Hi Michael, In reviewing the changes made in -29, I believe you have addressed the first comment from Esko, but I do not see a resolution for his second comment.
Thanks. > On Mar 16, 2026, at 1:19 AM, Esko Dijk <[email protected]> wrote: > > Hi Michael, > > Thanks for the updates. It looks like one instance of the reference to > 'draft-ietf-tls-rfc4492bis-17' as shown in the text below still is present in > the rev -28, where the related text should be removed also. > > I also think the voucher request format is generic and could store any public > key type! It's up to the specific protocol like BRSKI, cBRSKI or others, or > profiles of these protocols, to define what ciphersuites are to be supported > in the (D)TLS connections. So the crypto details should be removed also here > and left to the specific protocol using vouchers/VRs. > > > > leaf proximity-registrar-pubk { > type binary; > description > "The proximity-registrar-pubk replaces > the proximity-registrar-cert in constrained uses of > the voucher-request. > The proximity-registrar-pubk is the > Raw Public Key of the Registrar. This field is encoded > as specified in RFC7250, section 3. > The ECDSA algorithm MUST be supported. > The EdDSA algorithm as specified in > draft-ietf-tls-rfc4492bis-17 SHOULD be supported. > Support for the DSA algorithm is not recommended. > Support for the RSA algorithm is a MAY, but due to > size is discouraged."; > regards > > Esko > > > > On 3/16/26 01:11, Michael Richardson wrote: >> [email protected] <mailto:[email protected]> wrote: >> > Internet-Draft draft-ietf-anima-rfc8366bis-28.txt is now available. It >> is a >> > work item of the Autonomic Networking Integrated Model and Approach >> (ANIMA) WG >> > of the IETF. >> >> > Title: A Voucher Artifact for Bootstrapping Protocols >> > Name: draft-ietf-anima-rfc8366bis-28.txt >> >> > A diff from the previous version is available at: >> > >> https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-rfc8366bis-28 >> >> This version deals with the AD review comments from Mahesh. >> They are all complete, and I don't think there was anything particularly >> controversial that the WG needed to be consulted on. Of course, read the >> diff and disagree. (Or send text) >> >> If you want to see how I dealt with each comment, then one could start at: >> https://github.com/anima-wg/voucher/issues/116 >> >> Each sub-issue deals with a type of comment, such as: >> >> https://github.com/anima-wg/voucher/issues/116?issue=anima-wg%7Cvoucher%7C119 >> >> Where you can see a comment like: >> mcr added a commit that references this issue 3 days ago >> remove redundant word -grouping from names of groupings. close #119 >> >> with a link to, e.g., >> https://github.com/anima-wg/voucher/commit/ac84b245a12107a7271a984926075e3100444ac6 >> >> In the process of dealing with references from the YANG modules that did not >> lead anywhere, I wound up removing some BCP14 language about supported >> algorithms. See https://github.com/anima-wg/voucher/issues/125 >> and also https://github.com/anima-wg/constrained-voucher/issues/346 >> >> This is not just about for (D)TLS itself, but in effect also supported >> algorithms for the IDevID and registrar server certificate. >> >> -- >> Michael Richardson <[email protected]> <mailto:[email protected]> >> . o O ( IPv6 IøT consulting ) >> Sandelman Software Works Inc, Ottawa and Worldwide >> >> >> >> >> >> >> _______________________________________________ >> Anima mailing list -- [email protected] <mailto:[email protected]> >> To unsubscribe send an email to [email protected] >> <mailto:[email protected]> Mahesh Jethanandani [email protected]
_______________________________________________ Anima mailing list -- [email protected] To unsubscribe send an email to [email protected]
