.
590 The goal of the mechanisms described in this document is to enable an
591 RP to create its own view of the RPKI, which is intrinsically a
592 security function. An RP using a SLURM file is trusting the
593 assertions made in that file. Errors in the SLURM file used by an RP
594 can undermine the security offered by the RPKI, to that RP. It could
595 declare as invalid ROAs that would otherwise be valid, and vice
596 versa. As a result, an RP MUST carefully consider the security
597 implications of the SLURM file being used, especially if the file is
598 provided by a third party.
600 Additionally, each RP using SLURM MUST ensure the authenticity and
601 integrity of any SLURM file that it uses. Initially, the SLURM file
602 may be pre-configured out of band, but if the RP updates its SLURM
603 file over the network, it MUST verify the authenticity and integrity
604 of the updated SLURM file. Yet the mechanism to update SLURM file to
605 guarantee authenticity and integrity is out of the scope of this
606 document.
608 7. Acknowledgments
610 The authors would like to thank Stephen Kent for his guidance and
611 detailed reviews of this document. Thanks go to to Richard Hansen
612 for his careful reviews, to Hui Zou and Chunlin An for their
613 editorial assistance.
615 8. References
617 8.1. Informative References
619 [RFC1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G.,
620 and E. Lear, "Address Allocation for Private Internets",
621 BCP 5, RFC 1918, DOI 10.17487/RFC1918, February 1996,
622 .
624 [RFC1930] Hawkinson, J. and T. Bates, "Guidelines for creation,
625 selection, and registration of an Autonomous System (AS)",
626 BCP 6, RFC 1930, DOI 10.17487/RFC1930, March 1996,
627 .
629 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
630 Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005,
631 .
633 [RFC6482] Lepinski, M., Kent, S., and D. Kong, "A Profile for Route
634 Origin Authorizations (ROAs)", RFC 6482,
635 DOI 10.17487/RFC6482, February 2012,
636 .
638 [RFC6491] Manderson, T., Vegoda, L., and S. Kent, "Resource Public
639 Key Infrastructure (RPKI) Objects Issued by IANA",
640 RFC 6491, DOI 10.17487/RFC6491, February 2012,
641 .
643 [RFC6598] Weil, J., Kuarsingh, V., Donley, C., Liljenstolpe, C., and
644 M. Azinger, "IANA-Reserved IPv4 Prefix for Shared Address
645 Space", BCP 153, RFC 6598, DOI 10.17487/RFC6598, April
646 2012, .
648 [RFC6810] Bush, R. and R. Austein, "The Resource Public Key
649 Infrastructure (RPKI) to Router Protocol", RFC 6810,
650 DOI 10.17487/RFC6810, January 2013,
651 .
653 [RFC6996] Mitchell, J., "Autonomous System (AS) Reservation for
654 Private Use", BCP 6, RFC 6996, DOI 10.17487/RFC6996, July
655 2013, .
657 [RFC8210] Bush, R. and R. Austein, "The Resource Public Key
658 Infrastructure (RPKI) to Router Protocol, Version 1",
659 RFC 8210, DOI 10.17487/RFC8210, September 2017,
660 .
662 [RFC8211] Kent, S. and D. Ma, "Adverse Actions by a Certification
663 Authority (CA) or Repository Manager in the Resource
664 Public Key Infrastructure (RPKI)", RFC 8211,
665 DOI 10.17487/RFC8211, September 2017,
666 .
668 8.2. Normative References
670 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
671 Requirement Levels", BCP 14, RFC 2119,
672 DOI 10.17487/RFC2119, March 1997,
673 .
675 [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing
676 (CIDR): The Internet Address Assignment and Aggregation
677 Plan", BCP 122, RFC 4632, DOI 10.17487/RFC4632, August
678 2006, .
680 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
681 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
682 .
684 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6
685 Address Text Representation", RFC 5952,
686 DOI 10.17487/RFC5952, August 2010,
687 .
689 [RFC6487] Huston, G., Michaelson, G., and R. Loomans, "A Profile for
690 X.509 PKIX Resource Certificates", RFC 6487,
691 DOI 10.17487/RFC6487, February 2012,
692 .
694 [RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R.
695 Austein, "BGP Prefix Origin Validation", RFC 6811,
696 DOI 10.17487/RFC6811, January 2013,
697 .
699 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
700 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
701 May 2017, .
703 [RFC8205] Lepinski, M., Ed. and K. Sriram, Ed., "BGPsec Protocol
704 Specification", RFC 8205, DOI 10.17487/RFC8205, September
705 2017, .
707 [RFC8208] Turner, S. and O. Borchert, "BGPsec Algorithms, Key
708 Formats, and Signature Formats", RFC 8208,
709 DOI 10.17487/RFC8208, September 2017,
710 .
712 [RFC8209] Reynolds, M., Turner, S., and S. Kent, "A Profile for
713 BGPsec Router Certificates, Certificate Revocation Lists,
714 and Certification Requests", RFC 8209,
715 DOI 10.17487/RFC8209, September 2017,
716 .
718 [RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data
719 Interchange Format", STD 90, RFC 8259,
720 DOI 10.17487/RFC8259, December 2017,
721 .
723 Authors' Addresses
725 Di Ma
726 ZDNS
727 4 South 4th St. Zhongguancun
728 Haidian, Beijing 100190
729 China
731 Email: madi@zdns.cn
733 David Mandelberg
734 Unaffiliated
736 Email: david@mandelberg.org
737 URI: https://david.mandelberg.org
739 Tim Bruijnzeels
740 RIPE NCC
741 Stationsplein 11
742 Amsterdam 1012 AB
743 Netherlands
745 Email: tim@ripe.net