Constrained Join Proxy for Bootstrapping Protocols
draft-ietf-anima-constrained-join-proxy-13

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
Authors Michael Richardson , Peter Van der Stok , Panos Kampanakis
Last updated 2023-04-26 (Latest revision 2022-10-23)
Replaces draft-vanderstok-anima-constrained-join-proxy
RFC stream Internet Engineering Task Force (IETF)
Formats
txt html xml htmlized pdf bibtex bibxml
Reviews
OPSDIR Last Call review (of -14) by Jürgen Schönwälder Has issues
GENART Last Call review (of -14) by Ines Robles Almost ready
SECDIR Last Call review (of -14) by Mališa Vučinić Has nits
IOTDIR Last Call review (of -14) by Russ Housley Almost ready
OPSDIR Telechat review (of -10) by Jürgen Schönwälder Has issues
ARTART Last Call review (of -10) by Rich Salz Ready w/nits
TSVART Last Call review (of -10) by Spencer Dawkins Ready
GENART Last Call review (of -09) by Ines Robles On the Right Track
SECDIR Last Call review (of -09) by Mališa Vučinić Has issues
OPSDIR Last Call review (of -09) by Jürgen Schönwälder Serious Issues
IOTDIR Last Call review (of -05) by Russ Housley On the Right Track
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd Sheng Jiang
Shepherd write-up Show Last changed 2022-02-24
IESG IESG state Expired (IESG: Dead)
Consensus boilerplate Yes
Telechat date (None)
Responsible AD Robert Wilton
Send notices to jiangsheng@huawei.com
IANA IANA review state Version Changed - Review Needed
IANA expert review state Issues identified
IANA expert review comments From the designated expert for Resource Type (rt=) Link Target Attribute Values: I looked at the registration requests in the draft. They use somewhat unusual language about discovering ports - resource discovery is understood to discover resources. For brski.jp, this appears to be about discovering a CoAP or CoAPs entry point (without describing how exactly that is then used, e.g., what happens if that has a different IP address in the authority than the request address). For brski.rjp, this appears to be about discovering an entry point for a protocol that I don’t seem to fully understand the description for. I didn’t try to obtain a deep understanding of the protocol before writing this, but I would prefer if the language used for the description were understandable for other registrants in this registry, i.e., discussing resources, not ports (port numbers?). All the other criteria for a registration appear to be fulfilled.
Email authors Email WG IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt html xml htmlized pdf bibtex bibxml

Abstract

This document extends the work of Bootstrapping Remote Secure Key Infrastructures (BRSKI) by replacing the (stateful) TLS Circuit proxy between Pledge and Registrar with a stateless or stateful Circuit proxy using CoAP which is called the constrained Join Proxy. The constrained Join Proxy is a mesh neighbor of the Pledge and can relay a DTLS session originating from a Pledge with only link-local addresses to a Registrar which is not a mesh neighbor of the Pledge. Like the BRSKI Circuit proxy, this constrained Join Proxy eliminates the need of Pledges to have routeable IP addresses before enrolment by utilizing link-local addresses. Use of the constrained Join Proxy also eliminates the need of the Pledge to authenticate to the network or perform network-wide Registrar discover before enrolment.

Authors

Michael Richardson
Peter Van der Stok
Panos Kampanakis

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)