Internet Engineering Task Force (IETF)                      T. Manderson
Request for Comments: 6491                                     L. Vegoda
Category: Standards Track                                          ICANN
ISSN: 2070-1721                                                  S. Kent
                                                                     BBN
                                                           February 2012
        

Resource Public Key Infrastructure (RPKI) Objects Issued by IANA

IANA 发布的资源公钥基础设施 (RPKI) 对象

Abstract

摘要

This document provides specific direction to IANA as to the Resource Public Key Infrastructure (RPKI) objects it should issue.

本文件就 IANA 应发布的资源公钥基础设施 (RPKI) 对象提供了具体指导。

Status of This Memo

本备忘录的地位

This is an Internet Standards Track document.

这是一份互联网标准跟踪文件。

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

本文件是互联网工程任务组 (IETF) 的成果。它代表了 IETF 社区的共识。它已接受公众审查,并经互联网工程指导小组 (IESG) 批准发布。有关互联网标准的更多信息,请参见 RFC 5741 第 2 节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6491.

有关本文件的当前状态、任何勘误以及如何提供反馈的信息,请访问 http://www.rfc-editor.org/info/rfc6491。

Copyright Notice

版权声明

Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有 (c) 2012 IETF 信托基金会和文件作者。保留所有权利。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文档受 BCP 78 和本文档发布之日有效的 IETF 信托基金《与 IETF 文档有关的法律规定》 (http://trustee.ietf.org/license-info) 的约束。请仔细阅读这些文件,因为它们描述了您对本文档的权利和限制。从本文档中提取的代码组件必须包含信托法律条款第 4.e 节中所述的简化 BSD 许可文本,并且不提供简化 BSD 许可中所述的担保。

Table of Contents

目录

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Requirements Notation  . . . . . . . . . . . . . . . . . . . .  3
   3.  Required Reading . . . . . . . . . . . . . . . . . . . . . . .  3
   4.  Definitions  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   5.  Reserved Resources . . . . . . . . . . . . . . . . . . . . . .  4
   6.  Unallocated Resources  . . . . . . . . . . . . . . . . . . . .  4
   7.  Special Purpose Registry Resources . . . . . . . . . . . . . .  4
   8.  Multicast  . . . . . . . . . . . . . . . . . . . . . . . . . .  5
   9.  Informational Objects  . . . . . . . . . . . . . . . . . . . .  5
   10. Certificates and Certificate Revocation Lists (CRLs) . . . . .  5
   11. IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  6
   12. Security Considerations  . . . . . . . . . . . . . . . . . . .  6
   13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . .  6
   14. References . . . . . . . . . . . . . . . . . . . . . . . . . .  6
     14.1.  Normative References  . . . . . . . . . . . . . . . . . .  6
     14.2.  Informative References  . . . . . . . . . . . . . . . . .  7
   Appendix A.  IANA Reserved IPv4 Address Blocks . . . . . . . . . . 10
   Appendix B.  IANA Reserved IPv6 Address Blocks . . . . . . . . . . 11
        
1. Introduction
1. 导言

"An Infrastructure to Support Secure Internet Routing" [RFC6480] directs IANA [RFC2860] to issue Resource Public Key Infrastructure (RPKI) objects for which it is authoritative. This document describes the objects IANA will issue. If IANA is directed to issue additional RPKI objects in future, this document will be revised and a new version issued.

"支持安全互联网路由选择的基础设施"[RFC6480] 指示 IANA [RFC2860] 发布由其授权的资源公钥基础设施 (RPKI) 对象。本文件描述了 IANA 将发布的对象。如果 IANA 今后被指示发布更多 RPKI 对象,本文档将进行修订并发布新版本。

The signed objects described here that IANA will issue are the unallocated, reserved, special use IPv4 and IPv6 address blocks, and the unallocated and reserved Autonomous System numbers. These number resources are managed by IANA for the IETF; thus, IANA bears the responsibility of issuing the corresponding RPKI objects. The reader is encouraged to consider the technical effects on the public routing system of the signed object issuance proposed for IANA in this document.

这里描述的 IANA 将发布的签名对象是未分配的、保留的、特殊用途 IPv4 和 IPv6 地址块,以及未分配的和保留的自治系统号码。这些号码资源由 IANA 为 IETF 管理;因此,IANA 有责任发布相应的 RPKI 对象。我们鼓励读者考虑本文档中建议 IANA 签发的签名对象对公共路由系统的技术影响。

This document does not deal with BGP [RFC4271] routing systems, as those are under the policy controls of the organizations that operate them. Readers are directed to "Local Trust Anchor Management for the Resource Public Key Infrastructure" [TA-MGMT] for a description of how to locally override IANA issued objects, e.g., to enable use of unallocated, reserved, and special use IPv4 and IPv6 address blocks in a local context.

本文件不涉及 BGP [RFC4271]路由系统,因为这些系统由运营机构进行政策控制。读者可参阅 "资源公钥基础设施的本地信任锚管理"[TA-MGMT],了解如何在本地覆盖 IANA 发布的对象,例如在本地启用未分配、保留和特殊用途的 IPv4 和 IPv6 地址块。

The direction to IANA contained herein follows the ideal that it should represent the ideal technical behavior for registry and related registry actions.

本文所载的 IANA 方向遵循的理想是,它应代表注册表和相关注册表操作的理想技术行为。

2. Requirements Notation
2. 要求符号

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

本文档中的关键词 "MUST"、"MUST NOT"、"REQUIRED"、"SHALL"、"SHALL NOT"、"SHOULD"、"SHOULD NOT"、"RECOMMENDED"、"MAY "和 "OPTIONAL "应按照 [RFC2119] 中的描述进行解释。

3. Required Reading
3. 必读

Readers should be familiar with the RPKI, the RPKI repository structure, and the various RPKI objects, uses, and interpretations described in the following: [RFC6480], [RFC6487], [RFC6482], [RFC6493], [TA-MGMT], [RFC6483], [RPKI-USE], [RFC6484], and [RFC6486].

读者应熟悉 RPKI、RPKI 资源库结构以及下列文件中描述的各种 RPKI 对象、用途和解释:[RFC6480]、[RFC6487]、[RFC6482]、[RFC6493]、[TA-MGMT]、[RFC6483]、[RPKI-USE]、[RFC6484] 和 [RFC6486]。

Note: The addresses used in this document are not example addresses; therefore, they are not compliant with [RFC3849], [RFC5735], and [RFC5771]. This is intentional, as the practices described in this document are directed to specific instances of real world addresses.

注意:本文档中使用的地址不是示例地址,因此不符合 [RFC3849]、[RFC5735] 和 [RFC5771]。这是有意为之,因为本文档中描述的做法针对的是现实世界中地址的具体实例。

4. Definitions
4. 定义

Internet Number Resources (INR): The number identifiers for IPv4 [RFC0791] and IPv6 [RFC2460] addresses, and for Autonomous Systems (ASes).

互联网号码资源(INR):IPv4 [RFC0791] 和 IPv6 [RFC2460] 地址以及自治系统(ASes)的号码标识符。

IANA: Internet Assigned Numbers Authority (a traditional name, used here to refer to the technical team making and publishing the assignments of Internet protocol technical parameters). The technical team of IANA is currently a part of ICANN [RFC2860].

IANA:互联网编号分配机构(一个传统名称,此处用于指制定和发布互联网协议技术参数分配的技术团队)。IANA 的技术团队目前是 ICANN [RFC2860] 的一部分。

RPKI: Resource Public Key Infrastructure. A Public Key Infrastructure designed to provide a secure basis for assertions about holdings of Internet number resources. Certificates issued under the RPKI contain additional attributes that identify IPv4, IPv6, and Autonomous System number resources [RFC6480].

RPKI:资源公钥基础设施。这是一种公钥基础设施,旨在为互联网号码资源声明提供安全基础。根据 RPKI 签发的证书包含识别 IPv4、IPv6 和自治系统号码资源的附加属性 [RFC6480]。

ROA: Route Origination Authorization. A ROA is an RPKI object that enables the holder of the address prefix to specify an AS that is permitted to originate (in BGP) routes for that prefix [RFC6482].

ROA:路由起源授权。ROA 是一个 RPKI 对象,使地址前缀的持有者能够指定一个 AS,允许该 AS(在 BGP 中)为该前缀发起路由 [RFC6482]。

AS 0 ROA: A ROA containing a value of 0 in the ASID field. "Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origination Authorizations (ROAs)" [RFC6483] states "A ROA with a subject of AS 0 (AS 0 ROA) is an attestation by the holder of a prefix that the prefix described in the ROA, and any more specific prefix, should not be used in a routing context."

AS 0 ROA:ASID 字段中包含 0 值的 ROA。"Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origination Authorizations (ROAs)" [RFC6483] 指出:"主题为 AS 0 的 ROA(AS 0 ROA)是由前缀持有者证明 ROA 中描述的前缀以及任何更具体的前缀不应在路由上下文中使用"。

"Not intended to be (publicly) routed": This phrase refers to prefixes that are not meant to be represented in the global Internet routing table (for example 192.168/16 [RFC1918]).

"不打算(公开)路由":该短语指的是不打算在全局 Internet 路由表中表示的前缀(例如 192.168/16 [RFC1918])。

5. Reserved Resources
5. 预留资源

Reserved IPv4 and IPv6 resources are held back for various reasons by IETF action. Generally, such resources are not intended to be globally routed. An example of such a reservation is 127.0.0.0/8 [RFC5735]. See Appendixes A and B for IANA reserved resources.

保留的 IPv4 和 IPv6 资源因各种原因被 IETF 扣留。一般来说,这些资源不打算在全球范围内路由。127.0.0.0/8 [RFC5735] 就是此类保留的一个例子。有关 IANA 保留的资源,请参见附录 A 和 B。

IANA SHOULD issue an AS 0 ROA for all reserved IPv4 and IPv6 resources not intended to be routed. The selection of the [RFC2119] terminology is intentional as there may be situations where the AS 0 ROA is removed or not issued prior to an IANA registry action. It is not appropriate to place IANA into a situation where, through normal internal operations, its behavior contradicts IETF standards.

IANA 应为所有不打算路由的保留 IPv4 和 IPv6 资源发布 AS 0 ROA。选择[RFC2119]术语是有意为之,因为在 IANA 注册行动之前,可能会出现 AS 0 ROA 被删除或未发布的情况。通过正常内部操作将 IANA 置于其行为与 IETF 标准相矛盾的境地是不合适的。

There are a small number of reserved resources that are intended to be routed, for example 192.88.99.0/24 [RFC3068]. See Appendixes A and B for IANA reserved resources.

有少量保留资源打算用于路由,例如 192.88.99.0/24 [RFC3068]。有关 IANA 保留资源,请参见附录 A 和 B。

IANA MUST NOT issue any ROAs (AS 0 or otherwise) for reserved resources that are expected to be globally routed.

IANA 不得为预期全球路由的保留资源发布任何 ROA(AS 0 或其他)。

6. Unallocated Resources
6. 未分配资源

Internet Number Resources that have not yet been allocated for special purposes [RFC5736], to Regional Internet Registries (RIRs), or to others are considered as not intended to be globally routed.

尚未分配用于特殊目的 [RFC5736]、区域互联网注册管理机构 (RIR) 或其他机构的互联网号码资源被视为不打算进行全球路由。

IANA SHOULD issue an AS 0 ROA for all Unallocated Resources. The selection of the [RFC2119] terminology is intentional as there may be situations where the AS 0 ROA is removed or not issued prior to an IANA registry action. It is not appropriate to place IANA into a situation where, through normal internal operations, its behavior contradicts IETF standards.

IANA 应为所有未分配资源颁发 AS 0 ROA。选择 [RFC2119] 术语是有意为之,因为在 IANA 注册行动之前,可能会出现 AS 0 ROA 被删除或未发布的情况。通过正常内部操作将 IANA 置于其行为与 IETF 标准相矛盾的境地是不合适的。

7. Special Purpose Registry Resources
7. 特殊用途登记处资源

Special Registry Resources [RFC5736] fall into one of two categories in terms of routing. Either the resource is intended to be seen in the global Internet routing table in some fashion, or it isn't. An example of a Special Registry Resources INR that is intended for global routing is 2001::/32 [RFC4380]. An example of an INR not intended to be seen would be 2001:002::/48 [RFC5180].

特殊注册表资源 [RFC5736] 在路由方面可分为两类。要么该资源以某种方式出现在全球互联网路由表中,要么不出现。2001::/32 [RFC4380] 就是一个用于全球路由的特殊注册资源 INR 的例子。不打算被看到的 INR 的例子是 2001:002::/48 [RFC5180]。

IANA MUST NOT issue any ROAs (AS 0 or otherwise) for Special Purpose Registry Resources that are intended to be globally routed.

IANA 不得为打算进行全球路由的特殊目的注册资源发布任何 ROA(AS 0 或其他)。

IANA SHOULD issue an AS 0 ROA for Special Purpose Registry Resources that are not intended to be globally routed.

IANA 应为不打算在全球范围内路由的特殊目的注册资源发布 AS 0 ROA。

8. Multicast
8. 组播

Within the IPv4 multicast [RFC5771] and IPv6 multicast [RFC4291] registries there are a number of Multicast registrations that are not intended to be globally routed.

在 IPv4 多播 [RFC5771] 和 IPv6 多播 [RFC4291] 注册中,有许多多播注册并不打算进行全局路由。

IANA MUST issue an AS 0 ROA covering the following IPv4 and IPv6 multicast INRs:

IANA 必须发布涵盖以下 IPv4 和 IPv6 多播 INR 的 AS 0 ROA:

IPv4: - Local Network Control Block 224.0.0.0 - 224.0.0.255 (224.0.0/24) - IANA Reserved portions of RESERVED 224.1.0.0-224.1.255.255 (224.1/16) - RESERVED 224.5.0.0-224.251.255.255 (251 /16s) 225.0.0.0-231.255.255.255 (7 /8s)

IPv4: - 本地网络控制块 224.0.0.0 - 224.0.0.255 (224.0.0/24) - RESERVED 的 IANA 保留部分 224.1.0.0-224.1.255.255 (224.1/16) - RESERVED 224.5.0.0-224.251.255.255 (251 /16s) 225.0.0.0-231.255.255.255 (7 /8s)

IPv6: - Node-Local Scope Multicast Addresses - Link-Local Scope Multicast Addresses

IPv6: - 节点-本地范围组播地址 - 链路-本地范围组播地址

IANA MUST NOT issue any ROAs (AS 0 or otherwise) for any other multicast addresses unless directed by an IESG-approved Standards Track document with an appropriate IANA Considerations section.

IANA 不得为任何其他组播地址发布任何 ROA(AS 0 或其他),除非 IESG 批准的标准轨道文件中包含适当的 IANA 考虑部分。

9. Informational Objects
9. 信息对象

One informational object that can exist at a publication point of an RPKI repository is the Ghostbusters Record [RFC6493].

在 RPKI 资源库的发布点可能存在的一个信息对象是 Ghostbusters 记录 [RFC6493]。

IANA MUST issue a ghostbusters object appropriate in content for the resources IANA maintains.

IANA 必须发布与 IANA 维护的资源内容相适应的 ghostbusters 对象。

10. Certificates and Certificate Revocation Lists (CRLs)
10. 证书和证书吊销列表 (CRL)

Before IANA can issue a ROA, it MUST first establish an RPKI Certification Authority (CA) that covers unallocated, reserved, and special use INRs. A CA that covers these INRs MUST contain RFC 3379 extensions [RFC3779] for those corresponding number resources in its certificate. This CA MUST issue single-use end-entity (EE) certificates for each ROA that it generates. The EE certificate will conform to the Resource Certificate Profile [RFC6487] and the additional constraints specified in [RFC6482]. IANA MUST maintain a publication point for this CA's use and MUST publish manifests [RFC6486] (with its corresponding EE certificate) for this publication point. IANA MUST issue a CRL under this CA certificate for the EE certificates noted above. All objects issued by this CA will conform to the RPKI Certificate Policy [RFC6484].

在 IANA 发布 ROA 之前,它必须首先建立一个 RPKI 认证机构(CA),以覆盖未分配、保留和特殊用途的 INR。覆盖这些 INR 的 CA 必须在其证书中包含针对这些相应号码资源的 RFC 3379 扩展 [RFC3779]。该 CA 必须为其生成的每个 ROA 签发一次性最终实体(EE)证书。EE 证书将符合资源证书简介 [RFC6487] 和 [RFC6482] 中指定的附加约束。IANA 必须维护一个供该 CA 使用的发布点,并必须为该发布点发布清单 [RFC6486](及其相应的 EE 证书)。IANA 必须为上述 EE 证书发布该 CA 证书下的 CRL。该 CA 签发的所有对象都将符合 RPKI 证书策略 [RFC6484]。

11. IANA Considerations
11. IANA考虑因素

This document directs IANA to issue, or refrain from issuing, the specific RPKI objects described here for the current set of reserved, unallocated, and special registry Internet Number Resources. Further, IANA MUST notify all other INR registries that RPKI objects have been issued for the Internet Number Resources described in this document to avoid the potential for issuance of duplicate objects that might confuse relying parties.

本文件指示 IANA 为当前的保留、未分配和特殊注册互联网号码资源集发布或不发布此处所述的特定 RPKI 对象。此外,IANA 必须通知所有其他 INR 注册机构,已为本文件所述的互联网号码资源发布了 RPKI 对象,以避免发布可能会混淆依赖方的重复对象。

12. Security Considerations
12. 安全考虑因素

This document does not alter the security profile of the RPKI from that already discussed in SIDR WG documents.

本文件不改变 SIDR WG 文件中已讨论过的 RPKI 安全配置文件。

13. Acknowledgements
13. 致谢

The authors acknowledge Dave Meyer for helpful direction with regard to multicast assignments.

作者感谢 Dave Meyer 在多播分配方面提供的有益指导。

14. References
14. 参考文献
14.1. Normative References
14.1. 规范性文献

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC6480] Lepinski, M. and S. Kent, "An Infrastructure to Support Secure Internet Routing", RFC 6480, February 2012.

[RFC6480] Lepinski, M. and S. Kent, "An Infrastructure to Support Secure Internet Routing", RFC 6480, February 2012.

[RFC6482] Lepinski, M., Kent, S., and D. Kong, "A Profile for Route Origin Authorizations (ROAs)", RFC 6482, February 2012.

[RFC6482] Lepinski, M., Kent, S., and D. Kong, "A Profile for Route Origin Authorizations (ROAs)", RFC 6482, February 2012.

[RFC6483] Huston, G. and G. Michaelson, "Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs)", RFC 6483, February 2012.

[RFC6483] Huston, G. and G. Michaelson, "Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs)", RFC 6483, February 2012.

[RFC6484] Kent, S., Kong, D., Seo, K., and R. Watro, "Certificate Policy (CP) for the Resource Public Key Infrastructure (RPKI)", BCP 173, RFC 6484, February 2012.

[RFC6484] Kent, S., Kong, D., Seo, K., and R. Watro, "Certificate Policy (CP) for the Resource Public Key Infrastructure (RPKI)", BCP 173, RFC 6484, February 2012.

[RFC6486] Austein, R., Huston, G., Kent, S., and M. Lepinski, "Manifests for the Resource Public Key Infrastructure (RPKI)", RFC 6486, February 2012.

[RFC6486] Austein, R., Huston, G., Kent, S., and M. Lepinski, "Manifests for the Resource Public Key Infrastructure (RPKI)", RFC 6486, February 2012.

[RFC6487] Huston, G., Michaelson, G., and R. Loomans, "A Profile for X.509 PKIX Resource Certificates", RFC 6487, February 2012.

[RFC6487] Huston, G., Michaelson, G., and R. Loomans, "A Profile for X.509 PKIX Resource Certificates", RFC 6487, February 2012.

[RFC6493] Bush, R., "The Resource Public Key Infrastructure (RPKI) Ghostbusters Record", RFC 6493, February 2012.

[RFC6493] Bush, R., "The Resource Public Key Infrastructure (RPKI) Ghostbusters Record", RFC 6493, February 2012.

14.2. Informative References
14.2. 参考性文献

[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981.

[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981.

[RFC0919] Mogul, J., "Broadcasting Internet Datagrams", STD 5, RFC 919, October 1984.

[RFC0919] Mogul, J., "Broadcasting Internet Datagrams", STD 5, RFC 919, October 1984.

[RFC0922] Mogul, J., "Broadcasting Internet datagrams in the presence of subnets", STD 5, RFC 922, October 1984.

[RFC0922] Mogul, J., "Broadcasting Internet datagrams in the presence of subnets", STD 5, RFC 922, October 1984.

[RFC1112] Deering, S., "Host extensions for IP multicasting", STD 5, RFC 1112, August 1989.

[RFC1112] Deering, S., "Host extensions for IP multicasting", STD 5, RFC 1112, August 1989.

[RFC1122] Braden, R., "Requirements for Internet Hosts - Communication Layers", STD 3, RFC 1122, October 1989.

[RFC1122] Braden, R., "Requirements for Internet Hosts - Communication Layers", STD 3, RFC 1122, October 1989.

[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996.

[RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996.

[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.

[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.

[RFC2544] Bradner, S. and J. McQuaid, "Benchmarking Methodology for Network Interconnect Devices", RFC 2544, March 1999.

[RFC2544] Bradner, S. 和 J. McQuaid,"网络互连设备基准测试方法",RFC 2544,1999 年 3 月。

[RFC2860] Carpenter, B., Baker, F., and M. Roberts, "Memorandum of Understanding Concerning the Technical Work of the Internet Assigned Numbers Authority", RFC 2860, June 2000.

[RFC2860] Carpenter, B., Baker, F., and M. Roberts, "Memorandum of Understanding Concerning the Technical Work of the Internet Assigned Numbers Authority", RFC 2860, June 2000.

[RFC3068] Huitema, C., "An Anycast Prefix for 6to4 Relay Routers", RFC 3068, June 2001.

[RFC3068] Huitema, C., "An Anycast Prefix for 6to4 Relay Routers", RFC 3068, June 2001.

[RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP Addresses and AS Identifiers", RFC 3779, June 2004.

[RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP Addresses and AS Identifiers", RFC 3779, June 2004.

[RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix Reserved for Documentation", RFC 3849, July 2004.

[RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix Reserved for Documentation", RFC 3849, July 2004.

[RFC3879] Huitema, C. and B. Carpenter, "Deprecating Site Local Addresses", RFC 3879, September 2004.

[RFC3879] Huitema、C. 和 B. Carpenter,"Deprecating Site Local Addresses",RFC 3879,2004 年 9 月。

[RFC3927] Cheshire, S., Aboba, B., and E. Guttman, "Dynamic Configuration of IPv4 Link-Local Addresses", RFC 3927, May 2005.

[RFC3927] Cheshire, S., Aboba, B., and E. Guttman, "Dynamic Configuration of IPv4 Link-Local Addresses", RFC 3927, May 2005.

[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005.

[RFC4193] Hinden, R. 和 B. Haberman,"唯一本地 IPv6 单播地址",RFC 4193,2005 年 10 月。

[RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006.

[Rekhter, Y., Li, T., and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006.

[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006.

[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006.

[RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)", RFC 4380, February 2006.

[RFC4380] Huitema, C., "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)", RFC 4380, February 2006.

[RFC4843] Nikander, P., Laganier, J., and F. Dupont, "An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)", RFC 4843, April 2007.

[RFC4843] Nikander, P., Laganier, J., and F. Dupont, "An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)", RFC 4843, April 2007.

[RFC5180] Popoviciu, C., Hamza, A., Van de Velde, G., and D. Dugatkin, "IPv6 Benchmarking Methodology for Network Interconnect Devices", RFC 5180, May 2008.

[RFC5180] Popoviciu, C., Hamza, A., Van de Velde, G., and D. Dugatkin, "IPv6 Benchmarking Methodology for Network Interconnect Devices", RFC 5180, May 2008.

[RFC5735] Cotton, M. and L. Vegoda, "Special Use IPv4 Addresses", BCP 153, RFC 5735, January 2010.

[RFC5735] Cotton, M. and L. Vegoda, "Special Use IPv4 Addresses", BCP 153, RFC 5735, January 2010.

[RFC5736] Huston, G., Cotton, M., and L. Vegoda, "IANA IPv4 Special Purpose Address Registry", RFC 5736, January 2010.

[RFC5736] Huston, G., Cotton, M., and L. Vegoda, "IANA IPv4 Special Purpose Address Registry", RFC 5736, January 2010.

[RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks Reserved for Documentation", RFC 5737, January 2010.

[RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks Reserved for Documentation", RFC 5737, January 2010.

[RFC5771] Cotton, M., Vegoda, L., and D. Meyer, "IANA Guidelines for IPv4 Multicast Address Assignments", BCP 51, RFC 5771, March 2010.

[RFC5771] Cotton, M., Vegoda, L., and D. Meyer, "IANA Guidelines for IPv4 Multicast Address Assignments", BCP 51, RFC 5771, March 2010.

[RPKI-USE] Manderson, T., Sriram, K., and R. White, "Use Cases and Interpretation of RPKI Objects for Issuers and Relying Parties", Work in Progress, October 2011.

[Manderson, T., Sriram, K., and R. White, "Use Cases and Interpretation of RPKI Objects for Issuers and Relying Parties", Work in Progress, October 2011.

[TA-MGMT] Reynolds, M. and S. Kent, "Local Trust Anchor Management for the Resource Public Key Infrastructure", Work in Progress, December 2011.

[TA-MGMT] Reynolds, M. and S. Kent, "Local Trust Anchor Management for the Resource Public Key Infrastructure", Work in Progress, December 2011.

Appendix A. IANA Reserved IPv4 Address Blocks
附录A. IANA 保留的 IPv4 地址块

This list of Address Space and RFCs was correct at the time of writing this document.

本地址空间和 RFC 列表在编写本文档时是正确的。

   +--------------------+------------------------------------+---------+
   |       Prefix       |                 RFC                |   TBR   |
   +--------------------+------------------------------------+---------+
   |      0.0.0.0/8     |     [RFC1122], Section 3.2.1.3     |    No   |
   |     10.0.0.0/8     |              [RFC1918]             |    No   |
   |     127.0.0.0/8    |     [RFC1122], Section 3.2.1.3     |    No   |
   |   169.254.0.0/16   |              [RFC3927]             |    No   |
   |    172.16.0.0/12   |              [RFC1918]             |    No   |
   |    192.0.0.0/24    |              [RFC5736]             | Various |
   |    192.0.2.0/24    |              [RFC5737]             |    No   |
   |   192.88.99.0/24   |              [RFC3068]             |   Yes   |
   |   192.168.0.0/16   |              [RFC1918]             |    No   |
   |    198.18.0.0/15   |              [RFC2544]             |    No   |
   |   198.51.100.0/24  |              [RFC5737]             |    No   |
   |   203.0.113.0/24   |              [RFC5737]             |    No   |
   |     224.0.0.0/4    |              [RFC5771]             |    No   |
   |     240.0.0.0/4    |        [RFC1112], Section 4        |    No   |
   | 255.255.255.255/32 |      [RFC0919], Section 7 and      |    No   |
   |                    |        [RFC0922], Section 7        |         |
   +--------------------+------------------------------------+---------+
        

TBR: To Be Routed, the intention of the RFC pertaining to the address block.

TBR:To Be Routed(待路由),RFC 与地址块相关的意图。

Table 1: IPv4 Address Blocks and the RFCs that Direct IANA to Reserve Them

表 1:IPv4 地址块和指示 IANA 保留这些地址的 RFC

Appendix B. IANA Reserved IPv6 Address Blocks
附录B. IANA 保留的 IPv6 地址块

This list of Address Space and RFCs was correct at the time of writing this document.

本地址空间和 RFC 列表在编写本文档时是正确的。

                   +----------------+-----------+-----+
                   |     Prefix     |    RFC    | TBR |
                   +----------------+-----------+-----+
                   |    0000::/8    | [RFC4291] |  No |
                   |    0100::/8    | [RFC4291] |  No |
                   |    0200::/7    | [RFC4291] |  No |
                   |    0400::/6    | [RFC4291] |  No |
                   |    0800::/5    | [RFC4291] |  No |
                   |    1000::/4    | [RFC4291] |  No |
                   |    4000::/3    | [RFC4291] |  No |
                   |    6000::/3    | [RFC4291] |  No |
                   |    8000::/3    | [RFC4291] |  No |
                   |    A000::/3    | [RFC4291] |  No |
                   |    C000::/3    | [RFC4291] |  No |
                   |    E000::/4    | [RFC4291] |  No |
                   |    F000::/5    | [RFC4291] |  No |
                   |    F800::/6    | [RFC4291] |  No |
                   |    FC00::/7    | [RFC4193] |  No |
                   |    FE00::/9    | [RFC4291] |  No |
                   |    FE80::/10   | [RFC4291] |  No |
                   |    FEC0::/10   | [RFC3879] |  No |
                   |    FF00::/8    | [RFC4291] |  No |
                   | 2001:0002::/48 | [RFC5180] |  No |
                   |  2001:10::/28  | [RFC4843] |  No |
                   +----------------+-----------+-----+
        

TBR: To Be Routed, the intention of the RFC pertaining to the address block.

TBR:To Be Routed(待路由),RFC 与地址块相关的意图。

Table 2: IPv6 Address Blocks and the RFCs that Direct IANA to Reserve Them

表 2:IPv6 地址块和指示 IANA 保留这些地址的 RFC

Authors' Addresses

作者地址

Terry Manderson Internet Corporation for Assigned Names and Numbers 4676 Admiralty Way, Suite 330 Marina del Rey, CA 90292 United States of America

Terry Manderson 互联网名称与数字地址分配机构 4676 Admiralty Way, Suite 330 Marina del Rey, CA 90292 美利坚合众国

   Phone: +1-310-823-9358
   EMail: [email protected]
   URI:   http://www.iana.org/
        

Leo Vegoda Internet Corporation for Assigned Names and Numbers 4676 Admiralty Way, Suite 330 Marina del Rey, CA 90292 United States of America

Leo Vegoda 互联网名称与数字地址分配机构 4676 Admiralty Way, Suite 330 Marina del Rey, CA 90292 美利坚合众国

   Phone: +1-310-823-9358
   EMail: [email protected]
   URI:   http://www.iana.org/
        

Steve Kent BBN

史蒂夫-肯特 BBN