In preparation of IETF 113, where I'm going to provide a brief status update on the draft, I uploaded on Monday draft version 05 of BRSKI-AE, with the following changes since version 04:
* David von Oheimb became the editor. * Streamline wording, consolidate terminology, improve grammar, etc. * Shift the emphasis towards supporting alternative enrollment protocols. * Update the title accordingly - preliminary change to be approved. * Move comments on EST and detailed application examples to informative annex. * Move the remaining text of section 3 as two new sub-sections of section 1. Are there any objections to updating the title to: BRSKI-AE: Alternative Enrollment Protocols in BRSKI which reflects much better the new focus of the document? Moreover, I suggest renaming the repository etc. to, e.g., https://github.com/anima-wg/anima-brski-ae Unfortunately we have not heard back from Eliot regarding the subsection on EST use. So all we could do there was to try to maintain it in line with the rest of the document, while more work would be needed to clarify open points and fill in some more detail. We recently found that also the subsection on CMP use needs some further detail, as indicated by the ToDo there. We are going to provide it with the next version. To sum up, the only open issues that we see are in section 5. Examples for signature-wrapping using existing enrollment protocols Feedback on the revised BRSKI-AE text (i.e., all of the document) is most welcome, ideally already before the conference such that we may address issues there. David On Mon, 2022-03-07 at 14:21 -0800, [email protected] wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Autonomic Networking Integrated Model > and Approach WG of the IETF. > > Title : BRSKI-AE: Alternative Enrollment Protocols > in BRSKI > Authors : David von Oheimb > Steffen Fries > Hendrik Brockhaus > Eliot Lear > Filename : draft-ietf-anima-brski-async-enroll-05.txt > Pages : 30 > Date : 2022-03-07 > > Abstract: > This document enhances Bootstrapping Remote Secure Key > Infrastructure > (BRSKI, [RFC8995]) to allow employing alternative enrollment > protocols, such as CMP. > > Using self-contained signed objects, the origin of enrollment > requests and responses can be authenticated independently of > message > transfer. This supports end-to-end security and asynchronous > operation of certificate enrollment and provides flexibility where > to > authenticate and authorize certification requests. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-anima-brski-async-enroll/ > > There is also an htmlized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-async-enroll-05 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-anima-brski-async-enroll-05 > > > Internet-Drafts are also available by rsync at > rsync.ietf.org::internet-drafts
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
