[Anima] FW: New Version Notification for draft-ietf-anima-brski-prm-16.txt
"Fries, Steffen" <steffen.fries@siemens.com> Tue, 07 January 2025 17:13 UTC
Return-Path: <steffen.fries@siemens.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E2A3C151078 for <anima@ietfa.amsl.com>; Tue, 7 Jan 2025 09:13:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GvB4zyEZwHVx for <anima@ietfa.amsl.com>; Tue, 7 Jan 2025 09:13:25 -0800 (PST)
Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on2058.outbound.protection.outlook.com [40.107.241.58]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93D7EC151076 for <anima@ietf.org>; Tue, 7 Jan 2025 09:13:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=lZjN6wIQcZBa5N+Axps3x5xxOpJ3NJSihoIbl8CKSJcVW8diNLNz3oYgU/bgJf3RSO+hzH1XuCHU6wx8ojJopSNzlGvFOgELS4FFebJCDArIktlZawnNCcNQm4BrxqxQ/bw5rMom5BskNY2EboqWfn1gbWjwoX21s2kHDoT9xB2LFxNVbXzkWZub4Mw4U5YhcvJYrXn6OAxfpRSo5vigMn0lX75z2LJr4YsD3EBg5/QCAGRXwtL2+dQvhTMitYUTiEBiIhGkqFSOh5Gyro7E5cBzWw91o6onOEJ24zhfhRvzC/HJGQKCLX7dnf52qur6O0R3D9dCn6n1TFSaq5vEYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DghZxGtbLwdC1kr1i+VHvsGZMDgNd7ahglanQEFP1Eo=; b=urPjaujzsgrSO3EDIyTJQif1EcMgMWjJ/UbaoN9rlD9TqwTOSBnbj83ptjh9vchCbVniC26kIIBsQU3Nh0ClYU850rd5u2UPhELjdZc9YnOxw11EoIBdWDRDxBZvohE0xBE5F5A8DT4zrO+F9efI4T1/Dc2uROi3KGHjK/wBsfMifqC7HNR6oe5TlMW2itR6BMBceutYkn5HoLSx9e2jhL7uzrpQ+XIEeyh39rjDZX9zKZOGDkVIPXRxvAsBFh1KGRQ4Wl8YgWX99aPHb757fsWcvimjwFEsqOFxeW8zADZOSvQgeTzyqrssl7pqTL7NxxVT6WhXUwQKx77zU5NrbQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DghZxGtbLwdC1kr1i+VHvsGZMDgNd7ahglanQEFP1Eo=; b=bXz7/d8RcVrYzqFVKobkafAFJ+myd1Uytlxlb/jpBx63+B8rJCI+8BSzK9lQNXrr8GTBNsHb9bVqZSL3QPFu43+EOk1yCCzp9E3bVl2i4tJVVZm1Z+8oyhD3R5M1lw8HFcGXM5Ih8X3PJoEbTlS4dnqsmBwg3oQitNPSHayr64IR/SsRNc5hIzSPK8PJRq5rhVIK6QGYWHgVUPkddQFwVAW9uCRPgVXfEwrFDRcJ5Wk+XR6A0krnCo/EnJTJPGj2F1gfvSQmUwa4xCSpsa9tkvCj1UBn4VXusRdbguPAVsSOscgLUhzdkUz5SiLQoxPOmeiu2a2hIwMyTOF/fGf21Q==
Received: from DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:3c6::22) by AS4PR10MB6039.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:576::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8335.9; Tue, 7 Jan 2025 17:13:22 +0000
Received: from DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM ([fe80::634b:e5d0:8c00:762a]) by DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM ([fe80::634b:e5d0:8c00:762a%3]) with mapi id 15.20.8335.007; Tue, 7 Jan 2025 17:13:22 +0000
From: "Fries, Steffen" <steffen.fries@siemens.com>
To: "anima@ietf.org" <anima@ietf.org>
Thread-Topic: New Version Notification for draft-ietf-anima-brski-prm-16.txt
Thread-Index: AQHbYSbrv+SqbhcN6EiVShcd/8HZzrMLi76w
Date: Tue, 07 Jan 2025 17:13:22 +0000
Message-ID: <DB9PR10MB6354081E9E51FFF2D4161418F3112@DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM>
References: <173626976572.2028510.1126186903536688517@dt-datatracker-65f549669d-2xld9>
In-Reply-To: <173626976572.2028510.1126186903536688517@dt-datatracker-65f549669d-2xld9>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=186411d2-389a-44ff-b6d0-6cc5c9eca136;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2025-01-07T17:10:17Z;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DB9PR10MB6354:EE_|AS4PR10MB6039:EE_
x-ms-office365-filtering-correlation-id: adfdd30b-f1d7-4c20-989f-08dd2f3e96d8
x-ms-exchange-atpmessageproperties: SA
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018;
x-microsoft-antispam-message-info: yuxwb/2QydsC/Ylt89AQeRt+9Pixj4xlf9EUKCQEf0V76aQKYGoXTu0JOtmBmx2EPkL8tnuUFGIrHMONiNKgB6AdU+wDMyL48QBKQWl8UUAseZJg/RBcTLun+UI3uaEYRdNfI+cW0MvPkb87b7zQ8Z8tTn/fNC8c3RGViU0c8LsZ7uUAHaBBvc9L3mprLf+thmpgDISQeEDzkASjuwC/fhMmi24OKoVtdWuC46igd9AoJP+XPUrSA8mfam0cOEWrxDOwNqD5i8G4Ex6mqigewUNlYzcun+eX7GcTHpiM3kKFOwWe2ZLnfAtnzSO4BnbeFNsjgnYS/edV61flWF1VftI90YGk2kYDHdHpfVtHrcvAp6HrHCE1k7Q5Hj0cD+ThnyjQn+dUlGuiUGM9d1kpASePgG6M+YpSjhesnaiQfRTryv+m9TQOUdrRsHbe40DZp5uZ0Sd5ZOdvKsth3pwGkkqDoDUJzsLBBBhSAyqCW/cnJB7TW+aO6XtIZqdx9pcwMdrY3EKZ6vxhqKIrmQh9oddPEUyPYuR3I2vGHdpjHzb8AhsCcQwIOfIlcjuE8SBXLNJaMm8mlZiUdD11Vvxe4kptvqEzcpRHEp1g2cLrf8IQFuhakByFc2AK+pe8vKStizfGT80LkaEkWSWBKxuiJSJ5DFX6PfB1g2iNOb64XjmDSznPTajLzzrP8t9DPwO2gUq+3lmGj/zsNCmFAzH6tq0o2Q9iqHK0RyVgxHyviJqDOQIcYDkYkD13lIktWaXHZE8VH6CqTdTWBRHUo31u0HqY9wGwrZQtpQqhVvKUhgAg3GCRMLz1/AXGgp1SOh+sEPQiogT4E0gtzjEozo/s69msQcsyuK6xEuEoP4I87AuybQa9MYAEJHlWtJcK3DuXFbwHadXktcrmFi6ccV1c8boxtkGm9qzpeIct6vr9NUf8hlh3eZ+JFy9+969nOeqjh00zR7B8pfh9mVahbfbZ7A4EGMiC8/caB8s08B+wdCTiduA74rLAcHRUDk48Mi765Ux4DSNn0OgmqWnO7zAVtSkH9pT5gSSxVQ3vZwvHzHis9wgeL60ceH30q+eQOxApI/UGRzfAFFLfOinx/P67TX+ealUiCVNwYjQLPDkB0PriU9JIA4eZ+8cjhKJpK+nlOzxgLt/r2nmfHWj9SVQ0ZKuKjhiAXdSaQen06N4SfsCLlUzJpldS2j/TcCiyl2sq1MPRwHZzmX7d4kUmG8W5jXMs6JDeZpCoelTMDWGJhEwSoeeE7huCiKHW74yEAI6XtS5EQi7ZpZ6Ie90fIDHwwiPIgqEb3pUEbaCF+DC+lf48cZuSkgSRW8tKCQ2gBuJopYOnmzgce4qHXwRjB6EyCVcbFDx4LXo0ArPgO/Yx2FF+pgNIahZ877RLxCUfppcK79qY6MavmXml7soriHGxNQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: KguB/TctB9KSPxm8pXDLpGJ69edltvam1UzKsis4AK8kQatBmXYZ0yUt8RvEcdB4G2DpBuJi9toHlKdxHchcsK1nIuBQJRjGIFMT06rJHESy7CSpTGIduNffm50QWM+OLoO8sgT5O3aDuZAVDuQMZMAMLPtHpsq8sQjuk49Ho9N1LY6DDkxqMR5e3YiPyQGcJWlcGXHwUeazvDv/JrAXsY65ODaCnX2VVnepcdAgJ8Q1Sh7bWINSi0+8mS6zEDGo3aUtqwAx9az7/WIBQ35yu9wPvWbugqzWO43qgbqQRUCQzgAXYKGhj6OgTOljTg/4KSE+lL7eD6F6pCVJ3AfHeFbcgw5jFccjgeftbRnwfTFwQibqc8oNkRqCM0t7SMnECbl+F6Pg2Dys5u/cxBSQywOobPL/YAicwgMcNzjWv3y3uQo6YOfADK1SbGKLDAI4kO8WgBg1MfHZG9liIsJ0Llf3HrO/nODTDLc0IArsSycJKUQ610kYNLT1qZLcouWsrFxfRPXEPscibFbMYqC1MPKvK2tWq2xzOZpDvwisxl2jvGYN2AaeyrVQWwC6fOtT4L4d+isBIOMSL1W/K6pJ5qZrQvXW1CrNtWRgy07gjxo8PecSBjTUEnHjDNUB3VYkT9nafWbpUZKIJzmf7AJwAJE84H9q8xOSEIu4LWIFYrzvinyZLd4tKjTkEzKsQDtRHf0UmSwUaHI7B10UZZraf9+O1lRMqkcAEGKyiacsa/9wmxvhrJB5JCQj1wd14PrMDSx8a9t8rnh/tOnlLeCiVUJodoT+HJErL2cxyWzG0T6R9zWO4p6YlOebPg1Qd0ENJN2ZaTSewj1auAw9nBZ2FBpTAznT/c6DVoVHrBxxKFFoY9GurbSMvJaVwUoltgZ9KlF49ZtrE0Ka7fqR3HSnSBTkDgWByA1KYBOotyKRgQwxySDFzAYR54voYvGj/zIz82XBEX9EQnl+bSiBYeOVhOBTE22bU5BVBC1q8TyAEGJD/Chu9DBNVmwfUk61clRWQKyXNr+sGhScsjdmTnRSm3OZXpbIqttOO7UZNUhRQl1bqpyZOgZl4Z5mI4vWk9/668cjQqZUnRyyNOlCt8ftZ/zizXtU0AJtWWu21XWcv6QJKdDGpGB6B69L6HWDGA1sney7j2Uqe3ODb4QzOM7ndRrIA+WOsGKs49XP1QjME/srrlrWab9CKHWb1XKx9I9vyJwarL47NP6PlIUH92EwSbLyVTG4SmRln2+W7SbNU345N8TuEP4sGk5s8Za6ylWmuHpm5jwuIkRSe468n8VFvBzBxNwoctbxR2au/CJ9lhhmyxr1FKEQoPnO4it+6lOY+mTX6jNcd9kmXZeFX7ytvXiJYWMhwtHLdP78hjSR00+qeWCLSV1P7aZ4VJQuwGdcECrpBwQnTdKKPKYbTdUOjHduMH19eqPNaSNs2tlvOSXjGMLvvj2ioYOBjHgFmZxIjz9keGE6PnVNhH7oBH+JomiakORkfAsUBkjrgrBdOZVu0D+JBiXR9Du4xwcMrBQYWUXNL2JymGDQu9OXUwMMcj93Jk9cJqCKitboR5ztRZ7fMHe9VeqLidvuamQ88aKh
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: adfdd30b-f1d7-4c20-989f-08dd2f3e96d8
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jan 2025 17:13:22.1205 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dbejLgH9eRWQXeAt9bVZU+XcXsC7ZOS9RszLnq8zeghX5FmKqndhe1ri1IpL9CqKj9tn2aIDr9wFL44We2WDoCnGhLIEf5cCbPPN9et65W0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR10MB6039
Message-ID-Hash: Q7SAJEADYPFTYQMGUR6DDWF5YXZHLA6A
X-Message-ID-Hash: Q7SAJEADYPFTYQMGUR6DDWF5YXZHLA6A
X-MailFrom: steffen.fries@siemens.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-anima.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Anima] FW: New Version Notification for draft-ietf-anima-brski-prm-16.txt
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/hqM2EM4XktB9THSCvCkLEwAKqlg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Owner: <mailto:anima-owner@ietf.org>
List-Post: <mailto:anima@ietf.org>
List-Subscribe: <mailto:anima-join@ietf.org>
List-Unsubscribe: <mailto:anima-leave@ietf.org>
Hi all, we just updated BRSKI -PRM addressing review comments from AD / IOTDIR / OPSDIR review. The following changes are contained in draft version 16: * issue #135: corrections from IOTDIR review (clarification regarding minimum supported discovery in Section 6.1.2, clarification regarding CDDl notation in Figure 27 and editorial nits. * updated references (draft-ietf-netconf-sztp-csr became RFC 9646, included RFC 9662, operational considerations drafts for registrar and MASA) * AD review: included term Registrar-Agent in Terminology section * AD review: enhanced interaction information in Figure 1 and Figure 2 * AD review: included new section on Section 9 to outline operational considerations * AD review: enhanced Section 8 with more detailed recommendations on logging * AD review: enhanced Section 11 with enhanced recommendations concerning logging * AD review: enhanced Section 12.3 with more information about misuse of the Registrar-Agent * IOTDIR/OPSDIR/AD review: addressed various nits received throughout the draft Best regards Steffen -----Original Message----- From: internet-drafts@ietf.org <internet-drafts@ietf.org> Sent: Tuesday, January 7, 2025 6:09 PM To: Michael C. Richardson <mcr+ietf@sandelman.ca>; Eliot Lear <lear@cisco.com>; Michael Richardson <mcr+ietf@sandelman.ca>; Fries, Steffen (FT RPD CST) <steffen.fries@siemens.com>; Werner, Thomas (FT RPD CST SEA-DE) <thomas-werner@siemens.com> Subject: New Version Notification for draft-ietf-anima-brski-prm-16.txt A new version of Internet-Draft draft-ietf-anima-brski-prm-16.txt has been successfully submitted by Steffen Fries and posted to the IETF repository. Name: draft-ietf-anima-brski-prm Revision: 16 Title: BRSKI with Pledge in Responder Mode (BRSKI-PRM) Date: 2025-01-07 Group: anima Pages: 116 URL: https://www.ietf.org/archive/id/draft-ietf-anima-brski-prm-16.txt Status: https://datatracker.ietf.org/doc/draft-ietf-anima-brski-prm/ HTML: https://www.ietf.org/archive/id/draft-ietf-anima-brski-prm-16.html HTMLized: https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-prm Diff: https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-brski-prm-16 Abstract: This document defines enhancements to Bootstrapping a Remote Secure Key Infrastructure (BRSKI, RFC8995) to enable bootstrapping in domains featuring no or only limited connectivity between a pledge and the domain registrar. It specifically changes the interaction model from a pledge-initiated mode, as used in BRSKI, to a pledge- responding mode, where the pledge is in server role. For this, BRSKI with Pledge in Responder Mode (BRSKI-PRM) introduces new endpoints for the Domain Registrar and pledge, and a new component, the Registrar-Agent, which facilitates the communication between pledge and registrar during the bootstrapping phase. To establish the trust relation between pledge and registrar, BRSKI-PRM relies on object security rather than transport security. The approach defined here is agnostic to the enrollment protocol that connects the domain registrar to the Key Infrastructure (e.g., domain CA). The IETF Secretariat
- [Anima] FW: New Version Notification for draft-ie… Fries, Steffen