Skip to main content

BRSKI-AE: Alternative Enrollment Protocols in BRSKI
draft-ietf-anima-brski-async-enroll-05

Document Type Replaced Internet-Draft (anima WG)
Authors David von Oheimb , Steffen Fries , Hendrik Brockhaus , Eliot Lear
Last updated 2022-03-07
Replaces draft-fries-anima-brski-async-enroll
Replaced by draft-ietf-anima-brski-ae
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Formats
Expired & archived
plain text html xml htmlized pdfized bibtex
Reviews
Additional resources GitHub Repository
Mailing list discussion
Stream WG state WG Document
Document shepherd Toerless Eckert
IESG IESG state Replaced by draft-ietf-anima-brski-ae
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to tte@cs.fau.de
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-ietf-anima-brski-async-enroll-05.txt

Abstract

This document enhances Bootstrapping Remote Secure Key Infrastructure (BRSKI, [RFC8995]) to allow employing alternative enrollment protocols, such as CMP. Using self-contained signed objects, the origin of enrollment requests and responses can be authenticated independently of message transfer. This supports end-to-end security and asynchronous operation of certificate enrollment and provides flexibility where to authenticate and authorize certification requests.

Authors

David von Oheimb
Steffen Fries
Hendrik Brockhaus
Eliot Lear

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)