BRSKI-AE: Alternative Enrollment Protocols in BRSKI
draft-ietf-anima-brski-async-enroll-05
| Document | Type | Replaced Internet-Draft (anima WG) | |
|---|---|---|---|
| Authors | David von Oheimb , Steffen Fries , Hendrik Brockhaus , Eliot Lear | ||
| Last updated | 2022-03-07 | ||
| Replaces | draft-fries-anima-brski-async-enroll | ||
| Replaced by | draft-ietf-anima-brski-ae | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
plain text
html
xml
htmlized
pdfized
bibtex
|
||
| Reviews |
YANGDOCTORS Early review
(of
-03)
Not Ready
|
||
| Additional resources |
GitHub Repository
Mailing list discussion |
||
| Stream | WG state | WG Document | |
| Document shepherd | Toerless Eckert | ||
| IESG | IESG state | Replaced by draft-ietf-anima-brski-ae | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | tte@cs.fau.de |
https://www.ietf.org/archive/id/draft-ietf-anima-brski-async-enroll-05.txt
Abstract
This document enhances Bootstrapping Remote Secure Key Infrastructure (BRSKI, [RFC8995]) to allow employing alternative enrollment protocols, such as CMP. Using self-contained signed objects, the origin of enrollment requests and responses can be authenticated independently of message transfer. This supports end-to-end security and asynchronous operation of certificate enrollment and provides flexibility where to authenticate and authorize certification requests.
Authors
David von Oheimb
Steffen Fries
Hendrik Brockhaus
Eliot Lear
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)