Thanks for the new draft! I can do a pub request. This, algs, and protocol are a cluster, by normative refs. There are others that are informative refs, but I think they can go later.
—Sandy On Jun 1, 2016, at 3:12 PM, Sean Turner <[email protected]> wrote: > Updated with a new 3.4 section as per Sandy’s direction. > > spt > >> On Jun 01, 2016, at 15:11, [email protected] wrote: >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Secure Inter-Domain Routing of the IETF. >> >> Title : A Profile for BGPsec Router Certificates, >> Certificate Revocation Lists, and Certification Requests >> Authors : Mark Reynolds >> Sean Turner >> Stephen Kent >> Filename : draft-ietf-sidr-bgpsec-pki-profiles-17.txt >> Pages : 13 >> Date : 2016-06-01 >> >> Abstract: >> This document defines a standard profile for X.509 certificates used >> to enable validation of Autonomous System (AS) paths in the Border >> Gateway Protocol (BGP), as part of an extension to that protocol >> known as BGPsec. BGP is the standard for inter-domain routing in the >> Internet; it is the "glue" that holds the Internet together. BGPsec >> is being developed as one component of a solution that addresses the >> requirement to provide security for BGP. The goal of BGPsec is to >> provide full AS path validation based on the use of strong >> cryptographic primitives. The end-entity (EE) certificates specified >> by this profile are issued (to routers within an Autonomous System). >> Each of these certificates is issued under a Resource Public Key >> Infrastructure (RPKI) Certification Authority (CA) certificate. >> These CA certificates and EE certificates both contain the AS >> Identifier Delegation extension. An EE certificate of this type >> asserts that the router(s) holding the corresponding private key are >> authorized to emit secure route advertisements on behalf of the >> AS(es) specified in the certificate. This document also profiles the >> format of certification requests, and specifies Relying Party (RP) >> certificate path validation procedures for these EE certificates. >> This document extends the RPKI; therefore, this documents updates the >> RPKI Resource Certificates Profile (RFC 6487). >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-pki-profiles/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-sidr-bgpsec-pki-profiles-17 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-bgpsec-pki-profiles-17 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> sidr mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/sidr > > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
