draft-ietf-sidr-ghostbusters-15.txt   draft-ietf-sidr-ghostbusters-16.txt 
Network Working Group R. Bush Network Working Group R. Bush
Internet-Draft Internet Initiative Japan Internet-Draft Internet Initiative Japan
Intended status: Standards Track October 17, 2011 Intended status: Standards Track December 29, 2011
Expires: April 19, 2012 Expires: July 1, 2012
The RPKI Ghostbusters Record The RPKI Ghostbusters Record
draft-ietf-sidr-ghostbusters-15 draft-ietf-sidr-ghostbusters-16
Abstract Abstract
In the Resource Public Key Infrastructure (RPKI), resource In the Resource Public Key Infrastructure (RPKI), resource
certificates completely obscure names or any other information which certificates completely obscure names or any other information which
might be useful for contacting responsible parties to deal with might be useful for contacting responsible parties to deal with
issues of certificate expiration, maintenance, roll-overs, issues of certificate expiration, maintenance, roll-overs,
compromises, etc. This draft describes the RPKI Ghostbusters Record compromises, etc. This draft describes the RPKI Ghostbusters Record
containing human contact information which may be verified containing human contact information which may be verified
(indirectly) by a CA certificate. The data in the record are those (indirectly) by a CA certificate. The data in the record are those
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 19, 2012. This Internet-Draft will expire on July 1, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 42 skipping to change at page 3, line 42
Note that the Ghostbusters Record is not an identity certificate, but Note that the Ghostbusters Record is not an identity certificate, but
rather an attestation to the contact data made by the maintainer of rather an attestation to the contact data made by the maintainer of
the CA certificate issuing the EE certificate whose corresponding the CA certificate issuing the EE certificate whose corresponding
private key signs the Ghostbusters Record. private key signs the Ghostbusters Record.
This record is not meant to supplant or be used as resource registry This record is not meant to supplant or be used as resource registry
whois data. It gives information about an RPKI CA certificate whois data. It gives information about an RPKI CA certificate
maintainer not a resource holder. maintainer not a resource holder.
The Ghostbusters Record is optional, CA certificates in the RPKI MAY The Ghostbusters Record is optional, CA certificates in the RPKI may
have zero or more associated Ghostbuster Records. have zero or more associated Ghostbuster Records.
Given a certificate, to find the closest Ghostbuster Record, go up Given a certificate, to find the closest Ghostbuster Record, go up
until a CA certificate is reached, which may be the object itself of until a CA certificate is reached, which may be the object itself of
course. That CA certificate will have an SIA to the publication course. That CA certificate will have an SIA to the publication
point where all subsidiary objects (until you hit a down-chain CA point where all subsidiary objects (until you hit a down-chain CA
certificate's signed objects) are published. The publication point certificate's signed objects) are published. The publication point
will contain zero or more Ghostbuster Records. will contain zero or more Ghostbuster Records.
This specification has three main sections. The first, Section 4, is This specification has three main sections. The first, Section 4, is
skipping to change at page 5, line 6 skipping to change at page 5, line 6
concern. concern.
The Ghostbusters vCard payload is a minimalist subset of the vCard as The Ghostbusters vCard payload is a minimalist subset of the vCard as
described in [RFC6350]. described in [RFC6350].
BEGIN - pro forma packaging which MUST be the first line in the BEGIN - pro forma packaging which MUST be the first line in the
vCard and MUST have the value "BEGIN:VCARD" as described in vCard and MUST have the value "BEGIN:VCARD" as described in
[RFC6350]. [RFC6350].
VERSION - pro forma packaging which MUST be the second line in the VERSION - pro forma packaging which MUST be the second line in the
vCard and MUST have the value "VERSION:4.0" as described in 3.6.9 vCard and MUST have the value "VERSION:4.0" as described in 3.7.9
of [RFC6350]. of [RFC6350].
FN - the name, as described in 6.2.1 of [RFC6350], of a contactable FN - the name, as described in 6.2.1 of [RFC6350], of a contactable
person or role who is responsible for the CA certificate. person or role who is responsible for the CA certificate.
ORG - an organization as described in 6.6.4 of [RFC6350]. ORG - an organization as described in 6.6.4 of [RFC6350].
ADR - a postal address as described in 6.3 of [RFC6350]. ADR - a postal address as described in 6.3 of [RFC6350].
TEL - a voice and/or fax phone as described in 6.4.1 of [RFC6350]. TEL - a voice and/or fax phone as described in 6.4.1 of [RFC6350].
 End of changes. 5 change blocks. 
6 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/