On 04/11/2016 21:07, Eliot Lear wrote: > Hi Brian, > > On 11/4/16 8:08 AM, Brian E Carpenter wrote: >> >> Also, much of this topic is systems engineering, not protocol design. >> However, at the protocol design level it seems apparent that autonomic >> mechanisms *above all others* need to work when everything else is broken. >> For many aspects that reduces to defining defaults that apply on a cold >> start, but for security bootstrap in particular it also means defining >> what happens when no external dependencies are possible. That does seem >> to need pixie dust. >> > > I could envision multiple approaches to addressing this, but I didn't > want to go down the solutions path until we have a clear understanding > of what we are solving for. For instance, there is replacement > equipment, and then there are first responders. Do first responders > require authentication? Is authentication in these cases a binary > output or perhaps characterized differently? And how does this differ > from other problems, such as electronic health records (EHR) in these > circumstances? I think we could spend quite some time in that sort of > discussion. For a proposed standard, we may be overreaching, and so we > should be quite careful. But I would agree that the topic should be > covered in greater depth. My issue is one of how much to bite off now.
I completely agree. And indeed my concern is whether there is something fundamental that we need in BRSKI to allow for this - I mean something that would be very painful to retrofit later. Apart from that, the question can be deferred. Brian _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima