BRSKI-AE: Alternative Enrollment Protocols in BRSKI
draft-ietf-anima-brski-async-enroll-05
| Document | Type |
Replaced Internet-Draft
(anima WG)
Expired & archived
|
|
|---|---|---|---|
| Authors | David von Oheimb , Steffen Fries , Hendrik Brockhaus , Eliot Lear | ||
| Last updated | 2022-03-07 | ||
| Replaces | draft-fries-anima-brski-async-enroll | ||
| Replaced by | draft-ietf-anima-brski-ae | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Reviews | |||
| Additional resources |
GitHub Repository
Mailing list discussion |
||
| Stream | WG state | WG Document | |
| Document shepherd | Toerless Eckert | ||
| IESG | IESG state | Replaced by draft-ietf-anima-brski-ae | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | tte@cs.fau.de |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document enhances Bootstrapping Remote Secure Key Infrastructure (BRSKI, [RFC8995]) to allow employing alternative enrollment protocols, such as CMP. Using self-contained signed objects, the origin of enrollment requests and responses can be authenticated independently of message transfer. This supports end-to-end security and asynchronous operation of certificate enrollment and provides flexibility where to authenticate and authorize certification requests.
Authors
David von Oheimb
Steffen Fries
Hendrik Brockhaus
Eliot Lear
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)