Hi, This is interesting (technically out of scope for "professionally managed" networks, perhaps).
> 5.3. Connect to BRSKI join network .... > Receipt of an answer confirms that the > ESSID is correct and present. Or a forged clone? If you are relying on the AR's IID value for this, perhaps you need to specify that it must be a pseudo-random value per RFC8064. Even so, there must be a residual risk of a forgery. .... > (XXX - not using GRASP here. Could use GRASP, but QR code is better) You could use GRASP, but the AR is not a real registrar yet, so IMHO it MUST NOT support the "AN_join_registrar" objective. I think you'd need a short-lived "AN_adolescent_registrar" objective, and you'd still need to check the link-local address, so there would really be no advantage. > 5.12. Adolescent Registrar (AR) grows up .... > The AR is now considered a full registrar. The AR now takes on the > role of Registrar. Presumably at this point it does support GRASP "AN_join_registrar"? Regards Brian Carpenter On 12-Mar-19 06:43, [email protected] wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > > Title : BRSKI enrollment of with disconnected Registrars -- > smarkaklink > Authors : Michael Richardson > Jacques Latour > Faud Khan > Abhishek Joshi > Filename : draft-richardson-anima-smarkaklink-00.txt > Pages : 22 > Date : 2019-03-11 > > Abstract: > This document details the mechanism used for initial enrollment using > a smartphone of a BRSKI Registrar system. > > There are two key differences in assumption from > [I-D.ietf-anima-bootstrapping-keyinfra]: that the intended registrar > has Internet, and that the Pledge has no user-interface. > > This variation on BRSKI is intended to be used in the situation where > the registrar device is new out of the box and is the intended > gateway to the Internet (such as a home gateway), but has not yet > been configured. This work is also intended as a transition to the > Wi-Fi Alliance work on the Device Provisioning Protocol (DPP). > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-richardson-anima-smarkaklink/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-richardson-anima-smarkaklink-00 > https://datatracker.ietf.org/doc/html/draft-richardson-anima-smarkaklink-00 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > I-D-Announce mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
