RPKI Glossary
| AS | Autonomous Systems
|
| CA | Certification Authority
|
| A sample implementation of an IR database daemon.
| |
| IANA | Internet Assigned Numbers Authority,
responsible for the global coordination of the DNS Root, IP addressing,
and other Internet protocol resources.
|
| IRBE | Internet Registry Back-End, consisting of the
|
| IRDB | Internet Registry DataBase
|
| left-right protocol | The left-right protocol is two separate client/server protocols over
separate channels between the RPKI engine and the IRBE. The IRBE is the
client for one of the subprotocols; the RPKI engine is the client for
the other.
|
| The publication engine daemon.
| |
| RIR | Regional Internet Registry, an organization that manages the allocation
and registration of Internet number resources within a particular region of
the world.
|
| ROA | Route Origin Authorization
|
| A separate daemon for handling the root of an RPKI certificate tree.
This is a stripped-down version of
| |
| RP | Relying Party
|
| RPKI | Resource Public Key Infrastructure, allows IP address holders to specify
which Autonomous Systems are authorized to originate their IP address prefixes.
|
| RPKI CA Engine | Consists of the following programs:
|
| The main RPKI engine daemon.
| |
| A command line interface to control
| |
| up-down protocol | This is a provisioning protocol for certificate management interactions
between an Internet Number Resource issuer ("issuer") and an Internet Number
Resource recipient ("subject") The protocol supports certificate issuance,
certificate revocation, and certificate status information reports. The
protocol definition may be found in
RFC-6492.
|
| web GUI | A web-based graphical interface to control
|
This document is prepared under Contract Number HSHQDC-14-C-B0035 for DHS S&T CSD
Sections of this document are derived or taken verbatim from Dragon Research Lab's RPKI Tools Manual.
Copyright (c) 2015, Parsons, Inc
All rights reserved