?? rfc2754.txt
字號:
組織:中國互動出版網(http://www.china-pub.com/)
RFC文檔中文翻譯計劃(http://www.china-pub.com/compters/emook/aboutemook.htm)
E-mail:ouyang@china-pub.com
譯者:牛韜(NT niutao@sohu.com) 王安鵬 (anpengwang )
譯文發布時間:2001-7-1
版權:本中文翻譯文檔版權歸中國互動出版網所有。可以用于非商業用途自由轉載,但必須
保留本文檔的翻譯及版權信息。
Network Working Group C. Alaettinoglu
Request for Comments: 2754 USC/ISI
Category: Informational C. Villamizar
Avici Systems
R. Govindan
USC/ISI
January 2000
RPS IANA的發布
(RFC2754—RPS IANA's Issues)
本備忘錄的狀態
本備忘錄為Internet社區提供資訊,但沒有定義任何Internet標準。本備忘錄的發布
不受限制。
版權宣告
Copyright (C) The Internet Society (2000). All Rights Reserved.
摘要
RPS加密[2]要求IRR的特定RPSL[1]對象以逐級授權。這個層級的根中的對象集必須創
建并通過IANA數字簽名。本文介紹了這些種子對象并列出了IANA要求的操作。
本文檔中的關鍵字“必須”、“不得”、“要求的”、“應”、“不應”、“需”、“無需”、“建議”、
“可以”和“可選”按照RFC2119的解釋。
目錄
1 初始種子(Initial Seed) 2
2 IANA分配(IANA Assignments) 4
3 創建路由資料庫(Creating Routing Repositories) 4
4 安全考慮(Security Considerations) 5
5 IANA的意見(IANA Considerations) 5
6 作者地址(Authors' Addresses) 6
7.注意(Notices) 6
8、 全部版權聲明 7
1 初始種子(Initial Seed)
IANA的公共密碼必須由分布式路由策略系統[3]的軟件實現來分配。初始集中的種子對象
需要用這個密碼簽署。以下事務(事務格式在[3]中定義)包含了這些對象并使用這個密碼簽
署:
mntner: mnt-iana
descr: iana's maintainer
admin-c: JKR1
tech-c: JKR1
upd-to: JKRey@ISI.EDU
mnt-nfy: JKRey@ISI.EDU
auth: pgpkey-7F6AA1B9
mnt-by: mnt-iana
referral-by: mnt-iana
source: IANA
key-cert: pgpkey-7F6AA1B9
method: pgp
owner: iana-root (est. Nov 98) <iana@iana.org>
fingerpr: 71 09 2E 37 71 B8 0A 9C 3B 28 98 B4 F1 21 13 BB
certif: # this is the real IANA key
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: 2.6.2
+
+ mQCNAzZJ52sAAAEEAJ//C01YnlaGuXyrC16V7FphkRvBmcNU22TPOzrKnKjnWjH5
+ sJ5UQnGOpyhDc796gqBjY+lTLvPB9sFGJPWgxfNk2JQaxxLTD+tfqSsiURc/srpp
+ XohFAVR/fez8MOecISwvNpFh5VADuFuoNi7ZLuOwVTC4tM5RU0NJa8l/aqG5AAUR
+ tCdpYW5hLXJvb3QgKGVzdC4gTm92IDk4KSA8aWFuYUBpYW5hLm9yZz4=
+ =sF4q
+ -----END PGP PUBLIC KEY BLOCK-----
mnt-by: mnt-iana
source: IANA
repository: IANA
repository-cert: PGPKEY-88BAC849
query-address: http://www.iana.org
response-auth-type: none
submit-address: http://www.iana.org
submit-auth-type: none
expire: 0000 04:00:00
heartbeat-interval: 0000 01:00:00
admin-c: JKR1
tech-c: JKR1
mnt-by: mnt-iana
source: IANA
as-block: AS0 - AS65535
descr: as number space
country: us
admin-c: JKR1
tech-c: JKR1
status: UNALLOCATED
source: IANA
mnt-by: mnt-iana
mnt-lower: mnt-iana
inetnum: 0.0.0.0 - 255.255.255.255
netname: Internet
descr: ip number space
country: us
admin-c: JKR1
tech-c: JKR1
status: UNALLOCATED
source: IANA
mnt-by: mnt-iana
mnt-lower: mnt-iana
timestamp: 19991001 01:00:00 +00:00
signature:
+ -----BEGIN PGP SIGNATURE-----
+ Version: 2.6.2
+
+ iQCVAwUBOAd3YENJa8l/aqG5AQFVdAP9Ho2TSLGXiDi6v1McsKY4obO32EtP44Jv
+ tpNWiRRz47WIpMBmzUrQajBDNNXzwq9r9mGC75Pg0MMwTDfvA47o6mnIGdT9XyZz
+ s9HlDGOqhklIjHOxXFDrBiz3u7eWEf3vmDCXt6UYg9lUtRKefkWtR5wD1Q1zDMSc
+ 7Ya7PE6X8SU=
+ =sAft
+ -----END PGP SIGNATURE-----
上述文本中,各行的尾部沒有多余的空白字符,也不含制表符。連續的多個空行實際上
僅包含一個空行,中間的換頁也只是一個空行。
此處,我們假定IANA運行其自身的資料庫。但這并非是必需的,事實上可以由現有的路
由注冊機構發布該事務。
2 IANA分配(IANA Assignments)
IANA每次分配都要創建inetnum和適當的as-block對象,并使用它的key-cert對象中
的密碼對這些對象進行數字簽名。比如:
as-block: AS0 - AS500
descr: arin's space
country: us
status: ALLOCATED
source: iana
delegated: arin
mnt-by: mnt-iana
inetnum: 128.0.0.0 - 128.255.255.255
netname: Internet portion
descr: ip number space
country: us
status: ALLOCATED
source: iana
delegated: arin
mnt-by: mnt-iana
3 創建路由資料庫(Creating Routing Repositories)
要使用新的路由資料庫,需要構建一個資料庫對象、一個維護器對象和一個key-cert對
象并通過IANA進行數字簽名。比如:
mntner: mnt-ripe
descr: RIPE's maintainer
auth: <ripe's choice>
mnt-by: mnt-ripe
referral-by: mnt-iana
admin-c: . . .
tech-c: . . .
upd-to: . . .
mnt-nfy: . . .
source: RIPE
key-cert: pgpkey-979979
method: pgp
owner: . . .
fingerpr: . . .
certif: # this key is for illustration only
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: PGP for Personal Privacy 5.0
+
+ . . .
+ -----END PGP PUBLIC KEY BLOCK-----
mnt-by: mnt-ripe
source: RIPE
repository: RIPE
query-address: whois://whois.ripe.net
response-auth-type: PGPKEY-23F5CE35 # pointer to key-cert object
response-auth-type: none
remarks: you can request rsa signature on queries
remarks: PGP required on submissions
submit-address: mailto://auto-dbm@ripe.net
submit-address: rps-query://whois.ripe.net:43
submit-auth-type: pgp-key, crypt-pw, mail-from
remarks: these are the authentication types supported
mnt-by: maint-ripe-db
expire: 0000 04:00:00
heartbeat-interval: 0000 01:00:00
...
remarks: admin and technical contact, etc
source: RIPE
其中新資料庫的第一項事務放入新資料庫,而不是IANA資料庫。
4 安全考慮(Security Considerations)
路由策略系統安全文檔[2]為存儲在路由注冊機構中的對象定義了一個層次授權模型。本
文檔詳述了種子對象以及IANA維護授權層次結構的根所必需的操作。
5 IANA的意見(IANA Considerations)
整個文檔經過IANA的逐條認可。
引用(References)
[1] Alaettinoglu, C., Bates, T., Gerich, E., Karrenberg, D., Meyer,
D., Terpstra, M. and C. Villamizar, "Routing Policy Specification
Language (RPSL)", RFC 2622, June 1999.
[2] Villamizar, C., Alaettinouglu, C., Meyer, D., Murphy, S. and C.
Orange, "Routing Policy System Security", RFC 2725, December
1999.
[3] Villamizar, C., Alaettinouglu, C., Govindan, R. and D. Meyer,
"Distributed Routing Policy System", Work in Progress.
6 作者地址(Authors' Addresses)
Cengiz Alaettinoglu
USC Information Sciences Institute
EMail: cengiz@isi.edu
Curtis Villamizar
Avici Systems
EMail: curtis@avici.com
Ramesh Govindan
USC Information Sciences Institute
EMail: govindan@isi.edu
7.注意(Notices)
IETF不對合法性及知識產權所有權的范圍、或可能在執行此技術時聲明附屬的其它權利、
或關于本文檔所描述的技術應用、或在這些權利之下可能或不能應用的范圍負責。也不對關
于此權力的任何研究成果提出異議。有關IETF尊重后續標準和相關標準的過程可以在BCP-11
找到。允許出版時復制所聲明的權力,許可的保證都是可利用的,本技術的實施者和用戶都
可在IETF書記處獲得允許。
IETF歡迎任何感興趣的團體關注任何可能需要應用這一標準的技術的相關任何權利、專利
權或專利應用權、或者其他所有權。 請聯系IETF的執行主管。
8、 全部版權聲明
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
致謝(Acknowledgement)
Funding for the RFC Editor function is currently provided by the
Internet Society.
RFC2754—RPS IANA's Issues RPS IANA的發布
1
RFC文檔中文翻譯計劃
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -