The IESG has received a request from the Autonomic Networking Integrated Model and Approach WG (anima) to consider the following document: - 'Bootstrapping Remote Secure Key Infrastructures (BRSKI)' <draft-ietf-anima-bootstrapping-keyinfra-16.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2018-10-02. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies automated bootstrapping of a remote secure key infrastructure (BRSKI) using manufacturer installed X.509 certificate, in combination with a manufacturer's authorizing service, both online and offline. Bootstrapping a new device can occur using a routable address and a cloud service, or using only link-local connectivity, or on limited/disconnected networks. Support for lower security models, including devices with minimal identity, is described for legacy reasons but not encouraged. Bootstrapping is complete when the cryptographic identity of the new key infrastructure is successfully deployed to the device but the established secure connection can be used to deploy a locally issued certificate to the device as well. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/ballot/ The following IPR Declarations may be related to this I-D: https://datatracker.ietf.org/ipr/2816/ https://datatracker.ietf.org/ipr/3233/ https://datatracker.ietf.org/ipr/2463/ The document contains these normative downward references. See RFC 3967 for additional information: rfc3542: Advanced Sockets Application Program Interface (API) for IPv6 (Informational - IETF stream) rfc7228: Terminology for Constrained-Node Networks (Informational - IETF stream)
