Mendelson, Tsippy <tsippy.mendel...@intel.com> wrote:
> Sending again to wider ANIMA audience – as I received no response.
I don't think that I saw it before.
But, you posted to the list, which is the right place.
(You could have opened a github issue)
> We have identified a reference to an old spec in BRSKI draft
> draft-ietf-anima-bootstrapping-keyinfra-22.
> The draft refers to:
> [IDevID] "IEEE 802.1AR Secure Device Identifier", December 2009,
> <http://standards.ieee.org/findstds/
> standard/802.1AR-2009.html>.
> However there is a later spec:
> https://standards.ieee.org/standard/802_1AR-2018.html
> The specific quote from 802.1AR-2009 that we would like to ask about is in
> section 2.3.1 “Identification of the Pledge”:
So, I have no idea if 802_1AR-2018 is better or not, as I don't have a copy
of it. I tried last week to get a copy of it via the getieee system,
but I failed. I had previously been able to download the 2009 version.
> The following fields are defined in [IDevID] and [RFC5280]:
>
> o The subject field's DN encoding MUST include the "serialNumber"
> attribute with the device's unique serial number. (from [IDevID]
> section 7.2.8, and [RFC5280] section 4..1.2.4's list of standard
> attributes)
> In 802_1AR-2018 we could not find that the “serialNumber” attribute
> MUST be included rather we found SHOULD:
Yes, but we are saying that *WE* require it.
> Here it says: An IDevID certificate subject field shall be non-null and
> should include a unique device serial number.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
