Host Identity Protocol Certificates

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: "IETF-Announce" <>
Cc:,,, "Gonzalo Camarillo" <>,, "The IESG" <>,,
Subject: Protocol Action: 'Host Identity Protocol Certificates' to Proposed Standard (draft-ietf-hip-rfc6253-bis-09.txt)

The IESG has approved the following document:
- 'Host Identity Protocol Certificates'
  (draft-ietf-hip-rfc6253-bis-09.txt) as Proposed Standard

This document is the product of the Host Identity Protocol Working Group.

The IESG contact persons are Suresh Krishnan and Terry Manderson.

A URL of this Internet Draft is:

Technical Summary:

  The Certificate (CERT) parameter is a container for digital
  certificates.  It is used for carrying these certificates in Host
  Identity Protocol (HIP) control packets.  This document specifies
  the certificate parameter and the error signaling in case of a
  failed verification.  Additionally, this document specifies the
  representations of Host Identity Tags in X.509 version 3 (v3) and
  Simple Public Key Infrastructure (SPKI) certificates.

  The concrete use cases of certificates, including how certificates
  are obtained, requested, and which actions are taken upon successful
  or failed verification, are specific to the scenario in which the
  certificates are used.  Hence, the definition of these scenario-
  specific aspects is left to the documents that use the CERT

  This document extends RFC7401 and obsoletes RFC6253.

Working Group Summary:

  There was WG consensus behind this document.

Document Quality:

  As discussed in RFC 6538, there are several implementations of the
  Experimental HIP specs. At least HIP for Linux (HIPL) and OpenHIP
  will be updated to comply with the standards-track specs. The
  example in the RFC was tested with the HIPL implementation, which
  uses the openssl library.


  Gonzalo Camarillo is the document shepherd. Terry Manderson is the
  responsible area director.