> Von: Michael Richardson <[email protected]>
>
>
> The BRSKI-AE authors have suggested that in order to make BRSKI more easily
> extendable that prior to using the /.well-known/est end points (both RFC7030
> ones and bootstrapping-keyinfra ones), that the pledge should ask for /.well-
> known/brski, to get back a list.
>
> The thread ending at
> https://mailarchive.ietf.org/arch/msg/anima/MQkNXJJjMkP0nqKlNEaxDZ94RgI
> alludes to this, but the current -03 document does not include this proposal,
> because it would need to go into BRSKI itself.
I would appreciate to use /.well-known/brski for the endpoints specified in
BRSKI and use /.well-known/est for those specified in RFC7030.
This offers more flexibility for future extensions like BSKI-AE.
- Hendrik
>
> REQ: GET /.well-known/brski
>
> RES: Content-Type: application/link-format {see RFC6690}
> </brski/voucherrequest>,ct=voucher-cms+json
> </brski/voucher_status>,ct=json
> </brski/requestauditlog>,ct=json
> </brski/enrollstatus>,ct=json
>
> </est/cacerts>;ct=pkcs7-mime
> </est/cacerts>;ct=pkcs7-mime
> </est/simpleenroll>;ct=pkcs7-mime
> </est/simplereenroll>;ct=pkcs7-mime
> </est/fullcmc>;ct=pkcs7-mime
> </est/serverkeygen>;ct= pkcs7-mime
> </est/csrattrs>;ct=pkcs7-mime
>
> </cmp/initialization>;ct=pkixcmp
> </cmp/certification>;ct=pkixcmp
> </cmp/keyupdate>;ct=pkixcmp
> </cmp/p10>;ct=pkixcmp
> </cmp/getCAcert>;ct=pkixcmp
> </cmp/getCSRparam>;ct=pkixcmp
>
> This is already done in draft-ietf-ace-coap-est-18, BTW.
> But, it asks /.well-known/core?rt=ace.est rather than /.well-known/brski.
>
> At this point, we are waiting for ACP document to be approved by the IESG.
> Assuming that our AD was amenable, I think that this could be snuck in before
> ACP is approved. This email does not include my opinion, as it has not yet
> been formed.
>
> --
> Michael Richardson <[email protected]>, Sandelman Software Works -
> = IPv6 IoT consulting =-
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
