Resource Public Key Infrastructure Trust Anchor Locator
RFC 8630, “Resource Public Key Infrastructure Trust Anchor Locator”, is a Proposed Standard document published in August 2019 by G. Huston, S. Weiler, G. Michaelson, S. Kent, T. Bruijnzeels. It obsoletes RFC 7730. The canonical text is published by the RFC Editor.
Abstract
This document defines a Trust Anchor Locator (TAL) for the Resource Public Key Infrastructure (RPKI). The TAL allows Relying Parties in the RPKI to download the current Trust Anchor (TA) Certification Authority (CA) certificate from one or more locations and verify that the key of this self-signed certificate matches the key on the TAL. Thus, Relying Parties can be configured with TA keys but can allow these TAs to change the content of their CA certificate. In particular, it allows TAs to change the set of IP Address Delegations and/or Autonomous System Identifier Delegations included in the extension(s) (RFC 3779) of their certificate.
This document obsoletes the previous definition of the TAL as provided in RFC 7730 by adding support for Uniform Resource Identifiers (URIs) (RFC 3986) that use HTTP over TLS (HTTPS) (RFC 7230) as the scheme.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8630 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8629 Dynamic Link Exchange Protocol Multi-Hop Forwarding Extension
- RFC 8631 Link Relation Types for Web Services
- RFC 8628 OAuth 2.0 Device Authorization Grant
- RFC 8632 A YANG Data Model for Alarm Management
- RFC 8627 RTP Payload Format for Flexible Forward Error Correction
- RFC 8633 Network Time Protocol Best Current Practices
- RFC 8634 BGPsec Router Certificate Rollover
- RFC 8625 Ethernet Traffic Parameters with Availability Information