As announced at IETF 113, Hendrik, Steffen and I have meanwhile closed the open TBD regarding detail on the CMP instance of BRSKI-AE, which we propose to call BRSKI-CMP.
Today I've been able to publish the next version of the draft, which after renaming resides at https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-ae A diff of the current version (which is -01 after I had to submit a fixup of -00 and the version was reset to -00 due to changing the title) with the preceding one https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-async-enroll-05 can be found at https://www.ietf.org/rfcdiff?url2=draft-ietf-anima-brski-ae-00. There is also a PDF version that includes a neat protocol overview graphics at https://github.com/anima-wg/anima-brski-ae/blob/main/draft-ietf-anima-brski-ae.pdf Due to IMO extreme limitations on the structure of SVG input I was unable to keep the graphics in the submitted version - details on this may be found at https://github.com/anima-wg/anima-brski-ae/issues/22. The contents of the current version should be pretty stable already, not far from being ready for WGLC. On behalf of all authors of this draft, I ask those interested in the topic on feedback on this version. David On Wed, 2022-04-06 at 07:12 -0700, internet-dra...@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Autonomic Networking Integrated Model > and Approach WG of the IETF. > > Title : BRSKI-AE: Alternative Enrollment Protocols > in BRSKI > Authors : David von Oheimb > Steffen Fries > Hendrik Brockhaus > Eliot Lear > Filename : draft-ietf-anima-brski-ae-01.txt > Pages : 30 > Date : 2022-04-06 > > Abstract: > This document enhances Bootstrapping Remote Secure Key > Infrastructure > (BRSKI, RFC 8995) to allow employing alternative enrollment > protocols, such as CMP. > > Using self-contained signed objects, the origin of enrollment > requests and responses can be authenticated independently of > message > transfer. This supports end-to-end security and asynchronous > operation of certificate enrollment and provides flexibility where > to > authenticate and authorize certification requests. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-anima-brski-ae/ > > There is also an htmlized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-ae-01 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-anima-brski-ae-01 > > > Internet-Drafts are also available by rsync at > rsync.ietf.org::internet-drafts
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima