Re: [netconf] Question to draft-ietf-netconf-sztp-csr-13
Kent Watsen <kent+ietf@watsen.net> Tue, 22 February 2022 15:33 UTC
Return-Path: <0100017f2210e849-73639b73-109c-46bb-be2f-5f52f96449e6-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 858383A1354; Tue, 22 Feb 2022 07:33:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u2mSBTItIS9M; Tue, 22 Feb 2022 07:33:38 -0800 (PST)
Received: from a48-93.smtp-out.amazonses.com (a48-93.smtp-out.amazonses.com [54.240.48.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C5B03A140D; Tue, 22 Feb 2022 07:33:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1645544008; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=q+AqfMrQLbqUazRfaip885+TvcOjPdv7fCTyRmwuWrQ=; b=d+EWEQmxRurvnvPPm5qHI7k0TAlcp/FXTQ0T4Z9M7on29sheT0dytorOF/jPt9QS jttXUvfN5PTYLGDGaW7d329nR4iWSdG02nNmXkBRTV26yfo/LuXBiOrJjCIMG12UWsv GkbMo1y9yNzRaKdQvXzO7u7bgUEscM5oVpRQ1ehI=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100017f2210e849-73639b73-109c-46bb-be2f-5f52f96449e6-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_61FFE3B3-1CB3-4631-869D-685DB786FA96"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
Date: Tue, 22 Feb 2022 15:33:27 +0000
In-Reply-To: <DU0PR10MB5196969030E39300696054D0F3349@DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM>
Cc: "draft-ietf-netconf-sztp-csr@ietf.org" <draft-ietf-netconf-sztp-csr@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
To: "Fries, Steffen" <steffen.fries@siemens.com>
References: <DU0PR10MB5196969030E39300696054D0F3349@DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2022.02.22-54.240.48.93
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/dJltfJpzQ2Vvu0-H2XPQquoZYNQ>
Subject: Re: [netconf] Question to draft-ietf-netconf-sztp-csr-13
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Feb 2022 15:33:44 -0000
Hi Steffen, Yes, the CMP-CSR is bound to P10. This draft is currently in the final stage of IESG Last Call review. Comments such as these should have been received during WG Last Call. Unless an IESG member throws a DISCUSS, the draft will proceed as is. In such case, a future work may define something like a "cmp-csr-2” leaf to contain an expanded definition. Kent // contributor > On Feb 15, 2022, at 1:46 PM, Fries, Steffen <steffen.fries@siemens.com> wrote: > > Hello Kent, > > I’ve got a short clarification question regarding the latest draft. I realized in the description of the YANG modules that there is a difference in section 3.2 between CMC and CMP in the description what can be contained in the respective CSR. Based on the description of the YANG module, CMC seems to be open for different types of certification requests, while CMP is bound to a wrapped P10 not leaving any further choice (like ir, cr, kur). Did I got this right or did I misinterpret the description for the cmc-csr? Sorry for realizing this so late. > > Best regards > Steffen
- [netconf] Question to draft-ietf-netconf-sztp-csr… Fries, Steffen
- Re: [netconf] Question to draft-ietf-netconf-sztp… Kent Watsen
- Re: [netconf] Question to draft-ietf-netconf-sztp… Fries, Steffen
- Re: [netconf] Question to draft-ietf-netconf-sztp… Brockhaus, Hendrik
- Re: [netconf] Question to draft-ietf-netconf-sztp… Rob Wilton (rwilton)
- Re: [netconf] Question to draft-ietf-netconf-sztp… Kent Watsen
- Re: [netconf] Question to draft-ietf-netconf-sztp… Fries, Steffen
- Re: [netconf] Question to draft-ietf-netconf-sztp… Sean Turner
- Re: [netconf] Question to draft-ietf-netconf-sztp… Rob Wilton (rwilton)