In order to verifiably validate the origin ASs of BGP announcements,
routers need a simple but reliable mechanism to receive RPKI
[I-D.ietf-sidr-arch] prefix origin data from a trusted cache. This
document describes a protocol to deliver validated prefix origin data
Working Group Summary
There was significant discussion on-list about authentication
protocols to be used between the 2 parties in play
(router/cache), this did wind down to a conclusion though,
which is a positive result. There was significant discussion
during and after IETF Last Call on the implications of
various TCP security models, and the draft has been
updated to reflect the conclusion of these discussions.
There are no concerns over the quality of the document.
As observed by reference in the document there are multiple
implementations of the protocol.
Chris Morrow is the Document Shepherd.
Stewart Bryant is the Responsible Area Director.