Re: [Anima] MichaelR: section 5.1.1 question (draft-ietf-anima-autonomic-control-plane-05)
Michael Richardson <mcr@sandelman.ca> Fri, 17 March 2017 13:56 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BE4112943C for <anima@ietfa.amsl.com>; Fri, 17 Mar 2017 06:56:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2_v2PWYkTVRu for <anima@ietfa.amsl.com>; Fri, 17 Mar 2017 06:56:05 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84F1C129438 for <anima@ietf.org>; Fri, 17 Mar 2017 06:56:05 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 7A781205BD; Fri, 17 Mar 2017 10:19:17 -0400 (EDT)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 516D0636BB; Fri, 17 Mar 2017 09:56:04 -0400 (EDT)
From: Michael Richardson <mcr@sandelman.ca>
To: Toerless Eckert <tte@cs.fau.de>
cc: anima@ietf.org, Michael.H.Behringer@gmail.com
In-Reply-To: <20170306220030.GB7471@faui40p.informatik.uni-erlangen.de>
References: <20170306220030.GB7471@faui40p.informatik.uni-erlangen.de>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Fri, 17 Mar 2017 09:56:04 -0400
Message-ID: <1140.1489758964@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/nTgDaP4_-TKbQShmfb_BWu8kFp8>
Subject: Re: [Anima] MichaelR: section 5.1.1 question (draft-ietf-anima-autonomic-control-plane-05)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2017 13:56:08 -0000
Toerless Eckert <tte@cs.fau.de> wrote: > I remember from Berlin that you wanted to suggest a better > format/encoding for the AN domain certificate to indicate a > pledge/devices ACP address. I have not seen a followup re. this item (i > apologize in case i have overlooked an email re. this). Hi. sorry to have not replied to your email. My thought was that we should have an actual subjectAltName otherName entry. I had originally proposed defining a new OID for the IID part of the address, leaving the upper bits up to the RPL PIO. There are other options are to use the subjectAltName iPAddress choice. See https://tools.ietf.org/html/rfc5280#section-4.2.1.6 I think that I proposed text that would allocate an EUI64 OID for the certificate. (I have operational code using mbedtls (client) and openssl (CA) to do things using an OID from my ORG_SANDELMAN (46930) PEN.) If the WG has consensus on this, then I'll dig the text up. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [Anima] MichaelR: section 5.1.1 question (draft-i… Toerless Eckert
- Re: [Anima] MichaelR: section 5.1.1 question (dra… Michael Richardson