[auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-emu-bootstrapped-tls-11> for your review
"Harkins, Dan" <daniel.harkins@hpe.com> Tue, 19 May 2026 00:24 UTC
Return-Path: <daniel.harkins@hpe.com>
X-Original-To: auth48archive@mail2.ietf.org
Delivered-To: auth48archive@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 45A32F06DA6B; Mon, 18 May 2026 17:24:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1779150278; bh=CJL0m8e5IkQu6cHYQOWyWWVlqH+fiu6XLA0TQ+U2imE=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=IX2lmI5YKahqH/m7+sLqSAIliSmhHO5zCvhgRw21UlpOWXBxynyp9QJ/qnJnXGIzp z/1/141ss8yye1iaQhTHZro6R992sCXXUMqxX0T9+IdXSZXvjobZ6hLCzbBkjxl3Ip z+EjYkGPpgj+eE2YT18A/qbeW3mESsVoaKSf0YWw=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level:
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=hpe.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NemfD29K6l3H; Mon, 18 May 2026 17:24:36 -0700 (PDT)
Received: from mx0b-002e3701.pphosted.com (mx0b-002e3701.pphosted.com [148.163.143.35]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E15F5F06DA3F; Mon, 18 May 2026 17:24:33 -0700 (PDT)
Received: from pps.filterd (m0134425.ppops.net [127.0.0.1]) by mx0b-002e3701.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64INSGxk038874; Tue, 19 May 2026 00:24:25 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hpe.com; h=cc :content-id:content-transfer-encoding:content-type:date:from :in-reply-to:message-id:mime-version:references:subject:to; s= pps0720; bh=CJL0m8e5IkQu6cHYQOWyWWVlqH+fiu6XLA0TQ+U2imE=; b=LDDy cBQ0kqsYu79skGRo5j4O1YH0nJI4GSolcVXWkSHVxv3HdUN76OU4Dp/jgj0SiCW+ 1iW4gRWEzjYdVrjMIxg7UTLYmKJmJrHOveeuENIz+YfDTqPej3IIByTihscGQ4kP DGFhrSLyx3uOJQBBETGQ5btGLEPa4CXOEnrj0iSGUdouVTdQDt8S/Vb5GtC2tggd C+0MfaberG3htELl2mcF8CSctBfyj4oWLQqCMY7KXsNmq0a2+rM+kAe9fUXlETq1 8b1tTQjjTDaTfhycNQyzglJMeDLFdQIYv3U6kfknbGuZPmbZLb1X48qq8BGV7LS4 Wv9TqjKNhzyiy+BdUg==
Received: from p1lg14879.it.hpe.com (p1lg14879.it.hpe.com [16.230.97.200]) by mx0b-002e3701.pphosted.com (PPS) with ESMTPS id 4e8694ncy9-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Tue, 19 May 2026 00:24:24 +0000 (GMT)
Received: from p1wg14925.americas.hpqcorp.net (unknown [10.119.18.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by p1lg14879.it.hpe.com (Postfix) with ESMTPS id 45DDD2F00E; Tue, 19 May 2026 00:24:24 +0000 (UTC)
Received: from p1wg14923.americas.hpqcorp.net (10.119.18.111) by p1wg14925.americas.hpqcorp.net (10.119.18.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Mon, 18 May 2026 12:24:20 -1200
Received: from p1wg14919.americas.hpqcorp.net (16.230.19.122) by p1wg14923.americas.hpqcorp.net (10.119.18.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17 via Frontend Transport; Mon, 18 May 2026 12:24:20 -1200
Received: from PH0PR07CU006.outbound.protection.outlook.com (192.58.206.38) by edge.it.hpe.com (16.230.19.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Mon, 18 May 2026 12:24:20 -1200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JQllu2ujI3xNEaaS984TvvEkhrfV1FKKGSgWkT5L9E0q2fqKZtFvuMzLYHuK8PKswxP+XxV27DpA7ODISu6S4fbHYyU1a29mfG5RJQVkiUicUc7QGG/pHtW6qC8d/ghNiYgRHxFvFHs+hEC029rO/QqqZB2QqQp9AgXM1xR1KVb7xRWXYi+UC1GhztqI3P6/nAkfzj2NTWdeGGrCZ0bJFgIh5QC0rdfNUkMQQ5bM4TimsGtSHxzxnUQbJq9fbFV6onw1mRPYjIC/i+KDY37CADe1o2DF04OTdSMHfjTjtIPSLPpkPHJpojFurwFnk2UOKrmTRIYVUT6nhYZfoPdC+Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CJL0m8e5IkQu6cHYQOWyWWVlqH+fiu6XLA0TQ+U2imE=; b=PiyTk3egtJmE8YjSneGY9PEW+ZJNEgUiGgsjnOSrLljIIaCLzburtW4eBB5PAY9bkPAjmslSLR6/jW+nJ2kz/AIepDkU6hfmuFcNBIgg8h11ZD/UL2FAJCyri8sAEvv0U5OzI5PrJ28tidLgHblISdVyVjeMCQjUruDQh0GEX+/6YTK6AjzDLkRevybmFNGvRQch/iiEZBUPGHos6G++txGBSq19tDiSvFwq+LuDiiVIVRdE2TK7enUJlqH7wjtxLq8gr850kZxLNwwYHEv6apH0rMFS84r/36NBUo8KfbCat2HhsjxQv5eMu7TLOzwxO99CU3nyuhxZv9oYSMj4pQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=hpe.com; dmarc=pass action=none header.from=hpe.com; dkim=pass header.d=hpe.com; arc=none
Received: from CH3PR84MB3989.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:610:253::18) by CYXPR84MB3667.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:930:d7::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.48.14; Tue, 19 May 2026 00:24:17 +0000
Received: from CH3PR84MB3989.NAMPRD84.PROD.OUTLOOK.COM ([fe80::29bb:f363:2971:9f3a]) by CH3PR84MB3989.NAMPRD84.PROD.OUTLOOK.COM ([fe80::29bb:f363:2971:9f3a%4]) with mapi id 15.21.0025.016; Tue, 19 May 2026 00:24:17 +0000
From: "Harkins, Dan" <daniel.harkins@hpe.com>
To: Megan Ferguson <mferguson@staff.rfc-editor.org>, "Owen Friel (ofriel)" <ofriel@cisco.com>
Thread-Topic: AUTH48: RFC-to-be 9966 <draft-ietf-emu-bootstrapped-tls-11> for your review
Thread-Index: AQHc1srgBhynBxKfQUKwuaPqoW/JnrYT/4QAgAAuD4CAABG9AIAAgEgA
Date: Tue, 19 May 2026 00:24:17 +0000
Message-ID: <E0127A3B-0596-40DC-8552-1BA6B7F7AD54@hpe.com>
References: <20260428045204.1E8462CCE7A@rfcpa.rfc-editor.org> <PH0PR11MB508081C97B911F27D5FCEAD1DB032@PH0PR11MB5080.namprd11.prod.outlook.com> <C4EDD4D5-15BF-494F-8C21-EDD5FD21501A@hpe.com> <F4DEBFA1-9DDD-4A29-A4DB-C569C80378DE@staff.rfc-editor.org>
In-Reply-To: <F4DEBFA1-9DDD-4A29-A4DB-C569C80378DE@staff.rfc-editor.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.109.26051019
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH3PR84MB3989:EE_|CYXPR84MB3667:EE_
x-ms-office365-filtering-correlation-id: cbb65576-6361-419b-8dd5-08deb53cf697
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|376014|1800799024|56012099003|22082099003|18002099003|38070700021|13003099007|3023799003|4143699003|4133799003;
x-microsoft-antispam-message-info: ekogxw9WGx9XB+YWpXkl5doY3cxtEJxOXBxyZDSHaTLorkMzGiSQ1GWSlKEO/aekDxE965WBFJO4QRWfoUD2lXvhxPgcTwPb071lbw47xkZKVcC/PsuARy+kYuLfSrmmvhK2N8Wrg4JZ33+umwwYUYHZrbTff5geH/7gkO78tvtUycs+fF4zwTaPbhgCHNNO3zd4KW7EPTFRpIsRff5SZy2LaPeWZdscWkDmNnVF0xaiVHsQf/0cUjgw+VYJEljzDamXfu0168Mnr1nWCDHirp+jQ/bHDExe6Sc0HmtcxDpg/5q+/ALLX81g1Pj66AKSXddkCI8IHkxw76HybMgWsvNyPYa2gkIMIh5NLamWTqA4lhMGJOYHcbfyhccB28h4LWMO/pH0ORk53H+UXGsCg8dzshZAK/mKxgM28VEMFPdBzvMJRWqWG+VdwZgbS1LUS8SdPs9YC9XL4eAVa/XAXxsDKPb+MUN6Qoxwo+VIyMHIQUU1QXhJf2v4jGiahFv7QlWJIhgnFbAgoetzNfJZTPxU8N8q3BKNEvGxS7wZeNx1CREEGksQtUoPjfGZELGJ6bu6+EcO438wa/vD/hQOpjgsD3Kahj7TRQO4zcRqeB4DP7ooWM0NZLqna+H+lDYm/UdAvAaoTQLlr5i8Yl74uXOxmcXvuPVkJ6JYU/vQi7y85X1gZlwf9BLpbsSNOMLqQrU9/GFJsZW0wsFAMlSv5w==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CH3PR84MB3989.NAMPRD84.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(56012099003)(22082099003)(18002099003)(38070700021)(13003099007)(3023799003)(4143699003)(4133799003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 6rFk9aL6kJ/7SbdrFv5Bl9hawMgTl72iGNf0WkjObSC84Dc9TlYYdoEDn8m6HYhr7TzUF/U4izfQe/+fZxUuhLs4RWsZa9o+rG1D625S5YVun3WPmuJvREGkzL35EDp06B0VyHm/D8ZIkx2oIITOa0VwkKtkVBvVu+DFemvLwK29Sc7DKjgrMEJ4+VCdWRnqVNijRWTZODqiftErzQLKEaEiTTnr3+nvtWJd1axhWTA5uxATYTZD5PaTaHg2jBtnKJA4JJTbncVJpG6A+rRzW/dCH3LRxMpMk8J0EddJU0kLal/KcDPqxePnrIfB/QJEBORtiAtudhEAPxKU0fpms5Ylk8P1TNoEUvRf1T2OaVn0V1GK+zxbofnhg8bdRJHGr320EtyFTOdaZtKRBiTooVRySp5ptwBQ+0I84PkFS+2dX8LB6er7lhBJSHJCf0lg4lJ58PI77Fje7X+7THfON0AXy0cXRrUbTqsIagtuNahK5i9go4FNVAvfbcyWVIKFESvVyHxhnhlc/a+BzfaQ8AgcUB0NIVdsfDmRqXep46S8CVxCCzjHIQWbATLVnPgi7+5TLe1X8OdBs5zgp58alVIeAvCoan7aFsfNw4adLTZR//+dot2jP8d/l0bcuURVp0RQy1PcO9iv8ti5xNH+OCd28c70eA4jml6kW8HYPIUiw/tzK7nYMtS4sNn6SCgRCV3nz6zWHwX7I9G3LaJr48YnNrqQB2JDqPsw4hTQZ8855SJ6YSHuzGefTBZ/hhP/qBamb/Wd6uaAiMR7Uxi+QYijgrA7vNBVSWR13MqUWH5XrIEhfC4Q0s4PQrAvvN2JsNXT8IW8FzIn7LWWQz8mB8CeJaSpyQYFcCa5UDWh6MNZSf5TrblEEnILK38mln78P/dcIzsdcu5CDIRUkOrjUKNlwZQyYhWa4cakkcg9NVrtDNWAkvsffS3ecPP4uOTa3fxJMCJ1tzoWpZdPePY0fsSDIpbwQlDQzVbOav+izySZW5i+SHDUmjzIrtm89D08MNDgQauAvbN0DH0HDT0W+gsDgPy8KuVWGgB52wJhEd1MWG7LoQub63NvnKucGwrVF6EC3hsC+kgxilAsmCjRx9Fb1+Xze/N1m1c8EiydY3IBzEzjj4qpQwbAfnSWbY+WZxzqx3jGDJriaU3DXC1iqKTB+Q418uazIw/ela/gvGYO5LvnALNRXTKjbhuIpBYe+9HuFlWPBrDchxZYeyeeVSr2xCP825fEqi5OMCMIzynmMXrtVokNBuzUNMOm3eaDdP1iOeqyMr4vrMR0j/lIucU9Nc/N2L9n1UI919WBTvn//KUgMUGfldrLkq64ur6o3X+V65PsIqKJpdy+L6Yu8r3Py378J4e4aCj3sHLCKBcpYsU5zwR9EE1UgjUqH+TIoxrhgdKnB7EfxyNRkZLlFM417k6g4djw6ESTosLbf8MYHGYsUbh7aRolOTm0Lg1vl+EghQ+AprGGxMEf/Hze786FzMaO4nuPvrC8XLxzj+YSdrdwqkcilnfnDruRnyDTaGQON6tfpblX21vBnzVnkNGfjA5dKJAItRFhuxKmQxwzzxdLOcjMZmDqTXRmwJapcH4qQ331DmfZQcp9B70dAS4fvndaQ8bYpkYKa4mcc35w8FI+mhBSSPZOiKdj8JkS7W0xXZJUA9JdprwfjPIgBlStAnmfU5IrW6zRa0e5FysuTuCZWKq24ub5YtelMFpireSKn3t7b2nhpb0OtONz0g==
Content-Type: text/plain; charset="utf-8"
Content-ID: <E766C2C048829B419367E1132D8ACF2D@NAMPRD84.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Exchange-RoutingPolicyChecked: dBGmKPS9a/qelsAp+PhU5B1Fnqyk9tEaULfvBcQxcms8j8YaYNKH7iWTucXU/Gk3JdOY8JlF/E+vAdg3em2Vxpjx3cCZxjlC3OAj4As/HJTyTirOhreEYMYgq1Vl6ez3KFXkW5IyMe4WGpVoZinXUc8QuCNxuWz78+l0zLAA+tgbD604NHH7MkBmrse3vFk/TW276Wg7MNPsRdntcmOO+ppjiRVsutIEvj6hProYs9VMI+jcryfTXGMBE952pOoTywu4FifeZEAWNjizxCG4eRnp1PbGYhJyxhE0/vkSeWrpZHCGwgqoxOMm/T7i/1ea6N/uRbgwgO2uXH4nD9o7VA==
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH3PR84MB3989.NAMPRD84.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: cbb65576-6361-419b-8dd5-08deb53cf697
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 May 2026 00:24:17.2918 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 73YutdwYUusJ4qr1EBsrT25I3T4OcAfeXcakevG/qg1U4zK+cEMC72zeu9WyaXuFIeaxOGgRVaWIvpOCE1dOsQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYXPR84MB3667
X-OriginatorOrg: hpe.com
X-Authority-Analysis: v=2.4 cv=YpQ/gYYX c=1 sm=1 tr=0 ts=6a0badb9 cx=c_pps a=5jkVtQsCUlC8zk5UhkBgHg==:117 a=5jkVtQsCUlC8zk5UhkBgHg==:17 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=IkcTkHD0fZMA:10 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=gQcMVamqm3wCPoSYhaRC:22 a=ZSrvDirOKP4VPF05hnFf:22 a=BqEg4_3jAAAA:8 a=48vgC7mUAAAA:8 a=AUd_NHdVAAAA:8 a=MvuuwTCpAAAA:8 a=soKBErP5AAAA:8 a=uherdBYGAAAA:8 a=I0CVDw5ZAAAA:8 a=c9njP7fIAAAA:8 a=Ska1e1yjaFnNgzzwB4QA:9 a=lqcHg5cX4UMA:10 a=QEXdDO2ut3YA:10 a=0mFWnFbQd5xWBqmg7tTt:22 a=HCcp_izDSj6DkKgPSDQm:22 a=MCshM1S1O2piC4VqdL4N:22
X-Proofpoint-GUID: OF5o3YVrVPxoBs02f6f-jH5EfMkeh1NH
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTE5MDAwMiBTYWx0ZWRfX4n7BWGgOHJ/N gonm1r7NnII70pYb9oTwjxRXz94Am7KorZQ+uGpUj5B5jbQpELWGdHa0BdULNKuuQIwmaCbAT5U CYvWctyJQTcnXPVK/50DB68aeJnjHjIL/HDQ8NfX9/733JZF091pDX11G4+EqqtjgoNMN9ZIl75 +DJcThjtDtHGtH+WwyshAJJ5CjUF0Wmnf/jEC2+e5m10bGfRfVgSNxcdIe8IDMGEpz/hOYzX+dF B4tsbwZA64Cow2c5HLcMCrc4s8mrvLjsOlKlrKGJGkPU/Ug2Cvdu5DyXo1lOplBhGxHlTwx/Ttc mlwN1gm+ryLKW+Q5mYLEA+vbBwCRc9nDqYXwsXgkvx4GrxMVM0DUIMtvJ0LByJ2SYsbvnszumVp LzCbuyFqEnp9rOI9IvqX2yGru256z+LGOZ19BXXBr6ja7TOQBIgolBMaLUVifDKXOn4ql02Ll0N 1LLKbifjyVTJLUU1aBA==
X-Proofpoint-ORIG-GUID: OF5o3YVrVPxoBs02f6f-jH5EfMkeh1NH
X-HPE-SCL: -1
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-05-18_04,2026-05-18_01,2025-10-01_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 clxscore=1011 spamscore=0 suspectscore=0 impostorscore=0 malwarescore=0 priorityscore=1501 lowpriorityscore=0 bulkscore=0 phishscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605130000 definitions=main-2605190002
Message-ID-Hash: KWFH7XUW3TMMBYL2S2ZT23PV5WV5A5US
X-Message-ID-Hash: KWFH7XUW3TMMBYL2S2ZT23PV5WV5A5US
X-MailFrom: daniel.harkins@hpe.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>, "emu-ads@ietf.org" <emu-ads@ietf.org>, "emu-chairs@ietf.org" <emu-chairs@ietf.org>, "peter@akayla.com" <peter@akayla.com>, "paul.wouters@aiven.io" <paul.wouters@aiven.io>, "auth48archive@rfc-editor.org" <auth48archive@rfc-editor.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-emu-bootstrapped-tls-11> for your review
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/eXGyK83DRVsnQIzQkCW_-1SDQOg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Owner: <mailto:auth48archive-owner@rfc-editor.org>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Subscribe: <mailto:auth48archive-join@rfc-editor.org>
List-Unsubscribe: <mailto:auth48archive-leave@rfc-editor.org>
Hi Megan, Question 5 was about adding a space between C and 9 to make it "target_kdf = <as per RFC 9258>". That seems to have been done correctly. You say you don't know how to update for #6 but that looks correct, the line has become +s in Figure 1. Can you please clarify what the question is? I apologize for the formatting of this reply but HPE uses Outlook and for the life of me I can't get it to format a reply correctly. So for the test vector issues please see replies with [DNH] below. Please let us know whether those breaks in the test vectors work. Regards, Dan. -- “the object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane.” – Marcus Aurelius On 5/18/26, 11:47 AM, "Megan Ferguson" <mferguson@staff.rfc-editor.org <mailto:mferguson@staff.rfc-editor.org>> wrote: Hi Dan and Owen, Thank you for your replies and guidance. We have updated as requested and have only the following outstanding issues to resolve: Regarding SVG updates (Question 5 and 6): We believe we were able to correctly update the SVG to resolve our Question # 5, but are not sure how to update for #6. It is certainly an option to just use the ASCII version. Otherwise, you can change the SVG to use the pluses and either update the edited XML file (linked below) to include your new SVG and email it to us or just email us the SVG and we can pop it in. Regarding the test vectors: We have updated to use <sourcecode type=“test-vectors”> but will still need some author guidance as to how to break the lines to fit within the character limit. Warnings below: Warning: Too long line found (L643), 11 characters longer than 72 characters: MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgACMvLyoOykj8sFJxSoZfzafuVEvM+kNYCxpEC6KITLb9g= [DNH] it should be broken at "Cxp" so it should be: MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgACMvLyoOykj8sFJxSoZfzafuVEvM+kNYCxp EC6KITLb9g= Warning: Too long line found (L653), 27 characters longer than 72 characters: MEYwEAYHKoZIzj0CAQYFK4EEACIDMgACwDXKQ1pytcR1WbfqPaNGaXQ0RJnijJG1em8ZKilryZRDfNioq7+EPquT6l9laRvw [DNH] Similarly, this should be broken as: MEYwEAYHKoZIzj0CAQYFK4EEACIDMgACwDXKQ1pytcR1WbfqPaNGaXQ0RJnijJG1em8ZK ilryZRDfNioq7+EPquT6l9laRvw Warning: Too long line found (L663), 171 characters longer than 72 characters: MFgwEAYHKoZIzj0CAQYFK4EEACMDRAADAIiHIAOXdPVuI8khCnJQHT1j53rQRnFCcY3CZUvxdXKJR9KW5RVB3HDQfmkoQWHEz4XngXUeFyDXliEo3eF6vhqDMFgwEAYHKoZIzj0CAQYFK4EEACMDRAADAIiHIAOXdPVuI8khCnJQHT1j53rQRnFCcY3CZUvxdXKJR9KW5RVB3HDQfmkoQWHEz4XngXUeFyDXliEo3eF6vhqD [DNH] and this should be: MFgwEAYHKoZIzj0CAQYFK4EEACMDRAADAIiHIAOXdPVuI8khCnJQHT1j53rQRnFCcY3CZ UvxdXKJR9KW5RVB3HDQfmkoQWHEz4XngXUeFyDXliEo3eF6vhqDMFgwEAYHKoZIzj0CAQ YFK4EEACMDRAADAIiHIAOXdPVuI8khCnJQHT1j53rQRnFCcY3CZUvxdXKJR9KW5RVB3HD QfmkoQWHEz4XngXUeFyDXliEo3eF6vhqD And that looks like it isn't right but it's just Outlook. Really, if you break it at those places it'll all fit. Warning: Too long line found (L673), 11 characters longer than 72 characters: MDowFAYHKoZIzj0CAQYJKyQDAwIIAQEHAyIAA3fyUWqiV8NC9DAC88JzmVqnoT/reuCvq8lHowtwWNOZ [DNH] this should be: MDowFAYHKoZIzj0CAQYJKyQDAwIIAQEHAyIAA3fyUWqiV8NC9DAC88JzmVqnoT/ reuCvq8lHowtwWNOZ Please review the updated files carefully as we do not make changes once published as an RFC. Once we hear back regarding the two above outstanding issues and approvals from each of you, we can move this document forward in the publication process. The files have been posted here (please refresh): https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.txt__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXBttltVL$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.txt__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXBttltVL$> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.pdf__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXCAQPwiS$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.pdf__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXCAQPwiS$> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXAvx6ch8$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXAvx6ch8$> https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.xml__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXACNSWMh$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.xml__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXACNSWMh$> The diff files have been posted here (please refresh): https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-diff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXE6FZf0r$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-diff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXE6FZf0r$> (comprehensive) https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-rfcdiff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXHJYXxPn$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-rfcdiff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXHJYXxPn$> (side by side) https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-auth48diff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXDPnmj6j$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-auth48diff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXDPnmj6j$> (AUTH48 only) https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-auth48rfcdiff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXLW_-RET$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-auth48rfcdiff.html__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXLW_-RET$> (side by side) The AUTH48 status page for this document is available here: https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9966__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXJAJM86V$ <https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9966__;!!NpxR!hyKz7TpwPIyjwmak4T_niASnTsKwjUSCx8-tjuJFCthvVAcz6mQg0_oeapLbX5eFFP5kZaKquHm4u55IQ26bXJAJM86V$> Thank you. Megan Ferguson RFC Production Center > On May 18, 2026, at 9:41 AM, Harkins, Dan <daniel.harkins=40hpe.com@dmarc.ietf.org <mailto:40hpe.com@dmarc.ietf.org>> wrote: > > > Hello, > > One additional note regarding DPP and WI-Fi Easy Connect. > > The protocol is DPP, the Device Provisioning Protocol. The Wi-Fi Alliance certification program that certifies compliance to a DPP test plan is "Wi-Fi Easy Connect". So for the purposes of Wi-Fi the two might be interchangeable. Our draft is not for Wi-Fi; we are using DPP bootstrapping to do TLS authentication for wired devices. So please update the reference but please leave it as [DPP]. > > Thank you for your continued help in getting our draft published. Much appreciated! > > Regards, > > Dan. > > -- > “the object of life is not to be on the side of the majority, but to > escape finding oneself in the ranks of the insane.” – Marcus Aurelius > > On 5/18/26, 7:57 AM, "Owen Friel (ofriel)" <ofriel@cisco.com <mailto:ofriel@cisco.com> <mailto:ofriel@cisco.com <mailto:ofriel@cisco.com>>> wrote: > > > Hi, > > > Thank you for your review. > > > See inline for [ofriel] > > > Regards, > Owen + Dan > > > -----Original Message----- > From: rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org> <mailto:rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org>> <rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org> <mailto:rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org>>> > Sent: Tuesday 28 April 2026 05:52 > To: Owen Friel (ofriel) <ofriel@cisco.com <mailto:ofriel@cisco.com> <mailto:ofriel@cisco.com <mailto:ofriel@cisco.com>>>; daniel.harkins@hpe.com <mailto:daniel.harkins@hpe.com> <mailto:daniel.harkins@hpe.com <mailto:daniel.harkins@hpe.com>> > Cc: rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org> <mailto:rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org>>; emu-ads@ietf.org <mailto:emu-ads@ietf.org> <mailto:emu-ads@ietf.org <mailto:emu-ads@ietf.org>>; emu-chairs@ietf.org <mailto:emu-chairs@ietf.org> <mailto:emu-chairs@ietf.org <mailto:emu-chairs@ietf.org>>; peter@akayla.com <mailto:peter@akayla.com> <mailto:peter@akayla.com <mailto:peter@akayla.com>>; paul.wouters@aiven.io <mailto:paul.wouters@aiven.io> <mailto:paul.wouters@aiven.io <mailto:paul.wouters@aiven.io>>; auth48archive@rfc-editor.org <mailto:auth48archive@rfc-editor.org> <mailto:auth48archive@rfc-editor.org <mailto:auth48archive@rfc-editor.org>> > Subject: Re: AUTH48: RFC-to-be 9966 <draft-ietf-emu-bootstrapped-tls-11> for your review > > > Authors, > > > While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the source file. > > > 1) <!--[rfced] Might we remove the abbreviation from the title as it > currently doesn't share a 1:1 relationship with the expansion? > Or is there a way to match them up? > > > Original: > Bootstrapped TLS Authentication with Proof of Knowledge (TLS-POK) > > > Expansion of TLS-POK per the document: > TLS Proof of Knowledge > --> > > > [ofriel] We are fine with removing TLK-POK from the title > > > 2) <!-- [rfced] Please insert any keywords (beyond those that appear in the title) for use on https://urldefense.com/v3/__https://www.rfc-editor.org/search__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgwjG__RI$ <https://urldefense.com/v3/__https://www.rfc-editor.org/search__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgwjG__RI$> <https://urldefense.com/v3/__https://www.rfc-editor.org/search__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgwjG__RI$ <https://urldefense.com/v3/__https://www.rfc-editor.org/search__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgwjG__RI$>> . --> > > > [ofriel] We have no other additions. > > > 3) <!--[rfced] We note that the Terminology section defines "802.1X". > However, most uses in the document are actually the citation. > Please review and let us know if/how to update. --> > > > [ofriel] We are fine with removing the citation links to 802.1X throughout the doc after the terminology section, and only including 802.1X > > > 4) <!--[rfced] Is there text missing here? Specifically, please focus on > the part beginning with "for instance". (Note that RFC 7170 has > been obsoleted by RFC 9930.) > > > Original: > Devices whose BSK public key can be obtained in an out-of-band > fashion and provisioned on the EAP server can perform a TLS-based EAP > exchange, for instance Tunnel Extensible Authentication Protocol > (TEAP) [RFC7170], and authenticate the TLS exchange using the > authentication mechanisms defined in Section 3. > > > --> > > > [ofriel] What about: "Devices whose BSK public key can be obtained in an out-of-band > fashion and provisioned on the EAP server can authenticate with the EAP server using > the mechanisms defined in Section 3 and Section 4." > > > 5) <!--[rfced] Is the following text a comment? If so, may we request it > be updated as follows (as this is in SVG, we assume the authors > will update and regenerate. > > > Original: > target_kdf = <as per RFC9258> > > > Perhaps: > target_kdf = <as per RFC 9258> > --> > > > [ofriel] Yes, this can be changed to what you suggest. Do we have to upload a new document? Should we change from SVG to ASCII, would that make things easier? > > > 6) <!--[rfced] Please review the difference between the SVG and ASCII art > for Figure 1 with regard to the text immediately under > ClientHello. In the ASCII, these are +'s while in the SVG a > single line. If an update is necessary, please provide updated > artwork.--> > > > [ofriel] We think it should be "+" in the SVG anyway. Can you make that fix for us without us having to rev the doc? Should we change to ASCII? > > > > > 7) <!--[rfced] Please review the title we added for Figure 2 in Section 4 > and let us know if any further updates are necessary. > > > Current: > Figure 2: EAP Exchange Using TLS-POK > > > --> > > > [ofriel] Yes, this looks good. > > > > > 8) <!--[rfced] We note that this document and the registry at https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml <https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml> <https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml> <https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml>>*eap-provisioning-ids__;Iw!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg5iK6QFI$ both use hyphenated "Method-Type". However, see the use of "Method Type" at https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml <https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml> <https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml> <https://urldefense.com/v3/__https://www.iana.org/assignments/eap-numbers/eap-numbers.xhtml>>*eap-numbers-4__;Iw!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgXu4ocUA$ . > > > Should these be made uniform here and at the IANA registry? > > > Note that draft-ietf-emu-eap-arpa-10 now uses "Method Types" to match the "Method Types" registry. > > > --> > > > [ofriel] Yes, change to "Method Types" to align > > > 9) <!-- [rfced] [IEEE802.1X] Please review. This reference currently > points to the version of IEEE 802.1X from 2010. This version has > been superseded. The newest version - IEEE 802.1X:2020 - was > published in 2020. Note that this IEEE Std was also made an > international standard - IEEE/ISO/IEC 8802-1X:2021 - in 2021. > > > Should this reference be updated to one of the more current versions? > --> > > > [ofriel] Yes, go with the latest and greatest. > > > > > 10) <!-- [rfced] We had the following questions regarding DPP: > > > a) The [DPP] reference: Please review. We were unable to find a specification from Wi-Fi Alliance with the title "Device Provisioning Profile". > > > We noticed that this document states: > > > Device on-boarding protocols such as the Device Provisioning Profile [DPP], also referred to as Wi-Fi Easy Connect, address this use case but they have drawbacks. > > > And the most current version of Wi-Fi Easy Connect specification > states: > > > The terms "Device Provisioning Protocol" and "DPP" found throughout this document are interchangeable with "Wi-Fi Easy Connect". > > > May we update this reference to point to the most current version of the Wi-Fi Alliance "Wi-Fi Easy Connect" specification? > > > Current: > [DPP] Wi-Fi Alliance, "Device Provisioning Profile", 2020. > > > Perhaps: > [DPP] Wi-Fi Alliance, "Wi-Fi Easy Connect(TM) Specification", > Version 3.0, 2022, <https://urldefense.com/v3/__https://www.wi-fi.org/system/files/Wi-__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg7d1qbKw$ <https://urldefense.com/v3/__https://www.wi-fi.org/system/files/Wi-__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg7d1qbKw$> <https://urldefense.com/v3/__https://www.wi-fi.org/system/files/Wi-__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg7d1qbKw$ <https://urldefense.com/v3/__https://www.wi-fi.org/system/files/Wi-__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg7d1qbKw$>> > Fi_Easy_Connect_Specification_v3.0.pdf>. > > > [ofriel] Yes, update to the latest reference. > > > b) Please note that we see both of the following expansions for the DPP abbreviation: > > > Device Provisioning Protocol > > > Device Provisioning Profile > > > Please let us know how to update for uniformity.--> > > > > > [ofriel] Change to use "Device Provisioning Protocol" throughout. > > > > > 11) <!--[rfced] We note that RFC 7170 has been obsoleted by RFC 9930. We > have updated to the latter. Please let us know any > objections. --> > > > [ofriel] Yes, please use RFC 9930. > > > 12) <!--[rfced] We see that the test vectors that exist in the appendices > are not formatted in the XML as <sourcecode>. Additionally, as > they currently exist, the portion in <tt> extends beyond the 72 > character line limit. We suggest reformatting these as > <sourcecode> with a type set to test-vectors (or maybe base64?). > > > See https://urldefense.com/v3/__https://www.rfc-editor.org/rpc/wiki/doku.php?id=sourcecode-types__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgAaNbC74$ <https://urldefense.com/v3/__https://www.rfc-editor.org/rpc/wiki/doku.php?id=sourcecode-types__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgAaNbC74$> <https://urldefense.com/v3/__https://www.rfc-editor.org/rpc/wiki/doku.php?id=sourcecode-types__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgAaNbC74$ <https://urldefense.com/v3/__https://www.rfc-editor.org/rpc/wiki/doku.php?id=sourcecode-types__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgAaNbC74$>> > for more information on <sourcecode> types. > > > --> > > > [ofriel] Makes sense. Do we have anything do to here, or can you take care of this? > > > > > 13) <!--[rfced] We had the following queries related to abbreviation use: > > > a) We have removed expansions after first use and simply used the abbreviation per the guidance at https://urldefense.com/v3/__https://www.rfc-editor.org/styleguide/part2/ <https://urldefense.com/v3/__https://www.rfc-editor.org/styleguide/part2/> <https://urldefense.com/v3/__https://www.rfc-editor.org/styleguide/part2/> <https://urldefense.com/v3/__https://www.rfc-editor.org/styleguide/part2/>>*exp_abbrev__;Iw!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgUJDkJ7o$ . > > > [ofriel] Yes, this makes sense. > > > > > b) As the K in BSK stands for "Key", is text like this redundant (more similar instances exist)? > > > Original: > Devices whose BSK public key can be obtained ... > > > Same goes for EPSK: > Original: > ...the server looks up the client's EPSK key... > > > Note also that there are some uses of "bootstrap public key". Please compare and contrast with "Bootstrap Key public key" (or BSK public > key) to ensure that these are made uniform if necessary. > > > --> > > > [ofriel] We agree it makes sense to replace the 4 instances of "bootstrap public key" with "BSK public key" > > > Thank you. > > > Megan Ferguson > RFC Production Center > > > *****IMPORTANT***** > > > Updated 2026/04/27 > > > RFC Author(s): > -------------- > > > Instructions for Completing AUTH48 > > > Your document has now entered AUTH48. Once it has been reviewed and approved by you and all coauthors, it will be published as an RFC. > If an author is no longer available, there are several remedies available as listed in the FAQ (https://urldefense.com/v3/__https://www.rfc-editor.org/faq/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBIleUSg$ <https://urldefense.com/v3/__https://www.rfc-editor.org/faq/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBIleUSg$> <https://urldefense.com/v3/__https://www.rfc-editor.org/faq/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBIleUSg$ <https://urldefense.com/v3/__https://www.rfc-editor.org/faq/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBIleUSg$>> ). > > > You and you coauthors are responsible for engaging other parties (e.g., Contributors or Working Group) as necessary before providing your approval. > > > Planning your review > --------------------- > > > Please review the following aspects of your document: > > > * RFC Editor questions > > > Please review and resolve any questions raised by the RFC Editor > that have been included in the XML file as comments marked as > follows: > > > <!-- [rfced] ... --> > > > These questions will also be sent in a subsequent email. > > > * Changes submitted by coauthors > > > Please ensure that you review any changes submitted by your > coauthors. We assume that if you do not speak up that you > agree to changes submitted by your coauthors. > > > * Content > > > Please review the full content of the document, as this cannot > change once the RFC is published. Please pay particular attention to: > - IANA considerations updates (if applicable) > - contact information > - references > > > * Copyright notices and legends > > > Please review the copyright notice and legends as defined in > RFC 5378 and the Trust Legal Provisions > (TLP – https://urldefense.com/v3/__https://trustee.ietf.org/license-info__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgmW6OFPQ$ <https://urldefense.com/v3/__https://trustee.ietf.org/license-info__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgmW6OFPQ$> <https://urldefense.com/v3/__https://trustee.ietf.org/license-info__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgmW6OFPQ$ <https://urldefense.com/v3/__https://trustee.ietf.org/license-info__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgmW6OFPQ$>> ). > > > * Semantic markup > > > Please review the markup in the XML file to ensure that elements of > content are correctly tagged. For example, ensure that <sourcecode> > and <artwork> are set correctly. See details at > <https://urldefense.com/v3/__https://authors.ietf.org/rfcxml-vocabulary__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBNCsGnY$ <https://urldefense.com/v3/__https://authors.ietf.org/rfcxml-vocabulary__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBNCsGnY$> <https://urldefense.com/v3/__https://authors.ietf.org/rfcxml-vocabulary__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBNCsGnY$ <https://urldefense.com/v3/__https://authors.ietf.org/rfcxml-vocabulary__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBNCsGnY$>> >. > > > * Formatted output > > > Please review the PDF, HTML, and TXT files to ensure that the > formatted output, as generated from the markup in the XML file, is > reasonable. Please note that the TXT will have formatting > limitations compared to the PDF and HTML. > > > > > Submitting changes > ------------------ > > > To submit changes, please reply to this email using ‘REPLY ALL’ as all the parties CCed on this message need to see your changes. The parties > include: > > > * your coauthors > > > * rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org> <mailto:rfc-editor@rfc-editor.org <mailto:rfc-editor@rfc-editor.org>> (the RPC team) > > > * other document participants, depending on the stream (e.g., > IETF Stream participants are your working group chairs, the > responsible ADs, and the document shepherd). > > > * auth48archive@rfc-editor.org <mailto:auth48archive@rfc-editor.org> <mailto:auth48archive@rfc-editor.org <mailto:auth48archive@rfc-editor.org>>, which is a new archival mailing list > to preserve AUTH48 conversations; it is not an active discussion > list: > > > * More info: > https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgO8ycb2U$ <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgO8ycb2U$> <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgO8ycb2U$ <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgO8ycb2U$>> > > > * The archive itself: > https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/browse/auth48archive/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgKez3mc4$ <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/browse/auth48archive/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgKez3mc4$> <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/browse/auth48archive/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgKez3mc4$ <https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/browse/auth48archive/__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgKez3mc4$>> > > > * Note: If only absolutely necessary, you may temporarily opt out > of the archiving of messages (e.g., to discuss a sensitive matter). > If needed, please add a note at the top of the message that you > have dropped the address. When the discussion is concluded, > auth48archive@rfc-editor.org <mailto:auth48archive@rfc-editor.org> <mailto:auth48archive@rfc-editor.org <mailto:auth48archive@rfc-editor.org>> will be re-added to the CC list and > its addition will be noted at the top of the message. > > > You may submit your changes in one of two ways: > > > An update to the provided XML file > — OR — > An explicit list of changes in this format > > > Section # (or indicate Global) > > > OLD: > old text > > > NEW: > new text > > > You do not need to reply with both an updated XML file and an explicit list of changes, as either form is sufficient. > > > We will ask a stream manager to review and approve any changes that seem beyond editorial in nature, e.g., addition of new text, deletion of text, and technical changes. Information about stream managers can be found in the FAQ. Editorial changes do not require approval from a stream manager. > > > > > Approving for publication > -------------------------- > > > To approve your RFC for publication, please reply to this email stating that you approve this RFC for publication. Please use ‘REPLY ALL’, as all the parties CCed on this message need to see your approval. > > > > > Files > ----- > > > The files are available here: > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.xml__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgX4jn9DE$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.xml__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgX4jn9DE$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.xml__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgX4jn9DE$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.xml__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgX4jn9DE$>> > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBt_WEi0$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBt_WEi0$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBt_WEi0$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgBt_WEi0$>> > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.pdf__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgQA5C6cg$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.pdf__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgQA5C6cg$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.pdf__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgQA5C6cg$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.pdf__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgQA5C6cg$>> > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.txt__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg06MR29o$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.txt__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg06MR29o$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.txt__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg06MR29o$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966.txt__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUg06MR29o$>> > > > Diff file of the text: > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-diff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxDIj6EE$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-diff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxDIj6EE$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-diff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxDIj6EE$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-diff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxDIj6EE$>> > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-rfcdiff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxwzsLJk$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-rfcdiff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxwzsLJk$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-rfcdiff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxwzsLJk$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-rfcdiff.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgxwzsLJk$>> (side by side) > > > Diff of the XML: > https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-xmldiff1.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgruBuXz4$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-xmldiff1.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgruBuXz4$> <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-xmldiff1.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgruBuXz4$ <https://urldefense.com/v3/__https://www.rfc-editor.org/authors/rfc9966-xmldiff1.html__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgruBuXz4$>> > > > > > Tracking progress > ----------------- > > > The details of the AUTH48 status of your document are here: > https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9966__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgIrLuuUo$ <https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9966__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgIrLuuUo$> <https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9966__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgIrLuuUo$ <https://urldefense.com/v3/__https://www.rfc-editor.org/auth48/rfc9966__;!!NpxR!kMU0LbFErEppHfrvrGGer9zfY1d2UYFtchZ0hcCzUEv8BDIwfPlyEVgPOa0sA03j3H2UOiUgIrLuuUo$>> > > > Please let us know if you have any questions. > > > Thank you for your cooperation, > > > RFC Editor > > > -------------------------------------- > RFC9966 (draft-ietf-emu-bootstrapped-tls-11) > > > Title : Bootstrapped TLS Authentication with Proof of Knowledge (TLS-POK) > Author(s) : O. Friel, D. Harkins > WG Chair(s) : Joseph A. Salowey, Peter E. Yee > > > Area Director(s) : Deb Cooley, Christopher Inacio > > > > > > >
- [auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-e… rfc-editor
- [auth48] AUTH48: RFC-to-be 9966 <draft-ietf-emu-b… rfc-editor
- [auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-e… Owen Friel (ofriel)
- [auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-e… Harkins, Dan
- [auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-e… Megan Ferguson
- [auth48] Re: AUTH48: RFC-to-be 9966 <draft-ietf-e… Harkins, Dan