Mendelson, Tsippy <tsippy.mendel...@intel.com> wrote: > Sending again to wider ANIMA audience – as I received no response.
I don't think that I saw it before. But, you posted to the list, which is the right place. (You could have opened a github issue) > We have identified a reference to an old spec in BRSKI draft > draft-ietf-anima-bootstrapping-keyinfra-22. > The draft refers to: > [IDevID] "IEEE 802.1AR Secure Device Identifier", December 2009, > <http://standards.ieee.org/findstds/ > standard/802.1AR-2009.html>. > However there is a later spec: > https://standards.ieee.org/standard/802_1AR-2018.html > The specific quote from 802.1AR-2009 that we would like to ask about is in > section 2.3.1 “Identification of the Pledge”: So, I have no idea if 802_1AR-2018 is better or not, as I don't have a copy of it. I tried last week to get a copy of it via the getieee system, but I failed. I had previously been able to download the 2009 version. > The following fields are defined in [IDevID] and [RFC5280]: > > o The subject field's DN encoding MUST include the "serialNumber" > attribute with the device's unique serial number. (from [IDevID] > section 7.2.8, and [RFC5280] section 4..1.2.4's list of standard > attributes) > In 802_1AR-2018 we could not find that the “serialNumber” attribute > MUST be included rather we found SHOULD: Yes, but we are saying that *WE* require it. > Here it says: An IDevID certificate subject field shall be non-null and > should include a unique device serial number. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima