Dear all, We just submitted a small update on RSKI-PRM improving the readability (just editorial changes) addressing the remaining discussion from the telechat. * editorial update of new section on TLS usage clarifications Section 4.1 * structural and editorial improvements to privacy considerations Section 11
Best regards Steffen -----Original Message----- From: [email protected] <[email protected]> Sent: Tuesday, June 3, 2025 5:41 PM To: Michael C. Richardson <[email protected]>; Eliot Lear <[email protected]>; Michael Richardson <[email protected]>; Fries, Steffen (FT RPD CST) <[email protected]>; Werner, Thomas (FT RPD CST SEA-DE) <[email protected]> Subject: New Version Notification for draft-ietf-anima-brski-prm-23.txt A new version of Internet-Draft draft-ietf-anima-brski-prm-23.txt has been successfully submitted by Steffen Fries and posted to the IETF repository. Name: draft-ietf-anima-brski-prm Revision: 23 Title: BRSKI with Pledge in Responder Mode (BRSKI-PRM) Date: 2025-06-03 Group: anima Pages: 123 The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-anima-brski-prm/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-anima-brski-prm-23.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-brski-prm-23 Abstract: This document defines enhancements to Bootstrapping Remote Secure Key Infrastructure (BRSKI, RFC8995) as BRSKI with Pledge in Responder Mode (BRSKI-PRM). BRSKI-PRM supports the secure bootstrapping of devices, referred to as pledges, into a domain where direct communication with the registrar is either limited or not possible at all. To facilitate interaction between a pledge and a domain registrar the registrar-agent is introduced as new component. The registrar-agent supports the reversal of the interaction model from a pledge-initiated mode, to a pledge-responding mode, where the pledge is in a server role. To establish the trust relation between pledge and registrar, BRSKI-PRM relies on object security rather than transport security. This approach is agnostic to enrollment protocols that connect a domain registrar to a key infrastructure (e.g., domain Certification Authority). The IETF Secretariat _______________________________________________ Anima mailing list -- [email protected] To unsubscribe send an email to [email protected]
