Re: [Anima] northbound/southbound U interface (Re: New Version Notification for draft-richardson-anima-registrar-considerations-07.txt)

Brian E Carpenter Wed, 17 May 2023 14:35:15 -0700

The private keys from the Southbound interfaces 
SHOULD NOT be made available on the Northbound interfaces.


This new sentence reads slightly strangely, since private keys must never be 
available anywhere! Sow what exactly SHOULD NOT be available to the North?

Regards
   Brian

On 15-May-23 07:36, Michael Richardson wrote:

internet-dra...@ietf.org wrote:
     > Diff:
     > 
https://author-tools.ietf.org/iddiff?url2=draft-richardson-anima-registrar-considerations-07

The document was due for renewal, and I tried to add some text about how a
composite architecture may make PoP on the U_w/W (BRSKI-MASA) side difficult if
the private key is associated only with the U_v interface(s).
This relates the design team discussion we had around draft-selander-lake-authz.

I wonder if some more diagrams would help, as I sensed a lot of confusion
during the call.

_______________________________________________
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima


_______________________________________________
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] northbound/southbound U interface (Re: New Version Notification for draft-richardson-anima-registrar-considerations-07.txt)

Reply via email to