[Anima] implementer question about BRSKI telemetry return(s)
Michael Richardson <mcr+ietf@sandelman.ca> Fri, 17 May 2019 19:12 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8938120117 for <anima@ietfa.amsl.com>; Fri, 17 May 2019 12:12:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNmKtSz42VZS for <anima@ietfa.amsl.com>; Fri, 17 May 2019 12:12:43 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F9E912008F for <anima@ietf.org>; Fri, 17 May 2019 12:12:42 -0700 (PDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:56b2:3ff:fe0b:d84]) by tuna.sandelman.ca (Postfix) with ESMTP id D0E3F3826B; Fri, 17 May 2019 15:11:52 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 71C4DDC1; Fri, 17 May 2019 15:12:40 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 6F54EB3D; Fri, 17 May 2019 15:12:40 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima@ietf.org
cc: "Werner, Thomas" <thomas-werner@siemens.com>, max pritikin <pritikin@cisco.com>
X-Attribution: mcr
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Fri, 17 May 2019 15:12:40 -0400
Message-ID: <23919.1558120360@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/YN1ayXknb8q_Xvrkt_WMAWgU6PY>
Subject: [Anima] implementer question about BRSKI telemetry return(s)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 May 2019 19:12:46 -0000
Max, Thomas,
I've just opened issue:
https://github.com/anima-wg/anima-bootstrap/issues/130
5.9.4 Enrollment Status Telemetry says:
In the case of a SUCCESS the Reason string is omitted. The
SubjectKeyIdentifier is included so that the server can record the
successful certificate distribution.
the section does not explain how the SubjectKeyIdentifier is communicated to
the server. It could be taken from the new TLSClientCertificate, if we mean
that, we should probably say so.
The section is also vague as to server; whether it means JRC or MASA.
I think it means the Registrar, but reading the section alone (out of
context) makes one wonder.
I've now realized that I have probably confused enroll_status (5.9) and
voucher_status (5.7) in my brain. I was thinking that the voucher_status
gets sent back to the MASA. It is not, we would seem to basically signal to
the MASA that the voucher was accepted by asking for the audit log.
That's fine in a success situation, but not as useful in a fail situation.
I feel that we are missing something here.
--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
- [Anima] implementer question about BRSKI telemetr… Michael Richardson