Re: [Iot-onboarding] OPC and BRSKI
Kent Watsen <kent@watsen.net> Wed, 07 August 2019 19:43 UTC
Return-Path: <0100016c6d9b4c92-77a6c841-c195-4323-b467-169c4bfabdee-000000@amazonses.watsen.net>
X-Original-To: iot-onboarding@ietfa.amsl.com
Delivered-To: iot-onboarding@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EB05120306; Wed, 7 Aug 2019 12:43:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U9aKryZjjpyr; Wed, 7 Aug 2019 12:43:11 -0700 (PDT)
Received: from a8-88.smtp-out.amazonses.com (a8-88.smtp-out.amazonses.com [54.240.8.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 978711201C9; Wed, 7 Aug 2019 12:43:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1565206990; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=L5mQV2E1h01McuZB2q1VUD7cdTH2nB2vBZ9Qe26HzhY=; b=ROfdxtrLCIv5tImceKlzkmemKsm7lwtE7b1X6FJOsED7mZkkSdfe/4aXHiB20OFH Lbodz09reVhpOdMLCAAAY9C+QkR6Vz0T4V0xycn14EjwlrBSDCGDyf5Xh3Y2JyFR9NN B8gxdjESLpRaq2NZNV6XNHRtnHMHlMKaDvXtQ2Ao=
From: Kent Watsen <kent@watsen.net>
Message-ID: <0100016c6d9b4c92-77a6c841-c195-4323-b467-169c4bfabdee-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_FF25FBD7-5763-4FD4-BDF6-F935026B27F3"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Wed, 07 Aug 2019 19:43:10 +0000
In-Reply-To: <B5B28896-C211-41BF-AB51-0C6FDC72E44F@cisco.com>
Cc: "Randy Armstrong (OPC)" <randy.armstrong@opcfoundation.org>, "iot-onboarding@ietf.org" <iot-onboarding@ietf.org>, Toerless Eckert <tte@cs.fau.de>, "anima@ietf.org" <anima@ietf.org>
To: Eliot Lear <lear@cisco.com>
References: <BYAPR08MB4903F02A37ED9AE092A59B8EFAD50@BYAPR08MB4903.namprd08.prod.outlook.com> <649C8221-5F33-4EC2-8E03-3EEAF4CAAB64@cisco.com> <BYAPR08MB4903129ECDEADF61E681DE0BFAD50@BYAPR08MB4903.namprd08.prod.outlook.com> <46BF5F7B-5407-45A9-9C4F-EA553DF5814B@cisco.com> <BYAPR08MB49037C509717B409DE7B570BFAD50@BYAPR08MB4903.namprd08.prod.outlook.com> <20190806223052.md5lp6yeleuvuf5l@faui48f.informatik.uni-erlangen.de> <BYAPR08MB4903CED7FFDB7D11EFDB49FAFAD50@BYAPR08MB4903.namprd08.prod.outlook.com> <BYAPR08MB4903E91A2E9FC117755443C1FAD50@BYAPR08MB4903.namprd08.prod.outlook.com> <F5504CAE-85B7-43AF-B743-1E234A4B320E@cisco.com> <BYAPR08MB4903C95973435BA06FC3C080FAD40@BYAPR08MB4903.namprd08.prod.outlook.com> <B5B28896-C211-41BF-AB51-0C6FDC72E44F@cisco.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2019.08.07-54.240.8.88
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-onboarding/d_FGXCcTd2FbvgLvIbfIW-h8lDc>
X-Mailman-Approved-At: Wed, 07 Aug 2019 21:35:20 -0700
Subject: Re: [Iot-onboarding] OPC and BRSKI
X-BeenThere: iot-onboarding@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IoT onboarding mechanisms <iot-onboarding.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-onboarding/>
List-Post: <mailto:iot-onboarding@ietf.org>
List-Help: <mailto:iot-onboarding-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-onboarding>, <mailto:iot-onboarding-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 19:43:13 -0000
> On Aug 7, 2019, at 4:50 AM, Eliot Lear <lear@cisco.com> wrote: > > The purpose, as I see it, of the voucher, is simply to provide zero-touch network provisioning. I was asking a slightly different question: for purposes of network connectivity will operators want to know that only devices they authorized are connecting (e.g., 802.1X and then like)? This is a natural assumption in the wireless world, but less so in wired. More specifically, the voucher enables the device to trust the network, i.e., the entity claiming to be the device's owner. Without the voucher, there is the TOFU (trust on first use), a.k.a. "resurrecting duckling" problem. Kent
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Eliot Lear
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Eliot Lear
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Toerless Eckert
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Toerless Eckert
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Eliot Lear
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Eliot Lear
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Eliot Lear
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Toerless Eckert
- Re: [Iot-onboarding] [Anima] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Kent Watsen
- Re: [Iot-onboarding] OPC and BRSKI Dan Harkins
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Kent Watsen
- Re: [Iot-onboarding] OPC and BRSKI Kent Watsen
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Michael Richardson
- Re: [Iot-onboarding] OPC and BRSKI Toerless Eckert
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] OPC and BRSKI Dan Harkins
- Re: [Iot-onboarding] OPC and BRSKI Randy Armstrong (OPC)
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Michael Richardson
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Randy Armstrong (OPC)
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Michael Richardson
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Randy Armstrong (OPC)
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Michael Richardson
- Re: [Iot-onboarding] [Anima] EXTERNAL: Re: OPC an… Toerless Eckert
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Michael Richardson
- Re: [Iot-onboarding] [Anima] EXTERNAL: Re: OPC an… Owen Friel (ofriel)
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Jack Visoky
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Jack Visoky
- Re: [Iot-onboarding] EXTERNAL: Re: [Anima] OPC an… Jack Visoky
- Re: [Iot-onboarding] [Anima] EXTERNAL: Re: OPC an… Jack Visoky