I have read draft-fries-anima-brski-async-enroll-03 and I would be happy to have it as the basis for an extension. PLEASE ADOPT.
--- While I think that section 4 is very well fleshed out, I think that section 5 will need revisions. While it attempts to mirror the structure of the BRSKI document, I think that probably is both unnecessary, and also too verbose. I think that use of EST is probably wrong: more choices here is not better. CMP is the right protocol, because there will not be a consistent transport to secure. I am not sure how to integrate RFC8366 vouchers into CMP. I believe that this work needs focus on the lightweight CMP profile. I don't know CMP well enough to comment on how to do this yet. Since we are dealing with signed objects, I wonder if COSE/CoID objects would not be better signed containers. That's clearly *not* bits-on-the-wire CMP, but if it's 1:1 with CMP objects, then it may be easier to integrated into existing CMP infrastructure. -- Michael Richardson <[email protected]>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
