Adverse Actions by a Certification Authority (CA) or Repository Manager in the Resource Public Key Infrastructure (RPKI)
RFC 8211
Document | Type | RFC - Informational (September 2017; No errata) | |
---|---|---|---|
Authors | Stephen Kent , Di Ma | ||
Last updated | 2017-09-27 | ||
Replaces | draft-kent-sidr-adverse-actions | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Reviews | |||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Chris Morrow | ||
Shepherd write-up | Show (last changed 2016-10-25) | ||
IESG | IESG state | RFC 8211 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Yes | ||
Telechat date | |||
Responsible AD | Alvaro Retana | ||
Send notices to | "Chris Morrow" <morrowc@ops-netman.net>, aretana@cisco.com | ||
IANA | IANA review state | IANA OK - No Actions Needed | |
IANA action state | No IANA Actions |
Internet Engineering Task Force (IETF) S. Kent Request for Comments: 8211 BBN Technologies Category: Informational D. Ma ISSN: 2070-1721 ZDNS September 2017 Adverse Actions by a Certification Authority (CA) or Repository Manager in the Resource Public Key Infrastructure (RPKI) Abstract This document analyzes actions by or against a Certification Authority (CA) or an independent repository manager in the RPKI that can adversely affect the Internet Number Resources (INRs) associated with that CA or its subordinate CAs. The analysis is done from the perspective of an affected INR holder. The analysis is based on examination of the data items in the RPKI repository, as controlled by a CA (or an independent repository manager) and fetched by Relying Parties (RPs). The analysis does not purport to be comprehensive; it does represent an orderly way to analyze a number of ways that errors by or attacks against a CA or repository manager can affect the RPKI and routing decisions based on RPKI data. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8211. Kent & Ma Informational [Page 1] RFC 8211 RPKI Adverse CA Actions September 2017 Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Analysis of RPKI Repository Objects . . . . . . . . . . . . . 4 2.1. CA Certificates . . . . . . . . . . . . . . . . . . . . . 6 2.2. Manifest . . . . . . . . . . . . . . . . . . . . . . . . 9 2.3. Certificate Revocation List . . . . . . . . . . . . . . . 12 2.4. ROA . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 2.5. Ghostbusters Record . . . . . . . . . . . . . . . . . . . 17 2.6. Router Certificates . . . . . . . . . . . . . . . . . . . 18 3. Analysis of Actions Relative to Scenarios . . . . . . . . . . 19 3.1. Scenario A . . . . . . . . . . . . . . . . . . . . . . . 21 3.2. Scenario B . . . . . . . . . . . . . . . . . . . . . . . 21 3.3. Scenario C . . . . . . . . . . . . . . . . . . . . . . . 21 3.4. Scenario D . . . . . . . . . . . . . . . . . . . . . . . 22 4. Security Considerations . . . . . . . . . . . . . . . . . . . 22 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 23 6.1. Normative References . . . . . . . . . . . . . . . . . . 23 6.2. Informative References . . . . . . . . . . . . . . . . . 25 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 26 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26 Kent & Ma Informational [Page 2] RFC 8211 RPKI Adverse CA Actions September 2017 1. Introduction In the context of this document, any change to the Resource Public Key Infrastructure (RPKI) [RFC6480] that diminishes the set of Internet Number Resources (INRs) associated with an INR holder, and that is contrary to the holder's wishes, is termed "adverse". This analysis is done from the perspective of an affected INR holder. An action that results in an adverse charge (as defined above) may be the result of an attack on a CA [RFC7132], an error by a CA, or an error by or an attack on a repository operator. Note that the CA that allocated the affected INRs may be acting in accordance withShow full document text