@techreport{ietf-anima-brski-ae-01, number = {draft-ietf-anima-brski-ae-01}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/html/draft-ietf-anima-brski-ae-01}, author = {David von Oheimb and Steffen Fries and Hendrik Brockhaus and Eliot Lear}, title = {{BRSKI-AE: Alternative Enrollment Protocols in BRSKI}}, pagetotal = 30, year = 2022, month = apr, day = 6, abstract = {This document enhances Bootstrapping Remote Secure Key Infrastructure (BRSKI, RFC 8995) to allow employing alternative enrollment protocols, such as CMP. Using self-contained signed objects, the origin of enrollment requests and responses can be authenticated independently of message transfer. This supports end-to-end security and asynchronous operation of certificate enrollment and provides flexibility where to authenticate and authorize certification requests.}, }