Skip to main content

Delegated Authority for Bootstrap Voucher Artifacts

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Michael Richardson , Wei Pan
Last updated 2021-03-22
Replaced by draft-ietf-anima-voucher-delegation
RFC stream (None)
Intended RFC status (None)
Yang Validation 0 errors, 2 warnings
Additional resources Yang catalog entry for ietf-delegated-voucher@2020-01-06.yang
Yang impact analysis for draft-richardson-anima-voucher-delegation
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-anima-voucher-delegation
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document describes an extension of the RFC8366 Voucher Artifact in order to support delegation of signing authority. The initial voucher pins a public identity, and that public indentity can then issue additional vouchers. This chain of authorization can support permission-less resale of devices, as well as guarding against business failure of the BRSKI [I-D.ietf-anima-bootstrapping-keyinfra] Manufacturer Authorized Signing Authority (MASA).


Michael Richardson
Wei Pan

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)