{"draft":"draft-ietf-sidrops-bgpsec-rollover-04","doc_id":"RFC8634","title":"BGPsec Router Certificate Rollover","authors":["B. Weis","R. Gagliano","K. Patel"],"format":["ASCII","HTML"],"page_count":"11","pub_status":"BEST CURRENT PRACTICE","status":"BEST CURRENT PRACTICE","source":"SIDR Operations","abstract":"Certification Authorities (CAs) within the Resource Public Key\r\nInfrastructure (RPKI) manage BGPsec router certificates as well as\r\nRPKI certificates.  The rollover of BGPsec router certificates must\r\nbe carefully performed in order to synchronize the distribution of\r\nrouter public keys with BGPsec UPDATE messages verified with those\r\nrouter public keys.  This document describes a safe rollover process,\r\nand it discusses when and why the rollover of BGPsec router\r\ncertificates is necessary.  When this rollover process is followed,\r\nthe rollover will be performed without routing information being\r\nlost.","pub_date":"August 2019","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":["BCP0224"],"doi":"10.17487\/RFC8634","errata_url":null}