Hi, based on the discussion during the ANIMA session this week, we would like to discuss some open issues related to BRSKI-AE. They are also available under https://github.com/anima-wg/anima-brski-async-enroll/issues
Issue #4: Trust relation between registrar-agent and registrar (use case 2 in the draft) It is proposed to assume an already available LDevID on the registrar-agent (former pledge-agent), as it is considered to be a site/domain component. This LDevID can be provided by a prior BRSKI run or by other means. The registrar-agent uses this LDevID for (D)TLS client authentication at the protected registrar endpoints. Any objection or thoughts? Best regards Steffen -- Steffen Fries Siemens AG _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
