Hi, I am concerned by the amount of material in Appendix D of the latest BRSKI draft, which is intended to be deleted.
In particular, there is this text: > None of these approaches require the network to have permanent > Internet connectivity. Even when the Internet based MASA service is > used, it is possible to pre-fetch the required information from the > MASA a priori, for example at time of purchase such that devices can > enrol later. This supports use cases where the domain network may be > entirely isolated during device deployment. I cannot find this point anywhere in the main text. But as we discussed a year or two ago, there are important use cases where an autonomic network will *never* be connected to the Internet. Two typical cases: 1) a military network, especially a "tactical" network deployed in the battlefield, which is actually a great use case for autonomics, 2) a control network requiring extra high security, for example the control system for a nuclear power plant. In such cases - if I was in charge** - I would consider an Internet connection to a MASA service to be dangerous and unacceptable, with pre-fetching being the only option. So, the quoted paragraph needs to be restored to wherever it fits in the main text of BRSKI. I suspect that there may be other essential items in Appendix D, so I urge everybody to have a careful look. ** I was in charge of systems software for a particle accelerator control network at one point in my life. The idea of connecting directly to an off-site network would have seemed extraordinarily stupid at the time. Regards Brian _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
