Resource Public Key Infrastructure Origin Validation for BGP Export
RFC 8893, “Resource Public Key Infrastructure Origin Validation for BGP Export”, is a Proposed Standard document published in September 2020 by R. Bush, R. Volk, J. Heitz. It updates RFC 6811. The canonical text is published by the RFC Editor.
Abstract
A BGP speaker may perform Resource Public Key Infrastructure (RPKI) origin validation not only on routes received from BGP neighbors and routes that are redistributed from other routing protocols, but also on routes it sends to BGP neighbors. For egress policy, it is important that the classification use the 'effective origin AS' of the processed route, which may specifically be altered by the commonly available knobs, such as removing private ASes, confederation handling, and other modifications of the origin AS. This document updates RFC 6811.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8893 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 8892 Guidelines and Registration Procedures for Interface Types and Tunnel Types
- RFC 8894 Simple Certificate Enrolment Protocol
- RFC 8891 GOST R 34.12-2015: Block Cipher "Magma"
- RFC 8895 Application-Layer Traffic Optimization Incremental Updates Using Server-Sent Events
- RFC 8890 The Internet is for End Users
- RFC 8896 Application-Layer Traffic Optimization Cost Calendar
- RFC 8889 Multipoint Alternate-Marking Method for Passive and Hybrid Performance Monitoring
- RFC 8897 Requirements for Resource Public Key Infrastructure Relying Parties