Skip to main content

Voucher and Voucher Revocation Profiles for Bootstrapping Protocols

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Kent Watsen , Michael Richardson , Max Pritikin , Toerless Eckert
Last updated 2016-10-31
Replaced by draft-kwatsen-anima-voucher
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-kwatsen-anima-voucher
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This memo defines the two artifacts "voucher" and "voucher- revocation", which are YANG-defined structures that have been signed by a TBD algorithm. The voucher artifact is generated by the device's manufacture or delegate. The voucher's purpose is to securely assign one or more devices to an owner. The voucher informs each device which entity it should consider to be its owner. The voucher revocation artifact is used by the manufacturer or delegate (i.e. the issuer of the voucher) to revoke vouchers, if ever necessary. The voucher revocation format defined herein supports both issuer-wide and voucher-specific constructs, enabling usage flexibility. For both artifacts, this memo only defines the artifact, leaving it to future work to describe specialized protocols for accessing them.


Kent Watsen
Michael Richardson
Max Pritikin
Toerless Eckert

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)