[rfc-dist] BCP 174, RFC 6489 on Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI)

rfc-editor at rfc-editor.org rfc-editor at rfc-editor.org
Fri Feb 3 17:17:57 PST 2012

A new Request for Comments is now available in online RFC libraries.

        BCP 174        
        RFC 6489

        Title:      Certification Authority (CA) Key Rollover 
                    in the Resource Public Key Infrastructure 
        Author:     G. Huston, G. Michaelson,
                    S. Kent
        Status:     Best Current Practice
        Stream:     IETF
        Date:       February 2012
        Mailbox:    gih at apnic.net, 
                    ggm at apnic.net, 
                    kent at bbn.com
        Pages:      10
        Characters: 23060
        See Also:   BCP0174

        I-D Tag:    draft-ietf-sidr-keyroll-08.txt

        URL:        http://www.rfc-editor.org/rfc/rfc6489.txt

This document describes how a Certification Authority (CA) in the
Resource Public Key Infrastructure (RPKI) performs a planned rollover
of its key pair.  This document also notes the implications of this
key rollover procedure for relying parties (RPs).  In general, RPs
are expected to maintain a local cache of the objects that have been
published in the RPKI repository, and thus the way in which a CA
performs key rollover impacts RPs.  This memo documents an Internet 
Best Current Practice.

This document is a product of the Secure Inter-Domain Routing Working Group of the IETF.

BCP: This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for 
improvements. Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

The RFC Editor Team
Association Management Solutions, LLC

More information about the rfc-dist mailing list