Hi all, We just submitted an update to BRSKI-PRM. The main changes include the following: * Updated examples to state "base64encodedvalue==" for x5c occurrences * reference to external PNG graphic as general overview (was recommended in the last IETF meeting) * Restructuring of section 5 to flatten hierarchy * Enhanced requirements and motivation in Section 4 * Several editorial improvements based on review comments
Feedback to the submitted version is appreciated. The draft is technically stable and needs further commenting. Best regards Steffen -----Original Message----- From: [email protected] <[email protected]> Sent: Freitag, 29. April 2022 13:16 To: Michael C. Richardson <[email protected]>; Eliot Lear <[email protected]>; Michael Richardson <[email protected]>; Fries, Steffen (T CST) <[email protected]>; Werner, Thomas (T CST SEA-DE) <[email protected]> Subject: New Version Notification for draft-ietf-anima-brski-prm-03.txt A new version of I-D, draft-ietf-anima-brski-prm-03.txt has been successfully submitted by Steffen Fries and posted to the IETF repository. Name: draft-ietf-anima-brski-prm Revision: 03 Title: BRSKI with Pledge in Responder Mode (BRSKI-PRM) Document date: 2022-04-29 Group: anima Pages: 59 URL: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-anima-brski-prm-03.txt&data=05%7C01%7Csteffen.fries%40siemens.com%7Ca352eede1a0446d4eeff08da29d1a736%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637868278601261155%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=laV%2FL3TR3v9U3Nf0gy84rOlmiEfeO2ciMUtFwuXiU%2FI%3D&reserved=0 Status: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-anima-brski-prm%2F&data=05%7C01%7Csteffen.fries%40siemens.com%7Ca352eede1a0446d4eeff08da29d1a736%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637868278601261155%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=iXzW2SptHamSawpQsYpDHMOyuEkW8xdIhwXUYC7UBsI%3D&reserved=0 Htmlized: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-anima-brski-prm&data=05%7C01%7Csteffen.fries%40siemens.com%7Ca352eede1a0446d4eeff08da29d1a736%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637868278601261155%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=UKfyxSUnGKQf9Y4b9XZCaQ%2B%2F0o3FZZUMLr0VtNNv0LY%3D&reserved=0 Diff: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-anima-brski-prm-03&data=05%7C01%7Csteffen.fries%40siemens.com%7Ca352eede1a0446d4eeff08da29d1a736%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C637868278601261155%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xFe1UiZvknlt5wyLvBmgJtZ1DHx9%2FqmOEp6c7RRYj%2Bw%3D&reserved=0 Abstract: This document defines enhancements to bootstrapping a remote secure key infrastructure (BRSKI, [RFC8995]) to facilitate bootstrapping in domains featuring no or only timely limited connectivity between a pledge and the domain registrar. It specifically targets situations, in which the interaction model changes from a pledge-initiator-mode, as used in BRSKI, to a pledge-responder-mode as described in this document. To support both, BRSKI-PRM introduces a new registrar- agent component, which facilitates the communication between pledge and registrar during the bootstrapping phase. For the establishment of a trust relation between pledge and domain registrar, BRSKI-PRM relies on the exchange of authenticated self-contained objects (signature-wrapped objects). The defined approach is agnostic regarding the utilized enrollment protocol, deployed by the domain registrar to communicate with the Domain CA. The IETF Secretariat _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
