RFC 6480

An Infrastructure to Support Secure Internet Routing, February 2012

File formats:
icon for text file icon for PDF icon for HTML
Status:
INFORMATIONAL
Authors:
M. Lepinski
S. Kent
Stream:
IETF
Source:
sidr (rtg)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC6480

Discuss this RFC: Send questions or comments to the mailing list sidr@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 6480


Abstract

This document describes an architecture for an infrastructure to support improved security of Internet routing. The foundation of this architecture is a Resource Public Key Infrastructure (RPKI) that represents the allocation hierarchy of IP address space and Autonomous System (AS) numbers; and a distributed repository system for storing and disseminating the data objects that comprise the RPKI, as well as other signed objects necessary for improved routing security. As an initial application of this architecture, the document describes how a legitimate holder of IP address space can explicitly and verifiably authorize one or more ASes to originate routes to that address space. Such verifiable authorizations could be used, for example, to more securely construct BGP route filters. This document is not an Internet Standards Track specification; it is published for informational purposes.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search