Search RFCs
RFC 9691
A Profile for Resource Public Key Infrastructure (RPKI) Trust Anchor Keys (TAKs),December 2024
- File formats:
- Also available:XML file for editing
- Status:
- PROPOSED STANDARD
- Authors:
- C. Martinez
G. Michaelson
T. Harrison
T. Bruijnzeels
R. Austein - Stream:
- IETF
- Source:
- sidrops (ops)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9691
Discuss this RFC: Send questions or comments to the mailing listsidrops@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9691
Abstract
A Trust Anchor Locator (TAL) is used by Relying Parties (RPs) in theResource Public Key Infrastructure (RPKI) to locate and validate aTrust Anchor (TA) Certification Authority (CA) certificate used inRPKI validation. This document defines an RPKI signed object for aTrust Anchor Key (TAK). A TAK object can be used by a TA to signalto RPs the location(s) of the accompanying CA certificate for thecurrent public key, as well as the successor public key and thelocation(s) of its CA certificate. This object helps to supportplanned key rollovers without impacting RPKI validation.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.