Hi everyone, There is a new version of draft-ietf-lear-netmod-mud out there. In discussions with various WG chairs it seems like the best approach is to (a) consolidate the drafts a bit and (b) proceed in opsawg with this work. That is what this draft does. Both the PKIX constraint and the DHCP options are rolled in here. In addition, several other changes have been made, a full list of which can be found in the appendix. Here are few of the bigger ones (apart from the merge):
* This version changes the serialization from XML to JSON. Tooling is
definitely going in the direction of JSON. The initial reason for
XML is that it is commonly used by routers. We're pretty sure that
on the whole, this stuff won't be directly consumed by routers, and
those who do consume it can learn JSON ;-). Thanks to Cullen
Jennings for nudging in this direction.
* We now include a signature mechanism for the MUD files. It was
always the plan to do this. There were two choices: CMS/PKCS#7 or
JWS. Again for tooling's sake, so that people don't need to roll
their own, especially for anything security related, we've gone with
CMS and a detached signature at that. Thanks to John Bashinsky and
others for their advice on this. This area in particular could
stand close scrutiny.
* Per a suggestion from Mark Nottingham, we are now registering a MIME
application type. That registration is included in the IANA
considerations.
* The constraint X.509 specification specification has changed
somewhat based on advice from Tom Gindin.
* We've included a small number of additional elements in the model,
mostly around flow/packet directionality.
Comments and edits are very welcome!
Eliot
--- Begin Message ---A new version of I-D, draft-lear-ietf-netmod-mud-02.txt has been successfully submitted by Eliot Lear and posted to the IETF repository. Name: draft-lear-ietf-netmod-mud Revision: 02 Title: Manufacturer Usage Description Specification Document date: 2016-06-07 Group: Individual Submission Pages: 21 URL: https://www.ietf.org/internet-drafts/draft-lear-ietf-netmod-mud-02.txt Status: https://datatracker.ietf.org/doc/draft-lear-ietf-netmod-mud/ Htmlized: https://tools.ietf.org/html/draft-lear-ietf-netmod-mud-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-lear-ietf-netmod-mud-02 Abstract: This memo specifies the necessary components to implement manufacturer usage descriptions (MUD). This includes a YANG model, IPv4 and IPv6 DHCP options, a URL suffix specification, an X.509 certificate extension and a means to sign and verify the descriptions. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
--- End Message ---
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
