IETF Logo Mail Archive

Re: [Emu] Provisioning, configuration, etc. and EAP

Michael Richardson <mcr+ietf@sandelman.ca> Sat, 26 March 2022 15:57 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE2ED3A00E0 for <emu@ietfa.amsl.com>; Sat, 26 Mar 2022 08:57:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tq26uqPGknDE for <emu@ietfa.amsl.com>; Sat, 26 Mar 2022 08:57:28 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00:e000:2bb::1]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A0513A0650 for <emu@ietf.org>; Sat, 26 Mar 2022 08:57:27 -0700 (PDT)
Received: from dooku.sandelman.ca (unknown [62.218.44.74]) by relay.sandelman.ca (Postfix) with ESMTPS id 0D9CE1F458; Sat, 26 Mar 2022 15:57:24 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 0A9771A01DE; Sat, 26 Mar 2022 16:57:24 +0100 (CET)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Alan DeKok <aland@deployingradius.com>, EMU WG <emu@ietf.org>
In-reply-to: <8C03CE4A-B987-4962-9AA3-5DF8FB32ECB5@deployingradius.com>
References: <8C03CE4A-B987-4962-9AA3-5DF8FB32ECB5@deployingradius.com>
Comments: In-reply-to Alan DeKok <aland@deployingradius.com> message dated "Fri, 25 Mar 2022 14:36:50 -0400."
X-Mailer: MH-E 8.6+git; nmh 1.7.1; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sat, 26 Mar 2022 16:57:24 +0100
Message-ID: <69074.1648310244@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/mROl1sJlgiMIFHWwop3wP70pf2E>
Subject: Re: [Emu] Provisioning, configuration, etc. and EAP
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Mar 2022 15:57:34 -0000

Alan DeKok <aland@deployingradius.com> wrote:
    >   I would split this up into:

I'm gonna quibble with your choice of terms, because there has been some
progress/convergence in the terminology.  This is good news, because sharing
terminology is an important leap forward.

    > bootstrapping - starting from nothing, or almost nothing, how does a
    > device get on the network, and get a minimal configuration enabled?

    > provisioning - how does a device with some existing network access /
    > configuration get onto a new network, perhaps with a new identity?

The term "onboarding" is now used for this step.
(Yes, BRSKI gets it wrong)
I'm a bit unclear about how these steps differ.

The term "provisioning" has come to mean when the "almost nothing" is
provided to the device in the factory.  That's come to mean an IDevID, but it
can also mean an (e)SIM, or other long-term shared secret.

The term "commissioning" has come to mean provisioning + configuration.
That is, the device is recognized, it is joined to the network, and it might
be told what it's role in the Superbowl 3000-drone display is.

    > reconfiguration - how does a device with an existing configuration
    > update it?  When / where / why / how?

Why is this step different than configuration?


There is a plan to unify/contrast the terminology in section 4 of:
      draft-irtf-t2trg-secure-bootstrapping/

but that section hasn't happened yet.

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email