Bootstrapping Key Infrastructures
draft-pritikin-bootstrapping-keyinfrastructures-00

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Last updated 2014-07-21 (latest revision 2014-01-15)
Replaced by draft-pritikin-anima-bootstrapping-keyinfra
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-pritikin-bootstrapping-keyinfrastructures-00.txt

Abstract

This document specifies automated bootstrapping of an key infrastructure using vendor installed IEEE 802.1AR manufacturing installed certificates, in combination with a vendor based cloud service. Before being authenticated, a new device has only link- local connectivity, and does not require a routable address. When a vendor cloud service is provided devices can be forced to join only specific domains but for contrained environments we describe a variety of options that allow bootstrapping to proceed.

Authors

Max Pritikin (pritikin@cisco.com)
Michael Behringer (mbehring@cisco.com)
Steinthor Bjarnason (sbjarnas@cisco.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)