Cite this BCP: TXT  |  XML

BCP 185 contains the following RFCs:
NumberFilesTitleAuthorsDateMore InfoStatus
RFC 7115, BCP 185    Origin Validation Operation Based on the Resource Public Key Infrastructure (RPKI)R. BushJanuary 2014ErrataBest Current Practice
RFC 9319, BCP 185    The Use of maxLength in the Resource Public Key Infrastructure (RPKI)Y. Gilad, S. Goldberg, K. Sriram, J. Snijders, B. MaddisonOctober 2022    Best Current Practice

Abstract of RFC 7115

Deployment of BGP origin validation that is based on the Resource Public Key Infrastructure (RPKI) has many operational considerations. This document attempts to collect and present those that are most critical. It is expected to evolve as RPKI-based origin validation continues to be deployed and the dynamics are better understood.

Abstract of RFC 9319

This document recommends ways to reduce the forged-origin hijack attack surface by prudently limiting the set of IP prefixes that are included in a Route Origin Authorization (ROA). One recommendation is to avoid using the maxLength attribute in ROAs except in some specific cases. The recommendations complement and extend those in RFC 7115. This document also discusses the creation of ROAs for facilitating the use of Distributed Denial of Service (DDoS) mitigation services. Considerations related to ROAs and RPKI-based Route Origin Validation (RPKI-ROV) in the context of destination-based Remotely Triggered Discard Route (RTDR) (elsewhere referred to as "Remotely Triggered Black Hole") filtering are also highlighted.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search