Skip to main content

Secure Zero Touch Provisioning (SZTP)
RFC 8572

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc:, The IESG <>, Bert Wijnen <>, Mahesh Jethanandani <>,,, Bert Wijnen <>,,,
Subject: Protocol Action: 'Secure Zero Touch Provisioning (SZTP)' to Proposed Standard (draft-ietf-netconf-zerotouch-28.txt)

The IESG has approved the following document:
- 'Secure Zero Touch Provisioning (SZTP)'
  (draft-ietf-netconf-zerotouch-28.txt) as Proposed Standard

This document is the product of the Network Configuration Working Group.

The IESG contact persons are Warren Kumari and Ignas Bagdonas.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

This draft presents a technique to securely provision a networking device when it is booting in a factory-default state. Variations in the solution enables it to be used on both public and private networks. The provisioning steps are able to update the boot image, commit an initial configuration, and execute arbitrary scripts to address auxiliary needs. The updated device is subsequently able to establish secure management connections with other systems.  

Working Group Summary

There were no exceptional events during WG process for this document. It received a substantial amount of attention, multiple detailed reviews, and the development from the start has been driven by operational requirements. There was a smooth consensus reached for the document. 

Document Quality

There are no known implementations as of the time of publication. There is interest from vendor community to implement it. There is a significant interest from operator community to have this mechanism implemented. 


Document Shepherd is Mahesh Jethanandani. Responsible Area Director is Ignas Bagdonas. 


The document adds new entries to existing IANA registries. The document does not create any new IANA registries. 

RFC Editor Note