diff options
Diffstat (limited to 'doc/05.RPKI.RP.md')
| -rw-r--r-- | doc/05.RPKI.RP.md | 46 |
1 files changed, 27 insertions, 19 deletions
diff --git a/doc/05.RPKI.RP.md b/doc/05.RPKI.RP.md index f92c68af..bc42f6f6 100644 --- a/doc/05.RPKI.RP.md +++ b/doc/05.RPKI.RP.md @@ -5,18 +5,19 @@ the entity which retrieves RPKI objects from repositories, validates them, and uses the result of that validation process as input to other processes, such as BGP security. -See the CA tools for programs to help you generate RPKI objects, if you need -to do that. +See the [CA tools][CA] for programs to help you generate RPKI objects, if you +need to do that. -The RP main tools are rcynic and rpki-rtr, each of which is discussed below. +The RP main tools are [rcynic][RP] and [rpki-rtr][RP], each of which is +discussed below. The installation process sets up everything you need for a basic RPKI validation installation. You will, however, need to think at least briefly -about which RPKI trust anchors you are using, and may need to change these -from the defaults. +about which [RPKI trust anchors][RP] you are using, and may need to change +these from the defaults. -The installation process sets up a cron job running running rcynic-cron as -user "`rcynic`" once per hour at a randomly-selected minute. +The installation process sets up a cron job running running [rcynic-cron][RP] +as user "`rcynic`" once per hour at a randomly-selected minute. ## rcynic @@ -25,10 +26,10 @@ validation: checking syntax, signatures, expiration times, and conformance to the profiles for RPKI objects. The other relying party programs take rcynic's output as their input. -The installation process sets up a basic rcynic configuration. See the rcynic -documentation if you need to know more. +The installation process sets up a basic rcynic configuration. See the [rcynic +documentation][rcynic] if you need to know more. -See the discussion of trust anchors. +See the [discussion of trust anchors][RP]. ## rpki-rtr @@ -37,13 +38,13 @@ as its data source. rpki-rtr includes the rpki-rtr server, a test client, and a utiltity for examining the content of the database rpki-rtr generates from the data supplied by rcynic. -See the rpki-rtr documentation for further details. +See the [rpki-rtr documentation][rpki-rtr] for further details. ## rcynic-cron rcynic-cron is a small script to run the most common set of relying party -tools under cron. See the discussion of running relying party tools under cron -for further details. +tools under cron. See the [discussion of running relying party tools under +cron][Cron] for further details. ## Selecting trust anchors @@ -55,7 +56,7 @@ As with most other PKI software, we supply a default set of trust anchors which you are welcome to use if they suit your needs. These are installed as part of the normal installation process, so if you don't do anything, you'll get these. You can, however, override this if you need something different; -see the rcynic documentation for details. +see [the rcynic documentation][rcynic] for details. Remember: It's only a trust anchor if **you** trust it. We can't make that decision for you. @@ -63,8 +64,15 @@ decision for you. Also note that, at least for now, ARIN's trust anchor locator is absent from the default set of trust anchors. This is not an accident: it's the direct result of a deliberate policy decision by ARIN to require anyone using their -trust anchor to [jump through legal -hoops](https://www.arin.net/resources/rpki/faq.html#tal). If you have a -problem with this, [complain to ARIN](http://lists.arin.net/mailman/listinfo -/arin-ppml). If and when ARIN changes this policy, we will be happy to include -their trust anchor locator along with those of the other RIRs. +trust anchor to [jump through legal hoops][ARIN-TAL]. If you have a problem with +this, [complain to ARIN][ARIN-PPML]. If and when ARIN changes this policy, we will be +happy to include their trust anchor locator along with those of the other +RIRs. + +[CA]: 11.RPKI.CA.md +[RP]: 05.RPKI.RP.md +[rcynic]: 06.RPKI.RP.rcynic.md +[rpki-rtr]: 07.RPKI.RP.rpki-rtr.md +[Cron]: 08.RPKI.RP.RunningUnderCron.md +[ARIN-TAL]: https://www.arin.net/resources/rpki/faq.html#tal +[ARIN-PPML]: http://lists.arin.net/mailman/listinfo/arin-ppml |