draft-ietf-sidr-bgpsec-ops-15.txt		draft-ietf-sidr-bgpsec-ops-16.txt
	Network Working Group R. Bush		Network Working Group R. Bush
	Internet-Draft Internet Initiative Japan		Internet-Draft Internet Initiative Japan
	Intended status: Best Current Practice January 5, 2017		Intended status: Best Current Practice January 5, 2017
	Expires: July 9, 2017		Expires: July 9, 2017
	BGPsec Operational Considerations		BGPsec Operational Considerations
	draft-ietf-sidr-bgpsec-ops-15		draft-ietf-sidr-bgpsec-ops-16
	Abstract		Abstract
	Deployment of the BGPsec architecture and protocols has many		Deployment of the BGPsec architecture and protocols has many
	operational considerations. This document attempts to collect and		operational considerations. This document attempts to collect and
	present the most critical and universal. It is expected to evolve as		present the most critical and universal. It is expected to evolve as
	BGPsec is formalized and initially deployed.		BGPsec is formalized and initially deployed.
	Requirements Language		Requirements Language
	skipping to change at page 3, line 16 ¶		skipping to change at page 3, line 16 ¶
	It is assumed that the reader understands BGP, see [RFC4271], BGPsec,		It is assumed that the reader understands BGP, see [RFC4271], BGPsec,
	[I-D.ietf-sidr-bgpsec-protocol], the RPKI, see [RFC6480], the RPKI		[I-D.ietf-sidr-bgpsec-protocol], the RPKI, see [RFC6480], the RPKI
	Repository Structure, see [RFC6481], and Route Origin Authorizations		Repository Structure, see [RFC6481], and Route Origin Authorizations
	(ROAs), see [RFC6482].		(ROAs), see [RFC6482].
	3. RPKI Distribution and Maintenance		3. RPKI Distribution and Maintenance
	The considerations for RPKI objects (Certificates, Certificate		The considerations for RPKI objects (Certificates, Certificate
	Revocation Lists (CRLs), manifests, Ghostbusters Records [RFC6481]),		Revocation Lists (CRLs), manifests, Ghostbusters Records [RFC6481]),
	Trust Anchor Locators (TALs) [RFC6490], cache behaviours of		Trust Anchor Locators (TALs) [RFC7730], cache behaviours of
	synchronisation and validation from the section on RPKI Distribution		synchronisation and validation from the section on RPKI Distribution
	and Maintenance of [RFC7115] apply. Specific considerations relating		and Maintenance of [RFC7115] apply. Specific considerations relating
	to ROA objects do not apply to this document.		to ROA objects do not apply to this document.
	4. AS/Router Certificates		4. AS/Router Certificates
	As described in [I-D.ietf-sidr-rtr-keying] BGPsec-speaking routers		As described in [I-D.ietf-sidr-rtr-keying] BGPsec-speaking routers
	are capable of generating their own public/private key-pairs and		are capable of generating their own public/private key-pairs and
	having their certificates signed and published in the RPKI by the		having their certificates signed and published in the RPKI by the
	RPKI CA system, and/or are given public/private key-pairs by the		RPKI CA system, and/or are given public/private key-pairs by the
	skipping to change at page 8, line 5 ¶		skipping to change at page 8, line 5 ¶
	12.1. Normative References		12.1. Normative References
	[I-D.ietf-sidr-bgpsec-protocol]		[I-D.ietf-sidr-bgpsec-protocol]
	Lepinski, M., "BGPSEC Protocol Specification", draft-ietf-		Lepinski, M., "BGPSEC Protocol Specification", draft-ietf-
	sidr-bgpsec-protocol-07 (work in progress), February 2013.		sidr-bgpsec-protocol-07 (work in progress), February 2013.
	[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate		[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
	Requirement Levels", BCP 14, RFC 2119, March 1997.		Requirement Levels", BCP 14, RFC 2119, March 1997.
	[RFC6490] Huston, G., Weiler, S., Michaelson, G., and S. Kent,
	"Resource Public Key Infrastructure (RPKI) Trust Anchor
	Locator", RFC 6490, February 2012.
	[RFC6493] Bush, R., "The Resource Public Key Infrastructure (RPKI)		[RFC6493] Bush, R., "The Resource Public Key Infrastructure (RPKI)
	Ghostbusters Record", RFC 6493, February 2012.		Ghostbusters Record", RFC 6493, February 2012.
	[RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R.		[RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R.
	Austein, "BGP Prefix Origin Validation", RFC 6811, January		Austein, "BGP Prefix Origin Validation", RFC 6811, January
	2013.		2013.
	[RFC7115] Bush, R., "Origin Validation Operation Based on the		[RFC7115] Bush, R., "Origin Validation Operation Based on the
	Resource Public Key Infrastructure (RPKI)", BCP 185,		Resource Public Key Infrastructure (RPKI)", BCP 185,
	RFC 7115, DOI 10.17487/RFC7115, January 2014,		RFC 7115, DOI 10.17487/RFC7115, January 2014,
	<http://www.rfc-editor.org/info/rfc7115>.		<http://www.rfc-editor.org/info/rfc7115>.
			[RFC7730] Huston, G., Weiler, S., Michaelson, G., and S. Kent,
			"Resource Public Key Infrastructure (RPKI) Trust Anchor
			Locator", RFC 7730, DOI 10.17487/RFC7730, January 2016,
			<http://www.rfc-editor.org/info/rfc7730>.
	12.2. Informative References		12.2. Informative References
	[I-D.ietf-sidr-as-migration]		[I-D.ietf-sidr-as-migration]
	George, W. and S. Murphy, "BGPSec Considerations for AS		George, W. and S. Murphy, "BGPSec Considerations for AS
	Migration", draft-ietf-sidr-as-migration-06 (work in		Migration", draft-ietf-sidr-as-migration-06 (work in
	progress), December 2016.		progress), December 2016.
	[I-D.ietf-sidr-bgpsec-rollover]		[I-D.ietf-sidr-bgpsec-rollover]
	Gagliano, R., Patel, K., and B. Weis, "BGPSEC router key		Gagliano, R., Patel, K., and B. Weis, "BGPSEC router key
	rollover as an alternative to beaconing", draft-ietf-sidr-		rollover as an alternative to beaconing", draft-ietf-sidr-
End of changes. 4 change blocks.
	6 lines changed or deleted		7 lines changed or added
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/