BRSKI-AE: Alternative Enrollment Protocols in BRSKI
draft-ietf-anima-brski-async-enroll-05
Document | Type |
Replaced Internet-Draft
(anima WG)
Expired & archived
|
|
---|---|---|---|
Authors | David von Oheimb , Steffen Fries , Hendrik Brockhaus , Eliot Lear | ||
Last updated | 2022-03-07 | ||
Replaces | draft-fries-anima-brski-async-enroll | ||
Replaced by | draft-ietf-anima-brski-ae | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Reviews | |||
Additional resources |
GitHub Repository
Mailing list discussion |
||
Stream | WG state | WG Document | |
Document shepherd | Toerless Eckert | ||
IESG | IESG state | Replaced by draft-ietf-anima-brski-ae | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | tte@cs.fau.de |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document enhances Bootstrapping Remote Secure Key Infrastructure (BRSKI, [RFC8995]) to allow employing alternative enrollment protocols, such as CMP. Using self-contained signed objects, the origin of enrollment requests and responses can be authenticated independently of message transfer. This supports end-to-end security and asynchronous operation of certificate enrollment and provides flexibility where to authenticate and authorize certification requests.
Authors
David von Oheimb
Steffen Fries
Hendrik Brockhaus
Eliot Lear
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)