@techreport{ietf-anima-constrained-join-proxy-10, number = {draft-ietf-anima-constrained-join-proxy-10}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/html/draft-ietf-anima-constrained-join-proxy-10}, author = {Michael Richardson and Peter Van der Stok and Panos Kampanakis}, title = {{Constrained Join Proxy for Bootstrapping Protocols}}, pagetotal = 24, year = 2022, month = apr, day = 14, abstract = {This document extends the work of Bootstrapping Remote Secure Key Infrastructures (BRSKI) by replacing the Circuit-proxy between Pledge and Registrar by a stateless/stateful constrained Join Proxy. The constrained Join Proxy is a mesh neighbor of the Pledge and can relay a DTLS session originating from a Pledge with only link-local addresses to a Registrar which is not a mesh neighbor of the Pledge. This document defines a protocol to securely assign a Pledge to a domain, represented by a Registrar, using an intermediary node between Pledge and Registrar. This intermediary node is known as a "constrained Join Proxy". An enrolled Pledge can act as a constrained Join Proxy.}, }