A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Autonomic Networking Integrated Model and
Approach WG of the IETF.
Title : Bootstrapping Remote Secure Key Infrastructures
(BRSKI)
Authors : Max
Toerless Eckert wrote:
>> "Registrar". The term JRC is used in common with other bootstrap
>> mechanisms.
>>
>> + (Public) Key Infrastructure: The collection of systems and processes
>> + that sustain the activities of a public key system. In an
On Wed, Feb 21, 2018 at 02:45:12AM +, Max Pritikin (pritikin) wrote:
>
> The MASA is a certifier of vouchers. A voucher isn???t really a PKI construct
> today. Its more of a distribution of trust-anchor or ???pinned cert???
> construct used to bootstrap a PKI because the PKI???s don???t
Toerless Eckert wrote:
> Thanks, Michael
> Can't see a commit on github since 6 dyays ago, maybe in different branch
?
> Comments for now therefore inline against your email.
Yeah, it's on the toerless-terminology-comments branch.
About to be in -11.
--
Michael
> On Feb 20, 2018, at 7:38 PM, Toerless Eckert wrote:
>
> Thanks, Michael
> Can't see a commit on github since 6 dyays ago, maybe in different branch ?
> Comments for now therefore inline against your email.
>
> On Tue, Feb 20, 2018 at 07:54:40PM -0500, Michael Richardson
Toerless Eckert wrote:
> Overall:
> a) Requirements about EST:
> - The introduction says: "Integration with a complete EST enrollment is
> optional but trivial"
> - 5.8.3 says "The Pledge MUST request a new client certificate".
> - 1.4 says "bootstrapped
Max Pritikin (pritikin) wrote:
>>> b) Key infrastructure
>>
>>> There is no definition/reference for this term. Please describe on
>>> first use and in terminology. Is there a difference
>>> between "key infrastructure" and "keying material" ? If
On Tue, Feb 20, 2018 at 03:30:14PM +0530, Anoop Kumar Pandey wrote:
> Trusted world is something like "every entity in the domain is a trusted
> entity." Also in this case, trust can be derived. For example, if a pledge
> is issued by a trusted/enlisted MI, then that pledge can also be trusted.
>
>"I do not know what a 'trusted world' is, we have not been using that term
in ANIMA.
>Do you mind to elaborate what you think is redundant in the
"cryptographically maintained long procedure" ?"
Trusted world is something like "every entity in the domain is a trusted
entity." Also in this