Hi Kent,
Thanks for your work,
Peter
Kent Watsen schreef op 2017-08-21 17:53:
Hi Peter,
Thanks, I think we've reached closure.
Please review the diffs to the latest.
https://www.ietf.org/rfcdiff?url2=draft-ietf-anima-voucher-05
Thanks again,
Kent
--
Hi Kent,
Can a discussion section about "manufacturer additions" be
added. Pointing out the consequences for interoperability
when using "Augment" to add manufacturer specifics can be
helpful.
I'm confused, which section does this comment regard?
It refers to the document as a whole and especially section 7.
Usually, manufacturers want manufacturer-specific additions to
documents.
They may consider to use Augment for that purpose.
My suggestion is to discuss ways to add manufacturer additions to the
voucher and the consequences.
That may turn out to be a big NO-NO to manufacturer additions.
I think it would be worthwhile to point that out.
<KENT> Are you asking for the voucher to contain a node
called something like 'opaque' having YANG type 'anyData'?
A sanctioned place where the MASA can stash some extra
stuff not defined by this document? Recall that some of
the motivation for this work being standardized is to
enable inspection by intermediates, and while the opaque
data could be presented to a human, it might be base64
data. Any concerns bout that?
<pvds>
My suggestion is a discussion not a standardization. So, no additions
to
the voucher in this document.
However, pointing out the base64 format would be helpful for those
thinking about an addition with opaque.
</pvds>
page 4, Voucher: add: that "acknowledges ownership of the pledge and"
indicates...
<KENT> what does "acknowledges ownership of the pledge" mean? how
is it different than "indicates to a Pledge the cryptographic
identity
of the Domain it should trust"?
Now I am confused. I thought it was 2 ways. Pledge trusts domain, and
domain partners trust pledge.
<KENT> The pledge trusts the MASA (which signs the voucher) and then
the pledge trusts the domain (whose cert is inside the voucher).
Perhaps you're conflating signing the voucher with acknowledging
ownership?
<pvds>
I am afraid, that I made the voucher responsible for all keyinfra
protocol objectives.
Sorry, for the confusion.
</pvds>
_______________________________________________
6tisch mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6tisch
_______________________________________________
6tisch mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6tisch
