Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-autonomic-control-plane-16: (with DISCUSS and COMMENT)

2018-08-02 Thread Benjamin Kaduk
On Thu, Aug 02, 2018 at 02:09:08PM +1200, Brian E Carpenter wrote: > On 02/08/2018 12:30, Benjamin Kaduk wrote: > > > --

[Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-autonomic-control-plane-16: (with DISCUSS and COMMENT)

2018-08-01 Thread Benjamin Kaduk
Benjamin Kaduk has entered the following ballot position for draft-ietf-anima-autonomic-control-plane-16: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however

Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-07-11 Thread Benjamin Kaduk
On Thu, Jul 11, 2019 at 11:44:55PM +0200, Eliot Lear wrote: > One thought: > > I think the simplest way to address the bulk of both Adam’s and Warren’s > concern is to require the device to emit via whatever management interface > exists, upon request, a voucher that it has signed with its own

Re: [Anima] Eric Rescorla's Discuss on draft-ietf-anima-autonomic-control-plane-16: (with DISCUSS and COMMENT)

2019-07-16 Thread Benjamin Kaduk
Not Eric, but playing that role for a bit... On Mon, Mar 11, 2019 at 04:31:45PM +0100, Toerless Eckert wrote: > Thanks Eric, inline > > This file is: > https://github.com/anima-wg/autonomic-control-plane/blob/master/draft-ietf-anima-autonomic-control-plane/16-eric-rescorla-reply.txt > > The

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-autonomic-control-plane-16: (with DISCUSS and COMMENT)

2019-07-16 Thread Benjamin Kaduk
t; http://tools.ietf.org//rfcdiff?url1=https://tools.ietf.org/id/draft-ietf-anima-autonomic-control-plane-16.txt=https://tools.ietf.org/id/draft-ietf-anima-autonomic-control-plane-19.txt > > Cheers > Toerless > > On Wed, Aug 01, 2018 at 05:30:10PM -0700, Benjamin Kaduk wrote:

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-13 Thread Benjamin Kaduk
On Sun, Aug 11, 2019 at 12:06:07AM -0400, Michael Richardson wrote: > > https://tinyurl.com/yylruorn contains an updated diff against -24. > > Benjamin Kaduk via Datatracker wrote: > > Section 5.2 > > > application/voucher-cms+json The request is a "YA

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-16 Thread Benjamin Kaduk
On Thu, Aug 15, 2019 at 12:17:22PM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > doc> The MASA and the registrars SHOULD be prepared to support TLS client > doc> certificate authentication and/or HTTP Basic or Digest > doc> authentication

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-15 Thread Benjamin Kaduk
On Thu, Aug 15, 2019 at 01:02:45PM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > >> There does not otherwise seem to be any risk from this compromise to > >> devices which are already deployed, or which are sitting locally in > >> bo

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-15 Thread Benjamin Kaduk
On Wed, Aug 14, 2019 at 09:10:26PM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > >> Are you asking for a forward reference to 10.2? I will add this. > >> I think that section 10.2 is pretty clear about this. > >> I don't thi

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-14 Thread Benjamin Kaduk
On Mon, Aug 12, 2019 at 03:05:44PM -0400, Michael Richardson wrote: > > https://tinyurl.com/yylruorn contains a diff against -24. > > Benjamin Kaduk via Datatracker wrote: > > Section 5.8.1 > > doc>A log data file is returned consisting of all log entr

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-14 Thread Benjamin Kaduk
On Mon, Aug 12, 2019 at 03:30:13PM -0400, Michael Richardson wrote: > > WG: there is a chunk of Security Considerations text here that I hope > many will read. > > > Benjamin Kaduk via Datatracker wrote: > > Section 11.4 > > > It is not en

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-14 Thread Benjamin Kaduk
On Mon, Aug 12, 2019 at 04:23:54PM -0400, Michael Richardson wrote: > > Benjamin Kaduk via Datatracker wrote: > > Section 13.2 > > > I think CDDL needs to be a normative reference, as does RFC 7231. RFC > > 2473 is listed but not referenced in the

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-14 Thread Benjamin Kaduk
On Wed, Aug 14, 2019 at 10:05:13AM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > >> domainID: The domain IDentity is a unique hash based upon a > >> Registrar's certificate. If the certificate includes the > >> SubjectKeyIde

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-14 Thread Benjamin Kaduk
Apparently I only have one comment buried inline. We must be making progress :) On Tue, Aug 13, 2019 at 05:07:46PM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > doc> The authentication of the BRSKI-MASA connection does not affect the > doc> vouch

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-16 Thread Benjamin Kaduk
On Thu, Aug 15, 2019 at 12:58:45PM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > >> + directly. This is because BRSKI pledges MUST use the CSR Attributes > > > (This may not need to be a 2119 MUST since we cite 7030.) > > It turns out, in

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-07-20 Thread Benjamin Kaduk
ybe not that need replies.) > I'm going to use this email to deal with Ben's comments which I think we > already dealt with other edits, then I'll deal with low-hanging fruit, and > then decide how to deal with the desire for a high-level security analysis. > > Benjamin Kaduk via D

Re: [Anima] What does PKIX refer to: Re: Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-09 Thread Benjamin Kaduk
On Fri, Aug 09, 2019 at 02:24:51PM -0400, Michael Richardson wrote: > > Michael Richardson wrote: > > I hoping for some discussion about this comment that I previously > > responded to, but it probably got buried. > > Actually, you did respond on July 20, in an email that I thought to

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-08-09 Thread Benjamin Kaduk
On Fri, Aug 09, 2019 at 04:17:17PM -0400, Michael Richardson wrote: > > https://tinyurl.com/yylruorn contains a diff against -24. > > Benjamin Kaduk via Datatracker wrote: > > [disclaimer: some of these comments get pretty blunt at the end; it's a > > lon

Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-09-03 Thread Benjamin Kaduk
Whoops, this one apparently got skipped over amid some other deluge in my inbox; sorry. On Sun, Aug 18, 2019 at 04:09:50PM -0400, Michael Richardson wrote: > > Benjamin Kaduk wrote: > > That specific construction would seem like an "optional feature" per > >

[Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

2019-07-10 Thread Benjamin Kaduk via Datatracker
Benjamin Kaduk has entered the following ballot position for draft-ietf-anima-bootstrapping-keyinfra-22: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please

[Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-autonomic-control-plane-19: (with DISCUSS and COMMENT)

2019-07-16 Thread Benjamin Kaduk via Datatracker
Benjamin Kaduk has entered the following ballot position for draft-ietf-anima-autonomic-control-plane-19: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however