Search RFCs
RFC 6486
Manifests for the Resource Public Key Infrastructure (RPKI),February 2012
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 9286
- Authors:
- R. Austein
G. Huston
S. Kent
M. Lepinski - Stream:
- IETF
- Source:
- sidr (rtg)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC6486
Discuss this RFC: Send questions or comments to the mailing listsidr@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6486
Abstract
This document defines a "manifest" for use in the Resource Public KeyInfrastructure (RPKI). A manifest is a signed object (file) thatcontains a listing of all the signed objects (files) in therepository publication point (directory) associated with an authorityresponsible for publishing in the repository. For each certificate,Certificate Revocation List (CRL), or other type of signed objectsissued by the authority that are published at this repositorypublication point, the manifest contains both the name of the filecontaining the object and a hash of the file content. Manifests areintended to enable a relying party (RP) to detect certain forms ofattacks against a repository. Specifically, if an RP checks amanifest's contents against the signed objects retrieved from arepository publication point, then the RP can detect "stale" (valid)data and deletion of signed objects. [STANDARDS-TRACK]
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.