The IESG has approved the following document: - 'Algorithm Agility Procedure for RPKI.' (draft-ietf-sidr-algorithm-agility-12.txt) as Best Current Practice This document is the product of the Secure Inter-Domain Routing Working Group. The IESG contact persons are Stewart Bryant and Adrian Farrel. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-sidr-algorithm-agility/ Technical Summary This document specifies the process that Certification Authorities (CAs) and Relying Parties (RPs) participating in the Resource Public Key Infrastructure (RPKI) will need to follow to transition to a new (and probably cryptographically stronger) algorithm set. The process is expected to be completed in a time scale of several years. Consequently, no emergency transition is specified. The transition procedure defined in this document supports only a top-down migration (parent migrates before children). Working Group Summary During WGLC there was some prolonged discussion on whether IETF is the right body for publishing a set of milestones for different phases of algorithm migration and which other entities should be involved (IANA, NROs, etc.). The issue was discussed and the text was improved in this area. There was also an extended discussion during WGLC on whether top-down migration is the right way to do algorithm migration. I think the WG still supports this approach. Document Quality This document is not specifying a protocol, so there are no implementations. However considering past history in the Security Area with algorithm migration in different protocols, such migration event is quite likely, if RPKI ends up being used for any significant period of time. Personnel Alexey Melnikov is the Document Shepherd. Stewart Bryant is the Responsible Area Director. RFC Editor Note Please change the Intended Status from Proposed Standard to BCP
