Browse Prior Art Database

A Profile for X.509 PKIX Resource Certificates (RFC6487)

IP.com Disclosure Number: IPCOM000214747D
Publication Date: 2012-Feb-05
Document File: 64 page(s) / 69K

Publishing Venue

The IP.com Prior Art Database

Related People

G. Huston: AUTHOR [+3]

Abstract

This document defines a standard profile for X.509 certificates [X.509] for use in the context of certification of Internet Number Resources (INRs), i.e., IP Addresses and Autonomous System (AS) numbers. Such certificates are termed "resource certificates". A resource certificate is a certificate that conforms to the PKIX profile [RFC5280], and that conforms to the constraints specified in this profile. A resource certificate attests that the issuer has granted the subject a "right-of-use" for a listed set of IP addresses and/or Autonomous System numbers.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 4% of the total text.

Internet Engineering Task Force (IETF)                         G. Huston Request for Comments: 6487                                 G. Michaelson Category: Standards Track                                     R. Loomans ISSN: 2070-1721                                                    APNIC                                                            February 2012

              A Profile for X.509 PKIX Resource Certificates

Abstract

   This document defines a standard profile for X.509 certificates for    the purpose of supporting validation of assertions of "right-of-use"    of Internet Number Resources (INRs).  The certificates issued under    this profile are used to convey the issuer's authorization of the    subject to be regarded as the current holder of a "right-of-use" of    the INRs that are described in the certificate.  This document    contains the normative specification of Certificate and Certificate    Revocation List (CRL) syntax in the Resource Public Key    Infrastructure (RPKI).  This document also specifies profiles for the    format of certificate requests and specifies the Relying Party RPKI    certificate path validation procedure.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc6487.

Huston, et al.               Standards Track                    [Page 1]
 RFC 6487              Resource Certificate Profile         February 2012

 Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.  Code Components extracted from this document must    include Simplified BSD License text as described in Section 4.e of    the Trust Legal Provisions and are provided without warranty as    described in the Simplified BSD License.

Huston, et al.             ...