BCP 174

RFC 6489

Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI), February 2012

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
Status:
BEST CURRENT PRACTICE
Authors:
G. Huston
G. Michaelson
S. Kent
Stream:
IETF
Source:
sidr (rtg)

Cite this BCP: TXT

Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC


Abstract

This document describes how a Certification Authority (CA) in the Resource Public Key Infrastructure (RPKI) performs a planned rollover of its key pair. This document also notes the implications of this key rollover procedure for relying parties (RPs). In general, RPs are expected to maintain a local cache of the objects that have been published in the RPKI repository, and thus the way in which a CA performs key rollover impacts RPs. This memo documents an Internet Best Current Practice.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search