The RPKI Repository Delta Protocol
RFC 8182, “The RPKI Repository Delta Protocol”, is a Proposed Standard document published in July 2017 by T. Bruijnzeels, O. Muravskiy, B. Weber, R. Austein. It has since been updated by RFC 9674, RFC 9697. The canonical text is published by the RFC Editor.
Abstract
In the Resource Public Key Infrastructure (RPKI), Certificate Authorities (CAs) publish certificates, including end-entity certificates, Certificate Revocation Lists (CRLs), and RPKI signed objects to repositories. Relying Parties retrieve the published information from those repositories. This document specifies a new RPKI Repository Delta Protocol (RRDP) for this purpose. RRDP was specifically designed for scaling. It relies on an Update Notification File which lists the current Snapshot and Delta Files that can be retrieved using HTTPS (HTTP over Transport Layer Security (TLS)), and it enables the use of Content Distribution Networks (CDNs) or other caching infrastructures for the retrieval of these files.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8182 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8181 A Publication Protocol for the Resource Public Key Infrastructure
- RFC 8183 An Out-of-Band Setup Protocol for Resource Public Key Infrastructure Production Services
- RFC 8180 Minimal IPv6 over the TSCH Mode of IEEE 802.15.4e Configuration
- RFC 8184 Dual-Homing Protection for MPLS and the MPLS Transport Profile Pseudowires
- RFC 8179 Intellectual Property Rights in IETF Technology
- RFC 8185 Dual-Homing Coordination for MPLS Transport Profile Pseudowires Protection
- RFC 8178 Rules for NFSv4 Extensions and Minor Versions
- RFC 8186 Support of the IEEE 1588 Timestamp Format in a Two-Way Active Measurement Protocol