draft-ietf-sidr-iana-objects-03.txt   rfc6491.txt 
Network Working Group T. Manderson Internet Engineering Task Force (IETF) T. Manderson
Internet-Draft L. Vegoda Request for Comments: 6491 L. Vegoda
Intended status: Standards Track ICANN Category: Standards Track ICANN
Expires: November 12, 2011 S. Kent ISSN: 2070-1721 S. Kent
BBN BBN
May 11, 2011 February 2012
RPKI Objects issued by IANA Resource Public Key Infrastructure (RPKI) Objects Issued by IANA
draft-ietf-sidr-iana-objects-03.txt
Abstract Abstract
This document provides specific direction to IANA as to the Resource This document provides specific direction to IANA as to the Resource
Public Key Infrastructure (RPKI) objects it should issue. Public Key Infrastructure (RPKI) objects it should issue.
Status of this Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering This is an Internet Standards Track document.
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on November 12, 2011. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6491.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3
3. Required Reading . . . . . . . . . . . . . . . . . . . . . . . 5 3. Required Reading . . . . . . . . . . . . . . . . . . . . . . . 3
4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 3
5. Reserved Resources . . . . . . . . . . . . . . . . . . . . . . 7 5. Reserved Resources . . . . . . . . . . . . . . . . . . . . . . 4
6. Unallocated Resources . . . . . . . . . . . . . . . . . . . . 8 6. Unallocated Resources . . . . . . . . . . . . . . . . . . . . 4
7. Special Purpose Registry Resources . . . . . . . . . . . . . . 9 7. Special Purpose Registry Resources . . . . . . . . . . . . . . 4
8. Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . 10 8. Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . 5
9. Informational Objects . . . . . . . . . . . . . . . . . . . . 11 9. Informational Objects . . . . . . . . . . . . . . . . . . . . 5
10. Certificates and CRLs . . . . . . . . . . . . . . . . . . . . 12 10. Certificates and Certificate Revocation Lists (CRLs) . . . . . 5
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
12. Security Considerations . . . . . . . . . . . . . . . . . . . 14 12. Security Considerations . . . . . . . . . . . . . . . . . . . 6
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6
14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
14.1. Normative References . . . . . . . . . . . . . . . . . . 16 14.1. Normative References . . . . . . . . . . . . . . . . . . 6
14.2. Informative References . . . . . . . . . . . . . . . . . 16 14.2. Informative References . . . . . . . . . . . . . . . . . 7
Appendix A. IANA Reserved IPv4 Address Blocks . . . . . . . . . . 19 Appendix A. IANA Reserved IPv4 Address Blocks . . . . . . . . . . 10
Appendix B. IANA Reserved IPv6 Address Blocks . . . . . . . . . . 20 Appendix B. IANA Reserved IPv6 Address Blocks . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 22
1. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
2. Introduction 1. Introduction
An Infrastructure to Support Secure Internet Routing "An Infrastructure to Support Secure Internet Routing" [RFC6480]
[I-D.ietf-sidr-arch] directs IANA [RFC2860] to issue Resource Public directs IANA [RFC2860] to issue Resource Public Key Infrastructure
Key Infrastructure (RPKI) objects for which it is authoritative. (RPKI) objects for which it is authoritative. This document
This document describes the objects IANA will issue. If IANA is describes the objects IANA will issue. If IANA is directed to issue
directed to issue additional RPKI objects in future, this document additional RPKI objects in future, this document will be revised and
will be revised and a new version issued. a new version issued.
The signed objects described here that IANA will issue are the The signed objects described here that IANA will issue are the
unallocated, reserved, special use IPv4 and IPv6 address blocks, and unallocated, reserved, special use IPv4 and IPv6 address blocks, and
the unallocated and reserved Autonomous System numbers. These number the unallocated and reserved Autonomous System numbers. These number
resources are managed by IANA for the IETF, and thus IANA bears the resources are managed by IANA for the IETF; thus, IANA bears the
responsibility of issuing the corresponding RPKI objects. The reader responsibility of issuing the corresponding RPKI objects. The reader
is encouraged to consider the technical effects on the public routing is encouraged to consider the technical effects on the public routing
system of the signed object issuance proposed for IANA in this system of the signed object issuance proposed for IANA in this
document. document.
This document does not deal with BGP [RFC4271] routing systems as This document does not deal with BGP [RFC4271] routing systems, as
those are under the policy controls of the organizations that operate those are under the policy controls of the organizations that operate
them. Readers are directed to Local Trust Anchor Management for the them. Readers are directed to "Local Trust Anchor Management for the
Resource Public Key Infrastructure [I-D.ietf-sidr-ltamgmt] for a Resource Public Key Infrastructure" [TA-MGMT] for a description of
description of how to locally override IANA issued objects, e.g. to how to locally override IANA issued objects, e.g., to enable use of
enable use of unallocated, reserved, and special use IPv4 and IPv6 unallocated, reserved, and special use IPv4 and IPv6 address blocks
address blocks in a local context. in a local context.
The direction to IANA contained herein follows the ideal that it The direction to IANA contained herein follows the ideal that it
should represent the ideal technical behavior for registry, and should represent the ideal technical behavior for registry and
related registry, actions. related registry actions.
2. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. Required Reading 3. Required Reading
Readers should be familiar with the RPKI, the RPKI Repository Readers should be familiar with the RPKI, the RPKI repository
Structure, and the various RPKI objects, uses and interpretations structure, and the various RPKI objects, uses, and interpretations
described in the following: [I-D.ietf-sidr-arch], described in the following: [RFC6480], [RFC6487], [RFC6482],
[I-D.ietf-sidr-res-certs], [I-D.ietf-sidr-roa-format], [RFC6493], [TA-MGMT], [RFC6483], [RPKI-USE], [RFC6484], and
[I-D.ietf-sidr-ghostbusters], [I-D.ietf-sidr-ltamgmt], [RFC6486].
[I-D.ietf-sidr-roa-validation], [I-D.ietf-sidr-usecases],
[I-D.ietf-sidr-cp], and [I-D.ietf-sidr-rpki-manifests].
NOTE: The addresses used in this document are not example addresses Note: The addresses used in this document are not example addresses;
therefore they are not compliant with [RFC3849], [RFC5735], and therefore, they are not compliant with [RFC3849], [RFC5735], and
[RFC5771]. This is intentional as the practices described in this [RFC5771]. This is intentional, as the practices described in this
document are directed to specific instances of real world addresses. document are directed to specific instances of real world addresses.
4. Definitions 4. Definitions
Internet Number Resources (INR): The number identifiers for IPv4 Internet Number Resources (INR): The number identifiers for IPv4
[RFC0791] and IPv6 [RFC2460] addresses, and for Autonomous Systems. [RFC0791] and IPv6 [RFC2460] addresses, and for Autonomous Systems
(ASes).
IANA: Internet Assigned Numbers Authority (a traditional name, used IANA: Internet Assigned Numbers Authority (a traditional name, used
here to refer to the technical team making and publishing the here to refer to the technical team making and publishing the
assignments of Internet protocol technical parameters). The assignments of Internet protocol technical parameters). The
technical team of IANA is currently a part of ICANN [RFC2860]. technical team of IANA is currently a part of ICANN [RFC2860].
RPKI: Resource Public Key Infrastructure. A Public Key RPKI: Resource Public Key Infrastructure. A Public Key
Infrastructure designed to provide a secure basis for assertions Infrastructure designed to provide a secure basis for assertions
about holdings of Internet numeric resources. Certificates issued about holdings of Internet number resources. Certificates issued
under the RPKI contain additional attributes that identify IPv4, under the RPKI contain additional attributes that identify IPv4,
IPv6, and Autonomous System Number (ASN) resources IPv6, and Autonomous System number resources [RFC6480].
[I-D.ietf-sidr-arch].
ROA: Route Origination Authorization. A ROA is an RPKI object that ROA: Route Origination Authorization. A ROA is an RPKI object that
enables the holder of the address prefix to specify an AS that is enables the holder of the address prefix to specify an AS that is
permitted to originate (in BGP) routes for that prefix permitted to originate (in BGP) routes for that prefix [RFC6482].
[I-D.ietf-sidr-roa-format].
AS0 ROA: A ROA containing a value of 0 in the ASID field. Validation AS 0 ROA: A ROA containing a value of 0 in the ASID field.
of Route Origination using the Resource Certificate PKI and ROAs "Validation of Route Origination Using the Resource Certificate
[I-D.ietf-sidr-roa-validation] states "A ROA with a subject of AS0 Public Key Infrastructure (PKI) and Route Origination Authorizations
(AS0-ROA) is an attestation by the holder of a prefix that the prefix (ROAs)" [RFC6483] states "A ROA with a subject of AS 0 (AS 0 ROA) is
described in the ROA, and any more specific prefix, should not be an attestation by the holder of a prefix that the prefix described in
used in a routing context." the ROA, and any more specific prefix, should not be used in a
routing context."
"Not intended to be (publicly) routed": This phrase refers to "Not intended to be (publicly) routed": This phrase refers to
prefixes that are not meant to be represented in the global Internet prefixes that are not meant to be represented in the global Internet
routing table (for example 192.168/16, [RFC1918]). routing table (for example 192.168/16 [RFC1918]).
5. Reserved Resources 5. Reserved Resources
Reserved IPv4 and IPv6 resources are held back for various reasons by Reserved IPv4 and IPv6 resources are held back for various reasons by
IETF action. Generally such resources are not intended to be IETF action. Generally, such resources are not intended to be
globally routed. An example of such a reservation is 127.0.0.0/8 globally routed. An example of such a reservation is 127.0.0.0/8
[RFC5735]. See Appendix A (Appendix A) and B (Appendix B) for IANA [RFC5735]. See Appendixes A and B for IANA reserved resources.
reserved resources.
IANA SHOULD issue an AS0 ROA for all reserved IPv4 and IPv6 resources IANA SHOULD issue an AS 0 ROA for all reserved IPv4 and IPv6
not intended to be routed. The selection of the [RFC2119] resources not intended to be routed. The selection of the [RFC2119]
terminology is intentional as there may be situations where the ASO terminology is intentional as there may be situations where the AS 0
ROA is removed or not issued prior to an IANA registry action. It is ROA is removed or not issued prior to an IANA registry action. It is
not appropriate to place IANA into a situation where, through normal not appropriate to place IANA into a situation where, through normal
interal operations, its bahavior contradicts IETF standards. internal operations, its behavior contradicts IETF standards.
There are a small number of reserved resources that are intended to There are a small number of reserved resources that are intended to
be routed, for example 192.88.99.0/24 [RFC3068]. See Appendix A be routed, for example 192.88.99.0/24 [RFC3068]. See Appendixes A
(Appendix A) and B (Appendix B) for IANA reserved resources. and B for IANA reserved resources.
IANA MUST NOT issue any ROAs (AS0 or otherwise) for reserved IANA MUST NOT issue any ROAs (AS 0 or otherwise) for reserved
resources that are expected to be globally routed. resources that are expected to be globally routed.
6. Unallocated Resources 6. Unallocated Resources
Internet Number Resources that have not yet been allocated for Internet Number Resources that have not yet been allocated for
special purposes [RFC5736], to Regional Internet Registries (RIRs), special purposes [RFC5736], to Regional Internet Registries (RIRs),
or to others are considered as not intended to be globally routed. or to others are considered as not intended to be globally routed.
IANA SHOULD issue an AS0 ROA for all Unallocated Resources. The IANA SHOULD issue an AS 0 ROA for all Unallocated Resources. The
selection of the [RFC2119] terminology is intentional as there may be selection of the [RFC2119] terminology is intentional as there may be
situations where the ASO ROA is removed or not issued prior to an situations where the AS 0 ROA is removed or not issued prior to an
IANA registry action. It is not appropriate to place IANA into a IANA registry action. It is not appropriate to place IANA into a
situation where, through normal interal operations, its bahavior situation where, through normal internal operations, its behavior
contradicts IETF standards. contradicts IETF standards.
7. Special Purpose Registry Resources 7. Special Purpose Registry Resources
Special Registry Resources [RFC5736] fall into one of two categories Special Registry Resources [RFC5736] fall into one of two categories
in terms of routing. Either the resource is intended to be seen in in terms of routing. Either the resource is intended to be seen in
the global Internet routing table in some fashion, or it isn't. An the global Internet routing table in some fashion, or it isn't. An
example of a special purpose registry INR that is intended for global example of a Special Registry Resources INR that is intended for
routing is 2001:0000::/32 [RFC4380]. An example of an INR not global routing is 2001::/32 [RFC4380]. An example of an INR not
intended to be seen would be 2001:002::/48 [RFC5180]. intended to be seen would be 2001:002::/48 [RFC5180].
IANA MUST NOT issue any ROAs (AS0 or otherwise) for Special Purpose IANA MUST NOT issue any ROAs (AS 0 or otherwise) for Special Purpose
Registry Resources that are intended to be globally routed. Registry Resources that are intended to be globally routed.
IANA SHOULD issue an AS0 ROA for Special Purpose Registry Resources IANA SHOULD issue an AS 0 ROA for Special Purpose Registry Resources
that are not intended to be globally routed. that are not intended to be globally routed.
8. Multicast 8. Multicast
Within the IPv4 Multicast [RFC5771] and IPv6 Multicast [RFC4291] Within the IPv4 multicast [RFC5771] and IPv6 multicast [RFC4291]
registries there are a number of Multicast registrations that are not registries there are a number of Multicast registrations that are not
intended to be globally routed. intended to be globally routed.
IANA MUST issue an AS0 ROA covering the following IPv4 and IPv6 IANA MUST issue an AS 0 ROA covering the following IPv4 and IPv6
multicast INRs: multicast INRs:
IPv4: IPv4:
- Local Network Control Block - Local Network Control Block
224.0.0.0 - 224.0.0.255 (224.0.0/24) 224.0.0.0 - 224.0.0.255 (224.0.0/24)
- IANA Reserved portions of RESERVED - IANA Reserved portions of RESERVED
224.1.0.0-224.1.255.255 (224.1/16) 224.1.0.0-224.1.255.255 (224.1/16)
- RESERVED - RESERVED
224.5.0.0-224.251.255.255 (251 /16s) 224.5.0.0-224.251.255.255 (251 /16s)
225.0.0.0-231.255.255.255 (7 /8s) 225.0.0.0-231.255.255.255 (7 /8s)
IPv6: IPv6:
- Node-Local Scope Multicast Addresses - Node-Local Scope Multicast Addresses
- Link-Local Scope Multicast Addresses - Link-Local Scope Multicast Addresses
IANA MUST NOT issue any ROAs (AS0 or otherwise) for any other IANA MUST NOT issue any ROAs (AS 0 or otherwise) for any other
multicast addresses unless directed by an IESG approved standards multicast addresses unless directed by an IESG-approved Standards
track document with an appropriate IANA Considerations section. Track document with an appropriate IANA Considerations section.
9. Informational Objects 9. Informational Objects
One informational object that can exist at a publication point of an One informational object that can exist at a publication point of an
RPKI repository is the Ghostbusters Record RPKI repository is the Ghostbusters Record [RFC6493].
[I-D.ietf-sidr-ghostbusters].
IANA MUST issue a ghostbusters object appropriate in content for the IANA MUST issue a ghostbusters object appropriate in content for the
resources IANA maintains. resources IANA maintains.
10. Certificates and CRLs 10. Certificates and Certificate Revocation Lists (CRLs)
Before IANA can issue a ROA it MUST first establish an RPKI Before IANA can issue a ROA, it MUST first establish an RPKI
Certification Authority (CA) that covers unallocated, reserved, and Certification Authority (CA) that covers unallocated, reserved, and
special use INRs. A CA that covers these INRs MUST contain contain special use INRs. A CA that covers these INRs MUST contain RFC 3379
RFC 3379 extensions [RFC3779] for those corresponding number extensions [RFC3779] for those corresponding number resources in its
resources in its Certificate. This CA MUST issue single-use End certificate. This CA MUST issue single-use end-entity (EE)
Entity (EE) certificates for each ROA that it generates. The EE certificates for each ROA that it generates. The EE certificate will
certificate will conform to the Resource Certificate Profile conform to the Resource Certificate Profile [RFC6487] and the
[I-D.ietf-sidr-res-certs] and the additional constraints specified in additional constraints specified in [RFC6482]. IANA MUST maintain a
[I-D.ietf-sidr-roa-format]. IANA MUST maintain a publication point publication point for this CA's use and MUST publish manifests
for this CA's use and MIUST publish manifests [RFC6486] (with its corresponding EE certificate) for this
[I-D.ietf-sidr-rpki-manifests] (with its corresponding EE publication point. IANA MUST issue a CRL under this CA certificate
certificate) for this publication point. IANA MUST issue a for the EE certificates noted above. All objects issued by this CA
Certificate Revocation List (CRL) under this CA certificate for the will conform to the RPKI Certificate Policy [RFC6484].
EE certificates noted above. All objects issued by this CA will
conform to the RPKI Certificate Policy [I-D.ietf-sidr-cp].
11. IANA Considerations 11. IANA Considerations
This document directs IANA to issue, or refrain from issuing, the This document directs IANA to issue, or refrain from issuing, the
specific RPKI objects described here for the current set of reserved, specific RPKI objects described here for the current set of reserved,
unallocated, and special registry Internet Number Resources. Further unallocated, and special registry Internet Number Resources.
IANA MUST notify all other INR registries that RPKI objects have been Further, IANA MUST notify all other INR registries that RPKI objects
issued for the Internet Number Resources described in this document have been issued for the Internet Number Resources described in this
to avoid the potential for issuance of duplicate objects that might document to avoid the potential for issuance of duplicate objects
confuse relying parties. that might confuse relying parties.
12. Security Considerations 12. Security Considerations
This document does not alter the security profile of the RPKI from This document does not alter the security profile of the RPKI from
that already discussed in SIDR-WG documents. that already discussed in SIDR WG documents.
13. Acknowledgements 13. Acknowledgements
The authors acknowledge Dave Meyer for helpful direction with regard The authors acknowledge Dave Meyer for helpful direction with regard
to multicast assignments. to multicast assignments.
14. References 14. References
14.1. Normative References 14.1. Normative References
[I-D.ietf-sidr-arch] [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Lepinski, M. and S. Kent, "An Infrastructure to Support Requirement Levels", BCP 14, RFC 2119, March 1997.
Secure Internet Routing", draft-ietf-sidr-arch-12 (work in
progress), February 2011.
[I-D.ietf-sidr-cp] [RFC6480] Lepinski, M. and S. Kent, "An Infrastructure to Support
Kent, S., Kong, D., Seo, K., and R. Watro, "Certificate Secure Internet Routing", RFC 6480, February 2012.
Policy (CP) for the Resource PKI (RPKI",
draft-ietf-sidr-cp-17 (work in progress), April 2011.
[I-D.ietf-sidr-ghostbusters] [RFC6482] Lepinski, M., Kent, S., and D. Kong, "A Profile for Route
Bush, R., "The RPKI Ghostbusters Record", Origin Authorizations (ROAs)", RFC 6482, February 2012.
draft-ietf-sidr-ghostbusters-03 (work in progress),
March 2011.
[I-D.ietf-sidr-res-certs] [RFC6483] Huston, G. and G. Michaelson, "Validation of Route
Huston, G., Michaelson, G., and R. Loomans, "A Profile for Origination Using the Resource Certificate Public Key
X.509 PKIX Resource Certificates", Infrastructure (PKI) and Route Origin Authorizations
draft-ietf-sidr-res-certs-22 (work in progress), May 2011. (ROAs)", RFC 6483, February 2012.
[I-D.ietf-sidr-roa-format] [RFC6484] Kent, S., Kong, D., Seo, K., and R. Watro, "Certificate
Lepinski, M., Kent, S., and D. Kong, "A Profile for Route Policy (CP) for the Resource Public Key Infrastructure
Origin Authorizations (ROAs)", (RPKI)", BCP 173, RFC 6484, February 2012.
draft-ietf-sidr-roa-format-12 (work in progress),
May 2011.
[I-D.ietf-sidr-roa-validation] [RFC6486] Austein, R., Huston, G., Kent, S., and M. Lepinski,
Huston, G. and G. Michaelson, "Validation of Route "Manifests for the Resource Public Key Infrastructure
Origination using the Resource Certificate PKI and ROAs", (RPKI)", RFC 6486, February 2012.
draft-ietf-sidr-roa-validation-10 (work in progress),
November 2010.
[I-D.ietf-sidr-rpki-manifests] [RFC6487] Huston, G., Michaelson, G., and R. Loomans, "A Profile
Austein, R., Huston, G., Kent, S., and M. Lepinski, for X.509 PKIX Resource Certificates", RFC 6487,
"Manifests for the Resource Public Key Infrastructure", February 2012.
draft-ietf-sidr-rpki-manifests-11 (work in progress),
May 2011. [RFC6493] Bush, R., "The Resource Public Key Infrastructure (RPKI)
Ghostbusters Record", RFC 6493, February 2012.
14.2. Informative References 14.2. Informative References
[I-D.ietf-sidr-ltamgmt] [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
Kent, S. and M. Reynolds, "Local Trust Anchor Management September 1981.
for the Resource Public Key Infrastructure",
draft-ietf-sidr-ltamgmt-00 (work in progress),
November 2010.
[I-D.ietf-sidr-usecases] [RFC0919] Mogul, J., "Broadcasting Internet Datagrams", STD 5,
Manderson, T., Sriram, K., and R. White, "Use Cases and RFC 919, October 1984.
interpretation of RPKI objects for issuers and relying
parties", draft-ietf-sidr-usecases-01 (work in progress),
December 2010.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, [RFC0922] Mogul, J., "Broadcasting Internet datagrams in the
September 1981. presence of subnets", STD 5, RFC 922, October 1984.
[RFC0919] Mogul, J., "Broadcasting Internet Datagrams", STD 5, [RFC1112] Deering, S., "Host extensions for IP multicasting",
RFC 919, October 1984. STD 5, RFC 1112, August 1989.
[RFC0922] Mogul, J., "Broadcasting Internet datagrams in the [RFC1122] Braden, R., "Requirements for Internet Hosts -
presence of subnets", STD 5, RFC 922, October 1984. Communication Layers", STD 3, RFC 1122, October 1989.
[RFC1112] Deering, S., "Host extensions for IP multicasting", STD 5, [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G.,
RFC 1112, August 1989. and E. Lear, "Address Allocation for Private Internets",
BCP 5, RFC 1918, February 1996.
[RFC1122] Braden, R., "Requirements for Internet Hosts - [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
Communication Layers", STD 3, RFC 1122, October 1989. (IPv6) Specification", RFC 2460, December 1998.
[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and [RFC2544] Bradner, S. and J. McQuaid, "Benchmarking Methodology for
E. Lear, "Address Allocation for Private Internets", Network Interconnect Devices", RFC 2544, March 1999.
BCP 5, RFC 1918, February 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2860] Carpenter, B., Baker, F., and M. Roberts, "Memorandum of
Requirement Levels", BCP 14, RFC 2119, March 1997. Understanding Concerning the Technical Work of the
Internet Assigned Numbers Authority", RFC 2860,
June 2000.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC3068] Huitema, C., "An Anycast Prefix for 6to4 Relay Routers",
(IPv6) Specification", RFC 2460, December 1998. RFC 3068, June 2001.
[RFC2544] Bradner, S. and J. McQuaid, "Benchmarking Methodology for [RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP
Network Interconnect Devices", RFC 2544, March 1999. Addresses and AS Identifiers", RFC 3779, June 2004.
[RFC2860] Carpenter, B., Baker, F., and M. Roberts, "Memorandum of [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix
Understanding Concerning the Technical Work of the Reserved for Documentation", RFC 3849, July 2004.
Internet Assigned Numbers Authority", RFC 2860, June 2000.
[RFC3068] Huitema, C., "An Anycast Prefix for 6to4 Relay Routers", [RFC3879] Huitema, C. and B. Carpenter, "Deprecating Site Local
RFC 3068, June 2001. Addresses", RFC 3879, September 2004.
[RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP [RFC3927] Cheshire, S., Aboba, B., and E. Guttman, "Dynamic
Addresses and AS Identifiers", RFC 3779, June 2004. Configuration of IPv4 Link-Local Addresses", RFC 3927,
May 2005.
[RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Reserved for Documentation", RFC 3849, July 2004. Addresses", RFC 4193, October 2005.
[RFC3879] Huitema, C. and B. Carpenter, "Deprecating Site Local [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway
Addresses", RFC 3879, September 2004. Protocol 4 (BGP-4)", RFC 4271, January 2006.
[RFC3927] Cheshire, S., Aboba, B., and E. Guttman, "Dynamic [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Configuration of IPv4 Link-Local Addresses", RFC 3927, Architecture", RFC 4291, February 2006.
May 2005.
[RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway [RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through
Protocol 4 (BGP-4)", RFC 4271, January 2006. Network Address Translations (NATs)", RFC 4380,
February 2006.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4843] Nikander, P., Laganier, J., and F. Dupont, "An IPv6
Architecture", RFC 4291, February 2006. Prefix for Overlay Routable Cryptographic Hash
Identifiers (ORCHID)", RFC 4843, April 2007.
[RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through [RFC5180] Popoviciu, C., Hamza, A., Van de Velde, G., and D.
Network Address Translations (NATs)", RFC 4380, Dugatkin, "IPv6 Benchmarking Methodology for Network
February 2006. Interconnect Devices", RFC 5180, May 2008.
[RFC4843] Nikander, P., Laganier, J., and F. Dupont, "An IPv6 Prefix [RFC5735] Cotton, M. and L. Vegoda, "Special Use IPv4 Addresses",
for Overlay Routable Cryptographic Hash Identifiers BCP 153, RFC 5735, January 2010.
(ORCHID)", RFC 4843, April 2007.
[RFC5180] Popoviciu, C., Hamza, A., Van de Velde, G., and D. [RFC5736] Huston, G., Cotton, M., and L. Vegoda, "IANA IPv4 Special
Dugatkin, "IPv6 Benchmarking Methodology for Network Purpose Address Registry", RFC 5736, January 2010.
Interconnect Devices", RFC 5180, May 2008.
[RFC5735] Cotton, M. and L. Vegoda, "Special Use IPv4 Addresses", [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address
BCP 153, RFC 5735, January 2010. Blocks Reserved for Documentation", RFC 5737,
January 2010.
[RFC5736] Huston, G., Cotton, M., and L. Vegoda, "IANA IPv4 Special [RFC5771] Cotton, M., Vegoda, L., and D. Meyer, "IANA Guidelines
Purpose Address Registry", RFC 5736, January 2010. for IPv4 Multicast Address Assignments", BCP 51,
RFC 5771, March 2010.
[RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks [RPKI-USE] Manderson, T., Sriram, K., and R. White, "Use Cases and
Reserved for Documentation", RFC 5737, January 2010. Interpretation of RPKI Objects for Issuers and Relying
Parties", Work in Progress, October 2011.
[RFC5771] Cotton, M., Vegoda, L., and D. Meyer, "IANA Guidelines for [TA-MGMT] Reynolds, M. and S. Kent, "Local Trust Anchor Management
IPv4 Multicast Address Assignments", BCP 51, RFC 5771, for the Resource Public Key Infrastructure", Work
March 2010. in Progress, December 2011.
Appendix A. IANA Reserved IPv4 Address Blocks Appendix A. IANA Reserved IPv4 Address Blocks
This list of Address Space and RFCs was correct at the time of This list of Address Space and RFCs was correct at the time of
writing writing this document.
IPv4 Address Blocks and the RFCs which direct IANA to Reserve them
+--------------------+------------------------------------+---------+ +--------------------+------------------------------------+---------+
| Prefix | RFC | TBR | | Prefix | RFC | TBR |
+--------------------+------------------------------------+---------+ +--------------------+------------------------------------+---------+
| 0.0.0.0/8 | RFC1122, Section 3.2.1.3 | No | | 0.0.0.0/8 | [RFC1122], Section 3.2.1.3 | No |
| | | | | 10.0.0.0/8 | [RFC1918] | No |
| 10.0.0.0/8 | RFC1918 | No | | 127.0.0.0/8 | [RFC1122], Section 3.2.1.3 | No |
| | | | | 169.254.0.0/16 | [RFC3927] | No |
| 127.0.0.0/8 | RFC1122, Section 3.2.1.3 | No | | 172.16.0.0/12 | [RFC1918] | No |
| | | | | 192.0.0.0/24 | [RFC5736] | Various |
| 169.254.0.0/16 | RFC3927 | No | | 192.0.2.0/24 | [RFC5737] | No |
| | | | | 192.88.99.0/24 | [RFC3068] | Yes |
| 172.16.0.0/12 | RFC1918 | No | | 192.168.0.0/16 | [RFC1918] | No |
| | | | | 198.18.0.0/15 | [RFC2544] | No |
| 192.0.0.0/24 | RFC5736 | Various | | 198.51.100.0/24 | [RFC5737] | No |
| | | | | 203.0.113.0/24 | [RFC5737] | No |
| 192.0.2.0/24 | RFC5737 | No | | 224.0.0.0/4 | [RFC5771] | No |
| | | | | 240.0.0.0/4 | [RFC1112], Section 4 | No |
| 192.88.99.0/24 | RFC3068 | Yes | | 255.255.255.255/32 | [RFC0919], Section 7 and | No |
| | | | | | [RFC0922], Section 7 | |
| 192.168.0.0/16 | RFC1918 | No |
| | | |
| 198.18.0.0/15 | RFC2544 | No |
| | | |
| 198.51.100.0/24 | RFC5737 | No |
| | | |
| 203.0.113.0/24 | RFC5737 | No |
| | | |
| 224.0.0.0/4 | RFC5771 | No |
| | | |
| 240.0.0.0/4 | RFC1112, Section 4 | No |
| | | |
| 255.255.255.255/32 | RFC919, Section 7 and RFC922, | No |
| | Section 7 | |
+--------------------+------------------------------------+---------+ +--------------------+------------------------------------+---------+
TBR: To Be Routed, the intention of the RFC pertaining to the address TBR: To Be Routed, the intention of the RFC pertaining to the
block. address block.
Table 1 Table 1: IPv4 Address Blocks and
the RFCs that Direct IANA to Reserve Them
Appendix B. IANA Reserved IPv6 Address Blocks Appendix B. IANA Reserved IPv6 Address Blocks
This list of Address Space and RFCs was correct at the time of This list of Address Space and RFCs was correct at the time of
writing writing this document.
IPv6 Address Blocks and the RFCs which direct IANA to Reserve them
+----------------+---------+-----+ +----------------+-----------+-----+
| Prefix | RFC | TBR | | Prefix | RFC | TBR |
+----------------+---------+-----+ +----------------+-----------+-----+
| 0000::/8 | RFC4291 | No | | 0000::/8 | [RFC4291] | No |
| | | | | 0100::/8 | [RFC4291] | No |
| 0100::/8 | RFC4291 | No | | 0200::/7 | [RFC4291] | No |
| | | | | 0400::/6 | [RFC4291] | No |
| 0200::/7 | RFC4291 | No | | 0800::/5 | [RFC4291] | No |
| | | | | 1000::/4 | [RFC4291] | No |
| 0400::/6 | RFC4291 | No | | 4000::/3 | [RFC4291] | No |
| | | | | 6000::/3 | [RFC4291] | No |
| 0800::/5 | RFC4291 | No | | 8000::/3 | [RFC4291] | No |
| | | | | A000::/3 | [RFC4291] | No |
| 1000::/4 | RFC4291 | No | | C000::/3 | [RFC4291] | No |
| | | | | E000::/4 | [RFC4291] | No |
| 4000::/3 | RFC4291 | No | | F000::/5 | [RFC4291] | No |
| | | | | F800::/6 | [RFC4291] | No |
| 6000::/3 | RFC4291 | No | | FC00::/7 | [RFC4193] | No |
| | | | | FE00::/9 | [RFC4291] | No |
| 8000::/3 | RFC4291 | No | | FE80::/10 | [RFC4291] | No |
| | | | | FEC0::/10 | [RFC3879] | No |
| A000::/3 | RFC4291 | No | | FF00::/8 | [RFC4291] | No |
| | | | | 2001:0002::/48 | [RFC5180] | No |
| C000::/3 | RFC4291 | No | | 2001:10::/28 | [RFC4843] | No |
| | | | +----------------+-----------+-----+
| E000::/4 | RFC4291 | No |
| | | |
| F000::/5 | RFC4291 | No |
| | | |
| F800::/6 | RFC4291 | No |
| | | |
| FC00::/7 | RFC4193 | No |
| | | |
| FE00::/9 | RFC4291 | No |
| | | |
| FE80::/10 | RFC4291 | No |
| | | |
| FEC0::/10 | RFC3879 | No |
| | | |
| FF00::/8 | RFC4291 | No |
| | | |
| 2001:0002::/48 | RFC5180 | No |
| | | |
| 2001:10::/28 | RFC4843 | No |
+----------------+---------+-----+
TBR: To Be Routed, the intention of the RFC pertaining to the address TBR: To Be Routed, the intention of the RFC pertaining to the
block. address block.
Table 2 Table 2: IPv6 Address Blocks and
the RFCs that Direct IANA to Reserve Them
Authors' Addresses Authors' Addresses
Terry Manderson Terry Manderson
ICANN Internet Corporation for Assigned Names and Numbers
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
United States of America
Email: terry.manderson@icann.org Phone: +1-310-823-9358
EMail: terry.manderson@icann.org
URI: http://www.iana.org/
Leo Vegoda Leo Vegoda
ICANN Internet Corporation for Assigned Names and Numbers
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
United States of America
Email: leo.vegoda@icann.org Phone: +1-310-823-9358
EMail: leo.vegoda@icann.org
URI: http://www.iana.org/
Steve Kent Steve Kent
BBN BBN
Email: kent@bbn.com EMail: kent@bbn.com
 End of changes. 90 change blocks. 
317 lines changed or deleted 269 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/