-------- Forwarded Message --------
Subject: BRSKI-AE- updated text on discovery - Re: New Version
Notification for draft-ietf-anima-brski-ae-07.txt
Date: Fri, 17 Nov 2023 15:32:05 +0100
From: David von Oheimb <[email protected]>
To: Toerless Eckert <[email protected]>, Michael Richardson
<[email protected]>, Esko Dijk <[email protected]>, Thomas
Werner <[email protected]>, Sheng Jiang <[email protected]>
CC: Hendrik Brockhaus <[email protected]>, Steffen Fries
<[email protected]>
Hi Toerless, Michael, Esko, et al.,
thanks again for the very helpful exchange on our IETF 118 side meeting
on Monday last week!
Finally, I managed to write up its nice result and align its wording
among us co-authors.
I wanted to do this before this week's design team meeting on Tuesday
but could not due to sickness.
We believe that issue #32
<https://github.com/anima-wg/anima-brski-ae/issues/32> is thus solved,
so I copied the new text there for reference and closed it.
With this, we have completed and uploaded draft version 07
<https://www.ietf.org/archive/id/draft-ietf-anima-brski-ae-07.html> and
see it ready for the shepherd write-up.
So we now ask Toerless as the document shepherd to have a look.
Further wording improvements, if needed, can go in the subsequent version.
Apart from that we believe the draft is now ready for AD review.
Cheers,
David
On 17.11.23 14:53, [email protected] wrote:
A new version of Internet-Draft draft-ietf-anima-brski-ae-07.txt has been
successfully submitted by David von Oheimb and posted to the
IETF repository.
Name: draft-ietf-anima-brski-ae
Revision: 07
Title: BRSKI-AE: Alternative Enrollment Protocols in BRSKI
Date: 2023-11-17
Group: anima
Pages: 39
URL:https://www.ietf.org/archive/id/draft-ietf-anima-brski-ae-07.txt
Status:https://datatracker.ietf.org/doc/draft-ietf-anima-brski-ae/
HTMLized:https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-ae-07
Diff:https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-brski-ae-07
Abstract:
This document defines an enhancement of Bootstrapping Remote Secure
Key Infrastructure (BRSKI, RFC 8995) that supports alternative
certificate enrollment protocols, such as CMP. This offers the
following advantages.
Using authenticated self-contained signed objects for certification
requests and responses, their origin can be authenticated
independently of message transfer. This supports end-to-end
authentication (proof of origin) also over multiple hops, as well as
asynchronous operation of certificate enrollment. This in turn
provides architectural flexibility where to ultimately authenticate
and authorize certification requests while retaining full-strength
integrity and authenticity of certification requests.
The IETF Secretariat
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
