Secure Zero Touch Provisioning (SZTP)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: firstname.lastname@example.org, The IESG <email@example.com>, Bert Wijnen <firstname.lastname@example.org>, Mahesh Jethanandani <email@example.com>, firstname.lastname@example.org, email@example.com, Bert Wijnen <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com Subject: Protocol Action: 'Secure Zero Touch Provisioning (SZTP)' to Proposed Standard (draft-ietf-netconf-zerotouch-28.txt) The IESG has approved the following document: - 'Secure Zero Touch Provisioning (SZTP)' (draft-ietf-netconf-zerotouch-28.txt) as Proposed Standard This document is the product of the Network Configuration Working Group. The IESG contact persons are Warren Kumari and Ignas Bagdonas. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-netconf-zerotouch/
Technical Summary This draft presents a technique to securely provision a networking device when it is booting in a factory-default state. Variations in the solution enables it to be used on both public and private networks. The provisioning steps are able to update the boot image, commit an initial configuration, and execute arbitrary scripts to address auxiliary needs. The updated device is subsequently able to establish secure management connections with other systems. Working Group Summary There were no exceptional events during WG process for this document. It received a substantial amount of attention, multiple detailed reviews, and the development from the start has been driven by operational requirements. There was a smooth consensus reached for the document. Document Quality There are no known implementations as of the time of publication. There is interest from vendor community to implement it. There is a significant interest from operator community to have this mechanism implemented. Personnel Document Shepherd is Mahesh Jethanandani. Responsible Area Director is Ignas Bagdonas. IANA Note The document adds new entries to existing IANA registries. The document does not create any new IANA registries.