BGPsec Algorithms, Key Formats, and Signature Formats
draft-ietf-sidrops-bgpsec-algs-rfc8208-bis-05

Document Type Active Internet-Draft (sidrops WG)
Last updated 2019-06-14 (latest revision 2019-04-15)
Replaces draft-borchert-sidrops-bgpsec-algs-rfc8208-bis
Stream IETF
Intended RFC status Proposed Standard
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Chris Morrow
Shepherd write-up Show (last changed 2019-02-27)
IESG IESG state RFC Ed Queue
Consensus Boilerplate Yes
Telechat date
Responsible AD Warren Kumari
Send notices to Chris Morrow <morrowc@ops-netman.net>
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
RFC Editor RFC Editor state AUTH48-DONE
Internet Engineering Task Force (IETF)                         S. Turner
Internet-Draft                                                     sn3rd
Obsoletes: 8208 (if approved)                                O. Borchert
Intended status: Standards Track                                    NIST
Expires: October 17, 2019                                 April 15, 2019

         BGPsec Algorithms, Key Formats, and Signature Formats
             draft-ietf-sidrops-bgpsec-algs-rfc8208-bis-05

Abstract

   This document specifies the algorithms, algorithm parameters,
   asymmetric key formats, asymmetric key sizes, and signature formats
   used in BGPsec (Border Gateway Protocol Security).  This document
   obsoletes RFC 8208 ("BGPsec Algorithms, Key Formats, and Signature
   Formats") by adding Documentation Algorithm IDs, Experimentation
   Algorithm IDs, correcting the range of unassigned algorithms IDs to
   fill the complete range, and restructured the document for better
   reading.

   This document also includes example BGPsec UPDATE messages as well as
   the private keys used to generate the messages and the certificates
   necessary to validate those signatures.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 2, 2018

 

Turner & Borchert       Expires October 17, 2019                [Page 1]
Internet Draft    BGPsec Algs, Key & Signature Formats    April 15, 2019

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License. 

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
     1.1.  Terminology  . . . . . . . . . . . . . . . . . . . . . . .  3
     1.2.  Changes from RFC 8208  . . . . . . . . . . . . . . . . . .  4
   2.  Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . .  4
     2.1. Algorithm ID Types  . . . . . . . . . . . . . . . . . . . .  4
     2.2. Signature Algorithms  . . . . . . . . . . . . . . . . . . .  6
       2.2.1. Algorithm ID 0x01 (1) - (ECDSA-P256)  . . . . . . . . .  6
   3.  Asymmetric Key Pair Formats  . . . . . . . . . . . . . . . . .  6
     3.1.  Asymmetric Key Pair for Algorithm ID 0x01 (1) - 
           (ECDSA-P256) . . . . . . . . . . . . . . . . . . . . . . .  6
       3.1.1.  Public Key Format  . . . . . . . . . . . . . . . . . .  6
       3.1.2.  Private Key Format . . . . . . . . . . . . . . . . . .  7
   4.  Signature Formats  . . . . . . . . . . . . . . . . . . . . . .  7
   5.  Additional Requirements  . . . . . . . . . . . . . . . . . . .  7
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   7.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  8
   8.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
     8.1.  Normative References . . . . . . . . . . . . . . . . . . . 10
     8.2.  Informative References . . . . . . . . . . . . . . . . . . 11
   Appendix A.  Examples  . . . . . . . . . . . . . . . . . . . . . . 13
     A.1.  Topology and Experiment Description  . . . . . . . . . . . 13
     A.2.  Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
     A.3.  BGPsec IPv4  . . . . . . . . . . . . . . . . . . . . . . . 17
     A.4.  BGPsec IPv6  . . . . . . . . . . . . . . . . . . . . . . . 20
   Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 23
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23

 

Turner & Borchert       Expires October 17, 2019                [Page 2]
Internet Draft    BGPsec Algs, Key & Signature Formats    April 15, 2019

1.  Introduction

   This document specifies the following:
Show full document text