RPKI Signed Object for Trust Anchor Keys
draft-ietf-sidrops-signed-tal-02

Document Type Expired Internet-Draft (sidrops WG)
Last updated 2019-04-22 (latest revision 2018-10-19)
Replaces draft-tbruijnzeels-sidrops-signed-tal
Stream IETF
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream WG state In WG Last Call
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-sidrops-signed-tal-02.txt

Abstract

Trust Anchor Locators (TALs) [I-D.ietf-sidrops-https-tal] are used by Relying Parties in the RPKI to locate and validate Trust Anchor certificates used in RPKI validation. This document defines an RPKI signed object for Trust Anchor Keys (TAK), that can be used by Trust Anchors to signal their set of current keys and the location(s) of the accompanying CA certiifcates to Relying Parties, as well as changes to this set in the form of revoked keys and new keys, in order to support both planned and unplanned key rolls without impacting RPKI validation.

Authors

Tim Bruijnzeels (tim@nlnetlabs.nl)
Carlos Martínez (carlos@lacnic.net)
Rob Austein (sra@hactrn.net)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)