[Anima] FW: I-D Action: draft-ietf-anima-brski-prm-02.txt

Fries, Steffen Fri, 04 Mar 2022 05:19:47 -0800

Hello,

I just uploaded a new version of BRSKI-PRM. We plan to provide an overview of 
the changes in the ANIMA session of IETF 113


The main changes comprise: 
   * Resolution of Issue #15 included additional signature on voucher from 
registrar in Section 5.1.4.2 and Section 5.1.1 to allow for provisional accept 
ending.  The
      verification of multiple signatures is described in Section 5.1.4.3
   *  Included representation for General JWS JSON Serialization for examples
   *  Included error responses from pledge if it is not able to create a 
pledge-voucher request or an enrollment request in Section 5.1.4.1
   *  Removed open issue regarding handling of multiple CSRs and enrollment 
responses during the bootstrapping as the initial target it the provisioning of 
a generic LDevID certificate.  The defined endpoint on the pledge may also be 
used for management of further certificates.

Best regards
Steffen

-----Original Message-----
From: I-D-Announce <[email protected]> On Behalf Of 
[email protected]
Sent: Freitag, 4. März 2022 14:14
To: [email protected]
Cc: [email protected]
Subject: I-D Action: draft-ietf-anima-brski-prm-02.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Autonomic Networking Integrated Model and 
Approach WG of the IETF.

        Title           : BRSKI with Pledge in Responder Mode (BRSKI-PRM)
        Authors         : Steffen Fries
                          Thomas Werner
                          Eliot Lear
                          Michael C. Richardson
        Filename        : draft-ietf-anima-brski-prm-02.txt
        Pages           : 57
        Date            : 2022-03-04

Abstract:
   This document defines enhancements to bootstrapping a remote secure
   key infrastructure (BRSKI, [RFC8995]) to facilitate bootstrapping in
   domains featuring no or only timely limited connectivity between a
   pledge and the domain registrar.  It specifically targets situations,
   in which the interaction model changes from a pledge-initiator-mode,
   as used in BRSKI, to a pledge-responder-mode as described in this
   document.  To support both, BRSKI-PRM introduces a new registrar-
   agent component, which facilitates the communication between pledge
   and registrar during the bootstrapping phase.  For the establishment
   of a trust relation between pledge and domain registrar, BRSKI-PRM
   relies on the exchange of authenticated self-contained objects
   (signature-wrapped objects).  The defined approach is agnostic
   regarding the utilized enrollment protocol, deployed by the domain
   registrar to communicate with the Domain CA.


The IETF datatracker status page for this draft is:
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-anima-brski-prm%2F&amp;data=04%7C01%7Csteffen.fries%40siemens.com%7Cd5127a0257fc4e2558d608d9fde0e3fa%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637819964623940923%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=z0kkQqKEu711mK3dwIxdeEXrKw1BFk0lRL5%2FyHDWb8Q%3D&amp;reserved=0

There is also an htmlized version available at:
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-anima-brski-prm-02&amp;data=04%7C01%7Csteffen.fries%40siemens.com%7Cd5127a0257fc4e2558d608d9fde0e3fa%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637819964623940923%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=d5A848R0egE%2FDhL0LVXdOomcc22aBFWEnLtxsQv3cOY%3D&amp;reserved=0

A diff from the previous version is available at:
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-anima-brski-prm-02&amp;data=04%7C01%7Csteffen.fries%40siemens.com%7Cd5127a0257fc4e2558d608d9fde0e3fa%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637819964623940923%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=285sfbrqPhVZL5SpEdKHyeRlX9luTF3SBl6R68GAOnk%3D&amp;reserved=0


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts


_______________________________________________
I-D-Announce mailing list
[email protected]
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fi-d-announce&amp;data=04%7C01%7Csteffen.fries%40siemens.com%7Cd5127a0257fc4e2558d608d9fde0e3fa%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637819964623940923%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=Ca2uw1kYwfNrH2Nsw7ikTbfE7VoIHS2RM43MZAbhPEk%3D&amp;reserved=0
Internet-Draft directories: 
https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ietf.org%2Fshadow.html&amp;data=04%7C01%7Csteffen.fries%40siemens.com%7Cd5127a0257fc4e2558d608d9fde0e3fa%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637819964623940923%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=bcpQIPgQNWi8Dh6rdSmbspI2jdyE8DAG%2B1UrcTvz4LU%3D&amp;reserved=0
or 
https://eur01.safelinks.protection.outlook.com/?url=ftp%3A%2F%2Fftp.ietf.org%2Fietf%2F1shadow-sites.txt&amp;data=04%7C01%7Csteffen.fries%40siemens.com%7Cd5127a0257fc4e2558d608d9fde0e3fa%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637819964623940923%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=0NtIPyGu9mtFxzufIMa1Sp9IrIgAWpDXaXkz4nPc3fA%3D&amp;reserved=0

_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima

[Anima] FW: I-D Action: draft-ietf-anima-brski-prm-02.txt

Reply via email to