[email protected] wrote:
> Html:
https://www.ietf.org/archive/id/draft-ietf-anima-rfc8366bis-05.html
> Diff:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-rfc8366bis-05
Hi, Toerless asked for a clear Changes since RFC8366 section.
I've added that as section 5, and I would sure appreciate review comments at:
https://github.com/anima-wg/voucher/pull/22
I asked Toerless for a WG Consensus Call on this approach to dealing with the
problems that augment has gotten us into.
There are threads in the archives on what the challenge is.
We are looking for technical objections to this pull request and this approach.
In addition to the section 5, I have replaced "bootstrapping" with
"onboarding", and adjusted some of the other introductory text to include
more of the other documents.
I resisted the urge to describe {{PRM}} as "SneakerNet", since I was afraid
to find a definition for that.
I have been unable to use yanglint verify the example JSON that RFC8366
defined. It tells me it does not match I get no further details. I felt
that I should first establish this before believing it about the YANG
provided in this document. I see this as a critical thing for the document,
but not for merging this pull request.
(I redid Table 1 in kramdown, but I don't know how/if I can make a cell
span multiple columns, so for now, I haven't)
I see that I still have RFC8792 wrapping in the voucher-request YANG, while I
did fix that for the voucher YANG.
5. Changes since RFC8366
[RFC8366] was published in 2018 during the development of [BRSKI],
[ZERO-TOUCH] and other work-in-progress efforts. Since then the
industry has matured significantly, and the in-the-field activity
which this document supports has become known as _onboarding_ rather
than _bootstrapping_.
The focus of [BRSKI] was onboarding of ISP and Enterprise owned wired
routing and switching equipment, with IoT devices being a less
important aspect. [ZERO-TOUCH] has focused upon onboarding of CPE
equipment like cable modems and other larger IoT devices, again with
smaller IoT devices being of less import.
Since [BRSKI] was published there is now a mature effort to do
application-level onboarding of constrained IoT devices defined by
The Thread and Fairhair (now OCF) consortia. The [cBRSKI] document
has defined a version of [BRSKI] that is useable over constrained
802.15.4 networks using CoAP and DTLS, while
[I-D.selander-ace-ake-authz] provides for using CoAP and EDHOC on
even more constrained devices with very constrained networks.
[PRM] has created a new methodology for onboarding that does not
depend upon a synchronous connection between the Pledge and the
Registrar. This mechanism uses a mobile Registrar Agent that works
to collect and transfer signed artifacts via physical travel from one
network to another.
Both [cBRSKI] and [PRM] require extensions to the Voucher Request and
the resulting Voucher. The new attribtes are required to carry the
additional attributes and describe the extended semantics. In
addition [cBRSKI] uses the serialization mechanism described in
[YANGCBOR] to produce significantly more compact artifacts.
When the process to define [cBRSKI] and [PRM] was started, there was
a belief that the appropriate process was to use the [RFC8040]
_augment_ mechanism to further extend both the voucher request
[BRSKI] and voucher [RFC8366] artifacts. However, [PRM] needs to
extend an enumerated type with additional values and _augment_ can
not do this, so that was initially the impetus for this document.
An attempt was then made to determine what would happen if one wanted
to have a constrained version of the [PRM] voucher artifact. The
result was invalid YANG, with multiple definitions of the core
attributes from the [RFC8366] voucher artifact. After some
discussion, it was determined that the _augment_ mechanism did not
work, nor did it work better when [RFC8040] yang-data was replaced
with the [RFC8971] structure mechanisms.
After significant discussion the decision was made to simply roll all
of the needed extensions up into this document as "RFC8366bis".
This document therefore represents a merge of YANG definitions from
[RFC8366], the voucher-request from [BRSKI], and then extensions to
each of these from [cBRSKI] and [PRM]. There are some difficulties
with this approach: this document does not attempt to establish
rigorous semantic definitions for how some attributes are to be used,
referring normatively instead to the other relevant documents.
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
