Securing Routing Policy Specification Language Objects with Resource Public Key Infrastructure Signatures
RFC 7909, “Securing Routing Policy Specification Language Objects with Resource Public Key Infrastructure Signatures”, is a Proposed Standard document published in June 2016 by R. Kisteleki, B. Haberman. It updates RFC 2622, RFC 4012. The canonical text is published by the RFC Editor.
Abstract
This document describes a method that allows parties to electronically sign Routing Policy Specification Language objects and validate such electronic signatures. This allows relying parties to detect accidental or malicious modifications of such objects. It also allows parties who run Internet Routing Registries or similar databases, but do not yet have authentication (based on Routing Policy System Security) of the maintainers of certain objects, to verify that the additions or modifications of such database objects are done by the legitimate holder(s) of the Internet resources mentioned in those objects. This document updates RFCs 2622 and 4012 to add the signature attribute to supported RPSL objects.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 7909 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 7908 Problem Definition and Classification of BGP Route Leaks
- RFC 7910 Interoperability between the Virtual Router Redundancy Protocol and PIM
- RFC 7911 Advertisement of Multiple Paths in BGP
- RFC 7906 NSA's Cryptographic Message Syntax Key Management Attributes
- RFC 7912 Message Authorizing Email Header Field and Its Use for the Draft and Release Procedure
- RFC 7905 ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
- RFC 7913 P-Access-Network-Info ABNF Update
- RFC 7904 A SIP Usage for REsource LOcation And Discovery