Adam Roach <[email protected]> wrote: mcr> *** but manufacturers have to want to do it ***
adam> I completely agree with everything you just said, and sincerely
adam> thank you for the work you've done in this area. I think where our
adam> perspectives might diverge is our beliefs about what *we*, the
adam> IETF, can do about it in this specific case.
adam> The IETF, as a matter of practice, includes normative statements in
adam> documents all the time regarding processes that conformant
adam> implementations "MUST" follow for the sake of security. In many
adam> cases, the protocol works just fine if implementors ignore these
adam> requirements, which means that implementation of them resolves to
adam> exactly one thing: manufacturers have to want to do it.
....
adam> The smallest change that would satisfy my concern would be a statement
adam> that says that devices conformant to this specification MUST contain a
adam> local means of bootstrapping that does not rely on any specific server
adam> being available.
I propose to add text to section 9:
Applicability to the Autonomic Control Plane
that makes implementing something from 7.2 a normative MUST.
<t>
As specified in the ANIMA charter, this work "..focuses on
professionally-managed networks." Such a network has an operator
and can do things like install, configure and operate the
Registrar function. The operator makes purchasing decisions
and is aware of what manufacturers it expects to see on it's
network.
</t>
<t>
Such an operator is also capable of performing bootstrapping of a
device using a serial-console (craft console). The zero-touch
mechanism presented in this and the ACP document represents a
significiant efficiency: in particular it reduces the need to
put senior experts on airplanes to configure devices in person.
</t>
<t>
There is a recognition as the technology evolves that not every
situation may work out, and occasionally a human may still have to
visit. In recognition of this, some mechanisms are presented in
<xref target="pledgeReductions" />. The manufacturer MUST provide at
least one of the one-touch mechanisms described that permit
enrollment to be proceed without availability of any manufacturer
server (such as the MASA).
</t>
I have additionally, added a fourth example to section 7.2:
4. A craft/serial console COULD include a command such as "est-
enroll [2001:db8:0:1]:443" that begins the EST process from the
point after the voucher is validated. This process SHOULD
include server certificate verification using an on-screen
fingerprint.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] [email protected] http://www.sandelman.ca/ | ruby on rails [
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
