Best wishes for 2024 to all! This new year's version -23 (pity it's not -24... ) wraps up most of the remaining open issues. Details of changes can be found in the Section 18 Changelog. Two major changes to highlight are:
* Removal of GRASP-related discovery changes - we now informatively point to draft-eckert-anima-brski-discovery as a possible future document that may address this topic. This follows the IETF 118 discussion outcome. * Addition of a new content format (application/multipart-core) that can carry multiple CA certificates in a simpler CBOR-based container format. With this also comes support for more elaborate CA/sub-CA structures (e.g. 2-tier, 3-tier) that we expect to get more common in the future for IoT. Best regards Esko -----Original Message----- From: Anima <[email protected]> On Behalf Of [email protected] Sent: Wednesday, January 10, 2024 10:14 To: [email protected] Cc: [email protected] Subject: [Anima] I-D Action: draft-ietf-anima-constrained-voucher-23.txt Internet-Draft draft-ietf-anima-constrained-voucher-23.txt is now available. It is a work item of the Autonomic Networking Integrated Model and Approach (ANIMA) WG of the IETF. Title: Constrained Bootstrapping Remote Secure Key Infrastructure (cBRSKI) Authors: Michael Richardson Peter van der Stok Panos Kampanakis Esko Dijk Name: draft-ietf-anima-constrained-voucher-23.txt Pages: 87 Dates: 2024-01-10 Abstract: This document defines the Constrained Bootstrapping Remote Secure Key Infrastructure (cBRSKI) protocol, which provides a solution for secure zero-touch onboarding of resource-constrained (IoT) devices into the network of a domain owner. This protocol is designed for constrained networks, which may have limited data throughput or may experience frequent packet loss. cBRSKI is a variant of the BRSKI protocol, which uses an artifact signed by the device manufacturer called the "voucher" which enables a new device and the owner's network to mutually authenticate. While the BRSKI voucher data is encoded in JSON, cBRSKI uses a compact CBOR-encoded voucher. The BRSKI voucher data definition is extended with new data types that allow for smaller voucher sizes. The Enrollment over Secure Transport (EST) protocol, used in BRSKI, is replaced with EST-over- CoAPS; and HTTPS used in BRSKI is replaced with DTLS-secured CoAP (CoAPS). This document Updates RFC 8995 and RFC 9148. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-anima-constrained-voucher/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-anima-constrained-voucher-23.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-constrained-voucher-23 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
