Protocol Action: 'Certificate Policy (CP) for the Resource PKI (RPKI' to BCP (draft-ietf-sidr-cp-17.txt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The IESG has approved the following document:
- 'Certificate Policy (CP) for the Resource PKI (RPKI'
  (draft-ietf-sidr-cp-17.txt) as a BCP

This document is the product of the Secure Inter-Domain Routing Working
Group.

The IESG contact persons are Stewart Bryant and Adrian Farrel.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-sidr-cp/




Technical Summary

The document is a Certificate Policy (CP) for the Resource PKI. It
follows the format established for document of this type, in RFC 3647.
It is customary for a large scale PKI to publish an associated CP.
In the case of the RPKI, this CP describes essential, common aspects
of CA operation, both as guidance to CAs and for the benefit of all
relying parties (RPs). The CP defers many details of Certification
Authority (CA) procedures to the Certification Practice Statement
(CPS) that will be published by most CAs that operate in the RPKI
context. (Not all CAs need to publish a CPS; a CA that issues
certificates only to entities within the same administrative realm
as the CA need not generate or publish a CPS.)


Working Group Summary

An early review was provided by the NRO (the RIRs), and, as a result,
the document was reduced in length. A PKI expert (formerly with
VeriSign Japan, now with IANA) provided extensive comments, as did
Sean Turner, the cognizant security AD. 

Document Quality

The document is well written and clear. It does not describe a
protocol, so there are no "implementations" per se. However, at least
four RIRs have developed CPS's that are based on the CP. There is no
MIB, and no Media Types are involved. However, as noted above more than
one PKI expert has reviewed the document. 

Personnel

Sandra Murphy the Document Shepherd for this document.
Stewart Bryant is the  Responsible Area Director.

RFC Editor Note

In the title

s/for the Resource PKI (RPKI/for the Resource PKI (RPKI)/

(missing closing parenthesis)

=====

3.2.2 page16: s/bedescribed/be described/

=====




_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux