A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : A Profile for BGPSEC Router Certificates
Author(s) : Matthew Lepinski
Mark Reynolds
Filename : draft-reynolds-bgpsec-rtrcerts-00.txt
Pages : 16
Date : 2011-06-02
This document defines a standard profile for X.509 certificates for
the purposes of supporting validation of Autonomous System (AS) paths
in the Border Gateway Protocol (BGP), as part of an extension to that
protocol known as BGPSEC. BGP is a critical component for the proper
operation of the Internet as a whole. The BGPSEC protocol is under
development as a component to address the requirement to provide
security for the BGP protocol. The goal of BGPSEC is to design a
protocol for full AS path validation based on the use of strong
cryptographic primitives. The end-entity (EE) certificates specified
by this profile are issued under Resource PKI (RPKI) CA certificates,
containing the RFC 3779 AS number extension, to routers within the
autonomous system. The certificate asserts that the router(s) holding
the public key are authorized to send out secure route advertisements
on behalf of the specified autonomous system. Note that since these
certificates extend the RPKI [ID.sidr-arch], this profile is based on
the profile for RPKI resource certificates [ID.res-cert-prof].
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-reynolds-bgpsec-rtrcerts-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-reynolds-bgpsec-rtrcerts-00.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
