- File formats:
- Status:
- BEST CURRENT PRACTICE
- Authors:
- B. Weis
R. Gagliano
K. Patel - Stream:
- IETF
- Source:
- sidrops (ops)
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC
Abstract
Certification Authorities (CAs) within the Resource Public Key Infrastructure (RPKI) manage BGPsec router certificates as well as RPKI certificates. The rollover of BGPsec router certificates must be carefully performed in order to synchronize the distribution of router public keys with BGPsec UPDATE messages verified with those router public keys. This document describes a safe rollover process, and it discusses when and why the rollover of BGPsec router certificates is necessary. When this rollover process is followed, the rollover will be performed without routing information being lost.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.