@techreport{ietf-anima-constrained-join-proxy-16,
    number =    {draft-ietf-anima-constrained-join-proxy-16},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-anima-constrained-join-proxy/16/},
    author =    {Michael Richardson and Peter Van der Stok and Panos Kampanakis and Esko Dijk},
    title =     {{Join Proxy for Bootstrapping of Constrained Network Elements}},
    pagetotal = 35,
    year =      2025,
    month =     jan,
    day =       23,
    abstract =  {This document extends the constrained Bootstrapping Remote Secure Key Infrastructures (cBRSKI) onboarding protocol by adding a new network function, the constrained Join Proxy. This function can be implemented by a constrained node {[}RFC7228{]}. The goal of the Join Proxy is to help new constrained nodes ("Pledges") securely onboard into a new IP network using the cBRSKI protocol. It acts as a circuit proxy for User Datagram Protocol (UDP) packets that carry the onboarding messages. The solution is extendible to support other UDP-based onboarding protocols as well. The Join Proxy functionality is designed for use in constrained networks {[}RFC7228{]}, including IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) {[}RFC4944{]} based mesh networks in which the onboarding authority server ("Registrar") may be multiple IP hops away from a Pledge. Despite this distance, the Pledge only needs to use link-local UDP communication to complete cBRSKI onboarding. Two modes of Join Proxy operation are defined, stateless and stateful, to allow implementers to make different trade-offs regarding resource usage, implementation complexity and security.},
}