draft-ietf-anima-bootstrapping-keyinfra-42.txt   draft-ietf-anima-bootstrapping-keyinfra-43.txt 
ANIMA WG M. Pritikin ANIMA WG M. Pritikin
Internet-Draft Cisco Internet-Draft Cisco
Intended status: Standards Track M. Richardson Intended status: Standards Track M. Richardson
Expires: 5 February 2021 Sandelman Expires: 8 February 2021 Sandelman
T.T.E. Eckert T.T.E. Eckert
Futurewei USA Futurewei USA
M.H. Behringer M.H. Behringer
K.W. Watsen K.W. Watsen
Watsen Networks Watsen Networks
4 August 2020 7 August 2020
Bootstrapping Remote Secure Key Infrastructures (BRSKI) Bootstrapping Remote Secure Key Infrastructures (BRSKI)
draft-ietf-anima-bootstrapping-keyinfra-42 draft-ietf-anima-bootstrapping-keyinfra-43
Abstract Abstract
This document specifies automated bootstrapping of an Autonomic This document specifies automated bootstrapping of an Autonomic
Control Plane. To do this a Secure Key Infrastructure is Control Plane. To do this a Secure Key Infrastructure is
bootstrapped. This is done using manufacturer-installed X.509 bootstrapped. This is done using manufacturer-installed X.509
certificates, in combination with a manufacturer's authorizing certificates, in combination with a manufacturer's authorizing
service, both online and offline. We call this process the service, both online and offline. We call this process the
Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol. Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol.
Bootstrapping a new device can occur using a routable address and a Bootstrapping a new device can occur using a routable address and a
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 5 February 2021. This Internet-Draft will expire on 8 February 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 37, line 23 skipping to change at page 37, line 23
The registrar SHOULD announce itself so that proxies can find it and The registrar SHOULD announce itself so that proxies can find it and
determine what kind of connections can be terminated. determine what kind of connections can be terminated.
The registrar announces itself using ACP instance of GRASP using The registrar announces itself using ACP instance of GRASP using
M_FLOOD messages. A registrar may announce any convenient port M_FLOOD messages. A registrar may announce any convenient port
number, including using a stock port 443. ANI proxies MUST support number, including using a stock port 443. ANI proxies MUST support
GRASP discovery of registrars. GRASP discovery of registrars.
The M_FLOOD is formatted as follows: The M_FLOOD is formatted as follows:
[M_FLOOD, 12340815, h'fda379a6f6ee00000200000064000001', 180000, [M_FLOOD, 51804321, h'fda379a6f6ee00000200000064000001', 180000,
[["AN_join_registrar", 4, 255, "EST-TLS"], [["AN_join_registrar", 4, 255, "EST-TLS"],
[O_IPv6_LOCATOR, [O_IPv6_LOCATOR,
h'fda379a6f6ee00000200000064000001', IPPROTO_TCP, 8443]]] h'fda379a6f6ee00000200000064000001', IPPROTO_TCP, 8443]]]
Figure 12: An example of a Registrar announcement message Figure 12: An example of a Registrar announcement message
The formal CDDL definition is: The formal CDDL definition is:
<CODE BEGINS> file "jrcgrasp.cddl" <CODE BEGINS> file "jrcgrasp.cddl"
flood-message = [M_FLOOD, session-id, initiator, ttl, flood-message = [M_FLOOD, session-id, initiator, ttl,
skipping to change at page 93, line 38 skipping to change at page 93, line 38
members, including Adam Roach, Alexey Melnikov, Alissa Cooper, members, including Adam Roach, Alexey Melnikov, Alissa Cooper,
Benjamin Kaduk, Eric Vyncke, Roman Danyliw, and Magnus Westerlund. Benjamin Kaduk, Eric Vyncke, Roman Danyliw, and Magnus Westerlund.
13. References 13. References
13.1. Normative References 13.1. Normative References
[I-D.ietf-anima-autonomic-control-plane] [I-D.ietf-anima-autonomic-control-plane]
Eckert, T., Behringer, M., and S. Bjarnason, "An Autonomic Eckert, T., Behringer, M., and S. Bjarnason, "An Autonomic
Control Plane (ACP)", Work in Progress, Internet-Draft, Control Plane (ACP)", Work in Progress, Internet-Draft,
draft-ietf-anima-autonomic-control-plane-24, 9 March 2020, draft-ietf-anima-autonomic-control-plane-28, 28 July 2020,
<http://www.ietf.org/internet-drafts/draft-ietf-anima- <http://www.ietf.org/internet-drafts/draft-ietf-anima-
autonomic-control-plane-24.txt>. autonomic-control-plane-28.txt>.
[I-D.ietf-anima-grasp] [I-D.ietf-anima-grasp]
Bormann, C., Carpenter, B., and B. Liu, "A Generic Bormann, C., Carpenter, B., and B. Liu, "A Generic
Autonomic Signaling Protocol (GRASP)", Work in Progress, Autonomic Signaling Protocol (GRASP)", Work in Progress,
Internet-Draft, draft-ietf-anima-grasp-15, 13 July 2017, Internet-Draft, draft-ietf-anima-grasp-15, 13 July 2017,
<http://www.ietf.org/internet-drafts/draft-ietf-anima- <http://www.ietf.org/internet-drafts/draft-ietf-anima-
grasp-15.txt>. grasp-15.txt>.
[IDevID] "IEEE 802.1AR Secure Device Identifier", December 2009, [IDevID] "IEEE 802.1AR Secure Device Identifier", December 2009,
<http://standards.ieee.org/findstds/standard/802.1AR- <http://standards.ieee.org/findstds/standard/802.1AR-
skipping to change at page 98, line 16 skipping to change at page 98, line 16
Stok, P., Kampanakis, P., Richardson, M., and S. Raza, Stok, P., Kampanakis, P., Richardson, M., and S. Raza,
"EST over secure CoAP (EST-coaps)", Work in Progress, "EST over secure CoAP (EST-coaps)", Work in Progress,
Internet-Draft, draft-ietf-ace-coap-est-18, 6 January Internet-Draft, draft-ietf-ace-coap-est-18, 6 January
2020, <http://www.ietf.org/internet-drafts/draft-ietf-ace- 2020, <http://www.ietf.org/internet-drafts/draft-ietf-ace-
coap-est-18.txt>. coap-est-18.txt>.
[I-D.ietf-anima-constrained-voucher] [I-D.ietf-anima-constrained-voucher]
Richardson, M., Stok, P., and P. Kampanakis, "Constrained Richardson, M., Stok, P., and P. Kampanakis, "Constrained
Voucher Artifacts for Bootstrapping Protocols", Work in Voucher Artifacts for Bootstrapping Protocols", Work in
Progress, Internet-Draft, draft-ietf-anima-constrained- Progress, Internet-Draft, draft-ietf-anima-constrained-
voucher-07, 15 January 2020, <http://www.ietf.org/ voucher-08, 13 July 2020, <http://www.ietf.org/internet-
internet-drafts/draft-ietf-anima-constrained-voucher- drafts/draft-ietf-anima-constrained-voucher-08.txt>.
07.txt>.
[I-D.ietf-anima-reference-model] [I-D.ietf-anima-reference-model]
Behringer, M., Carpenter, B., Eckert, T., Ciavaglia, L., Behringer, M., Carpenter, B., Eckert, T., Ciavaglia, L.,
and J. Nobre, "A Reference Model for Autonomic and J. Nobre, "A Reference Model for Autonomic
Networking", Work in Progress, Internet-Draft, draft-ietf- Networking", Work in Progress, Internet-Draft, draft-ietf-
anima-reference-model-10, 22 November 2018, anima-reference-model-10, 22 November 2018,
<http://www.ietf.org/internet-drafts/draft-ietf-anima- <http://www.ietf.org/internet-drafts/draft-ietf-anima-
reference-model-10.txt>. reference-model-10.txt>.
[I-D.ietf-netconf-keystore] [I-D.ietf-netconf-keystore]
Watsen, K., "A YANG Data Model for a Keystore", Work in Watsen, K., "A YANG Data Model for a Keystore", Work in
Progress, Internet-Draft, draft-ietf-netconf-keystore-17, Progress, Internet-Draft, draft-ietf-netconf-keystore-19,
20 May 2020, <http://www.ietf.org/internet-drafts/draft- 10 July 2020, <http://www.ietf.org/internet-drafts/draft-
ietf-netconf-keystore-17.txt>. ietf-netconf-keystore-19.txt>.
[I-D.richardson-anima-state-for-joinrouter] [I-D.richardson-anima-state-for-joinrouter]
Richardson, M., "Considerations for stateful vs stateless Richardson, M., "Considerations for stateful vs stateless
join router in ANIMA bootstrap", Work in Progress, join router in ANIMA bootstrap", Work in Progress,
Internet-Draft, draft-richardson-anima-state-for- Internet-Draft, draft-richardson-anima-state-for-
joinrouter-02, 25 January 2018, <http://www.ietf.org/ joinrouter-02, 25 January 2018, <http://www.ietf.org/
internet-drafts/draft-richardson-anima-state-for- internet-drafts/draft-richardson-anima-state-for-
joinrouter-02.txt>. joinrouter-02.txt>.
[imprinting] [imprinting]
 End of changes. 9 change blocks. 
13 lines changed or deleted 12 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/