Clarifications to BGP Origin Validation Based on Resource Public Key Infrastructure (RPKI)

September 27, 2018 at 04:04 · Filed under IETF, Routers & Routing, Security 

        RFC 8481

        Title:      Clarifications to BGP Origin Validation Based
                    on Resource Public Key Infrastructure (RPKI) 
        Author:     R. Bush
        Status:     Standards Track
        Stream:     IETF
        Date:       September 2018
        Mailbox:    randy@psg.com
        Pages:      5
        Characters: 9629
        Updates:    RFC 6811
        I-D Tag:    draft-ietf-sidrops-ov-clarify-05.txt
        URL:        https://www.rfc-editor.org/info/rfc8481
        DOI:        10.17487/RFC8481

Deployment of BGP origin validation based on Resource Public Key
Infrastructure (RPKI) is hampered by, among other things, vendor
misimplementations in two critical areas: which routes are validated
and whether policy is applied when not specified by configuration.
This document is meant to clarify possible misunderstandings causing
those misimplementations; it thus updates RFC 6811 by clarifying that
all prefixes should have their validation state set and that policy
must not be applied without operator configuration.

Comments are closed.