Voucher and Voucher Revocation Profiles for Bootstrapping Protocols
draft-kwatsen-netconf-voucher-00
Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Kent Watsen , Michael Richardson , Max Pritikin , Toerless Eckert | ||
Last updated | 2016-10-31 | ||
Replaced by | draft-kwatsen-anima-voucher | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Replaced by draft-kwatsen-anima-voucher | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This memo defines the two artifacts "voucher" and "voucher- revocation", which are YANG-defined structures that have been signed by a TBD algorithm. The voucher artifact is generated by the device's manufacture or delegate. The voucher's purpose is to securely assign one or more devices to an owner. The voucher informs each device which entity it should consider to be its owner. The voucher revocation artifact is used by the manufacturer or delegate (i.e. the issuer of the voucher) to revoke vouchers, if ever necessary. The voucher revocation format defined herein supports both issuer-wide and voucher-specific constructs, enabling usage flexibility. For both artifacts, this memo only defines the artifact, leaving it to future work to describe specialized protocols for accessing them.
Authors
Kent Watsen
Michael Richardson
Max Pritikin
Toerless Eckert
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)