| Internet-Draft | RPKI PrefixList | March 2023 |
| Snijders & Huston | Expires 1 October 2023 | [Page] |
This document defines a "RPKI Prefix List", a Cryptographic Message Syntax (CMS) protected content type for use with the Resource Public Key Infrastructure (RPKI) to carry the complete list of prefixes which an Autonomous System (AS) may originate to all or any of its routing peers. The validation of a RPKI Prefix List confirms that the holder of the listed ASN produced the object, and that this list is a current, accurate and complete description of address prefixes that may be announced into the routing system originated by this AS.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 1 October 2023.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
This document defines an "RPKI Prefix List", a Cryptographic Message Syntax (CMS) [RFC5652] [RFC6268] protected content type to carry a list of IP prefixes and an Autonomous System Number. The list of prefixes describes the maximal set of prefixes that the Autonomous System MAY announce to any of its routing peers. The content is signed by the holder of the RPKI private key associated with the listed ASN.¶
RPKI Prefix Lists allow other RPKI-validating remote routing entities to audit the collection of announcements that have the subject ASN as the originating AS. Any prefixes originated by this AS not contained in a validated RPKI Prefix List SHOULD be regarded as invalid, but ultimately their consequent handling by the local routing entity that performed the audit function is a matter of local policy.¶
The intent of this object is to offer a RPKI-based successor to the [RFC2622] 'route-set' class objects used in Internet Routing Registries (IRRs). The semantics of the route-set and the RPKI Prefix List are similair. The difference is that the RPKI signature allows a relying party of be assured of the currency and authenticity of the Prefix List as a complete enumeration of all prefixes that may be announced as originating by this AS if the object can be validated by the RPKI.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
RPKI Prefix List objects follow the Signed Object Template for the RPKI [RFC6488].¶
The Certification Authority (CA) MUST sign only one PrefixList with each EE certificate and MUST generate a new key pair for each new PrefixList or PrefixList Opt-Out Listing. This type of EE certificate is termed a "one-time-use" EE certificate (see Section 3 of [RFC6487]).¶
A guideline for naming PrefixList is that the file name chosen in the repository be a value derived from the public key of the EE certificate. One such method of generating a publication name is described in Section 2.1 of [RFC4387]; convert the 160-bit hash of a EE's public key value into a 27-character string using a modified form of Base64 encoding, with an additional modification as proposed in Section 5, table 2, of [RFC4648].¶
The eContentType for an PrefixList is defined as id-ct-rpkiSignedPrefixList, with Object Identifier (OID) 1.2.840.113549.1.9.16.1.TBD.¶
This OID MUST appear within both the eContentType in the encapContentInfo object and the ContentType signed attribute in the signerInfo object (see [RFC6488]).¶
The content of an PrefixList is a list of IP address prefixes and a single ASN. An PrefixList is formally defined as follows:¶
RpkiSignedPrefixList-2023
{ iso(1) member-body(2) us(840) rsadsi(113549)
pkcs(1) pkcs9(9) smime(16) mod(0)
id-mod-rpkiSignedPrefixList-2023(TBD) }
DEFINITIONS EXPLICIT TAGS ::=
BEGIN
IMPORTS
CONTENT-TYPE
FROM CryptographicMessageSyntax-2010 -- in [RFC6268]
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
pkcs-9(9) smime(16) modules(0) id-mod-cms-2009(58) }
ct-rpkiSignedPrefixList CONTENT-TYPE ::=
{ TYPE RpkiSignedPrefixList
IDENTIFIED BY id-ct-rpkiSignedPrefixList }
id-ct-rpkiSignedPrefixList OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
pkcs-9(9) id-smime(16) id-ct(1) TBD }
RpkiSignedPrefixList ::= SEQUENCE {
version [0] INTEGER DEFAULT 0,
asID ASID,
prefixlist SEQUENCE (SIZE(1..2)) OF IPAddressFamily }
IPAddressFamily ::= SEQUENCE {
-- Note: addressFamily must be '0001'H (IPv4) or '0002'H (IPv6) --
addressFamily OCTET STRING (SIZE(2)),
addresses SEQUENCE (SIZE(1..MAX)) OF IPAddress
}
ASID ::= INTEGER (1..4294967295)
-- Note: if the ROAIPAddressFamily's addressFamily is IPv4, the --
-- IPAddress' size cannot exceed 32; conversely if addressFamily --
-- is IPv6, size can't exceed 128. --
IPAddress ::= BIT STRING (SIZE(0..128))
END
¶
The version number of the RpkiSignedPrefixList MUST be 0.¶
The Autonomous System Number contained here MUST be a contained within the set of AS Identifier resources listed by the EE certificate carried in the CMS certificates field.¶
This field contains a SEQUENCE of IPAddressFamily. There MUST be only one instance of IPAddressFamily per unique AFI. The IPAddressFamily structure MUST NOT appear more than twice. The IPAddressFamily elements MUST be ordered in ascending order by numeric value of the addressFamily field.¶
This field contains a SEQUENCE which contains one instance of addressFamily and one instance of addresses.¶
This field contains a OCTET STRING which is either '0001'H (IPv4) or '0002'H (IPv6).¶
This field contains a SEQUENCE of elements of type IPAddress. The IPAddress type is a BIT STRING, see Section 2.2.3.8 of [RFC3779] for more information.¶
To validate an PrefixList, the RP MUST perform all the validation checks specified in [RFC6488]. In addition, the RP MUST perform the following validation steps:¶
Multiple valid PrefixList objects could exist which contain the same asID. In such cases the union of address prefix members forms the complete set of members. It is highly RECOMMENDED that a compliant CA maintains a single PrefixList for a given asID.¶
If an AS holder publishes a PrefixList, then relying parties SHOULD assume that the list is complete for that originating AS, and the presence of any route with the same AS as the originating AS and an address prefix that is not included in the Prefix List implies that the route has been propagated within the routing system without the permission of the originating AS.¶
The construction of an 'allowlist' for a given EBGP session using RPKI PrefixList(s) compliments best practises [RFC7454] and rejecting RPKI-invalid BGP route announcements [RFC6811]. In other words, if a given BGP route is covered by a RPKI PrefixList, but also is "invalid" from a Route Origin Validation perspective, it is RECOMMENDED to reject the route announcement.¶
Relying Parties are warned that the data in an PrefixList is self-asserted by the AS holder. There is no implied authority from any IP prefix holder that grants the AS permission to originate a route for any prefixes. Such an authority is separately conveyed in the RPKI as a ROA.¶
While a one-time-use EE certificate must only be used to generate and sign a single PrefixList object, CAs technically are not restricted from generating and signing multiple different PrefixList objects with a single key pair. Any PrefixList objects sharing the same EE certificate cannot be revoked individually.¶
IANA is requested to allocated the following in the "SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)" registry:¶
| Decimal | Description | References |
|---|---|---|
| TBD | id-ct-rpkiSignedPrefixList | draft-spaghetti-sidrops-rpki-prefixlist |
IANA is requested to register two OIDs in the "RPKI Signed Objects" registry [RFC6488] as follows:¶
| Name | OID | Reference |
|---|---|---|
| Signed PrefixList | 1.2.840.113549.1.9.16.1.TBD | draft-spaghetti-sidrops-rpki-prefixlist |
IANA is requested to add the Signed PrefixList file extension to the "RPKI Repository Name Schemes" registry [RFC6481] as follows:¶
| Filename Extension | RPKI Object | Reference |
|---|---|---|
| .pfx | Signed PrefixList | draft-spaghetti-sidrops-rpki-prefixlist |
IANA is requested to allocate the following in the "SMI Security for S/MIME Module Identifier (1.2.840.113549.1.9.16.0)" registry:¶
| Decimal | Description | References |
|---|---|---|
| TBD | id-mod-rpkiSignedPrefixList-2023 | draft-spaghetti-sidrops-rpki-prefixlist |
IANA is requested to register the media type "application/rpki-prefixlist" in the "Media Types" registry as follows:¶
The authors wish to thank TBD TBD and TBD TBD for feedback.¶
Below an example of a DER encoded PrefixList eContent is provided with annotation following the '#' character.¶
$ cat << EOF | xxd -r -ps | openssl asn1parse -inform DER -i -dump
3081a202023cca30819b306d04020001306703040043ddf5030400a5fee1
030506a5feff00030400c093a8030400c22047030400c63a03030401cc02
1e030400d11800030400d11801030407d11880030404d11810030400d118
03030405d11820030402d11804030406d11840030403d11808030400d118
08302a04020002302403070120010418144e0307002001067c208c030700
200107fbfd040307002607fae00245
EOF
0:d=0 hl=3 l= 153 cons: SEQUENCE
3:d=1 hl=2 l= 2 prim: INTEGER :3CCA # AS 15562
7:d=1 hl=3 l= 146 cons: SEQUENCE
10:d=2 hl=2 l= 109 cons: SEQUENCE
12:d=3 hl=2 l= 2 prim: OCTET STRING
0000 - 00 01 .. # IPv4 AFI
16:d=3 hl=2 l= 103 cons: SEQUENCE
18:d=4 hl=2 l= 4 prim: BIT STRING
0000 - 00 43 dd f5 .C.. # 67.221.245.0/24
24:d=4 hl=2 l= 4 prim: BIT STRING
0000 - 00 a5 fe e1 .... # 165.254.225.0/24
30:d=4 hl=2 l= 5 prim: BIT STRING
0000 - 06 a5 fe ff .... # 165.254.255.0/26
0005 - <SPACES/NULS>
... snip ...
121:d=2 hl=2 l= 33 cons: SEQUENCE
123:d=3 hl=2 l= 2 prim: OCTET STRING
0000 - 00 02 ..
127:d=3 hl=2 l= 27 cons: SEQUENCE
129:d=4 hl=2 l= 7 prim: BIT STRING
0000 - 01 20 01 04 18 14 4e . ....N # 2001:418:144e::/47
138:d=4 hl=2 l= 7 prim: BIT STRING
0000 - 00 20 01 06 7c 20 8c . ..| . # 2001:67c:208c::/48
147:d=4 hl=2 l= 7 prim: BIT STRING
0000 - 00 20 01 07 fb fd 04 . ..... # 2001:7fb:fd04::/48
156:d=4 hl=2 l= 7 prim: BIT STRING
0000 - 00 26 07 fa e0 02 45 .&....E # 2607:fae0:245::/48
¶
This section is to be removed before publishing as an RFC.¶
This section records the status of known implementations of the protocol defined by this specification at the time of posting of this Internet-Draft, and is based on a proposal described in RFC 7942. The description of implementations in this section is intended to assist the IETF in its decision processes in progressing drafts to RFCs. Please note that the listing of any individual implementation here does not imply endorsement by the IETF. Furthermore, no effort has been spent to verify the information presented here that was supplied by IETF contributors. This is not intended as, and must not be construed to be, a catalog of available implementations or their features. Readers are advised to note that other implementations may exist.¶
According to RFC 7942, "this will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature. It is up to the individual working groups to use this information as they see fit".¶