{"draft":"draft-ietf-sidrops-signed-tal-16","doc_id":"RFC9691","title":"A Profile for Resource Public Key Infrastructure (RPKI) Trust Anchor Keys (TAKs)","authors":["C. Martinez","G. Michaelson","T. Harrison","T. Bruijnzeels","R. Austein"],"format":["HTML","TEXT","PDF","XML"],"page_count":"19","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"SIDR Operations","abstract":"A Trust Anchor Locator (TAL) is used by Relying Parties (RPs) in the\r\nResource Public Key Infrastructure (RPKI) to locate and validate a\r\nTrust Anchor (TA) Certification Authority (CA) certificate used in\r\nRPKI validation. This document defines an RPKI signed object for a\r\nTrust Anchor Key (TAK).  A TAK object can be used by a TA to signal\r\nto RPs the location(s) of the accompanying CA certificate for the\r\ncurrent public key, as well as the successor public key and the\r\nlocation(s) of its CA certificate. This object helps to support\r\nplanned key rollovers without impacting RPKI validation.","pub_date":"December 2024","keywords":["security","cryptography","X.509"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9691","errata_url":null}