BCP 174

RFC 6489

Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI), February 2012

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
Status:
BEST CURRENT PRACTICE
Authors:
G. Huston
G. Michaelson
S. Kent
Stream:
IETF
Source:
sidr (rtg)

Cite this BCP: TXT

Discuss this RFC: Send questions or comments to iesg@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document describes how a Certification Authority (CA) in the Resource Public Key Infrastructure (RPKI) performs a planned rollover of its key pair. This document also notes the implications of this key rollover procedure for relying parties (RPs). In general, RPs are expected to maintain a local cache of the objects that have been published in the RPKI repository, and thus the way in which a CA performs key rollover impacts RPs. This memo documents an Internet Best Current Practice.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.