Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-39: (with DISCUSS and COMMENT)

Eliot Lear <lear@cisco.com> Tue, 31 March 2020 19:58 UTC

Return-Path: <lear@cisco.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6555D3A2AB9; Tue, 31 Mar 2020 12:58:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.701
X-Spam-Level:
X-Spam-Status: No, score=-7.701 tagged_above=-999 required=5 tests=[DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XpNjeylBLeBg; Tue, 31 Mar 2020 12:58:38 -0700 (PDT)
Received: from aer-iport-1.cisco.com (aer-iport-1.cisco.com [173.38.203.51]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15B493A2AB7; Tue, 31 Mar 2020 12:58:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=736; q=dns/txt; s=iport; t=1585684718; x=1586894318; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=roo7bRg/VhVd+LunC/ljau/bgw9B/119UZzLtrMXBcA=; b=Z77AxNHPQ0q6fFZlaay7jqT02PnkqXKRRZrhnp0w/XxQ/EpRZcNMtDNU ai0vS/oag/EA8+TA8ERTSjktj917OAox+QrFgKck8EsXK42s6JjB0flpN 1SXzHqrSvOek3H015hKhbb0zzVQNzoQ/jZ2dx9hrfKUt1bYMoijVZWKDK w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A7AwAZoINe/xbLJq1mDg4BAQEBAQc?= =?us-ascii?q?BAREBBAQBAYF7g2kBIBIqhBqJAodtJZtGCgEBAQwBAS8EAQGERAKCWTgTAgM?= =?us-ascii?q?BAQsBAQUBAQECAQUEbYVihXABAQEBAgEjVgULCxgCAh8HAgJXBhODJoJdIK1?= =?us-ascii?q?pdYEyilKBDiqMS4IAgTgMFIJNPoROgxIygiwEsG2CR4JWlEEdjy+MP6dsgzQ?= =?us-ascii?q?CBAYFAhWBaSKBWDMaCBsVZQGCQT4SGA2OVY1TPz8DMI8NAQE?=
X-IronPort-AV: E=Sophos;i="5.72,328,1580774400"; d="scan'208";a="24934402"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 31 Mar 2020 19:58:36 +0000
Received: from [10.61.165.194] ([10.61.165.194]) by aer-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id 02VJwZpk026029 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 31 Mar 2020 19:58:35 GMT
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Eliot Lear <lear@cisco.com>
In-Reply-To: <20200331192944.GO50174@kduck.mit.edu>
Date: Tue, 31 Mar 2020 21:58:35 +0200
Cc: Michael Richardson <mcr@sandelman.ca>, draft-ietf-anima-bootstrapping-keyinfra@ietf.org, anima-chairs@ietf.org, anima@ietf.org, tte+ietf@cs.fau.de
Content-Transfer-Encoding: quoted-printable
Message-Id: <1DE2E7E2-8386-47C9-ADA9-F289E3BEFF83@cisco.com>
References: <158561301296.11367.9776561744635554098@ietfa.amsl.com> <4603.1585620652@localhost> <20200331150202.GH50174@kduck.mit.edu> <20200331192944.GO50174@kduck.mit.edu>
To: Benjamin Kaduk <kaduk@mit.edu>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
X-Outbound-SMTP-Client: 10.61.165.194, [10.61.165.194]
X-Outbound-Node: aer-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/yBJMPJBbrcc3DBZCQxHoGkSorwI>
Subject: Re: [Anima] Benjamin Kaduk's Discuss on draft-ietf-anima-bootstrapping-keyinfra-39: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2020 19:58:41 -0000

Hi Ben,

> On 31 Mar 2020, at 21:29, Benjamin Kaduk <kaduk@mit.edu> wrote:
> 
> On Tue, Mar 31, 2020 at 08:02:07AM -0700, Benjamin Kaduk wrote:
>> 
>> I am even willing to produce an updated example voucher artifact myself, if
>> that would help expedite things -- I believe I already have the needed
>> keys/certs locally from my review of the -39.  As an alternate option, if
> 
> I think I managed to do this (though I didn't adjust my clock to try to
> reproduce the signing time); attached.

Righto.  Now the point of discussion is whether that is the right thing to do.  If it is, then the example can change to that.  If it isn’t then the text you pointed to has to change.

Eliot