From nobody Tue Nov  1 08:30:33 2016
Return-Path: <Michel.Veillette@trilliantinc.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9763C129AA6; Tue,  1 Nov 2016 08:30:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level: 
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=trilliant.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FBQBLqb9BRzn; Tue,  1 Nov 2016 08:30:29 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0137.outbound.protection.outlook.com [104.47.38.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CFBD129AB6; Tue,  1 Nov 2016 08:30:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Trilliant.onmicrosoft.com; s=selector1-trilliantinc-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=rlUHUzknxgNVNW+HFnXmDyPGJX8X9lKgKDCNFJVwq4U=; b=QQfH4mDVVN5xhRtSD4eW0Fbchl2ihyFHkab1EKoSYKL/xi2zDF5JYO/s0TBenv7qMeQE7YKPOP7qzVEZARMC6/4uHjl3RJSobv79k8u7mzZmKG24OYnyZ329OaMC0+HYTqgjzhnHlALSndLH1KPbeyITbiow8LYwhAXYXSNEjbk=
Received: from BN6PR06MB2308.namprd06.prod.outlook.com (10.173.19.139) by BN6PR06MB2611.namprd06.prod.outlook.com (10.173.145.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.693.12; Tue, 1 Nov 2016 15:30:27 +0000
Received: from BN6PR06MB2308.namprd06.prod.outlook.com ([10.173.19.139]) by BN6PR06MB2308.namprd06.prod.outlook.com ([10.173.19.139]) with mapi id 15.01.0679.015; Tue, 1 Nov 2016 15:30:26 +0000
From: Michel Veillette <Michel.Veillette@trilliantinc.com>
To: "consultancy@vanderstok.org" <consultancy@vanderstok.org>, Anima-bootstrap <anima-bootstrap@ietf.org>, Core <core@ietf.org>
Thread-Topic: [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
Thread-Index: AQHSMfbT9L6wtjR1qUmGz/IT6U8mBaDEQd4g
Date: Tue, 1 Nov 2016 15:30:26 +0000
Message-ID: <BN6PR06MB23085179D4DE382A6E21C125FEA10@BN6PR06MB2308.namprd06.prod.outlook.com>
References: <147775346922.30618.14590857285848221161.idtracker@ietfa.amsl.com> <e191cf557b00e7003048fac4e72ba59c@xs4all.nl>
In-Reply-To: <e191cf557b00e7003048fac4e72ba59c@xs4all.nl>
Accept-Language: fr-CA, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michel.Veillette@trilliantinc.com; 
x-originating-ip: [207.96.192.122]
x-microsoft-exchange-diagnostics: 1; BN6PR06MB2611; 7:B7fYQN55Pn5Q8pLf3MApLWHjyW1bBoshhLdSY0U3ck5lmUvUv2uCNZzy35XShCT8WWsQFMgTx2JVoGmxniSp0c574hDlutqTyayAPn8nlncPMBVLcRQMd33g9ZBrhE0eJhEHF5oG+rDvOXPc0G7+4ZRgmzwVmxt2KVVLKDcy6jUvMx9oF/hiZwkBLt+k9pyBJCWhZWLhiY9/yMSrbtZAEFbm30xhw2xbzentIermciwYPk/FS/Kc1dVNQIpz1ZJTqpeH11qsYJl2/nISPJsuRX4n/OOURGNP1k90zwCcWy+pVzx9qotu17Kl06L7GeLfD2bdLA7f3yYZzoFZKz/HS1M9nnsGNx+kByqj1iC9EOY=
x-forefront-antispam-report: SFV:SKI; SCL:-1SFV:NSPM; SFS:(10019020)(6009001)(7916002)(199003)(377454003)(377424004)(13464003)(189002)(2950100002)(7736002)(54356999)(15975445007)(5002640100001)(2900100001)(77096005)(76176999)(15650500001)(8676002)(50986999)(81166006)(86362001)(230783001)(81156014)(8936002)(3660700001)(101416001)(92566002)(2501003)(586003)(122556002)(74316002)(3280700002)(33656002)(9686002)(31430400001)(68736007)(2906002)(305945005)(107886002)(5660300001)(99286002)(105586002)(66066001)(189998001)(5001770100001)(3846002)(106116001)(6116002)(76576001)(102836003)(7846002)(19580405001)(7696004)(97736004)(19580395003)(87936001)(4001150100001)(10400500002)(106356001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR06MB2611; H:BN6PR06MB2308.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords;  A:1; MX:1; LANG:en; 
x-ms-office365-filtering-correlation-id: 5a183daa-99a4-4415-4fc9-08d4026c011d
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN6PR06MB2611;
x-microsoft-antispam-prvs: <BN6PR06MB261191F38D0F99B8E137A3B0FEA10@BN6PR06MB2611.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(120809045254105)(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001);  SRVR:BN6PR06MB2611; BCL:0; PCL:0; RULEID:; SRVR:BN6PR06MB2611; 
x-forefront-prvs: 01136D2D90
received-spf: None (protection.outlook.com: trilliantinc.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: trilliantinc.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Nov 2016 15:30:26.2392 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4f6fbd13-0dfb-4150-85c3-d43260c04309
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR06MB2611
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/feJyyot7hZWx503WGIjMsmpYgok>
Subject: Re: [Anima-bootstrap] [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 15:30:31 -0000

Hi Peter

In section 3 of "draft-vanderstok-core-coap-est-00", "Server-generated key"=
 is listed as supported.
This service returns two components, a PKCS8 containing the private key mat=
erial and a PKCS7 containing the device certificate chain.
In RFC7030, this information is returned using a Content-Type: multipart/mi=
xed.
How this is supported in "draft-vanderstok-core-coap-est-00"?

     REQ: POST /.well-known/est/serverkeygen (Content-Format: application/p=
kcs10)
     <ASN.1 CertificationRequest>  // Certificate request carry in a PKCS10
 =20
    RES: 2.05 Content (Content-Format: ???)
    <ASN.1 ContentSet>            // Private key material for this node car=
ry in a PKCS8
    <ASN.1 ContentInfo>           // Certificate and associated PKI for thi=
s node carry in a PKCS7

Regards,
Michel

-----Original Message-----
From: core [mailto:core-bounces@ietf.org] On Behalf Of peter van der Stok
Sent: Saturday, October 29, 2016 11:12 AM
To: Anima-bootstrap <anima-bootstrap@ietf.org>; Core <core@ietf.org>
Subject: [core] Fwd: New Version Notification for draft-vanderstok-core-coa=
p-est-00.txt

Dear all,

we have submitted a new draft  Enrollment over Secure Transport (EST) over =
coaps to make BRSKI over coap possible.
We expect (parts of) this draft to be integrated with coap-bootstrap draft =
of pritikin and Kampanakis.
This draft removes EST functionality not absolutely needed within the conte=
xt we expect the BRSKI deployment for low-resource devices.

Greetings,

Peter

-------- Oorspronkelijke bericht --------
Onderwerp: New Version Notification for draft-vanderstok-core-coap-est-00.t=
xt
Datum: 2016-10-29 17:04
Afzender: internet-drafts@ietf.org
Ontvanger: "Peter van der Stok" <consultancy@vanderstok.org>, "Peter Van de=
r Stok" <consultancy@vanderstok.org>, "Sandeep Kumar"=20
<ietf@sandeep.de>, "Sandeep S. Kumar" <ietf@sandeep.de>

A new version of I-D, draft-vanderstok-core-coap-est-00.txt
has been successfully submitted by Peter van der Stok and posted to the IET=
F repository.

Name:		draft-vanderstok-core-coap-est
Revision:	00
Title:		EST based on DTLS secured CoAP (EST-coaps)
Document date:	2016-10-29
Group:		Individual Submission
Pages:		15
URL:           =20
https://www.ietf.org/internet-drafts/draft-vanderstok-core-coap-est-00.txt
Status:        =20
https://datatracker.ietf.org/doc/draft-vanderstok-core-coap-est/
Htmlized:      =20
https://tools.ietf.org/html/draft-vanderstok-core-coap-est-00


Abstract:
    Low-resource devices in a Low-power and Lossy Network (LLN) can
    operate in a mesh network using the IPv6 over Low-power Personal Area
    Networks (6LoWPAN) and IEEE 802.15.4 link-layer standards.
    Provisioning these devices in a secure manner with keys (often called
    security bootstrapping) used to encrypt and authenticate messages is
    the subject of Bootstrapping of Remote Secure Key Infrastructures
    (BRSKI) [I-D.ietf-anima-bootstrapping-keyinfra].  Enrollment over
    Secure Transport (EST) [RFC7030], based on TLS and HTTP, is used for
    BRSKI.  This document defines how low-resource devices are expected
    to use EST over DTLS and CoAP. 6LoWPAN fragmentation management and
    minor extensions to CoAP are needed to enable EST over DTLS-secured
    CoAP (EST-coaps).




Please note that it may take a couple of minutes from the time of submissio=
n until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

_______________________________________________
core mailing list
core@ietf.org
https://www.ietf.org/mailman/listinfo/core


From nobody Tue Nov  1 08:55:13 2016
Return-Path: <cabo@tzi.org>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DD43129460; Tue,  1 Nov 2016 08:55:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level: 
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 85AuawNi3OBd; Tue,  1 Nov 2016 08:55:09 -0700 (PDT)
Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC815129AB2; Tue,  1 Nov 2016 08:55:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id uA1Ft0MX002818; Tue, 1 Nov 2016 16:55:00 +0100 (CET)
Received: from nar-4.local.mail (p5DC7E34C.dip0.t-ipconnect.de [93.199.227.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3t7bQq70dLz7xmx; Tue,  1 Nov 2016 16:54:59 +0100 (CET)
Date: Tue, 1 Nov 2016 16:34:25 +0100
From: Carsten Bormann <cabo@tzi.org>
To: Michel Veillette <michel.veillette@trilliantinc.com>, "=?utf-8?Q?consultancy=40vanderstok.org?=" <consultancy@vanderstok.org>, Anima-bootstrap <anima-bootstrap@ietf.org>, Core <core@ietf.org>
Message-ID: <etPan.5818bad3.78c6b580.9528@tzi.org>
In-Reply-To: <etPan.5818b52f.a07279a.9528@AirmailxGenerated.am>
References: <147775346922.30618.14590857285848221161.idtracker@ietfa.amsl.com> <e191cf557b00e7003048fac4e72ba59c@xs4all.nl> <etPan.5818b52f.a07279a.9528@AirmailxGenerated.am>
X-Mailer: Airmail (390)
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="5818bad3_28ba0ee2_9528"
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/LKqu65-ZA6Qp786I_eJ1VWyg8cM>
Subject: Re: [Anima-bootstrap] [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 15:55:12 -0000

--5818bad3_28ba0ee2_9528
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Sending around MIME messages between constrained devices doesn=E2=80=99t =
strike me as the optimal way forward.
=46ortunately, we have COSE, which would be an easy way to combine a key =
wrap with some signing info.

Gr=C3=BC=C3=9Fe, Carsten

On 1 November 2016 at 16:30:43, Michel Veillette (michel.veillette=40tril=
liantinc.com) wrote:

Hi Peter =20

In section 3 of =22draft-vanderstok-core-coap-est-00=22, =22Server-genera=
ted key=22 is listed as supported. =20
This service returns two components, a PKCS8 containing the private key m=
aterial and a PKCS7 containing the device certificate chain. =20
In R=46C7030, this information is returned using a Content-Type: multipar=
t/mixed. =20
How this is supported in =22draft-vanderstok-core-coap-est-00=22=3F =20

REQ: POST /.well-known/est/serverkeygen (Content-=46ormat: application/pk=
cs10) =20
<ASN.1 CertificationRequest> // Certificate request carry in a PKCS10 =20

RES: 2.05 Content (Content-=46ormat: =3F=3F=3F) =20
<ASN.1 ContentSet> // Private key material for this node carry in a PKCS8=
 =20
<ASN.1 ContentInfo> // Certificate and associated PKI for this node carry=
 in a PKCS7 =20

Regards, =20
Michel =20

-----Original Message----- =20
=46rom: core =5Bmailto:core-bounces=40ietf.org=5D On Behalf Of peter van =
der Stok =20
Sent: Saturday, October 29, 2016 11:12 AM =20
To: Anima-bootstrap <anima-bootstrap=40ietf.org>; Core <core=40ietf.org> =
=20
Subject: =5Bcore=5D =46wd: New Version Notification for draft-vanderstok-=
core-coap-est-00.txt =20

Dear all, =20

we have submitted a new draft Enrollment over Secure Transport (EST) over=
 coaps to make BRSKI over coap possible. =20
We expect (parts of) this draft to be integrated with coap-bootstrap draf=
t of pritikin and Kampanakis. =20
This draft removes EST functionality not absolutely needed within the con=
text we expect the BRSKI deployment for low-resource devices. =20

Greetings, =20

Peter =20

-------- Oorspronkelijke bericht -------- =20
Onderwerp: New Version Notification for draft-vanderstok-core-coap-est-00=
.txt =20
Datum: 2016-10-29 17:04 =20
Afzender: internet-drafts=40ietf.org =20
Ontvanger: =22Peter van der Stok=22 <consultancy=40vanderstok.org>, =22Pe=
ter Van der Stok=22 <consultancy=40vanderstok.org>, =22Sandeep Kumar=22 =20
<ietf=40sandeep.de>, =22Sandeep S. Kumar=22 <ietf=40sandeep.de> =20

A new version of I-D, draft-vanderstok-core-coap-est-00.txt =20
has been successfully submitted by Peter van der Stok and posted to the I=
ET=46 repository. =20

Name:	draft-vanderstok-core-coap-est =20
Revision:	00 =20
Title:	EST based on DTLS secured CoAP (EST-coaps) =20
Document date:	2016-10-29 =20
Group:	Individual Submission =20
Pages:	15 =20
URL: =20
https://www.ietf.org/internet-drafts/draft-vanderstok-core-coap-est-00.tx=
t =20
Status: =20
https://datatracker.ietf.org/doc/draft-vanderstok-core-coap-est/ =20
Htmlized: =20
https://tools.ietf.org/html/draft-vanderstok-core-coap-est-00 =20


Abstract: =20
Low-resource devices in a Low-power and Lossy Network (LLN) can =20
operate in a mesh network using the IPv6 over Low-power Personal Area =20
Networks (6LoWPAN) and IEEE 802.15.4 link-layer standards. =20
Provisioning these devices in a secure manner with keys (often called =20
security bootstrapping) used to encrypt and authenticate messages is =20
the subject of Bootstrapping of Remote Secure Key Infrastructures =20
(BRSKI) =5BI-D.ietf-anima-bootstrapping-keyinfra=5D. Enrollment over =20
Secure Transport (EST) =5BR=46C7030=5D, based on TLS and HTTP, is used fo=
r =20
BRSKI. This document defines how low-resource devices are expected =20
to use EST over DTLS and CoAP. 6LoWPAN fragmentation management and =20
minor extensions to CoAP are needed to enable EST over DTLS-secured =20
CoAP (EST-coaps). =20




Please note that it may take a couple of minutes from the time of submiss=
ion until the htmlized version and diff are available at tools.ietf.org. =
=20

The IET=46 Secretariat =20

=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F =20
core mailing list =20
core=40ietf.org =20
https://www.ietf.org/mailman/listinfo/core =20

=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F =20
core mailing list =20
core=40ietf.org =20
https://www.ietf.org/mailman/listinfo/core =20


--5818bad3_28ba0ee2_9528
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

<html><head><style>body=7Bfont-family:Helvetica,Arial;font-size:13px=7D</=
style></head><body style=3D=22word-wrap: break-word; -webkit-nbsp-mode: s=
pace; -webkit-line-break: after-white-space;=22><div id=3D=22bloop=5Fcust=
omfont=22 style=3D=22font-family:Helvetica,Arial;font-size:13px; color: r=
gba(0,0,0,1.0); margin: 0px; line-height: auto;=22>Sending around MIME me=
ssages between constrained devices doesn=E2=80=99t strike me as the optim=
al way forward.</div><div id=3D=22bloop=5Fcustomfont=22 style=3D=22font-f=
amily:Helvetica,Arial;font-size:13px; color: rgba(0,0,0,1.0); margin: 0px=
; line-height: auto;=22>=46ortunately, we have COSE, which would be an ea=
sy way to combine a key wrap with some signing info.</div> <br> <div id=3D=
=22bloop=5Fsign=5F1478014407063664896=22 class=3D=22bloop=5Fsign=22><div =
style=3D=22font-family:helvetica,arial;font-size:13px=22>Gr=C3=BC=C3=9Fe,=
 Carsten</div></div> <br><p class=3D=22airmail=5Fon=22>On 1 November 2016=
 at 16:30:43, Michel Veillette (<a href=3D=22mailto:michel.veillette=40tr=
illiantinc.com=22>michel.veillette=40trilliantinc.com</a>) wrote:</p> <bl=
ockquote type=3D=22cite=22 class=3D=22clean=5Fbq=22><span><div><div></div=
><div>Hi Peter
<br>
<br>In section 3 of =22draft-vanderstok-core-coap-est-00=22, =22Server-ge=
nerated key=22 is listed as supported.
<br>This service returns two components, a PKCS8 containing the private k=
ey material and a PKCS7 containing the device certificate chain.
<br>In R=46C7030, this information is returned using a Content-Type: mult=
ipart/mixed.
<br>How this is supported in =22draft-vanderstok-core-coap-est-00=22=3F
<br>
<br>     REQ: POST /.well-known/est/serverkeygen (Content-=46ormat: appli=
cation/pkcs10)
<br>     &lt;ASN.1 CertificationRequest&gt;  // Certificate request carry=
 in a PKCS10
<br>  =20
<br>    RES: 2.05 Content (Content-=46ormat: =3F=3F=3F)
<br>    &lt;ASN.1 ContentSet&gt;            // Private key material for t=
his node carry in a PKCS8
<br>    &lt;ASN.1 ContentInfo&gt;           // Certificate and associated=
 PKI for this node carry in a PKCS7
<br>
<br>Regards,
<br>Michel
<br>
<br>-----Original Message-----
<br>=46rom: core =5Bmailto:core-bounces=40ietf.org=5D On Behalf Of peter =
van der Stok
<br>Sent: Saturday, October 29, 2016 11:12 AM
<br>To: Anima-bootstrap &lt;anima-bootstrap=40ietf.org&gt;; Core &lt;core=
=40ietf.org&gt;
<br>Subject: =5Bcore=5D =46wd: New Version Notification for draft-vanders=
tok-core-coap-est-00.txt
<br>
<br>Dear all,
<br>
<br>we have submitted a new draft  Enrollment over Secure Transport (EST)=
 over coaps to make BRSKI over coap possible.
<br>We expect (parts of) this draft to be integrated with coap-bootstrap =
draft of pritikin and Kampanakis.
<br>This draft removes EST functionality not absolutely needed within the=
 context we expect the BRSKI deployment for low-resource devices.
<br>
<br>Greetings,
<br>
<br>Peter
<br>
<br>-------- Oorspronkelijke bericht --------
<br>Onderwerp: New Version Notification for draft-vanderstok-core-coap-es=
t-00.txt
<br>Datum: 2016-10-29 17:04
<br>Afzender: internet-drafts=40ietf.org
<br>Ontvanger: =22Peter van der Stok=22 &lt;consultancy=40vanderstok.org&=
gt;, =22Peter Van der Stok=22 &lt;consultancy=40vanderstok.org&gt;, =22Sa=
ndeep Kumar=22 =20
<br>&lt;ietf=40sandeep.de&gt;, =22Sandeep S. Kumar=22 &lt;ietf=40sandeep.=
de&gt;
<br>
<br>A new version of I-D, draft-vanderstok-core-coap-est-00.txt
<br>has been successfully submitted by Peter van der Stok and posted to t=
he IET=46 repository.
<br>
<br>Name:		draft-vanderstok-core-coap-est
<br>Revision:	00
<br>Title:		EST based on DTLS secured CoAP (EST-coaps)
<br>Document date:	2016-10-29
<br>Group:		Individual Submission
<br>Pages:		15
<br>URL:            =20
<br>https://www.ietf.org/internet-drafts/draft-vanderstok-core-coap-est-0=
0.txt
<br>Status:         =20
<br>https://datatracker.ietf.org/doc/draft-vanderstok-core-coap-est/
<br>Htmlized:       =20
<br>https://tools.ietf.org/html/draft-vanderstok-core-coap-est-00
<br>
<br>
<br>Abstract:
<br>    Low-resource devices in a Low-power and Lossy Network (LLN) can
<br>    operate in a mesh network using the IPv6 over Low-power Personal =
Area
<br>    Networks (6LoWPAN) and IEEE 802.15.4 link-layer standards.
<br>    Provisioning these devices in a secure manner with keys (often ca=
lled
<br>    security bootstrapping) used to encrypt and authenticate messages=
 is
<br>    the subject of Bootstrapping of Remote Secure Key Infrastructures=

<br>    (BRSKI) =5BI-D.ietf-anima-bootstrapping-keyinfra=5D.  Enrollment =
over
<br>    Secure Transport (EST) =5BR=46C7030=5D, based on TLS and HTTP, is=
 used for
<br>    BRSKI.  This document defines how low-resource devices are expect=
ed
<br>    to use EST over DTLS and CoAP. 6LoWPAN fragmentation management a=
nd
<br>    minor extensions to CoAP are needed to enable EST over DTLS-secur=
ed
<br>    CoAP (EST-coaps).
<br>
<br>
<br>
<br>
<br>Please note that it may take a couple of minutes from the time of sub=
mission until the htmlized version and diff are available at tools.ietf.o=
rg.
<br>
<br>The IET=46 Secretariat
<br>
<br>=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F
<br>core mailing list
<br>core=40ietf.org
<br>https://www.ietf.org/mailman/listinfo/core
<br>
<br>=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F
<br>core mailing list
<br>core=40ietf.org
<br>https://www.ietf.org/mailman/listinfo/core
<br>
<br></div></div></span></blockquote></body></html>
--5818bad3_28ba0ee2_9528--


From nobody Tue Nov  1 13:15:29 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5945F1299DF for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 13:15:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level: 
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d_v-uRQrWY62 for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 13:15:25 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DFFF128DF6 for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 13:15:25 -0700 (PDT)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [131.188.34.77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id DBA6C58C4AE for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 21:15:23 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id C0155B0ACBC; Tue,  1 Nov 2016 21:15:23 +0100 (CET)
Date: Tue, 1 Nov 2016 21:15:23 +0100
From: Toerless Eckert <tte+ietf@cs.fau.de>
To: anima-bootstrap@ietf.org
Message-ID: <20161101201523.GB9776@faui40p.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/Q5w4ayX66rnq3yWwRYEecfwFIp8>
Subject: [Anima-bootstrap] brsky concern1: separating audit-log retrieval from voucher generation
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 20:15:27 -0000

As discussed today on the call, restated for the rest of the team with more detail:

-> pledge connects to two networks, A, B.
-> Pledge tries to well-behave, only offers nonce to one network first, A.
-> (registrar of) A gets voucher. A looks at audit-log. Audit log is fine.
   Ultimately, A decides  not to enroll pledge though.
-> Pledge offers nonce to B, B gets voucher and audit-log.
   Audit log shows A, so B is concerned. B rejects device.
   Without the entry in audit log, B would have enrolled device.

My worry is that the current audit log approach can too easily create
false positives that will make enrolment fail if a device has multiple network
connections:

It's impossible for A to get an audit-log without also getting
a voucher, which in return would make another domain suspicious and likely
make it decide not to accept the device.

Separating out request for voucher from request for audit-log could work like this:

  A->MASA: request audit-log for (pledge,nonce1)
  MASA:    audit-log entry: "A requested audit log for pledge, hash(nonce1)" [1]
  MASA->A: reply: audit-log

  ... A makes up its mind if it wants pledge and decides that it does NOT.

  -> A doesn't do anything more. Audit log would show B that A did see device,
     but also that A never got voucher so that it could not have modified
     device == B will happily enroll pledge.


  ... A makes up its mind if it wants pledge and decides that it does want to:

  A->MASA: request voucher for (pledge,nonce1)
  MASA:    Examine audit-log that no voucher was granted since the audit-log
           was given to A [1]. requests for audit-logs since [1] are
	   ignored in this determination.
  MASA->A: If audit-log ok:
           reply OK: voucher(nonce1)
           audit-log entry: "A received voucher for pledge, hash(nonce1)" [2]

	   If audit-log nok:
           reply NOK: audit-log
           audit-log entry: "A failed voucher request for pledge, hash(nonce1), hash(nonce2)"
	   hash(nonce2) would be from an audit-log entry that did happen after
	   [1] and 
          

Cheers
    Toerless


From nobody Tue Nov  1 13:29:01 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D3641299B2 for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 13:28:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level: 
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FAKE_REPLY_C=1.486, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K6bp6XTeIm8k for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 13:28:58 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A9BC1299B0 for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 13:28:58 -0700 (PDT)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 16A1C58C4AE; Tue,  1 Nov 2016 21:28:57 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id F1ABBB0ACBC; Tue,  1 Nov 2016 21:28:56 +0100 (CET)
Date: Tue, 1 Nov 2016 21:28:56 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: Toerless Eckert <tte+ietf@cs.fau.de>
Message-ID: <20161101202856.GA2418@faui40p.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/n-E-uiy4V_bwPnZtDX2y_RAAi_4>
Cc: anima-bootstrap@ietf.org
Subject: Re: [Anima-bootstrap] brsky concern2: Timelyness of log entries
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 20:28:59 -0000

-> Attacker has physical access to pledge at some point in time.
-> Makes device generate nonce messages. Stashes messages away (not connecting
   to MASA).

-> Device gets later enrolled/installed later by valid owner.
-> Maybe valid owner does re-enroll devices several times, eg: between them
   being put into different locations (as often requered in big customers,
   eg: CPE and the like).

-> Attacker at some point uses stashed nonce messages to extract audit-logs
   (and vouchers) from MASA. Can not use them because attacker does not have
   access to device anymore, but would rase red flags when actual owner
   of devices would do any new re-enrollment where it looks at audit-log.

I am not sure how strong/likely this attack vector is given how the manufacturer
can identify and therefore hopefully track down the attackers registrar (given
that that requires an authenticated ID with the MASA), but:

The log-entry makes everybody easily believe that the device was having the
enrollment sgnaling at the time when it was logged when in reality that is
not true. Yes, it would require up to one more round-trip to establish that
fact, but it looks prudent to me if that was done.

Cheers
    Toerless


From nobody Tue Nov  1 15:15:56 2016
Return-Path: <pritikin@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30F37129A24 for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 15:15:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.018
X-Spam-Level: 
X-Spam-Status: No, score=-16.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9VNWzf_QKrVK for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 15:15:52 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77C041299E0 for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 15:15:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4266; q=dns/txt; s=iport; t=1478038552; x=1479248152; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=MxL1W6ZfYQvzGb8MMl5ziX3shY9bG+iCFIz7tkkeSLI=; b=KpJcLz+e2fVdXiZ+Oj778Cihb5U9gxkBJOZqEuQQVhBMmfp4QrRc0TH6 xKQlQeoKIdnVq9dpVyy7QZ4C/7xjSTYF3TyZVWqiNjI+WxN5EvecKwhhf dHZyqZM4+cdDbFfbK5SS6DjMDUoAcxp8TDvBXaL3zxSDNhzr3XrFFpjte c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DeAgAgExlY/4UNJK1TChkBAQEBAQEBA?= =?us-ascii?q?QEBAQcBAQEBAYMqAQEBAQEfWHwHpC+URYIHHQuFegIagXxAEwECAQEBAQEBAWI?= =?us-ascii?q?ohGEBAQEDAQEBASAEDToLBQsCAQgOCgICJgICAiULFRACBA4FiEwIDqtFjH8BA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBAQEXBYEHhzOCWIQfKIMELYIvBYhOkUwBkDQKj3y?= =?us-ascii?q?NE4QDAR8BNGCFE3KGUIEMAQEB?=
X-IronPort-AV: E=Sophos;i="5.31,433,1473120000"; d="scan'208";a="342951159"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 01 Nov 2016 22:15:51 +0000
Received: from XCH-RCD-012.cisco.com (xch-rcd-012.cisco.com [173.37.102.22]) by alln-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id uA1MFpVD005846 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 1 Nov 2016 22:15:51 GMT
Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-RCD-012.cisco.com (173.37.102.22) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 1 Nov 2016 17:15:51 -0500
Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Tue, 1 Nov 2016 17:15:50 -0500
From: "Max Pritikin (pritikin)" <pritikin@cisco.com>
To: Toerless Eckert <tte@cs.fau.de>
Thread-Topic: [Anima-bootstrap] brsky concern2: Timelyness of log entries
Thread-Index: AQHSNH6Wyy772h1kaEqodWL4RS7jOaDFBdUA
Date: Tue, 1 Nov 2016 22:15:50 +0000
Message-ID: <E8529790-2F91-4C19-BC1B-687A4B4F423A@cisco.com>
References: <20161101202856.GA2418@faui40p.informatik.uni-erlangen.de>
In-Reply-To: <20161101202856.GA2418@faui40p.informatik.uni-erlangen.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.99.106.11]
Content-Type: text/plain; charset="utf-8"
Content-ID: <39CB564578826847B6AF0C0D4323494F@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/IHC9RvconImRK6L5P_M1qWaAKvc>
Cc: Toerless Eckert <tte+ietf@cs.fau.de>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] brsky concern2: Timelyness of log entries
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 22:15:54 -0000

DQo+IE9uIE5vdiAxLCAyMDE2LCBhdCAyOjI4IFBNLCBUb2VybGVzcyBFY2tlcnQgPHR0ZUBjcy5m
YXUuZGU+IHdyb3RlOg0KPiANCj4gLT4gQXR0YWNrZXIgaGFzIHBoeXNpY2FsIGFjY2VzcyB0byBw
bGVkZ2UgYXQgc29tZSBwb2ludCBpbiB0aW1lLg0KPiAtPiBNYWtlcyBkZXZpY2UgZ2VuZXJhdGUg
bm9uY2UgbWVzc2FnZXMuIFN0YXNoZXMgbWVzc2FnZXMgYXdheSAobm90IGNvbm5lY3RpbmcNCj4g
ICB0byBNQVNBKS4NCj4gDQo+IC0+IERldmljZSBnZXRzIGxhdGVyIGVucm9sbGVkL2luc3RhbGxl
ZCBsYXRlciBieSB2YWxpZCBvd25lci4NCj4gLT4gTWF5YmUgdmFsaWQgb3duZXIgZG9lcyByZS1l
bnJvbGwgZGV2aWNlcyBzZXZlcmFsIHRpbWVzLCBlZzogYmV0d2VlbiB0aGVtDQo+ICAgYmVpbmcg
cHV0IGludG8gZGlmZmVyZW50IGxvY2F0aW9ucyAoYXMgb2Z0ZW4gcmVxdWVyZWQgaW4gYmlnIGN1
c3RvbWVycywNCj4gICBlZzogQ1BFIGFuZCB0aGUgbGlrZSkuDQo+IA0KPiAtPiBBdHRhY2tlciBh
dCBzb21lIHBvaW50IHVzZXMgc3Rhc2hlZCBub25jZSBtZXNzYWdlcyB0byBleHRyYWN0IGF1ZGl0
LWxvZ3MNCj4gICAoYW5kIHZvdWNoZXJzKSBmcm9tIE1BU0EuIENhbiBub3QgdXNlIHRoZW0gYmVj
YXVzZSBhdHRhY2tlciBkb2VzIG5vdCBoYXZlDQo+ICAgYWNjZXNzIHRvIGRldmljZSBhbnltb3Jl
LCBidXQgd291bGQgcmFzZSByZWQgZmxhZ3Mgd2hlbiBhY3R1YWwgb3duZXINCj4gICBvZiBkZXZp
Y2VzIHdvdWxkIGRvIGFueSBuZXcgcmUtZW5yb2xsbWVudCB3aGVyZSBpdCBsb29rcyBhdCBhdWRp
dC1sb2cuDQoNCkkgdGhpbmsgdGhpcyBjb252ZXJzYXRpb24gY291bGQgcXVpY2tseSBnZXQgZGVy
YWlsZWQgYnkgdGhlIGZsb3cgZGV0YWlscyBmcm9tIGFib3ZlIChJIGRpc2FncmVlIHdpdGggc29t
ZSBvZiB5b3VyIGFzc3VtcHRpb25zKS4gUGVyaGFwcyBpdCB3b3VsZCBoZWxwIHRvIHN0YXJ0IHdp
dGggYSBzdGF0ZW1lbnQgb2YgdGhlIHNlY3VyaXR5IGNvbmNlcm4geW914oCZcmUgcmFpc2luZy4g
SSB0aGluayBpdCBpczogDQoNCkNhbiBhbiBhdHRhY2tlciBpbmplY3QgZW50cmllcyBpbnRvIHRo
ZSBhdWRpdCBsb2cgdGhhdCB3b3VsZCBjYXVzZSBwcm9ibGVtcyBmb3IgdGhlIFJlZ2lzdHJhciBo
ZXVyaXN0aWMvYW5hbHl0aWNzIGJhc2VkIGRlY2lzaW9ucz8NCg0KVGhlIGZvbGxvd2luZyBhcmUg
YXR0ZW1wdHMgdG8gbWluaW1pemUgcG9zc2libGUgYXR0YWNrcyBhZ2FpbnN0IHRoZSBhdWRpdCBs
b2c6DQoNCjEpIE5vbmNlZCBlbnRyaWVzIHJlcXVpcmUgdGhlIGF0dGFja2VyIHRvIGhhdmUgaGFk
IGFjY2VzcyB0byB0aGUgZGV2aWNlIGR1cmluZyB0aGF0IGJvb3Qgb2YgdGhlIGRldmljZSB0byB1
c2UgdGhlIGF1ZGl0IHRva2VuLiBJZiB0aGUgUmVnaXN0cmFyIGlzIGNvbWZvcnRhYmxlIHdpdGgg
dGhlIGNoYWluIG9mIGNvbnRyb2wgdGhleSBjYW4gaWdub3JlIHRoZXNlIGVudHJpZXMuIFByZXZp
b3VzIHZlcnNpb25zIGhhdmUgaW5kaWNhdGVkIHRoYXQgUmVnaXN0cmFyIGF1dGhlbnRpY2F0aW9u
IGJ5IHRoZSBNQVNBIGlzIHJlcXVpcmVkIGZvciB0aGVzZSBhcyB3ZWxsIGJ1dCBJ4oCZbSBub3Qg
c2VlaW5nIHRoYXQgY3VycmVudGx5IA0KDQoyKSBOb25jZWxlc3MgZW50cmllcyBhcmUgYWx3YXlz
IHByb2JsZW1hdGljLiBGcm9tIC0wNDogIklmIGEgbm9uY2UgaXMgbm90IHByb3ZpZGVkIHRoZW4g
dGhlIE1BU0Egc2VydmljZSBNVVNUIGF1dGhlbnRpY2F0ZSB0aGUgUmVnaXN0cmFyIGFzIGEgdmFs
aWQgY3VzdG9tZXIuICBUaGlzIHByZXZlbnRzIGRlbmlhbCBvZiBzZXJ2aWNlIGF0dGFja3PigJ0g
YW5kIOKAnHRoZSBSZWdpc3RyYXIgTVVTVCBiZSBhdXRoZW50aWNhdGVkIGJ5IHRoZSBNQVNBIHNl
cnZpY2UgYWx0aG91Z2ggbm8gcmVxdWlyZW1lbnQgaXMgaW1wbGllZCB0aGF0IHRoZSBNQVNBIGFz
c29jaWF0ZXMgdGhpcyBhdXRoZW50aWNhdGlvbiB3aXRoIG93bmVyc2hpcC7igJ0uIEnigJl2ZSBj
b250ZW5kZWQgdGhhdCBkb2luZyBzbyBpcyB3aHkgd2XigJlkIGhhdmUgYSB2b3VjaGVyIGZvcm1h
dCBpbmRpY2F0aW5nIG93bmVyc2hpcC4gDQoNCkFsc28gbm90ZSB0aGF0IFNlY3Rpb24gNi40IGRp
cmVjdGx5IGRpc2N1c3NlcyB0aGlzIGlzc3VlLg0KDQpBIHJhY2UgY29uZGl0aW9uIGlzIGRpc2N1
c3NlZCBpbiB0aGUgU2VjdXJpdHkgQ29uc2lkZXJhdGlvbnMgc2VjdGlvbi4gDQoNCj4gSSBhbSBu
b3Qgc3VyZSBob3cgc3Ryb25nL2xpa2VseSB0aGlzIGF0dGFjayB2ZWN0b3IgaXMgZ2l2ZW4gaG93
IHRoZSBtYW51ZmFjdHVyZXINCj4gY2FuIGlkZW50aWZ5IGFuZCB0aGVyZWZvcmUgaG9wZWZ1bGx5
IHRyYWNrIGRvd24gdGhlIGF0dGFja2VycyByZWdpc3RyYXIgKGdpdmVuDQo+IHRoYXQgdGhhdCBy
ZXF1aXJlcyBhbiBhdXRoZW50aWNhdGVkIElEIHdpdGggdGhlIE1BU0EpLCBidXQ6DQo+IA0KPiBU
aGUgbG9nLWVudHJ5IG1ha2VzIGV2ZXJ5Ym9keSBlYXNpbHkgYmVsaWV2ZSB0aGF0IHRoZSBkZXZp
Y2Ugd2FzIGhhdmluZyB0aGUNCj4gZW5yb2xsbWVudCBzZ25hbGluZyBhdCB0aGUgdGltZSB3aGVu
IGl0IHdhcyBsb2dnZWQgd2hlbiBpbiByZWFsaXR5IHRoYXQgaXMNCj4gbm90IHRydWUuIFllcywg
aXQgd291bGQgcmVxdWlyZSB1cCB0byBvbmUgbW9yZSByb3VuZC10cmlwIHRvIGVzdGFibGlzaCB0
aGF0DQo+IGZhY3QsIGJ1dCBpdCBsb29rcyBwcnVkZW50IHRvIG1lIGlmIHRoYXQgd2FzIGRvbmUu
DQoNClNlY3Rpb24gNS4xIGluY2x1ZGVzIGFuIEVETk9URSB0byBkaXNjdXNzIHRoaXMgY2FzZS4g
QXMgb2YgeWV0IGZvbGtzIGhhdmVu4oCZdCByZXNwb25kZWQgYnV0IEnigJlsbCB0YWtlIGl0IHRo
YXQgeW914oCZcmUgdm90aW5nIGZvciB0aGlzIGFkZGl0aW9uYWwgcm91bmQgdHJpcC4NCg0KLSBt
YXgNCg0KPiANCj4gQ2hlZXJzDQo+ICAgIFRvZXJsZXNzDQo+IA0KPiBfX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiBBbmltYS1ib290c3RyYXAgbWFpbGlu
ZyBsaXN0DQo+IEFuaW1hLWJvb3RzdHJhcEBpZXRmLm9yZw0KPiBodHRwczovL3d3dy5pZXRmLm9y
Zy9tYWlsbWFuL2xpc3RpbmZvL2FuaW1hLWJvb3RzdHJhcA0KDQo=


From nobody Tue Nov  1 15:16:51 2016
Return-Path: <pritikin@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CA0D129A24 for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 15:16:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.018
X-Spam-Level: 
X-Spam-Status: No, score=-16.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GbjY9SCuxSfH for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 15:16:47 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E9631299E0 for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 15:16:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3532; q=dns/txt; s=iport; t=1478038607; x=1479248207; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=ZLQ+yBy43vGemA3Y72F9Av9OVfl1kCQypUoDNNuh2eQ=; b=ID0ZF8BUPALkNVs6qsFvJbDLspM49NYksDQbP8pcamJVYGrI5mQDIjGJ /jAONp2UrnIhnp7ypOBFFGCHwFI+FNgPe+euO6TtPbZRxVARCD2TSpem6 d0NSHOOPiXy9QzkEsdi4gRfpuO3NzgX59ApBwgyNKD9c1y77Y8qDyDnjJ o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AbAQCVExlY/5NdJa1dGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgyoBAQEBAR9YfAeNL5cAlEWCBx0LhXoCGoF8PxQBAgEBAQEBAQF?= =?us-ascii?q?iKIRhAQEBAwEBAQEgBA06CwULAgEIGAICJgICAiULFRACBA4FiEwIDqtFjH8BA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBAQEXBYEHhzMIglCENRKDBC2CLwWIP4dLihABkDS?= =?us-ascii?q?BboRuiSqNE4QDAR42YIMjARwYgTtyhlCBDAEBAQ?=
X-IronPort-AV: E=Sophos;i="5.31,433,1473120000"; d="scan'208";a="342862254"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 01 Nov 2016 22:16:46 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id uA1MGkri030469 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 1 Nov 2016 22:16:46 GMT
Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 1 Nov 2016 17:16:45 -0500
Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Tue, 1 Nov 2016 17:16:45 -0500
From: "Max Pritikin (pritikin)" <pritikin@cisco.com>
To: Toerless Eckert <tte+ietf@cs.fau.de>
Thread-Topic: [Anima-bootstrap] brsky concern1: separating audit-log retrieval from voucher generation
Thread-Index: AQHSNHyyXanDf3LHBk6rjMxPxQAq4aDFBhuA
Date: Tue, 1 Nov 2016 22:16:45 +0000
Message-ID: <C825BB00-9DEF-4293-8ACB-A453F4C896A6@cisco.com>
References: <20161101201523.GB9776@faui40p.informatik.uni-erlangen.de>
In-Reply-To: <20161101201523.GB9776@faui40p.informatik.uni-erlangen.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.99.106.11]
Content-Type: text/plain; charset="utf-8"
Content-ID: <0D12EE291912E446A53504153C9648DE@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/SLJ0bxZMyUWksEHUc0q48LNEkTs>
Cc: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] brsky concern1: separating audit-log retrieval from voucher generation
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 22:16:50 -0000

SSBzZWUgdGhpcyBhcyB0aGUgc2FtZSBkaXNjdXNzaW9uIGZvciDigJxjb25jZXJuMuKAnSBzbyBw
bGVhc2UgbG9vayB0byB0aGF0IHRocmVhZCBmb3IgcmVzcG9uc2VzLg0KDQotIG1heA0KDQo+IE9u
IE5vdiAxLCAyMDE2LCBhdCAyOjE1IFBNLCBUb2VybGVzcyBFY2tlcnQgPHR0ZStpZXRmQGNzLmZh
dS5kZT4gd3JvdGU6DQo+IA0KPiBBcyBkaXNjdXNzZWQgdG9kYXkgb24gdGhlIGNhbGwsIHJlc3Rh
dGVkIGZvciB0aGUgcmVzdCBvZiB0aGUgdGVhbSB3aXRoIG1vcmUgZGV0YWlsOg0KPiANCj4gLT4g
cGxlZGdlIGNvbm5lY3RzIHRvIHR3byBuZXR3b3JrcywgQSwgQi4NCj4gLT4gUGxlZGdlIHRyaWVz
IHRvIHdlbGwtYmVoYXZlLCBvbmx5IG9mZmVycyBub25jZSB0byBvbmUgbmV0d29yayBmaXJzdCwg
QS4NCj4gLT4gKHJlZ2lzdHJhciBvZikgQSBnZXRzIHZvdWNoZXIuIEEgbG9va3MgYXQgYXVkaXQt
bG9nLiBBdWRpdCBsb2cgaXMgZmluZS4NCj4gICBVbHRpbWF0ZWx5LCBBIGRlY2lkZXMgIG5vdCB0
byBlbnJvbGwgcGxlZGdlIHRob3VnaC4NCj4gLT4gUGxlZGdlIG9mZmVycyBub25jZSB0byBCLCBC
IGdldHMgdm91Y2hlciBhbmQgYXVkaXQtbG9nLg0KPiAgIEF1ZGl0IGxvZyBzaG93cyBBLCBzbyBC
IGlzIGNvbmNlcm5lZC4gQiByZWplY3RzIGRldmljZS4NCj4gICBXaXRob3V0IHRoZSBlbnRyeSBp
biBhdWRpdCBsb2csIEIgd291bGQgaGF2ZSBlbnJvbGxlZCBkZXZpY2UuDQo+IA0KPiBNeSB3b3Jy
eSBpcyB0aGF0IHRoZSBjdXJyZW50IGF1ZGl0IGxvZyBhcHByb2FjaCBjYW4gdG9vIGVhc2lseSBj
cmVhdGUNCj4gZmFsc2UgcG9zaXRpdmVzIHRoYXQgd2lsbCBtYWtlIGVucm9sbWVudCBmYWlsIGlm
IGEgZGV2aWNlIGhhcyBtdWx0aXBsZSBuZXR3b3JrDQo+IGNvbm5lY3Rpb25zOg0KPiANCj4gSXQn
cyBpbXBvc3NpYmxlIGZvciBBIHRvIGdldCBhbiBhdWRpdC1sb2cgd2l0aG91dCBhbHNvIGdldHRp
bmcNCj4gYSB2b3VjaGVyLCB3aGljaCBpbiByZXR1cm4gd291bGQgbWFrZSBhbm90aGVyIGRvbWFp
biBzdXNwaWNpb3VzIGFuZCBsaWtlbHkNCj4gbWFrZSBpdCBkZWNpZGUgbm90IHRvIGFjY2VwdCB0
aGUgZGV2aWNlLg0KPiANCj4gU2VwYXJhdGluZyBvdXQgcmVxdWVzdCBmb3Igdm91Y2hlciBmcm9t
IHJlcXVlc3QgZm9yIGF1ZGl0LWxvZyBjb3VsZCB3b3JrIGxpa2UgdGhpczoNCj4gDQo+ICBBLT5N
QVNBOiByZXF1ZXN0IGF1ZGl0LWxvZyBmb3IgKHBsZWRnZSxub25jZTEpDQo+ICBNQVNBOiAgICBh
dWRpdC1sb2cgZW50cnk6ICJBIHJlcXVlc3RlZCBhdWRpdCBsb2cgZm9yIHBsZWRnZSwgaGFzaChu
b25jZTEpIiBbMV0NCj4gIE1BU0EtPkE6IHJlcGx5OiBhdWRpdC1sb2cNCj4gDQo+ICAuLi4gQSBt
YWtlcyB1cCBpdHMgbWluZCBpZiBpdCB3YW50cyBwbGVkZ2UgYW5kIGRlY2lkZXMgdGhhdCBpdCBk
b2VzIE5PVC4NCj4gDQo+ICAtPiBBIGRvZXNuJ3QgZG8gYW55dGhpbmcgbW9yZS4gQXVkaXQgbG9n
IHdvdWxkIHNob3cgQiB0aGF0IEEgZGlkIHNlZSBkZXZpY2UsDQo+ICAgICBidXQgYWxzbyB0aGF0
IEEgbmV2ZXIgZ290IHZvdWNoZXIgc28gdGhhdCBpdCBjb3VsZCBub3QgaGF2ZSBtb2RpZmllZA0K
PiAgICAgZGV2aWNlID09IEIgd2lsbCBoYXBwaWx5IGVucm9sbCBwbGVkZ2UuDQo+IA0KPiANCj4g
IC4uLiBBIG1ha2VzIHVwIGl0cyBtaW5kIGlmIGl0IHdhbnRzIHBsZWRnZSBhbmQgZGVjaWRlcyB0
aGF0IGl0IGRvZXMgd2FudCB0bzoNCj4gDQo+ICBBLT5NQVNBOiByZXF1ZXN0IHZvdWNoZXIgZm9y
IChwbGVkZ2Usbm9uY2UxKQ0KPiAgTUFTQTogICAgRXhhbWluZSBhdWRpdC1sb2cgdGhhdCBubyB2
b3VjaGVyIHdhcyBncmFudGVkIHNpbmNlIHRoZSBhdWRpdC1sb2cNCj4gICAgICAgICAgIHdhcyBn
aXZlbiB0byBBIFsxXS4gcmVxdWVzdHMgZm9yIGF1ZGl0LWxvZ3Mgc2luY2UgWzFdIGFyZQ0KPiAJ
ICAgaWdub3JlZCBpbiB0aGlzIGRldGVybWluYXRpb24uDQo+ICBNQVNBLT5BOiBJZiBhdWRpdC1s
b2cgb2s6DQo+ICAgICAgICAgICByZXBseSBPSzogdm91Y2hlcihub25jZTEpDQo+ICAgICAgICAg
ICBhdWRpdC1sb2cgZW50cnk6ICJBIHJlY2VpdmVkIHZvdWNoZXIgZm9yIHBsZWRnZSwgaGFzaChu
b25jZTEpIiBbMl0NCj4gDQo+IAkgICBJZiBhdWRpdC1sb2cgbm9rOg0KPiAgICAgICAgICAgcmVw
bHkgTk9LOiBhdWRpdC1sb2cNCj4gICAgICAgICAgIGF1ZGl0LWxvZyBlbnRyeTogIkEgZmFpbGVk
IHZvdWNoZXIgcmVxdWVzdCBmb3IgcGxlZGdlLCBoYXNoKG5vbmNlMSksIGhhc2gobm9uY2UyKSIN
Cj4gCSAgIGhhc2gobm9uY2UyKSB3b3VsZCBiZSBmcm9tIGFuIGF1ZGl0LWxvZyBlbnRyeSB0aGF0
IGRpZCBoYXBwZW4gYWZ0ZXINCj4gCSAgIFsxXSBhbmQgDQo+IA0KPiANCj4gQ2hlZXJzDQo+ICAg
IFRvZXJsZXNzDQo+IA0KPiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fXw0KPiBBbmltYS1ib290c3RyYXAgbWFpbGluZyBsaXN0DQo+IEFuaW1hLWJvb3RzdHJh
cEBpZXRmLm9yZw0KPiBodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2FuaW1h
LWJvb3RzdHJhcA0KDQo=


From nobody Tue Nov  1 18:15:12 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1F51129883 for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 18:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level: 
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jlva25Wj7DnB for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 18:15:08 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D153E129866 for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 18:15:07 -0700 (PDT)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [131.188.34.77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id F2D2D58C4AE; Wed,  2 Nov 2016 02:15:05 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id D7767B0ACEC; Wed,  2 Nov 2016 02:15:05 +0100 (CET)
Date: Wed, 2 Nov 2016 02:15:05 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: "Max Pritikin (pritikin)" <pritikin@cisco.com>
Message-ID: <20161102011505.GA4057@faui40p.informatik.uni-erlangen.de>
References: <20161101202856.GA2418@faui40p.informatik.uni-erlangen.de> <E8529790-2F91-4C19-BC1B-687A4B4F423A@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E8529790-2F91-4C19-BC1B-687A4B4F423A@cisco.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/l7xWs6f-1IPO6ktWHfDKy37ywVc>
Cc: Toerless Eckert <tte+ietf@cs.fau.de>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] brsky concern2: Timelyness of log entries
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 01:15:10 -0000

Thanks, Max...inline
On Tue, Nov 01, 2016 at 10:15:50PM +0000, Max Pritikin (pritikin) wrote:
> I think this conversation could quickly get derailed by the flow details from above (I disagree with some of your assumptions).

What assumptions do you disagree with ?

> Perhaps it would help to start with a statement of the security concern you???re raising. I think it is: 

> Can an attacker inject entries into the audit log that would cause problems for the Registrar heuristic/analytics based decisions?

Right. Sub-sections of section 7 about specific attack problems. This could
be one such sub-section.

> The following are attempts to minimize possible attacks against the audit log:
> 
> 1) Nonced entries require the attacker to have had access to the device during that boot of the device to use the audit token.

Right. But access could have been long ago and log entry created much later.
And those would trigger rejection of the device according to 3.3.4 log
verification. I call this a false positive. And spying on the audit-log.

> If the Registrar is comfortable with the chain of control they can ignore these entries. 

Just to reconfirm: You are saying that registrars could ignore the audit log
and you cal that "attempts to minimize possible attacks against the audit log" ??

> Previous versions have indicated that Registrar authentication by the MASA is required for these as well but I???m not seeing that currently 

Should vbe optional. But should have some discussion what benefits authentication
would have. Eliminate "some" ? DoS attacks against MASA ? What else..

> 2) Nonceless entries are always problematic. From -04: "If a nonce is not provided then the MASA service MUST authenticate the Registrar as a valid customer.  This prevents denial of service attacks??? and ???the Registrar MUST be authenticated by the MASA service although no requirement is implied that the MASA associates this authentication with ownership.???. I???ve contended that doing so is why we???d have a voucher format indicating ownership. 

I thought the netconf solution also supports an anonymous ownership voucher ?
Is that true ? Is that possible with BRSKY ?

> Section 5.1 includes an EDNOTE to discuss this case. As of yet folks haven???t responded but I???ll take it that you???re voting for this additional round trip.

See above on the delayed attack vector. DO you think that strong enough 
to worry about it ?

Cheers
    Toerless


From nobody Tue Nov  1 18:35:49 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1B6D12995B for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 18:35:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level: 
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gh3hbe8fe2O3 for <anima-bootstrap@ietfa.amsl.com>; Tue,  1 Nov 2016 18:35:46 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EDCC129866 for <anima-bootstrap@ietf.org>; Tue,  1 Nov 2016 18:35:46 -0700 (PDT)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [131.188.34.77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id B9CD058C4AE; Wed,  2 Nov 2016 02:35:44 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id 93325B0ACEC; Wed,  2 Nov 2016 02:35:44 +0100 (CET)
Date: Wed, 2 Nov 2016 02:35:44 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: "Max Pritikin (pritikin)" <pritikin@cisco.com>
Message-ID: <20161102013544.GB4057@faui40p.informatik.uni-erlangen.de>
References: <20161101201523.GB9776@faui40p.informatik.uni-erlangen.de> <C825BB00-9DEF-4293-8ACB-A453F4C896A6@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <C825BB00-9DEF-4293-8ACB-A453F4C896A6@cisco.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/NRs_FXz31yz3D7ME2ooGZa8MEmA>
Cc: Toerless Eckert <tte+ietf@cs.fau.de>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] brsky concern1: separating audit-log retrieval from voucher generation
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 01:35:48 -0000

On Tue, Nov 01, 2016 at 10:16:45PM +0000, Max Pritikin (pritikin) wrote:
> I see this as the same discussion for ???concern2??? so please look to that thread for responses.

I can not identify any text n the sections 6.4 and 7 (that you referred
to in the other mail reply) that are discusing the case i made below.

Cheers
    Toerless


> - max
> 
> > On Nov 1, 2016, at 2:15 PM, Toerless Eckert <tte+ietf@cs.fau.de> wrote:
> > 
> > As discussed today on the call, restated for the rest of the team with more detail:
> > 
> > -> pledge connects to two networks, A, B.
> > -> Pledge tries to well-behave, only offers nonce to one network first, A.
> > -> (registrar of) A gets voucher. A looks at audit-log. Audit log is fine.
> >   Ultimately, A decides  not to enroll pledge though.
> > -> Pledge offers nonce to B, B gets voucher and audit-log.
> >   Audit log shows A, so B is concerned. B rejects device.
> >   Without the entry in audit log, B would have enrolled device.
> > 
> > My worry is that the current audit log approach can too easily create
> > false positives that will make enrolment fail if a device has multiple network
> > connections:
> > 
> > It's impossible for A to get an audit-log without also getting
> > a voucher, which in return would make another domain suspicious and likely
> > make it decide not to accept the device.
> > 
> > Separating out request for voucher from request for audit-log could work like this:
> > 
> >  A->MASA: request audit-log for (pledge,nonce1)
> >  MASA:    audit-log entry: "A requested audit log for pledge, hash(nonce1)" [1]
> >  MASA->A: reply: audit-log
> > 
> >  ... A makes up its mind if it wants pledge and decides that it does NOT.
> > 
> >  -> A doesn't do anything more. Audit log would show B that A did see device,
> >     but also that A never got voucher so that it could not have modified
> >     device == B will happily enroll pledge.
> > 
> > 
> >  ... A makes up its mind if it wants pledge and decides that it does want to:
> > 
> >  A->MASA: request voucher for (pledge,nonce1)
> >  MASA:    Examine audit-log that no voucher was granted since the audit-log
> >           was given to A [1]. requests for audit-logs since [1] are
> > 	   ignored in this determination.
> >  MASA->A: If audit-log ok:
> >           reply OK: voucher(nonce1)
> >           audit-log entry: "A received voucher for pledge, hash(nonce1)" [2]
> > 
> > 	   If audit-log nok:
> >           reply NOK: audit-log
> >           audit-log entry: "A failed voucher request for pledge, hash(nonce1), hash(nonce2)"
> > 	   hash(nonce2) would be from an audit-log entry that did happen after
> > 	   [1] and 
> > 
> > 
> > Cheers
> >    Toerless
> > 
> > _______________________________________________
> > Anima-bootstrap mailing list
> > Anima-bootstrap@ietf.org
> > https://www.ietf.org/mailman/listinfo/anima-bootstrap
> 

-- 
---
tte@cs.fau.de


From nobody Fri Nov  4 01:58:05 2016
Return-Path: <stokcons@xs4all.nl>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74105129417 for <anima-bootstrap@ietfa.amsl.com>; Fri,  4 Nov 2016 01:58:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.621
X-Spam-Level: 
X-Spam-Status: No, score=-2.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tVlBbIWHYj2o for <anima-bootstrap@ietfa.amsl.com>; Fri,  4 Nov 2016 01:58:01 -0700 (PDT)
Received: from lb3-smtp-cloud3.xs4all.net (lb3-smtp-cloud3.xs4all.net [194.109.24.30]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D09A1294A7 for <anima-bootstrap@ietf.org>; Fri,  4 Nov 2016 01:58:01 -0700 (PDT)
Received: from webmail.xs4all.nl ([194.109.20.205]) by smtp-cloud3.xs4all.net with ESMTP id 3kxx1u0024RV18J01kxxJt; Fri, 04 Nov 2016 09:57:59 +0100
Received: from 2001:983:a264:1:50b8:9733:c70:b8c6 by webmail.xs4all.nl with HTTP (HTTP/1.1 POST); Fri, 04 Nov 2016 09:57:57 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Date: Fri, 04 Nov 2016 09:57:57 +0100
From: peter van der Stok <stokcons@xs4all.nl>
To: Carsten Bormann <cabo@tzi.org>
Organization: vanderstok consultancy
Mail-Reply-To: consultancy@vanderstok.org
In-Reply-To: <etPan.5818bad3.78c6b580.9528@tzi.org>
References: <147775346922.30618.14590857285848221161.idtracker@ietfa.amsl.com> <e191cf557b00e7003048fac4e72ba59c@xs4all.nl> <etPan.5818b52f.a07279a.9528@AirmailxGenerated.am> <etPan.5818bad3.78c6b580.9528@tzi.org>
Message-ID: <5e9f1e40bac34f2a550dba2e72abd8cc@xs4all.nl>
X-Sender: stokcons@xs4all.nl (pv7K8KB6ZFQAKEFPfRfEyA1icDqdAqex)
User-Agent: XS4ALL Webmail
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/F9nScU1pE-PQ5hK3ko7vedGRHis>
Cc: Michel Veillette <michel.veillette@trilliantinc.com>, Anima-bootstrap <anima-bootstrap@ietf.org>, Core <core@ietf.org>, consultancy@vanderstok.org
Subject: Re: [Anima-bootstrap] [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: consultancy@vanderstok.org
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2016 08:58:04 -0000

It all depends on the interest generated in this document and for what 
purpose:
- BRSKI only with limited EST support
- Or full EST

For the moment it is BRSKI without manual intervention. When things are 
missing in that context, we will certainly add them.

Peter

Carsten Bormann schreef op 2016-11-01 16:34:
> Sending around MIME messages between constrained devices doesn’t
> strike me as the optimal way forward.
> Fortunately, we have COSE, which would be an easy way to combine a key
> wrap with some signing info.
> 
> Grüße, Carsten
> On 1 November 2016 at 16:30:43, Michel Veillette
> (michel.veillette@trilliantinc.com) wrote:
> 
>> Hi Peter
>> 
>> In section 3 of "draft-vanderstok-core-coap-est-00",
>> "Server-generated key" is listed as supported.
>> This service returns two components, a PKCS8 containing the private
>> key material and a PKCS7 containing the device certificate chain.
>> In RFC7030, this information is returned using a Content-Type:
>> multipart/mixed.
>> How this is supported in "draft-vanderstok-core-coap-est-00"?
>> 
>> REQ: POST /.well-known/est/serverkeygen (Content-Format:
>> application/pkcs10)
>> <ASN.1 CertificationRequest> // Certificate request carry in a
>> PKCS10
>> 
>> RES: 2.05 Content (Content-Format: ???)
>> <ASN.1 ContentSet> // Private key material for this node carry in a
>> PKCS8
>> <ASN.1 ContentInfo> // Certificate and associated PKI for this node
>> carry in a PKCS7
>> 
>> Regards,
>> Michel
>> 
>> -----Original Message-----
>> From: core [mailto:core-bounces@ietf.org] On Behalf Of peter van der
>> Stok
>> Sent: Saturday, October 29, 2016 11:12 AM
>> To: Anima-bootstrap <anima-bootstrap@ietf.org>; Core <core@ietf.org>
>> 
>> Subject: [core] Fwd: New Version Notification for
>> draft-vanderstok-core-coap-est-00.txt
>> 
>> Dear all,
>> 
>> we have submitted a new draft Enrollment over Secure Transport (EST)
>> over coaps to make BRSKI over coap possible.
>> We expect (parts of) this draft to be integrated with coap-bootstrap
>> draft of pritikin and Kampanakis.
>> This draft removes EST functionality not absolutely needed within
>> the context we expect the BRSKI deployment for low-resource devices.
>> 
>> 
>> Greetings,
>> 
>> Peter
>> 
>> -------- Oorspronkelijke bericht --------
>> Onderwerp: New Version Notification for
>> draft-vanderstok-core-coap-est-00.txt
>> Datum: 2016-10-29 17:04
>> Afzender: internet-drafts@ietf.org
>> Ontvanger: "Peter van der Stok" <consultancy@vanderstok.org>, "Peter
>> Van der Stok" <consultancy@vanderstok.org>, "Sandeep Kumar"
>> <ietf@sandeep.de>, "Sandeep S. Kumar" <ietf@sandeep.de>
>> 
>> A new version of I-D, draft-vanderstok-core-coap-est-00.txt
>> has been successfully submitted by Peter van der Stok and posted to
>> the IETF repository.
>> 
>> Name: draft-vanderstok-core-coap-est
>> Revision: 00
>> Title: EST based on DTLS secured CoAP (EST-coaps)
>> Document date: 2016-10-29
>> Group: Individual Submission
>> Pages: 15
>> URL:
>> 
> https://www.ietf.org/internet-drafts/draft-vanderstok-core-coap-est-00.txt
>> 
>> Status:
>> https://datatracker.ietf.org/doc/draft-vanderstok-core-coap-est/
>> Htmlized:
>> https://tools.ietf.org/html/draft-vanderstok-core-coap-est-00
>> 
>> Abstract:
>> Low-resource devices in a Low-power and Lossy Network (LLN) can
>> operate in a mesh network using the IPv6 over Low-power Personal
>> Area
>> Networks (6LoWPAN) and IEEE 802.15.4 link-layer standards.
>> Provisioning these devices in a secure manner with keys (often
>> called
>> security bootstrapping) used to encrypt and authenticate messages is
>> 
>> the subject of Bootstrapping of Remote Secure Key Infrastructures
>> (BRSKI) [I-D.ietf-anima-bootstrapping-keyinfra]. Enrollment over
>> Secure Transport (EST) [RFC7030], based on TLS and HTTP, is used for
>> 
>> BRSKI. This document defines how low-resource devices are expected
>> to use EST over DTLS and CoAP. 6LoWPAN fragmentation management and
>> minor extensions to CoAP are needed to enable EST over DTLS-secured
>> CoAP (EST-coaps).
>> 
>> Please note that it may take a couple of minutes from the time of
>> submission until the htmlized version and diff are available at
>> tools.ietf.org.
>> 
>> The IETF Secretariat
>> 
>> _______________________________________________
>> core mailing list
>> core@ietf.org
>> https://www.ietf.org/mailman/listinfo/core
>> 
>> _______________________________________________
>> core mailing list
>> core@ietf.org
>> https://www.ietf.org/mailman/listinfo/core
> _______________________________________________
> Anima-bootstrap mailing list
> Anima-bootstrap@ietf.org
> https://www.ietf.org/mailman/listinfo/anima-bootstrap


From nobody Tue Nov  8 02:53:11 2016
Return-Path: <mbehring@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E056512962B for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 02:53:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.019
X-Spam-Level: 
X-Spam-Status: No, score=-16.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6uXXRkMnZOxe for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 02:53:04 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB2DB129504 for <anima-bootstrap@ietf.org>; Tue,  8 Nov 2016 02:53:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2912; q=dns/txt; s=iport; t=1478602384; x=1479811984; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=oUZ6Vm0qIrZqpGxn3vEomuDeYK2WasmBuzuftkoqvFM=; b=TWEqBsHKnaE4EtTZFmGgYL4OrlcF2J/Yvtf22pjVtxHGCD7dYtR7rLJL uXuvCigtzW/XYvbO9tWh1V35H8lixEDXUjTRCj41J6kT4I8Bf8s6KjO0M 1wVGNwKbWu5AcJgys3L26BQWBF9E6hYhdrfX+ESL6dYjRkOHcUto7hiNV w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BsAQADriFY/5xdJa1dGgEBAQECAQEBA?= =?us-ascii?q?QgBAQEBgy8BAQEBAR+BXo0ylwOSRIIPggiGJAIagXk/FAECAQEBAQEBAWIohGE?= =?us-ascii?q?BAQEDASMEDUUFCwIBCBoCJgICAjAVEAEBBAENDYhMCLIMgW5Si0gBAQEBAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEcgQmFNYRXh0yCXAWaLwGQQJAbkTUBHjd6hSqHIIEMAQE?= =?us-ascii?q?B?=
X-IronPort-AV: E=Sophos;i="5.31,609,1473120000"; d="scan'208";a="345855489"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Nov 2016 10:53:03 +0000
Received: from XCH-ALN-015.cisco.com (xch-aln-015.cisco.com [173.36.7.25]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id uA8Ar3rN014467 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 8 Nov 2016 10:53:03 GMT
Received: from xch-rcd-006.cisco.com (173.37.102.16) by XCH-ALN-015.cisco.com (173.36.7.25) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 8 Nov 2016 04:53:03 -0600
Received: from xch-rcd-006.cisco.com ([173.37.102.16]) by XCH-RCD-006.cisco.com ([173.37.102.16]) with mapi id 15.00.1210.000; Tue, 8 Nov 2016 04:53:02 -0600
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "Max Pritikin (pritikin)" <pritikin@cisco.com>
Thread-Topic: [Anima-bootstrap] BRSKI State Machine
Thread-Index: AdImIxW8sCw9I7ieQW++wlMDDTidqAC0b9kAAIa8w4ADpwZZYA==
Date: Tue, 8 Nov 2016 10:53:02 +0000
Message-ID: <ca9d9f5b7dff4f01805638a39a777d80@XCH-RCD-006.cisco.com>
References: <c41c231f3906477f97f1641617de025e@XCH-RCD-006.cisco.com> <6E2BF711-B34F-40E3-9543-CEB3A9BD89DC@cisco.com> <8648.1476976993@obiwan.sandelman.ca>
In-Reply-To: <8648.1476976993@obiwan.sandelman.ca>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.238.132]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/haCbF3_nvAwnVdJAeB8t7Zwc6Rc>
Cc: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] BRSKI State Machine
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 10:53:10 -0000

PiAgICAgTUI+IEJ1dCwgd2UnbGwgbmVlZCB0aGUgc2FtZSBtZXRob2QgYWxzbyBmb3IgdGhlIEFD
UCBkcmFmdDogV2hlbiBib3RoDQo+ICAgICBNQj4gbm9kZXMgaGF2ZSBhIGNlcnRpZmljYXRlLCB0
aGV5IG5lZWQgdG8gZGlzY292ZXIgZWFjaCBvdGhlciBhcyB3ZWxsLg0KPiAgICAgTUI+IEkndmUg
YmVlbiBoYWdnbGluZyB3aXRoIFRvZXJsZXNzIGFib3V0IHRoaXMgOi0pICAgSSB0aGluayB3ZSBz
aG91bGQNCj4gICAgIE1CPiB0YWtlIHRoZSBtRE5TIGluc2VjdXJlIGRpc2NvdmVyeSBpbnRvIGEg
c2VwYXJhdGUsIG5ldyBkcmFmdC4NCj4gDQo+ICAgICA+IEkgZG9u4oCZdCBmb2xsb3cuIG1ETlMg
c2ltcGx5ICppcyogaW5zZWN1cmUuIFRoaXMgaXMgaW1wb3J0YW50IHNpbmNlIHdlDQo+ICAgICA+
IGNhbuKAmXQgZXN0YWJsaXNoIGEgc2VjdXJlIGRpc2NvdmVyeSB5ZXQuDQoNCk1pY2hhZWxSLCBJ
IGRvbid0IHVuZGVyc3RhbmQgeW91ciBsb2dpYyBiZWxvdy4gDQogDQo+IG1ETlMgaXMganVzdCBm
aW5lIHRvIGZpbmQgKmEqIHByb3h5IGZvciBhIHBsZWRnZSB0aGF0IGRvZXNuJ3Qga25vdyBhbnl0
aGluZw0KPiBlbHNlLg0KPiAoQW5kIGNvdWxkbid0IHZlcmlmeSB0aGUgcHJveHkgYW55d2F5KS4N
Cj4gDQo+IEknbSBzdGlsbCB1bmNsZWFyIGhvdyB0aGUgR1JBU1AgbXVsdGljYXN0IGRpc2NvdmVy
eSBwcm9jZXNzIGlzIGdvaW5nIHRvIHdvcmsNCj4gKHRoZSBkZXRhaWxzKSBzdWNoIHRoYXQgaXQg
bGVhZHMgdG8gYW4gSUtFdjIgY29ubmVjdGlvbi4gICpBbGwqIHdlIG5lZWQgdG8gZm9ybQ0KPiB0
aGUgQUNQIGxpbmtzIGlzIGEgbXVsdGljYXN0IHRoYXQgc2F5cywgIkkgc3BlYWsgQUNQIg0KDQpF
eGFjdGx5LiBJIHRoaW5rIG1ETlMgKmNvdWxkKiBiZSB1c2VkIHRvIGdpdmUgZXhhY3RseSB0aGF0
IGluZm9ybWF0aW9uLiANCg0KPiAsIGFuZCBhcyBJIHN1Z2dlc3RlZA0KPiBiZWZvcmUsIHRoaXMg
Y291bGQgYmUgYW4gbXVsdGljYXN0IElLRXYyIFBBUkVOVF9JMSBhcyBtdWNoIGFzDQo+IGFueXRo
aW5nIGVsc2UuICAgT3Igd2UgdXNlIHRoZSBHUkFTUCBkaXNjb3ZlcnkgbXVsdGljYXN0IHBvcnQs
IGFuZCB0aGUNCj4gcmVzcG9uc2UgaXMgbm90IGEgVENQIGNvbm5lY3Rpb24gdGhhdCBzYXlzLCAi
SSdtIGhlcmUiLCBhcyBtdWNoIGFzIGp1c3QgYW4NCj4gSUtFdjIgcGFja2V0IGluc3RlYWQuDQoN
ClRoYXQgaXMgYW4gYWx0ZXJuYXRpdmUsIHZhbGlkIG1ldGhvZC4gQnV0IEkgZG9uJ3Qgc2VlIHdo
eSB5b3UgY291bGRuJ3QgdXNlIG1ETlMgdG8gZmluZCBhbGwgQUNQIGNhcGFibGUgbm9kZXM/IA0K
DQpUbyBtZSBpdCBzdGlsbCBzZWVtcyBtb3N0IGxvZ2ljYWwgdG8gaGF2ZSBhIHN0YW5kYWxvbmUg
bWV0aG9kIHRvIGRvIEFOSU1BIGRpc2NvdmVyeSwgYW5kIHVzZSB0aGUgcmVzdWx0IG9mIHRoZSBk
aXNjb3ZlcnkgaW4gdmFyaW91cyB3YXlzLiBUb2RheTogDQotIG1lc3NhZ2UgIkknbSBhIHByb3h5
IiAtLT4gbGF1bmNoIGJvb3RzdGFwIGFzIGEgcGxlZGdlIChJZiBsb2NhbCBub2RlIG5vdCBpbiBh
IGRvbWFpbikNCi0gbWVzc2FnZSAiSSdtIGFuIEFDUCBjYXBhYmxlIGRldmljZSIgLS0+IGVzdGFi
bGlzaCB0aGUgQUNQIChhdXRoZW50aWNhdGluZyB0aGF0IGRldmljZSwgb2YgY291cnNlKQ0KDQpB
bmQgaW4gdGhlIGZ1dHVyZSwgd2UgbWF5IHdlbGwgaGF2ZSBvdGhlciB0aGluZ3MgdG8gZGlzY292
ZXI6IA0KLSBtZXNzYWdlICJJJ20gYSBkZXZpY2UgZnJvbSBkb21haW4gWCIgLS0+IHN0YXJ0IGEg
c2VjdXJpdHkgYXNzb2NpYXRpb24gYW5kIG5lZ290aWF0ZSBjcm9zcyBkb21haW4gDQogICBmZWF0
dXJlcywgc3VjaCBhcyBCR1AgcGFyYW1ldGVycy4gDQotIG1lc3NhZ2UgIkknbSBhIGNvbnN0cmFp
bmVkIGRldmljZSAtIHVzZSBtZXRob2QgeCB0byB0YWxrIHRvIG1lIi4gDQoNCldlIGNvdWxkIGRv
IGRpZmZlcmVudCBtZXRob2RzIGZvciBhbGwgb2YgdGhvc2U7IEkgc3RpbGwgdGhpbmsgaXQgd291
bGQgYmUgbmljZSB0byBoYXZlIGEgc2ltcGxlLCB1bml2ZXJzYWwgd2F5IHRvIGRpc2NvdmVyIGFk
amFjZW50IG5vZGVzIGluIHRoZSBBTklNQSBjb250ZXh0LiBXaGVyZSBhbSBJIGdvaW5nIHdyb25n
PyANCg0KTWljaGFlbEINCg0K


From nobody Tue Nov  8 06:29:46 2016
Return-Path: <mbehring@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E31C8129CB6 for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 06:29:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.018
X-Spam-Level: 
X-Spam-Status: No, score=-16.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TQdy48ZEE1Jy for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 06:29:44 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06724129CB1 for <anima-bootstrap@ietf.org>; Tue,  8 Nov 2016 06:29:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1774; q=dns/txt; s=iport; t=1478615383; x=1479824983; h=from:to:cc:subject:date:message-id: content-transfer-encoding:mime-version; bh=M9T+grlFcEOsfIphDJKPAPl6eweGc0w4CJjG2nOfkmk=; b=hKebdGMl/ykX2LUr5lWuTYKWEx7oh1CR+CWkHEr6l1QutiNnfut0oCB4 WI0LqQ/vYp/0QaPiFTHRGrIS1xcEyVfsAJErSrvtTWK8Z+Qohgx9Xgrwg UEuW6L8sDBh3BeN20obJarUaMg0P1jIoYIJX9kbi8CSeaw1U62JTCUDth s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BrAQDI4CFY/40NJK1UCRoBAQEBAgEBA?= =?us-ascii?q?QEIAQEBAYMvAQEBAQEfgUcXjTKrWYIIhiQcgXA/FAECAQEBAQEBAWIohGMEASM?= =?us-ascii?q?RRRIBIgImAgQwFREBBA4NiEwIsXmCQItKAQEBAQEBAQMBAQEBAQEBAQEegQmFN?= =?us-ascii?q?YhxBwoBgyCCXAWIXoc4ihkBgT6PApAbkTUBHjdWJIMxHIFdhX+BIYEMAQEB?=
X-IronPort-AV: E=Sophos;i="5.31,462,1473120000";  d="scan'208,223";a="166721467"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 08 Nov 2016 14:29:43 +0000
Received: from XCH-RCD-014.cisco.com (xch-rcd-014.cisco.com [173.37.102.24]) by alln-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id uA8ETg4L017629 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 8 Nov 2016 14:29:42 GMT
Received: from xch-rcd-006.cisco.com (173.37.102.16) by XCH-RCD-014.cisco.com (173.37.102.24) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 8 Nov 2016 08:29:41 -0600
Received: from xch-rcd-006.cisco.com ([173.37.102.16]) by XCH-RCD-006.cisco.com ([173.37.102.16]) with mapi id 15.00.1210.000; Tue, 8 Nov 2016 08:29:41 -0600
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: "Max Pritikin (pritikin)" <pritikin@cisco.com>
Thread-Topic: Does discovery include the domain? 
Thread-Index: AdI5yypSlVd772bWQKC9kqDiW9cJXQ==
Date: Tue, 8 Nov 2016 14:29:41 +0000
Message-ID: <cbfb55b18160431ba8e5ebae35146c1c@XCH-RCD-006.cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.238.132]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/Z_YeAiaGQ7YK9huU0D0Fjn2niYc>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: [Anima-bootstrap] Does discovery include the domain?
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 14:29:45 -0000

RnJvbSAiUmU6IFtBbmltYS1ib290c3RyYXBdIERldGFpbGVkIEJSU0tJIHJldmlldywgcGFydCAx
IiwgTWF4JyBlbWFpbCBmcm9tIDIwIE9jdDogDQoNCj4gPiBJbiB0aGUgcmVmZXJlbmNlIG1vZGVs
IHdlIHN0YXRlIHRoYXQgaWYgYSBwbGVkZ2UgaGFzIGJlZW4gcmVqZWN0ZWQgYnkgYQ0KPiBkb21h
aW4sIGl0IHNob3VsZCBwcmVmZXJhYmx5IHVzZSBvdGhlciBkb21haW5zIHRoYXQgYXJlIHNlZW4u
IFdlIG1heSB3YW50DQo+IHRvIGFkZCBzb21ldGhpbmcgYXQgdGhlIGVuZCBvZiAzLjEuMS4gVGhp
cyBpcyBhbHNvIHRoZSByZWFzb24gd2h5IHRoZSBwbGVkZ2UNCj4gbmVlZHMgdG8ga25vdyBpZiB0
aGUgUmVnaXN0cmFyIGhhcyByZWplY3RlZCBpdCBiYXNlZCBvbiBNQVNBIGlucHV0Lg0KPiANCj4g
Q09OQ0VSTjogRGlzY292ZXJ5IGRvZXNu4oCZdCBpbmNsdWRlIGEgc2VjdXJlIHN0YXRlbWVudCBv
ZiB0aGUgZG9tYWluDQo+IGlkZW50aXR5LiBTbyB0aGlzIGJlaGF2aW9yIHdvdWxkIGltcGx5IHNv
bWV0aGluZyBsaWtlIOKAnGlmIHRoZSBUTFMNCj4gYXV0aGVudGljYXRpb24gcmVzdWx0cyBpbiBh
IGRvbWFpbiB0aGF0IGhhcyBleHBsaWNpdGVseSByZWplY3RlZCB0aGUgUGxlZGdlDQo+IHByZXZp
b3VzbHkgdGhlbiB0aGUgYXR0ZW1wdCBpbW1lZGlhdGVseSBmYWlscyBhbmQgbm8gcmVxdWVzdCBp
cyBpbml0aWF0ZWTigJ0gaW4NCj4gc2VjdGlvbiA1Pw0KDQpOb3Qgc3RyYWlnaHRmb3J3YXJkLiBV
cCB0byBub3cgdGhlIHBsZWRnZSBvbmx5IGtub3dzIGl0J3MgcmVqZWN0ZWQsIG5vdCB3aHkuIFNv
IHRoaXMgZ29lcyBiYWNrIHRvIHRoZSBkaXNjdXNzaW9uIGFib3V0IGEgZmVlZGJhY2sgdG8gdGhl
IHBsZWRnZSwgd2hpY2gsIGFzIE1pY2hhZWxSIHBvaW50ZWQgb3V0LCBpcyBub3QgZWFzeS4gQnV0
IEkgdGhpbmsgd2UgbmVlZCB0byBiZSBjbGVhciBhYm91dCBpdC4gDQoNCldlIGFncmVlIHRoYXQg
ImRpc2NvdmVyeSBkb2Vzbid0IGluY2x1ZGUgYSAqc2VjdXJlKiBzdGF0ZW1lbnQgb2YgdGhlIGRv
bWFpbiIuIEJ1dCBJIHNlZW0gdG8gcmVjYWxsIHRoYXQgc29tZSBmb2xrcyB3ZXJlIGluIGZhdm91
ciBvZiBub3QgaW5jbHVkaW5nIHRoZSBkb21haW4gaW5mbyBhdCBhbGwsIGZvciBwcml2YWN5IC8g
c2VjdXJpdHkgcmVhc29ucz8gIE9yIHNob3VsZCB3ZSBpbmNsdWRlIHRoZSBkb21haW4gaW5mbyBp
biB0aGUgZGlzY292ZXJ5IGFubm91bmNlbWVudHMgb2YgdGhlIHByb3h5PyBEaWQgd2UgaGF2ZSBh
IGNvbmNsdXNpb24gb24gdGhhdD8gDQoNCk1pY2hhZWwNCg0KDQoNCg0K


From nobody Tue Nov  8 06:37:48 2016
Return-Path: <mbehring@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1832129CCF for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 06:37:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.018
X-Spam-Level: 
X-Spam-Status: No, score=-16.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sqST2otqUhrK for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 06:37:44 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1DFA129CAF for <anima-bootstrap@ietf.org>; Tue,  8 Nov 2016 06:37:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=23820; q=dns/txt; s=iport; t=1478615864; x=1479825464; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=OLsxtY5PyFatZlNNhNqkoQscepVeNxLOB9/xC8dqZVY=; b=i6yLXqG/+61rXLkNssrsDfOKMl7qQK57GwVLxpIxNmoBDUKpiOhMqFsP X9oq6KvdN7u+lh8uRf3+SA2pYyjPK+aAzvXX6jw5DLlq5aK0lXMdWaOS3 e/Pr1nev82z4UhHxjtQlhxDwMlY30FK45nw8Fme0tgxlsQ6k/iZZr57b1 I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AUAQAB4iFY/49dJa1UCRkBAQEBAQEBA?= =?us-ascii?q?QEBAQcBAQEBAYMvAQEBAQEfWG8QB40ylwaUU4IIHguFewIagXA/FAECAQEBAQE?= =?us-ascii?q?BAWIohGEBAQEDAQEBAQsVBA0xCQsQAgEIEwcCJgICAiULFRABAQQOBQgBiEsID?= =?us-ascii?q?rFtgW5Si0oBAQEBAQEBAQEBAQEBAQEBAQEBAQEcgQmFNYRXgjmBaAoBAQUiC4J?= =?us-ascii?q?tglwFiEgPB4V7gT2KGQGGNYMLhwCBdU6HX4RHgTKRNQEeN0E5G4MWHIFdcoUAD?= =?us-ascii?q?RcHgQOBDAEBAQ?=
X-IronPort-AV: E=Sophos;i="5.31,462,1473120000"; d="scan'208";a="344019249"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Nov 2016 14:37:42 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id uA8EbguR029003 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 8 Nov 2016 14:37:42 GMT
Received: from xch-rcd-006.cisco.com (173.37.102.16) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 8 Nov 2016 08:37:42 -0600
Received: from xch-rcd-006.cisco.com ([173.37.102.16]) by XCH-RCD-006.cisco.com ([173.37.102.16]) with mapi id 15.00.1210.000; Tue, 8 Nov 2016 08:37:42 -0600
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: "Max Pritikin (pritikin)" <pritikin@cisco.com>
Thread-Topic: [Anima-bootstrap] Detailed BRSKI review, part 1
Thread-Index: AdIojIowvRHV0Q7aS5uVfJWO/hywbQCq4uOAA5xHfbA=
Date: Tue, 8 Nov 2016 14:37:41 +0000
Message-ID: <2d29c7f1715f4d87b288e1d3175ded35@XCH-RCD-006.cisco.com>
References: <9ffa17925cdd4a43a0aeca04e06c906d@XCH-RCD-006.cisco.com> <2772637D-8352-4DF1-B11B-895DEFBFB129@cisco.com>
In-Reply-To: <2772637D-8352-4DF1-B11B-895DEFBFB129@cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.238.132]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/-au8wG4WWZ2_kHKKj4MRt8qgGL4>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] Detailed BRSKI review, part 1
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 14:37:47 -0000

PiA+IEJ1bGxldCA0IC8gSW1wcmludCBvcGVyYXRpb246DQo+ID4NCj4gPiBBIHNwZWNpZmljIGRl
dmljZSBtYXkgcmVxdWlyZSBhIE1BU0EgdG9rZW4gdG8gYm9vdHN0cmFwLCBhbm90aGVyIG9uZSBt
YXkNCj4gTk9ULiBUaGlzIGlzIHJlYWxseSBhIGZlYXR1cmUgb2YgdGhlIHBsZWRnZS4gQW5kIHRo
aXMgYmVoYXZpb3VyIE1VU1QgTk9UIGJlDQo+IGNoYW5nZWFibGUgKGllIGl0J3MgaGFyZCBjb2Rl
ZCkuIChzb21ld2hlcmUgd2Ugc2hvdWxkIHN0YXRlIHRoYXQsIEkgdGhpbmsgd2UNCj4gZG9uJ3Qg
c28gZmFyKS4NCj4gDQo+IENPTkNFUk46IEkgdGhpbmsgc2VjdGlvbiA2IGFib3V0IHJlZHVjZWQg
c2VjdXJpdHkgbW9kZXMgZGlyZWN0bHkgYWRkcmVzc2VzDQo+IHRoaXM7IGJ5IHNwZWNpZmljYWxs
eSBhbGxvd2luZyB0aGlzIHRvIGJlIGNoYW5nZWQgKGUuZy4gYWxsb3cgYSByZWR1Y2VkIHNlY3Vy
aXR5DQo+IG1vZGUpLg0KPiBXaGF0IHdlIGRvbuKAmXQgdGFsayBhYm91dCBpcyBob3cgYSBkZXZp
Y2UgbWlnaHQgaW5kaWNhdGUgaXQgd2FudHMgb25lIHR5cGUgb2YNCj4gdG9rZW4gZnJvbSB0aGUg
TUFTQSBvciB0aGUgb3RoZXIuIEnigJltIGNvbWZvcnRhYmxlIG1hbmRhdGluZyB0aGF0IGEgUGxl
ZGdlDQo+IGlzIHJlcXVpcmVkIHRvIHN1cHBvcnQgZWl0aGVyIGZvcm1hdDsgc2luY2UgbXkgY29u
Y2VybnMgYWJvdXQgdGhlIG93bmVyc2hpcA0KPiB2b3VjaGVyIGFyZSBhcm91bmQgaG93IHRoZSBz
YWxlcyBjaGFubmVsIGludGVncmF0aW9uIHdvcmsuIFRoZSBjbGllbnQgc2lkZQ0KPiBpbXBsZW1l
bnRhdGlvbiBpcyBwcmV0dHkgdHJpdmlhbC4NCg0KWW91IHNlZW0gdG8gc3VnZ2VzdCB0byBoYXZl
IGEgcGxlZGdlIEVJVEhFUiBiZSBhY2NlcHRpbmcgYW4gb3duZXJzaGlwIHZvdWNoZXIgT1IgYW4g
YXVkaXQgbG9nLg0KDQpUbyBtZSwgdGhlcmUgYXJlIHRocmVlICJtb2RlcyIgYSBwbGVkZ2UgY2Fu
IGJlIGluOiANCjEgLSByZXF1aXJpbmcgYW4gb3duZXJzaGlwIHZvdWNoZXIgdG8gam9pbiBhIGRv
bWFpbg0KMiAtIHJlcXVpcmluZyBhbiBhdWRpdCBsb2cgdG8gam9pbiBhIGRvbWFpbiANCjMgLSBy
ZXF1aXJpbmcgbm90aGluZy4gKGZpcnN0IHNlZW4gZmlyc3Qgam9pbmVkKQ0KDQpNeSBzdGF0ZW1l
bnQ6IEEgcGxlZGdlIGlzIGhhcmQtY29kZWQgdG8gYmUgaW4gb25lIGFuZCBvbmx5IG9uZSBvZiB0
aGVzZSBzdGF0ZXMuIFNwZWNpZmljYWxseSwgaWYgaXQgaXMgZXhwZWN0aW5nIGFuIG93bmVyc2hp
cCB2b3VjaGVyLCBpdCBNVVNUIE5PVCBhY2NlcHQgYW4gYXVkaXQgbG9nLiBBbiBvd25lcnNoaXAg
dm91Y2hlciBpcyBhIG11Y2ggc3Ryb25nZXIgYXNzZXJ0aW9uIHRoYW4gYW4gYXVkaXQgbG9nLiBJ
IGd1ZXNzIGlmIGEgcGxlZGdlIGlzIGhhcmQtY29kZWQgdG8gYWNjZXB0IGFuIGF1ZGl0IGxvZyBp
dCBtYXkgYWxzbyBhY2NlcHQgYW4gb3duZXJzaGlwIHZvdWNoZXI/IChub3Qgc3VyZSkuIA0KDQpN
eSBwb2ludHM6IA0KLSBJIHRoaW5rIGEgcGxlZGdlIGlzIGhhcmRjb2RlZCB0byBiZSBpbiBvbmUg
b2YgdGhlc2UgdGhyZWUgbW9kZXMNCi0gVGhlcmUgaXMgYSBsb2dpYyB0aGF0IGRlZmluZXMgd2hh
dCBzaG91bGQgaGFwcGVuIGlmIEkgZ2V0ICJzb21ldGhpbmcgZWxzZSIgZnJvbSB3aGF0IEkgZXhw
ZWN0LiANCg0KUmlnaHQgbm93IHRoZSBkb2MgZG9lc24ndCByZWFsbHkgZGlzdGluZ3Vpc2ggYmV0
d2VlbiB0aGUgdHdvIHRva2VuIHR5cGVzLCBJIHRoaW5rIHRoaXMgbmVlZHMgZml4aW5nLiANCg0K
U2VlIGFsc28gbXkgbWFpbCBmcm9tIDE0IE9jdCwgd2hpY2ggY29udGFpbmVkIGEgZ3JhcGhpYyBh
Ym91dCB0aGlzLiANCg0KKFdoZXJlIHRoaXMgZ29lcyBpbiB0aGUgZG9jIGlzIGEgc2VwYXJhdGUg
ZGlzY3Vzc2lvbikuIA0KDQpUaG91Z2h0cz8gDQpNaWNoYWVsDQoNCiANCj4gPiBJbiB0aGUgIklt
cHJpbnQiIHN0ZXAgdGhyZWUgZXJyb3JzIGNhbiBoYXBwZW46IDEpIFRoZSBkZXZpY2UgcmVjZWl2
ZXMNCj4gPiBhIGJhZCBNQVNBIHRva2VuLCBvciBkb2Vzbid0IHJlY2VpdmUgb25lOyBhbmQgMikg
dGhlIGRvbWFpbiBSZWdpc3RyYXINCj4gPiByZWNlaXZlcyBhIGJhZCBvciBubyBNQVNBIHRva2Vu
IG9yIDMpIHRoZSBhdWRpdCBsb2cgbWFrZXMgdGhlDQo+ID4gUmVnaXN0cmFyIHJlamVjdCB0aGUg
ZGV2aWNlLiBGb3IgdHJvdWJsZSBzaG9vdGluZywgSSB0aGluayBpdCBpcw0KPiA+IGltcGVyYXRp
dmUgdGhhdCBpbiAxKSB0aGUgcGxlZGdlIGluZm9ybXMgdGhlIFJlZ2lzdHJhciBvZiB0aGUgZXJy
b3IsDQo+IA0KPiBDT05DRVJOOiBTbyBJIHRoaW5rIHlvdSByZWNvbW1lbmQgZWl0aGVyIGV4cGFu
ZGluZyBzNS43LjQg4oCcc3RhdHVzDQo+IHRlbGVtZXRyeeKAnSB0byBleHBsaWNpdGx5IGNvdmVy
IHRoaXMgY2FzZSBvciBhZGQgYW5vdGhlciB0ZWxlbWV0cnkgb3B0aW9uPw0KPiANCj4gPiBhbmQg
aW4gMikgYW5kIDMpIHRoZSBSZWdpc3RyYXIgaW5mb3JtcyB0aGUgcGxlZGdlIChlLmcuLCB0byB0
dXJuIG9uIGEgcmVkIExFRCwNCj4gc3VjaCB0aGF0IHRoZSBpbnN0YWxsZXIga25vd3MgdGhhdCBh
biBlcnJvciBjb25kaXRpb24gaGFzIGFyaXNlbi4gSSB0aGluayB3ZQ0KPiBkb24ndCBjb3ZlciB0
aG9zZSBjYXNlcyB5ZXQ/DQo+IA0KPiBDT05DRVJOOiBUaGlzIGlzIGFuIGludGVyZXN0aW5nIGlk
ZWEgYnV0IHcvbyBhIHZhbGlkIE1BU0EgcmVzcG9uc2UgdGhlDQo+IGRvbWFpbiBoYXMgbm8gc2Vj
dXJlIHdheSB0byBkcml2ZSBiZWhhdmlvciBvbiB0aGUgUGxlZGdlLiBXaGF0IGRvIHlvdQ0KPiB0
aGluayBhYm91dCB0aGUgUGxlZGdlIGJlaW5nIHJlcXVpcmVkIHRvIGluZGljYXRlIHNvbWV0aGlu
ZyBhYm91dCBmYWlsZWQNCj4gYXR0ZW1wdHMgd2hlbiBpdCBtb3ZlcyBvbiB0byBmdXR1cmUgZGlz
Y292ZXJ5PyAodmlhIHRpbWVvdXQgZXRjKS4NCj4gDQo+ID4gMy4xLjENCj4gPiAiIFRoZSByZXN1
bHQgb2YgZGlzY292ZXJ5IGlzIGxvZ2ljYWxseSAoc2hvdWxkIGJlICJsb2dpY2FsIikgY29tbXVu
aWNhdGlvbg0KPiB3aXRoIGEgUHJveHkgaW5zdGVhZCAuLi4gIiBJIHdvdWxkIGhhdmUgc2FpZCBp
dCB0aGUgb3RoZXIgd2F5IHJvdW5kLCBhbmQNCj4gcmVkdWNlZCB0aGF0IHBhcmFncmFwaCB0bzog
IiBUaGUgcmVzdWx0IG9mIGRpc2NvdmVyeSBpcyBhIGxvZ2ljYWwNCj4gY29tbXVuaWNhdGlvbiB3
aXRoIGEgUmVnaXN0cmFyLCB0aHJvdWdoIGEgUHJveHku4oCdDQo+IA0KPiBGaXhlZC4gIlRoZSBy
ZXN1bHQgb2YgZGlzY292ZXJ5IGlzIGEgbG9naWNhbCBjb21tdW5pY2F0aW9uIHdpdGggYSBSZWdp
c3RyYXIsDQo+IHRocm91Z2ggYSBQcm94eS4gVGhlIFByb3h5IGlzIHRyYW5zcGFyZW50IHRvIHRo
ZSBQbGVkZ2UgYnV0ICBpcyBhbHdheXMNCj4gYXNzdW1lZCB0byBleGlzdC4iDQo+IA0KPiA+ICIg
VG8gZGlzY292ZXIgdGhlIERvbWFpbiBCb290c3RyYXAgU2VydmVyIiB5b3UgbWVhbiAiIFRvIGRp
c2NvdmVyIGENCj4gUmVnaXN0cmFyIiAtIHJpZ2h0PyBJIHN1Z2dlc3QgdG8gcmVtb3ZlIHRoZSB0
ZXJtICJib290c3RyYXAgc2VydmVyIg0KPiBjb21wbGV0ZWx5IChnbG9iYWxseSkgdG8gYXZvaWQg
Y29uZnVzaW9uLg0KPiANCj4gRml4ZWQuDQo+IA0KPiA+IGEpOiBXZSBleGNsdWRlIGEgY2FzZSB3
aXRoIG5vcm1hbCBESENQIGZvciBJUHY0LiBEbyB3ZSByZWFsbHkgd2FudCB0byBkbw0KPiB0aGlz
PyBBbHNvLCBpZiBvcHRpb24gZCkgaXMgdGhlIG9ubHkgb25lIHdvcmtpbmcsIHdlIHJlcXVpcmUg
RE5TIHRvIHdvcmsuIFNvIGEpDQo+IHNob3VsZCBwcm9iYWJseSBiZSBleHBhbmRlZCB0byBpbmNs
dWRlIHRoZXNlIG9wdGlvbnM/DQo+IA0KPiBHb29kIHBvaW50LiBJ4oCZdmUgYWRkZWQgYSByZWZl
cmVuY2UgdG8gREhDUCBbUkZDMjEzMV0gYXMgZm9sbG93czoNCj4gDQo+IFRoZSBQbGVnZSBNQVkg
b2J0YWluIGFuIElQIGFkZHJlc3MgdmlhIERIQ1AgW1JGQzIxMzFdLiBUaGUgREhDUCBwcm92aWRl
ZA0KPiBwYXJhbWV0ZXJzIGZvciB0aGUgRG9tYWluIE5hbWUgU3lzdGVtIGNhbiBiZSB1c2VkIHRv
IHBlcmZvcm0gc3RlcCAoZCkNCj4gRE5TIG9wZXJhdGlvbnMgaWYgYWxsIGxvY2FsIGRpc2NvdmVy
eSBhdHRlbXB0cyBmYWlsIChzZWUgYmVsb3cpLg0KPiANCj4gQ09OQ0VSTjogaG93IHRvIGJhbGFu
Y2UgdGhpcyBNQVkgd2l0aCB0aGUgTVVTVCBjb25jZXJuaW5nIFJGQzM5MjcgYW5kDQo+IFJGQzQ4
NjIgKGR5bmFtaWMgSVAgYWRkcmVzcyBmb3IgdjQgb3IgdjYpPw0KPiANCj4gPiBiKTogRG8gd2Ug
bmVlZCBhbiBJQU5BIHJlZ2lzdHJhdGlvbiBmb3IgdGhlICJfYm9vdHN0cmFwa3MuX3RjcC5sb2Nh
bCINCj4gc2VydmljZT8gV2UgaGF2ZSBubyBJQU5BIGNvbnNpZGVyYXRpb25zIHNlY3Rpb24hIQ0K
PiANCj4gQ09OQ0VSTjogZ3JlYXQgcG9pbnQuIEnigJl2ZSBhZGRlZCB0aGUgc2VjdGlvbiBidXQg
bGVmdCB0aGUgY29udGVudCBhcyBhDQo+IFtbRUROT1RFOl1dDQo+IA0KPiA+IGMpIFdlJ3JlIHVz
aW5nIGJvdGggImV4YW1wbGUuY29tIiBhbmQgImV4YW1wbGUubmV0Ii4gT25seSB1c2UgLmNvbQ0K
PiA+IChodHRwOi8vd3d3LmlhbmEub3JnL2RvbWFpbnMvcmVzZXJ2ZWQpDQo+IA0KPiBGaXhlZC4N
Cj4gQ09OQ0VSTjogdGhlIG5leHQgZXhhbXBsZSBpcyDigJx2ZW5kb3ItZXhhbXBsZS5jb23igJ0g
dG8gZGlzdGluZ3Vpc2ggaXQuDQo+IFBlcmhhcHMgdGhpcyBzaG91bGQgYmUgZXhhbXBsZS5jb20g
YXMgd2VsbD8NCj4gDQo+ID4gZCkgIlZlbmRvcnMgdGhhdCBsZXZlcmFnZSB0aGlzIG1ldGhvZCBT
SE9VTEQgcHJvdmlzaW9uIGFwcHJvcHJpYXRlbHkuIg0KPiBFeHBsYWluPyBJIGRvbid0IHVuZGVy
c3RhbmQgd2hhdCB0aGF0IG1lYW5zPw0KPiANCj4gSWYgdGhleSBzZWxsIGRldmljZXMgdGhhdCBz
ZWFyY2ggZm9yIHRoaXMgYWRkcmVzcyB0aGV5IHNob3VsZCBidWlsZCBvdXQgdGhlaXINCj4gaW5m
cmFzdHJ1Y3R1cmUgc3VmZmljaWVudGx5IHRvIGhhbmRsZSB0aGUgbG9hZCBvZiB3aGF0ZXZlciBk
ZXZpY2VzIHRoZXkgc2hpcC4NCj4gSeKAmXZlIGNoYW5nZWQgdGhlIHRleHQgdG8gcmVhZDogIlZl
bmRvcnMgdGhhdCBsZXZlcmFnZSB0aGlzIG1ldGhvZCBvbiB0aGUNCj4gUGxlZGdlIGFyZSByZXNw
b25zaWJsZSBmb3IgcHJvdmlkaW5nIHRoZSBib290c3RyYXBrcyBzZXJ2aWNl4oCdLg0KPiANCj4g
PiBOb3Qgc3VyZSwganVzdCB2ZXJpZnlpbmc6IE91ciBwcm94eSBtZXRob2RzIHdvdWxkIHdvcmsg
aWYgdGhlIHBsZWRnZSBpcw0KPiBJUHY0IGFuZCB0aGUgUmVnaXN0cmFyIElQdjY/DQo+IA0KPiBD
T05DRVJOOiBJIGJlbGlldmUgc28gYnV0IE1DUuKAmXMgaW5wdXQgd291bGQgYmUgaGVscGZ1bC4N
Cj4gDQo+ID4gInRvIGF2b2lkIG92ZXJsb2FkaW5nIHRoYXQgZGlzY292ZXJ5IG1ldGhvZHMgbmV0
d29yayBpbmZyYXN0cnVjdHVyZS4iDQo+IERvZXMgdGhhdCBtYWtlIHNlbnNlPyBJIHRoaW5rICJ0
byBhdm9pZCBvdmVybG9hZGluZyB0aGUgbmV0d29yaw0KPiBpbmZyYXN0cnVjdHVyZSB3aXRoIGRp
c2NvdmVyeeKAnS4NCj4gDQo+IEZpeGVkLg0KPiANCj4gPiBJbiB0aGUgcmVmZXJlbmNlIG1vZGVs
IHdlIHN0YXRlIHRoYXQgaWYgYSBwbGVkZ2UgaGFzIGJlZW4gcmVqZWN0ZWQgYnkgYQ0KPiBkb21h
aW4sIGl0IHNob3VsZCBwcmVmZXJhYmx5IHVzZSBvdGhlciBkb21haW5zIHRoYXQgYXJlIHNlZW4u
IFdlIG1heSB3YW50DQo+IHRvIGFkZCBzb21ldGhpbmcgYXQgdGhlIGVuZCBvZiAzLjEuMS4gVGhp
cyBpcyBhbHNvIHRoZSByZWFzb24gd2h5IHRoZSBwbGVkZ2UNCj4gbmVlZHMgdG8ga25vdyBpZiB0
aGUgUmVnaXN0cmFyIGhhcyByZWplY3RlZCBpdCBiYXNlZCBvbiBNQVNBIGlucHV0Lg0KPiANCj4g
Q09OQ0VSTjogRGlzY292ZXJ5IGRvZXNu4oCZdCBpbmNsdWRlIGEgc2VjdXJlIHN0YXRlbWVudCBv
ZiB0aGUgZG9tYWluDQo+IGlkZW50aXR5LiBTbyB0aGlzIGJlaGF2aW9yIHdvdWxkIGltcGx5IHNv
bWV0aGluZyBsaWtlIOKAnGlmIHRoZSBUTFMNCj4gYXV0aGVudGljYXRpb24gcmVzdWx0cyBpbiBh
IGRvbWFpbiB0aGF0IGhhcyBleHBsaWNpdGVseSByZWplY3RlZCB0aGUgUGxlZGdlDQo+IHByZXZp
b3VzbHkgdGhlbiB0aGUgYXR0ZW1wdCBpbW1lZGlhdGVseSBmYWlscyBhbmQgbm8gcmVxdWVzdCBp
cyBpbml0aWF0ZWTigJ0gaW4NCj4gc2VjdGlvbiA1Pw0KPiANCj4gPiBzL1RoZXJlZm9yZSBvciBj
bGFyaXR5L1RoZXJlZm9yZSBmb3IgY2xhcml0eS8NCj4gDQo+IEZpeGVkIHdpdGggYW4gYWJvdmUg
Y29tbWVudC4NCj4gDQo+ID4gMy4xLjIgc3VnZ2VzdCB0byBtZXJnZSB3aXRoIDMuMS4zLiBUaGUg
InJlcXVlc3Qgam9pbiIgaW5jbHVkZXMgdGhlDQo+ICJpZGVudGl0eSIsIHJlYWxseS4gVGhlc2Ug
YXJlIE5PVCB0d28gc2VwYXJhdGUgc3RlcHMuDQo+ID4gcy8gYm9vdHN0cmFwcGluZyBwcm90b2Nv
bCBzZXJ2ZXIvUmVnaXN0cmFyL2cgcy9ib290c3RyYXBwaW5nDQo+ID4gc2VydmVyL1JlZ2lzdHJh
ci9nIHMvQm9vdHN0cmFwcGluZyBzZXJ2ZXIvUmVnaXN0cmFyL2cNCj4gDQo+IENPTkNFUk46IGFz
IG5vdGVkIGFib3ZlIHRoZXNlIGFyZSB0d28gZGlzdGluY3QgcHJvdG9jb2wgc3RlcHMuIExlYXZp
bmcgdGhpcw0KPiBmb3Igbm93Lg0KPiANCj4gPiAzLjEuNA0KPiA+IFRoZSBub24tYXV0b25vbWlj
IG1ldGhvZHMgYXJlIGNvbmZ1c2luZyBoZXJlLiBJIHdvbmRlciB3aGV0aGVyIHdlDQo+IHNob3Vs
ZCBleGNsdWRlIHRoZW0/IEFyZSB0aGV5IHJlYWxseSBpbiBzY29wZT8NCj4gDQo+IENPTkNFUk46
IEnigJlkIGxpa2UgdG8gbGVhdmUgdGhlc2UgZm9yIG5vdy4gSSByZWNlaXZlIGEgbG90IG9mIHF1
ZXN0aW9ucyBhYm91dA0KPiBob3cgdGhpcyBpcyBkaWZmZXJlbnQgdGhhbiB0aGUgbm9uLWF1dG9u
b21pYyBtZXRob2RzIGluIEVTVCBhbmQgYXJvdW5kDQo+IGhvdyBUT0ZVIGV0YyByZWxhdGVzLiBJ
IHRoaW5rIGl0IHNlZW1zIGV4dHJhbmVvdXMgdG8gdXMgdG8gZGlzY3VzcyB0aGVzZQ0KPiAoYWdh
aW4pIGZvciBidXQgbmV3ZXIgcmVhZGVycyBpdCBoZWxwcy4NCj4gDQo+ID4gVGhlIHBsZWRnZSBt
dXN0IHN1cHBvcnQgdGhyZWUgbW9kZXM6DQo+ID4gMSAtIChubyBNQVNBKTogZG9lc24ndCByZXF1
aXJlIGFuIG93bmVyc2hpcCB2b3VjaGVyIG9yIGF1ZGl0IHRva2VuDQo+IA0KPiBDT05DRVJOOiBJ
IGVtcGhhdGljYWxseSBkb27igJl0IHNlZSB0aGlzIGFzIGEgcmVxdWlyZW1lbnQgb24gdGhlIFBs
ZWRnZS4NCj4gU2VjdGlvbiA2IGFsbG93cyB0aGlzIGNhc2Ugb25seSBiZWNhdXNlIHdl4oCZcmUg
bm90IHlldCBzZXJpb3VzIGFib3V0IHNlY3VyaXR5Lg0KPiANCj4gPiAyIC0gKE1BU0Egd2l0aCBh
dWRpdCBvbmx5KTogcmVxdWlyZXMgYW4gYXVkaXQgdG9rZW4NCj4gPiAzIC0gKE1BU0Egd2l0aCBv
d25lcnNoaXAgdHJhY2tpbmcpOiByZXF1aXJlcyBhbiBvd25lcnNoaXAgdm91Y2hlci4NCj4gDQo+
IEnigJl2ZSB1cGRhdGVkIHRoZSBzdGF0ZW1lbnQgYmVmb3JlIHRoZSBsaXN0IHRvIHJlYWQ6DQo+
ICJUaGlzIGRvY3VtZW50IGRlc2NyaWJlcyBhdXRvbm9taWMgbWV0aG9kcyB0aGF0IE1VU1QgYmUg
c3VwcG9ydGVkIGJ5DQo+IHRoZSBQbGVkZ2U6Ig0KPiANCj4gPg0KPiA+IDMuMS41DQo+ID4gIiAg
IG8gIEluIGFjY29yZGFuY2Ugd2l0aCBJRUVFIDgwMi4xQVIgYW5kIFJGQzUyODAgYWxsIG1hbnVm
YWN0dXJpbmcNCj4gPiAgICAgIGluc3RhbGxlZCBjZXJ0aWZpY2F0ZXMgYW5kIHRydXN0IGFuY2hv
cnMgYXJlIGFzc3VtZWQgdG8gaGF2ZQ0KPiA+ICAgICAgaW5maW5pdGUgbGlmZXRpbWVzLiAgQWxs
IHN1Y2ggY2VydGlmaWNhdGVzICJTSE9VTEQgYmUgYXNzaWduZWQgdGhlDQo+ID4gICAgICBHZW5l
cmFsaXplZFRpbWUgdmFsdWUgb2YgOTk5OTEyMzEyMzU5NTlaIiBbUkZDNTI4MF0uICBUaGUgTmV3
DQo+ID4gICAgICBFbnRpdHksIFJlZ2lzdHJhciBhbmQgTUFTQSBzZXJ2ZXIgTVVTVCBpZ25vcmUg
YW55IG90aGVyIHZhbGlkaXR5DQo+ID4gICAgICBwZXJpb2QgaW5mb3JtYXRpb24gaW4gdGhlc2Ug
Y3JlZGVudGlhbHMgYW5kIHRyZWF0IHRoZSBlZmZlY3RpdmUNCj4gPiAgICAgIGxpZmV0aW1lIGFz
IDk5OTkxMjMxMjM1OTU5Wi4gIFRoaXMgZW5zdXJlcyB0aGF0IGNsaWVudA0KPiA+ICAgICAgYXV0
aGVudGljYXRpb24gKHNlZSBTZWN0aW9uIDMuMy4xKSBhbmQgdGhlIGF1ZGl0IHRva2VuIHNpZ25h
dHVyZQ0KPiA+ICAgICAgKHNlZSBTZWN0aW9uIDUuMykgY2FuIGFsd2F5cyBiZSB2ZXJpZmllZCBk
dXJpbmcgUkZDNTI4MCBwYXRoDQo+ID4gICAgICB2YWxpZGF0aW9uLiINCj4gPg0KPiA+IFRoZSBN
VVNUIHN0YXRlbWVudCBpbXBsaWVzIHRoYXQgYSBNQVNBIGV0YyBhY3R1YWxseSBrbm93cyB3aGV0
aGVyIGENCj4gY2VydGlmaWNhdGUgaXMgODIwMS5BUiBvciBhbm90aGVyIHR5cGUgb2YgY2VydCwg
cmlnaHQ/IElzIHRoYXQgdHJ1ZT8gV2hlbiBJIGxvb2sNCj4gYXQgYSBkZXZpY2UgY2VydGlmaWNh
dGUsIGhvdyBkbyBJIGtub3cgaXQncyBhbiBJRGV2SUQ/DQo+ID4NCj4gPiBBc3N1bWluZyB5b3Ug
KmNhbiogZGlzdGluZ3Vpc2ggSURldklEIGZyb20gYSAibm9ybWFsIiBjZXJ0LCB3ZSBtYXkgcnVu
DQo+IGludG8gY2FzZXMgd2hlcmUgIm5vcm1hbCIgY2VydHMgYXJlIHVzZWQgaW4gdGhlIGZ1bmN0
aW9uIG9mIGFuIElEZXZJRCwgcmlnaHQ/DQo+IEkuZS4gYSBkZXZpY2UgdHlwZSBkb2Vzbid0IHJl
YWxseSBzdXBwb3J0IElEZXZJRCwgYnV0IGEgbWFudWZhY3R1cmVyIGhhcyBwcmUtDQo+IGxvYWRl
ZCBjZXJ0cyBhdCBtYW51ZmFjdHVyaW5nIHRpbWUuDQo+ID4NCj4gPiBUaGlzICJBbGwgc3VjaCBj
ZXJ0aWZpY2F0ZXMgIlNIT1VMRCBiZSBhc3NpZ25lZCB0aGUgR2VuZXJhbGl6ZWRUaW1lDQo+ID4g
dmFsdWUgb2YgOTk5OTEyMzEyMzU5NTlaIiBbUkZDNTI4MF0uICIgaW4gY29tYmluYXRpb24gd2l0
aCAiTVVTVA0KPiA+IGlnbm9yZSIgbWFrZXMgbWUgbmVydm91c+KApg0KPiANCj4gSeKAmXZlIHVw
ZGF0ZWQgdGhpcyBidWxsZXQgYXM6DQo+IA0KPiBEdXJpbmcgUGxlZGdlIGF1dGhlbnRpYXRpb24g
YnkgdGhlIFJlZ2lzdHJhciBhIHJlYWx0aW1lIGNsb2NrIGNhbiBiZSB1c2VkIGJ5DQo+IHRoZSBS
ZWdpc3RyYXIuIFRoaXMgYnVsbGV0IGV4cGFuZHMgb24gYSBjbG9zZWx5IHJlbGF0ZWQgaXNzdWUg
cmVnYXJkaW5nIFBsZWRnZQ0KPiBsaWZldGltZXMuIFJGQzUyODAgaW5kaWNhdGVzIHRoYXQgbG9u
ZyBsaXZlZCBQbGVkZ2UgY2VydGlmaWF0ZXMgIlNIT1VMRCBiZQ0KPiBhc3NpZ25lZCB0aGUgR2Vu
ZXJhbGl6ZWRUaW1lIHZhbHVlIG9mIDk5OTkxMjMxMjM1OTU5WiIgW1JGQzUyODBdIHNvIHRoZQ0K
PiBSZWdpc3RyYXIgTVVTVCBzdXBwb3J0IHN1Y2ggbGlmZXRpbWVzIGFuZCBTSE9VTEQgc3VwcG9y
dCBpZ25vcmluZyBQbGVkZ2UNCj4gbGlmZXRpbWVzIGlmIHRoZXkgZGlkIG5vdCBmb2xsb3cgdGhl
IFJGQzUyODAgcmVjb21tZW5kYXRpb25zLg0KPiANCj4gQXJndWFibHkgdGhpcyBidWxsZXQgY291
bGQgYmUgbW92ZWQgdG8gYSBkaWZmZXJlbnQgc2VjdGlvbi4NCj4gDQo+ID4NCj4gPiBXZSdyZSBy
ZWZlcnJpbmcgdG8gYW4gYXVkaXQgdG9rZW4gaW4gdGhpcyBzZWN0aW9uLCBidXQgbm90IHRvIHRo
ZQ0KPiA+IG90aGVyIDIgbWV0aG9kcyAgKE9ud2Vyc2hpcCB2b3VjaGVyIGFuZCBubyBNQVNBKS4g
VGhpcyBpc24ndCBjb21wbGV0ZeKApg0KPiANCj4gSeKAmXZlIG1vdmVkIHRoZSBub25jZSBkaXNj
dXNzaW9uIHRvIHRoZSBlbmQgb2YgdGhpcyBzZWN0aW9uIGFuZCBhZGRlZCBhDQo+IGNvbW1lbnQg
YWJvdXQgT3duZXJzaGlwIHZvdWNoZXJzOg0KPiANCj4gVGhlIG5vbmNlIGluY2x1ZGVkIGluIGpv
aW4gYXR0ZW1wdHMgcHJvdmlkZXMgYW4gYWx0ZXJuYXRlIG1lY2hhbmlzbSBmb3IgdGhlDQo+IFBs
ZWRnZSB0byBlbnN1cmUgQXVkaXQgVG9rZW4gcmVzcG9uc2VzIGFyZSBhc3NvY2lhdGVkIHdpdGgg
YSBwYXJ0aWN1bGFyDQo+IGJvb3RzdHJhcHBpbmcgYXR0ZW1wdC4gTm9uY2VsZXNzIEF1ZGl0IFRv
a2VucyBmcm9tIHRoZSBNQVNBIHNlcnZlciBhcmUNCj4gYWx3YXlzIHZhbGlkIGFuZCB0aHVzIHRp
bWUgaXMgbm90IG5lZWRlZC4NCj4gDQo+IE93bmVyc2hpcCBWb3VjaGVycyBpbmNsdWRlIHRpbWUg
aW5mb3JtYXRpb24gYW5kIE1VU1QgYmUgdmFsaWRhdGVkIGENCj4gcmVhbHRpbWUgY2xvY2suDQo+
IA0KPiA+DQo+ID4gU3BlY2lmaWNhbGx5LCBpbiBhIGNhc2Ugd2l0aG91dCBNQVNBLCBJIHRoaW5r
IHdlIG5lZWQgdG8gc2ltcGx5IHN0YXRlIHRoYXQNCj4gd2UgY2Fubm90IHZhbGlkYXRlIHRpbWUg
ZHVyaW5nIGVucm9sbWVudC4gSSB0aGluayB0aGlzIGlzIHdoYXQgdGhlIHN0YXRlbWVudA0KPiAi
V2hlbiBhY2NlcHRpbmcgYW4gZW5yb2xsbWVudCBjZXJ0aWZpY2F0ZSB0aGUgdmFsaWRpdHkgcGVy
aW9kDQo+ID4gICAgICB3aXRoaW4gdGhlIG5ldyBlbmQgZW50aXR5IGNlcnRpZmljYXRlIGlzIGFz
c3VtZWQgdG8gYmUgdmFsaWQgYnkNCj4gPiAgICAgIHRoZSBOZXcgRW50aXR5LiIgd2FudHMgdG8g
c2F5Pw0KPiANCj4gQ09OQ0VSTjogSSBkb27igJl0IHNlZSBob3cg4oCcd2l0aG91dCBNQVNB4oCd
IGVudGVycyBpbnRvIHRoaXMgc28gSeKAmXZlIHByb2JhYmx5DQo+IG5vdCBhZGRyZXNzZWQgc29t
ZXRoaW5nIGhlcmUuDQo+IA0KPiA+IEFjdHVhbGx5LCB3ZSBvbmx5IGxvb2sgYXQgdGhlIGRvbWFp
biB2YWxpZGF0aW5nIHRpbWUgZnJvbSB0aGUgcGxlZGdlLA0KPiA+IHNob3VsZG4ndCB3ZSBhbHNv
IGRlc2NyaWJlIHRoZSBvdGhlciBkaXJlY3Rpb24/IC0tPiBXb3VsZG4ndCBpdCBiZSBjb3JyZWN0
IHRvDQo+IHNheSAiQSBwbGVkZ2Ugd2l0aG91dCByZWFsLXRpbWUgY2xvY2sgY2Fubm90IHNlY3Vy
ZWx5IGJvb3RzdHJhcCB0aW1lLiBEdXJpbmcNCj4gdGhlIGJvb3RzdHJhcCBwcm9jZXNzIGl0IGFj
Y2VwdHMgYWxsIGNlcnRpZmljYXRlcyB3aXRob3V0IHZhbGlkYXRpbmcgdGltZS4gT25jZQ0KPiBi
b290c3RyYXBwZWQgc3VjaCBkZXZpY2VzIE1VU1QgYmUgcHJvdmlkZWQgd2l0aCB0aGUgY3VycmVu
dCBjb3JyZWN0IHRpbWUNCj4gZm9yIG90aGVyIFBLSSBvcGVyYXRpb25zIHRvIHN1Y2NlZWQuIg0K
PiA+DQo+ID4gVGhpcyB3aG9sZSBzZWN0aW9uIDMuMS41IG1ha2VzIG1lIGEgYml0IG5lcnZvdXPi
gKYNCj4gDQo+IEdvb2QuIDovIEl0cyBhIHNjYXJ5IGNvbmNlcHQgYW5kIEnigJltIGhhcHB5IHRv
IGhhdmUgZm9sa3MgY29tbWVudC4gRG8gdGhlDQo+IGFib3ZlIGNsZWFudXBzIGhlbHA/DQo+IA0K
PiA+DQo+ID4gMy4xLjYNCj4gPiAiVGhlIE5ldyBFbnRpdHkgY29udGFjdHMgdGhlIFJlZ2lzdHJh
ciIgYWRkICJ2aWEgYSBwcm94eSIuIFdlIGFsd2F5cw0KPiBhc3N1bWUgYSBwcm94eS4NCj4gDQo+
IEZpeGVkLg0KPiANCj4gPg0KPiA+IEluIHRoaXMgc2VjdGlvbiB3ZSBkb24ndCBmb3Jlc2VlIGEg
Y2FzZSB3aXRob3V0IE1BU0Egc2V2ZXIuIChCdWxsZXQNCj4gPiBsaXN0KQ0KPiA+DQo+ID4gIiAg
IG8gIFRoZSBFU1Qgc2VydmVyIGlzIGF1dGhlbnRpY2F0ZWQgYnkgdXNpbmcgdGhlIE93bmVyc2hp
cCBWb3VjaGVyDQo+ID4gICAgICBpbmRpY2F0ZWQgZnVsbHkgcXVhbGlmaWVkIGRvbWFpbiBuYW1l
IHRvIGJ1aWxkIHRoZSBFU1QgVVJJIHN1Y2gNCj4gPiAgICAgIHRoYXQgRVNUIHNlY3Rpb24gNC4x
LjEgYm9vdHN0cmFwcGluZyB1c2luZyB0aGUgTmV3IEVudGl0eSBpbXBsaWNpdA0KPiA+ICAgICAg
VHJ1c3QgQW5jaG9yIGRhdGFiYXNlIGNhbiBiZSB1c2VkLiINCj4gPg0KPiA+IFJlYWQgdGhpcyBz
ZXZlcmFsIHRpbWVzLCBzdGlsbCBkb24ndCBwYXJzZSBpdC4gQ2FuIHdlIG1ha2UgdGhpcyBzZW50
ZW5jZQ0KPiBzaW1wbGVyPyBOb3QgZXZlbiBzdXJlIHRoaXMgaXMgZ3JhbW1hdGljYWxseSBjb3Jy
ZWN0PyE/DQo+ID4NCj4gPiBBbHNvIHRoaXMgc2VjdGlvbiwgSSB0aGluayB3ZSBzaG91bGQgZGlz
dGluZ3Vpc2ggdGhlIHRocmVlIGNhc2VzIG9mIE1BU0EuDQo+IExhc3QgcGFyYWdyYXBoIHN0YXJ0
cyB3aXRoICJvbmNlIHRoZSBhdWRpdCB0b2tlbiBpcyByZWNlaXZlZCIuIFdoYXQgaWYgdGhlcmUg
aXMNCj4gbm9uZSBvciBhbiBvd25lcnNoaXAgdm91Y2hlcj8NCj4gDQo+IEZpeGVkLg0KPiANCj4g
Ik93bmVyc2hpcCBWb3VjaGVycyBhcmUgb2J0YWluZWQgYnkgYSBSZWdpc3RyYXIgZnJvbSB0aGUg
TUFTQSBzZXJ2aWNlIGFuZA0KPiBleHBsaWNpdGx5IGluZGljYXRlIHRoZSBvd25lciBvZiB0aGUg
UGxlZGdlLuKAnQ0KPiANCj4gIlRoZSBPd25lcnNoaXAgVm91Y2hlciBjb250YWlucyB0aGUgT3du
ZXIgQ2VydGlmaWNhdGUgd2hpY2ggdGhlIFBsZWRnZQ0KPiB1c2VzIHRvIGF1dGhlbnRpY2F0ZSB0
aGUgVExTIGNvbm5lY3Rpb24uIg0KPiANCj4gPg0KPiA+IDMuMS43DQo+ID4gQXMgbWVudGlvbmVk
IGluIG15IG90aGVyIG1haWwsIEkgd291bGQgcHJlZmVyIHRvIGNhbGwgdGhlIGZpbmFsIHN0YXRl
IGhlcmUNCj4gImVucm9sbGVkIi4gV2UgY291bGQgZXhwbGFpbiBoZXJlIHRoYXQgaW4gdGhlIGNh
c2Ugb2YgQU5JTUEsIHRoZSBuZXh0IHN0ZXAgaXMNCj4gdGhlIGVzdGFibGlzaG1lbnQgb2YgdGhl
IEFDUCwgc2VlIGRyYWZ0IC4uLiAgYW5kIGluIHRoZSBub24tQU5JTUEgY2FzZSB3ZQ0KPiBleHBl
Y3Qgbm9ybWFsIG1hbmFnZW1lbnQgdG8gdGFrZSBwbGFjZSwgZXggdmlhIE5FVENPTkYsIC4uLiBC
dXQgSSBzdWdnZXN0DQo+IHRvIGhhdmUgYSByZWZlcmVuY2UgdG8gdGhlIEFDUCBkcmFmdC4NCj4g
DQo+IENPTkNFUk46IEkgbGlrZSBzd2l0Y2hpbmcgdGhpcyB0byDigJhlbnJvbGxlZOKAmS4gTm90
IHN1cmUgd2hhdCB0aGUgcmVzdCBvZiB0aGUNCj4gc3VnZ2VzdGlvbiBpcy4NCj4gDQo+ID4NCj4g
PiAzLjINCj4gPiBXZSBzaG91bGQgcmUtc3RhdGUgaGVyZSB0aGF0IGFyY2hpdGVjdHVyYWxseSwg
YSBQbGVkZ2UgQUxXQVlTIGludGVyZmFjZXMgYQ0KPiBQcm94eTsgaWYgdGhlIGRpcmVjdGx5IGFk
amFjZW50IGRldmljZSBoYXBwZW5zIHRvIGJlIGEgUmVnaXN0cmFyLCBpdCBoYXMgdG8NCj4gcHJl
c2VudCBpdHNlbGYgdG8gdGhlIHBsZWRnZSBpbiB0aGUgc2FtZSB3YXkgYSBub3JtYWwgUHJveHkg
d291bGQuDQo+IA0KPiBGaXhlZC4NCj4gIkEgUHJveHkgaXMgYWx3YXlzIGFzc3VtZWQgZXZlbiBp
ZiBkaXJlY3RseSBpbnRlZ3JhdGVkIGludG8gYSBSZWdpc3RyYXLigJ0uDQo+IA0KPiA+DQo+ID4g
InRoZSBjaG9zZW4gbWVjaGFuaXNtIFNIT1VMRC4uLiAiIC0gVGhpcyBpcyB0aGUgbWVjaGFuaXNt
IHdlIHNwZWNpZnkNCj4gbGF0ZXIgaW4gdGhlIGRvYywgcmlnaHQ/IChTb3VuZHMgbGlrZSB0aGlz
IGlzIGEgcmVxdWlyZW1lbnQgb3V0c2lkZSB0aGlzIGRvYykuDQo+IFRoZW4gSSB3b3VsZCByZS1w
aHJhc2UgInRoZSBjaG9zZW4gbWVjaGFuaXNtIHdhcyBkZXNpZ25lZCB0byDigKYiDQo+ID4NCj4g
PiBJIGRpc2FncmVlIHdpdGggdGhlICpnZW5lcmFsKiBnb2FsICJTSE9VTEQgdXNlIHRoZSBtaW5p
bXVtIGFtb3VudCBvZg0KPiBzdGF0ZSBvbiB0aGUgcHJveHkgZGV2aWNlLiIgVGhpcyBpcyBhIGdv
b2QgZ29hbCBmb3IgY29uc3RyYWluZWQgZGV2aWNlcywgYnV0IGluDQo+IGEgbm9ybWFsIG5ldHdv
cmsgd2UgYWx3YXlzIHRyeSB0byBoYW5kbGUgRG9TIGZvciBleGFtcGxlIGFzIGZhciAib3V0IiBh
cw0KPiBwb3NzaWJsZS4gKFdlIGhhZCB0aGF0IGRpc2N1c3Npb24gYSB3aGlsZSBiYWNrKS4NCj4g
Pg0KPiA+IFdoYXQgYXJlIHdlIHBsYW5uaW5nIHRvIGRvIHdpdGggZHJhZnQtcmljaGFyZHNvbi1h
bmltYS1zdGF0ZS1mb3ItDQo+IGpvaW5yb3V0ZXI/IEl0IGNvbnRhaW5zIHZhbHVhYmxlIGJhY2tn
cm91bmQuIFdvdWxkbid0IGl0IGJlIG5pY2UgdG8gaGF2ZSB0aGF0DQo+IGFzIGFuIGFwcGVuZGl4
IGluIGJyc2tpPyAoSG93ZXZlciwgdGhlbiB0aGUgbmFtaW5nIHdvdWxkIG5lZWQgdG8gYmUNCj4g
YWRhcHRlZCB0byB0aGUgYnJza2kgdGVybWlub2xvZ3kpLg0KPiA+DQo+ID4gQWRkOiAiSWYgdGhp
cyBib290c3RyYXAgbWVjaGFuaXNtIGlzIHVzZWQgaW4gYW4gQU5JTUEgY29udGV4dCwgdGhlIHBy
b3h5DQo+IGRldmljZSB3aWxsIGRpc2NvdmVyIFJlZ2lzdHJhcihzKSB0aHJvdWdoIEdSQVNQIGJh
c2VkIGRpc2NvdmVyeSwgaW5zaWRlIHRoZQ0KPiBBQ1AuIFRoZSBjb25uZWN0aW9uIGZyb20gdGhl
IFBsZWRnZSB3aWxsIGFsc28gYmUgZm9yd2FyZGVkIGluc2lkZSB0aGUgQUNQLiINCj4gQSBwcm94
eSB3aWxsIG9ubHkgYmUgZW5hYmxlZCB3aGVuIGEgZGV2aWNlIHNlZXMgYSBSZWdpc3RyYXI7IGlm
IGl0IGxvc2VzDQo+IGNvbm5lY3Rpb25zIHRvIGFsbCBSZWdpc3RyYXJzLCBpdCB3aXRoZHJhd3Mg
dGhlIHByb3h5IHNlcnZpY2UgYW5ub3VuY2VtZW50cy4NCj4gPiBPciBkaWQgd2UgZGVjaWRlIHRv
IGxlYXZlIEFOSU1BIGNvbXBsZXRlbHkgb3V0IG9mIHRoZSBkcmFmdD8gKEkgdGhvdWdodA0KPiB3
ZSB3YW50ZWQgaXQgaW5kZXBlbmRlbnQsIGJ1dCBBTklNQSBpcyBzdGlsbCB0aGUgbWFpbiB1c2Ug
Y2FzZSBmb3Igbm93KS4NCj4gDQo+IENPTkNFUk46IEnigJlkIGxpa2UgdG8gaGVhciBNQ1LigJlz
IHRob3VnaHRzIGFib3V0IHRoaXMgcHJveHkgZGlzY3Vzc2lvbi4NCj4gDQo+ID4NCj4gPiAzLjMN
Cj4gPiBJIHRoaW5rIHdlIG5lZWQgdG8gdGFrZSBhIHN0ZXAgYmFjayBoZXJlLiBGaXJzdCwgZXhw
bGFpbiB0aGF0IHRoZSByZWdpc3RyYXIgaXMNCj4gdHlwaWNhbGx5IGNvbmZpZ3VyZWQuIFRoZW4s
IHdlIG5lZWQgdG8gZ2l2ZSBhIGJpdCBtb3JlIGNvbnRleHQ6IE9uIG9uZSBzaWRlLA0KPiBpdCBl
eHBlY3RzIGNvbm5lY3Rpb25zIGZyb20gcGxlZGdlcywgb24gdGhlIG90aGVyIHdlIGhhdmUgYSBD
QSBjb25uZWN0aW9uDQo+IGFuZCAob3B0aW9uYWxseSkgYSBNQVNBLg0KPiANCj4gRml4ZWQuDQo+
IA0KPiAiQSBSZWdpc3RyYXIgbGlzdGVucyBmb3IgUGxlZGdlcyBhbmQgZGV0ZXJtaW5lcyBpZiB0
aGV5IGNhbiBqb2luIHRoZSBkb21haW4uIEENCj4gUmVnaXN0cmFyIG9idGFpbnMgZWl0aGVyIEF1
ZGl0IFRva2VucyBvciBPd25lcnNoaXAgVm91Y2hlcnMgZnJvbSB0aGUgTUFTQQ0KPiBzZXJ2aWNl
IGFuZCBkZWxpdmVycyB0aGVtIHRvIHRoZSBQbGVkZ2UgYXMgd2VsbCBhcyBmYWNpbGl0YXRpbmcg
ZW5yb2xsbWVudCB3aXRoDQo+IHRoZSBkb21haW4gUEtJLiBBIFJlZ2lzdHJhciBpcyB0eXBpY2Fs
bHkgY29uZmlndXJlZCBtYW51YWxseS4iDQo+IA0KPiA+IFRoZW4sIGluIGFuIEFOSU1BIGNvbnRl
eHQsIHRoZSBSZWdpc3RyYXIocykgYW5ub3VuY2UgdGhlaXIgc2VydmljZSBpbnNpZGUNCj4gdGhl
IEFDUCwgYW5kIHRoZXkgZXhwZWN0IHRvIGJlIGNvbnRhY3RlZCBieSBwcm94aWVzIHRocm91Z2gg
dGhlIEFDUC4NCj4gDQo+IENPTkNFUk46IEkgYWdyZWUgd2l0aCB0aGUgYW5ub3VuY2UgcG9pbnQg
YXMgcGVyIHRoZSBjb250aW51ZWQgR1JBU1ANCj4gZGlzY3Vzc2lvbnMgKG92ZXIgdGhlIEFDUCku
IEkgZG9u4oCZdCBrbm93IHRoYXQgdGhlIHByb3h5IGNvbW11bmljYXRpb25zIGlzDQo+IG5lY2Vz
c2FyaWx5IHRocm91Z2ggdGhlIEFDUC4gSG9sZGluZyBvZmYgb24gY2hhbmdlcyB0byB0aGlzIHNl
Y3Rpb24gdW50aWwgd2UNCj4gaGVhciBmcm9tIE1DUiBvbiB0aGF0Lg0KPiANCj4gPg0KPiA+IDMu
My4yDQo+ID4gVGhlIHdob2xlIGRvY3VtZW50IGlzIGZvY3VzZWQgb24gdGhlIGF1ZGl0IG1ldGhv
ZDsgSWYgdGhpcyBpcyB0aGUgbWFpbg0KPiBtZXRob2QsIHRoZW4gd2UgTVVTVCBleHBsYWluIHRo
ZSB3aGl0ZSBsaXN0IGhlcmUsIGJlY2F1c2UgbmVpdGhlciBvZiB0aGUgMw0KPiBidWxsZXRzIGlu
IHRoaXMgc2VjdGlvbiBpcyBzdWZmaWNpZW50IGZvciBhdXRob3JpemluZyBleGFjdGx5ICJteSIg
ZGV2aWNlcy4gKEkNCj4gcmVhbGlzZSB3aGl0ZSBsaXN0cyBhcHBlYXIgbGF0ZXIgb24pLg0KPiAN
Cj4gRml4ZWQuDQo+IA0KPiA+DQo+ID4gUGFyYWdyYXBoICJJbiBvcmRlciB0byB2YWxpZGF0ZSB0
aGUgSUVFRSA4MDIuMUFSIGRldmljZSBpZGVudGl0eS4uLiIgYmVsb25ncw0KPiBpbnRvIDMuMy4x
Lg0KPiANCj4gRml4ZWQuDQo+IA0KPiA+DQo+ID4gcy9pdCBpcyBleHBlY3RlZCByZXF1ZXN0L2l0
IGlzIGV4cGVjdGVkIHRvIHJlcXVlc3QvDQo+IA0KPiBGaXhlZC4NCj4gDQo+ID4NCj4gPiAidGhl
c2UgY2VydGlmaWNhdGVzIGNhbiBzdWJzZXF1ZW50bHkgYmUgdXNlZCB0byBkZXRlcm1pbmUgdGhl
IGJvdW5kYXJpZXMNCj4gb2YgdGhlIGhvbWVuZXQuLi4iIC0gcmVtb3ZlIHRoZSBob21lbmV0IHJl
ZmVyZW5jZXMgaGVyZS4gSSBzdWdnZXN0IHRvIHJlLQ0KPiBwaGFzZTogIlRoZXNlIGNlcnRpZmlj
YXRlcyBjYW4gYmUgdXNlZCBmb3Igb3RoZXIgbWV0aG9kcywgZm9yIGV4YW1wbGUNCj4gYm91bmRh
cnkgZGV0ZWN0aW9uLCBhdXRvLXNlY3VyaW5nIHByb3RvY29scywgZXRjLuKAnS4NCj4gDQo+IEZp
eGVkLg0KPiANCj4gPg0KPiA+ICJUaGUgYXV0aG9yaXphdGlvbiBwZXJmb3JtZWQgZHVyaW5nIHRo
aXMgcGhhc2UgTUFZIGJlDQo+ID4gICBjYWNoZWQgZm9yIHRoZSBUTFMgc2Vzc2lvbiBhbmQgYXBw
bGllZCB0byBzdWJzZXF1ZW50IEVTVCBlbnJvbGxtZW50DQo+ID4gICByZXF1ZXN0cyBzbyBsb25n
IGFzIHRoZSBzZXNzaW9uIGxhc3RzLiIgLSBub3QgY2xlYXI/IT8gRWFjaCByZXF1ZXN0IGlzIGZv
ciBhDQo+IHNpbmdsZSBkZXZpY2UuIFdoeSBjYWNoZT8NCj4gDQo+IEZpeGVkLg0KPiBJ4oCZdmUg
Y2hhbmdlZCBpdCB0byDigJxpcyB1c2VkIGZvcuKAnS4gVGhlIHBvaW50IGlzLCBhbmQgbWF5YmUg
dGhpcyBpc27igJl0IGNsZWFyLCB0aGF0DQo+IHRoZSBzYW1lIFRMUyBzZXNzaW9uIGlzIG1haW50
YWluZWQgdXNpbmcgc2Vzc2lvbiByZXN1bXB0aW9uIHNvIGRvbuKAmXQgdGhpbmsNCj4geW914oCZ
cmUgZ29ubmEgZG8gc29tZSBvdGhlciBhdXRob3JpemF0aW9uIGFib3V0IHRoZSBjZXJ0aWZpY2F0
ZSBpc3N1YW5jZS4NCj4gDQo+ID4NCj4gPiBJIHN0b3AgdGhlIGRldGFpbGVkIHJldmlldyBoZXJl
IGZvciBhIG1vbWVudCwgc2luY2UgbXkgY29tbWVudHMgd291bGQNCj4gZGVwZW5kIHRvbyBtdWNo
IG9uIGhvdyB3ZSByZXNvbHZlIHRoZSBxdWVzdGlvbiBhc2tlZCBhYm92ZSBhYm91dCB0aGUgMw0K
PiBtZXRob2RzLiBXaWxsIHJlc3VtZSBoZXJlIG9uY2Ugd2Ugc2V0dGxlZCBvbiB0aGlzLi4uDQo+
ID4NCj4gPg0KPiA+DQo+ID4gX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX18NCj4gPiBBbmltYS1ib290c3RyYXAgbWFpbGluZyBsaXN0DQo+ID4gQW5pbWEtYm9v
dHN0cmFwQGlldGYub3JnDQo+ID4gaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5m
by9hbmltYS1ib290c3RyYXANCg0K


From nobody Tue Nov  8 06:45:29 2016
Return-Path: <mbehring@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A15DD1295FF for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 06:45:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.018
X-Spam-Level: 
X-Spam-Status: No, score=-16.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1qswvHPogoWg for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 06:45:27 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75694129526 for <anima-bootstrap@ietf.org>; Tue,  8 Nov 2016 06:45:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1352; q=dns/txt; s=iport; t=1478616327; x=1479825927; h=from:to:cc:subject:date:message-id: content-transfer-encoding:mime-version; bh=kF0gjE2Nlb11aFA6fcp+stQahLX1ZwMIoaHm+MKHZGs=; b=FpSZOahZiS4gN2Wc7mUBF66afL9yulazKuabCbL/KbECZEaffNIBJctb mDFQDCjbHqp8v3T4giYvm+Mmjc5Bm/6ddV18Djq2cNbcyHqPXZ/Tsbpuw QnsBESdqSyziyY8cS6dDJGP6Qw3J54A18vyusR8/Mxh3CEltACvc2lsHn o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CpAQDc4yFY/5pdJa1dGwEBAQMBAQEJA?= =?us-ascii?q?QEBgy8BAQEBAR+BRxeNMqtZggiGJByBcD8UAQIBAQEBAQEBYiiEYwQBIwQNRRI?= =?us-ascii?q?BIgImAgQwFREBBA4NiEwIsg6BblKLSgEBAQEBAQEDAQEBAQEBASCBCYU1iQIBA?= =?us-ascii?q?YMfglwFmi8BgT6HPodEkBuRNQEeN3qFKoV/gSGBDAEBAQ?=
X-IronPort-AV: E=Sophos;i="5.31,462,1473120000"; d="scan'208";a="171138569"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Nov 2016 14:45:15 +0000
Received: from XCH-ALN-012.cisco.com (xch-aln-012.cisco.com [173.36.7.22]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id uA8EjD6Y017902 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 8 Nov 2016 14:45:14 GMT
Received: from xch-rcd-006.cisco.com (173.37.102.16) by XCH-ALN-012.cisco.com (173.36.7.22) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 8 Nov 2016 08:45:13 -0600
Received: from xch-rcd-006.cisco.com ([173.37.102.16]) by XCH-RCD-006.cisco.com ([173.37.102.16]) with mapi id 15.00.1210.000; Tue, 8 Nov 2016 08:45:13 -0600
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: "Max Pritikin (pritikin)" <pritikin@cisco.com>
Thread-Topic: After successful enrolment
Thread-Index: AdI5zkCHpYxSMLrXT22f0g2STLdQeg==
Date: Tue, 8 Nov 2016 14:45:13 +0000
Message-ID: <3619162265bd4fd281da075fcad58d87@XCH-RCD-006.cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.238.132]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/PIRrv-6sp9chbwAKFFESE7r32iE>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: [Anima-bootstrap] After successful enrolment
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 14:45:28 -0000

PiA+IDMuMS43DQo+ID4gQXMgbWVudGlvbmVkIGluIG15IG90aGVyIG1haWwsIEkgd291bGQgcHJl
ZmVyIHRvIGNhbGwgdGhlIGZpbmFsIHN0YXRlIGhlcmUNCj4gImVucm9sbGVkIi4gV2UgY291bGQg
ZXhwbGFpbiBoZXJlIHRoYXQgaW4gdGhlIGNhc2Ugb2YgQU5JTUEsIHRoZSBuZXh0IHN0ZXAgaXMN
Cj4gdGhlIGVzdGFibGlzaG1lbnQgb2YgdGhlIEFDUCwgc2VlIGRyYWZ0IC4uLiAgYW5kIGluIHRo
ZSBub24tQU5JTUEgY2FzZSB3ZQ0KPiBleHBlY3Qgbm9ybWFsIG1hbmFnZW1lbnQgdG8gdGFrZSBw
bGFjZSwgZXggdmlhIE5FVENPTkYsIC4uLiBCdXQgSSBzdWdnZXN0DQo+IHRvIGhhdmUgYSByZWZl
cmVuY2UgdG8gdGhlIEFDUCBkcmFmdC4NCj4gDQo+IENPTkNFUk46IEkgbGlrZSBzd2l0Y2hpbmcg
dGhpcyB0byDigJhlbnJvbGxlZOKAmS4gTm90IHN1cmUgd2hhdCB0aGUgcmVzdCBvZiB0aGUNCj4g
c3VnZ2VzdGlvbiBpcy4NCg0KSSB0aGluayB3ZSBzaG91bGQgZXhwbGFpbiB0aGF0OiANCi0gZm9y
IEJSU0tJLCB0aGUgc3RhdGUgImVucm9sbGVkIiBpcyB0aGUgZW5kIG9mIHRoZSBwcm9jZXNzLiAN
Ci0gdGhhdCwgZGVwZW5kaW5nIG9uIGNvbnRleHQsIG9uZSBvZiBzZXZlcmFsIHRoaW5ncyBtYXkg
bm93IGhhcHBlbjogDQogIGEpIGFuIEFOSU1BIGRldmljZSB3aWxsIG5vdyBkaXNjb3ZlciBwb3Rl
bnRpYWwgQUNQIG5laWdoYm9ycw0KICAgICAgIC0tPiBwb2ludCB0byBBQ1AgZHJhZnQNCiAgYikg
YSBub24tQU5JTUEgZGV2aWNlIGNhbiB1c2UgdGhlIGRvbWFpbiBjZXJ0aWZpY2F0ZSB0byBhdXRo
ZW50aWNhdGUNCiAgICAgICAibm9ybWFsIiBtYW5hZ2VtZW50IHByb3RvY29scywgc3VjaCBhcyBT
U0gsIE5FVENPTkYsIGV0Yy4gDQoNCkkgdGhpbmsgaXQgaXMgaW1wb3J0YW50IHRvIHNob3cgd2hh
dCBoYXBwZW5zIHdpdGggdGhvc2UgZG9tYWluIGNlcnRzISANCg0KRG9lcyB0aGF0IG1ha2Ugc2Vu
c2U/IA0KTWljaGFlbA0KDQo=


From nobody Tue Nov  8 10:59:14 2016
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E0E9129DB8 for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 10:59:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level: 
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_3aKt8VQG_8 for <anima-bootstrap@ietfa.amsl.com>; Tue,  8 Nov 2016 10:59:09 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FA45129D91 for <anima-bootstrap@ietf.org>; Tue,  8 Nov 2016 10:58:06 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id F317F203B2; Tue,  8 Nov 2016 14:13:52 -0500 (EST)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 2825B637A8; Tue,  8 Nov 2016 13:58:05 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "Max Pritikin \(pritikin\)" <pritikin@cisco.com>
In-Reply-To: <5D480740-DE73-4C8C-95EB-554CEE931C16@cisco.com>
References: <5D36713D8A4E7348A7E10DF7437A4B927CC293B7@NKGEML515-MBX.china.huawei.com> <5D480740-DE73-4C8C-95EB-554CEE931C16@cisco.com>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Tue, 08 Nov 2016 13:58:05 -0500
Message-ID: <25288.1478631485@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/dtjAPQhxtY975ROirUXzqon071U>
Cc: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] [Anima] Call for agenda ANIMA @ IETF 97, Seoul, Korea
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2016 18:59:11 -0000

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Max Pritikin (pritikin) <pritikin@cisco.com> wrote:
    > Since I won=E2=80=99t be able to be in Seoul I won=E2=80=99t be able =
to
    > present. But I
    > suspect we should have a slot for presenting an update. Michael
    > Richardson, will you be presenting? Should you chip in for the agenda
    > slot?

What do we need to put in slides?

1) BRSKI overview
2) something about ownership voucher
3) ?
4) short -- recap of rational for incoming vs outgoing TCP, EST, CoAP.
5) ?

I fly on Thursday morning, arrive Friday night.
I'm pretty exhausted...


=2D-
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -=3D IPv6 IoT consulting =3D-




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWCIgOoCLcPvd0N1lAQLBrAgAl+V6YGJTPNBPnb+tyVsXu0fz4LIjTZR4
oYU3l0aptWbnyp3GiLIZQ4MjuXNmuRa+QDF/dAmZJNhvpma20MGYaYMNjEl6SKyg
L80PjN1jv460YROGouwDItKPxLK8LkrrXGXoKqO3ZLzOCrVMZBENlmGyg1ZNXjHC
jsnlCT0OJ7+IeSpNImETavArMizEvT5GqvFdU8WL2cdu2AJqIqooIFMZkyHUBOtr
75b5dcNmMapvcojtC4vqFqMH2ttfQnKFsFbBB4PL9GyBvFclnu4Att69UkONB2Kg
klr0makUQVvwOLLYKGqhDG/ZS3sTYGXKxeiChqk5GnuSyj5MdDzv0A==
=pII5
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Wed Nov  9 10:44:14 2016
Return-Path: <kwatsen@juniper.net>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85A53129663 for <anima-bootstrap@ietfa.amsl.com>; Wed,  9 Nov 2016 10:44:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level: 
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rkFBakazDr-q for <anima-bootstrap@ietfa.amsl.com>; Wed,  9 Nov 2016 10:44:10 -0800 (PST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0092.outbound.protection.outlook.com [104.47.40.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C1FE129643 for <anima-bootstrap@ietf.org>; Wed,  9 Nov 2016 10:44:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=kJ39s4vR/KNXhJC2NA+4iCI8XZKcEXDsVofEBA2j9Rw=; b=YpmWDTa4EK02INSn4qHazNg52mnz0TE5UaFcnO3Jo1y2ChFp0sMJOD6KWoc4M4V0Nr+LSCAnFgV6txa9w6J+Stq0Q/KdxgXpnTEmmkChvZmJlg2kOElTtCttKdm2PkqjUhnLa8JVUo20BrKrcLWWpYws3jsT1o5wefVYLBfaeG4=
Received: from CY1PR0501MB1450.namprd05.prod.outlook.com (10.160.149.11) by CY1PR0501MB1450.namprd05.prod.outlook.com (10.160.149.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.707.1; Wed, 9 Nov 2016 18:44:09 +0000
Received: from CY1PR0501MB1450.namprd05.prod.outlook.com ([10.160.149.11]) by CY1PR0501MB1450.namprd05.prod.outlook.com ([10.160.149.11]) with mapi id 15.01.0707.004; Wed, 9 Nov 2016 18:44:09 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "Max Pritikin (pritikin)" <pritikin@cisco.com>
Thread-Topic: [Anima-bootstrap] [Anima] Call for agenda ANIMA @ IETF 97, Seoul, Korea
Thread-Index: AQHSOfIz/0WMyU1ecEy8XO5rcVnL2qDQqssA
Date: Wed, 9 Nov 2016 18:44:09 +0000
Message-ID: <6F5D5C13-F717-4D79-AB12-1C1B3A04C653@juniper.net>
References: <5D36713D8A4E7348A7E10DF7437A4B927CC293B7@NKGEML515-MBX.china.huawei.com> <5D480740-DE73-4C8C-95EB-554CEE931C16@cisco.com> <25288.1478631485@obiwan.sandelman.ca>
In-Reply-To: <25288.1478631485@obiwan.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/f.1b.0.161010
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kwatsen@juniper.net; 
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [66.129.241.13]
x-ms-office365-filtering-correlation-id: 90180013-bffa-43c2-e210-08d408d0642e
x-microsoft-exchange-diagnostics: 1; CY1PR0501MB1450; 7:MTfMV4SFUg9Nf/ZR399532PszUGCVfpRIjrMJK1Y2LPWoiQ3S+4fQtB7lla71uSQtizVSzOH0VN8z0bmWw0lXgNLr5XDq36DR/P29k7zYZ+OfGvklD9IElE3VOazV7QzmrKq/pV08+jRwIjdExJtLiv9Y3mmiCWfB2DNhdVt4z/EgbSfTa8cgDy5MAddwMA41Ijr0A8gHtgnAAo0iQuOE8N3CUkDBuQ8HQuzTPR7fZ90Q30ark/2nvVugLG6zo/lXio/tl/keGvs775Qlnm+ADhi+Yup/cvBJbg38UO87jvv+tLTItaE/mwQ+sUf/ZAPHxdGWaSaQ2yOzdqh7jZql0uPC1LDYt6BfHOKmdq4GbI=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0501MB1450;
x-microsoft-antispam-prvs: <CY1PR0501MB1450D5A55F612DE951C42E68A5B90@CY1PR0501MB1450.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(60795455431006)(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026); SRVR:CY1PR0501MB1450; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0501MB1450; 
x-forefront-prvs: 0121F24F22
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(24454002)(199003)(189002)(57704003)(377454003)(5660300001)(3660700001)(86362001)(81156014)(7846002)(81166006)(3280700002)(586003)(3846002)(36756003)(33656002)(189998001)(8676002)(6116002)(83506001)(7736002)(102836003)(4326007)(4001350100001)(76176999)(2906002)(97736004)(8936002)(122556002)(101416001)(66066001)(50986999)(83716003)(5001770100001)(77096005)(99286002)(82746002)(87936001)(2900100001)(106116001)(305945005)(2950100002)(54356999)(68736007)(105586002)(106356001)(92566002)(229853002)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0501MB1450; H:CY1PR0501MB1450.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; 
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <A53BFA44851B0E4BA658E6686297BA80@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Nov 2016 18:44:09.1184 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0501MB1450
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/bQrQCTr6ACmuZHKM8Eldjgm0yHY>
Cc: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] [Anima] Call for agenda ANIMA @ IETF 97, Seoul, Korea
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2016 18:44:12 -0000

DQpJIHBsYW4gdG8gcHJlc2VudCB0aGUgdm91Y2hlciBkcmFmdCB0byB0aGUgTkVUQ09ORiBXRywg
YnV0IHRvIGJlIGhvbmVzdCwgdGhhdOKAmXMgaW4gcGFydCBhIGRpc2N1c3Npb24gcmVnYXJkaW5n
IHdoaWNoIFdHIHNob3VsZCBwaWNrIGl0IHVwLiAgUmlnaHQgbm93IHRoZSBORVRDT05GIGNoYWly
cyBhcmUgb2theSB3aXRoIGl0LCBidXQgaXQgbmVlZHMgdG8gYmUgY29uZmlybWVkIGJ5IHRoZSBX
Ry4NCg0KSSBjb3VsZCBwcmVzZW50IHZvdWNoZXIgYWxzbyB0byBBTklNQSwgd2l0aCBNaWNoYWVs
4oCZcyBhc3Npc3QsIGlmIHlvdSBsaWtlLiAgSeKAmW0gZWFzaWx5IGFibGUgdG8gc3BlYWsgdG8g
dGhlIGRvY3VtZW50IGl0c2VsZiwgYnV0IEkgbWlnaHQgbm90IGhhdmUgdGhlIGJlc3QgYW5zd2Vy
cyByZWdhcmRpbmcgaG93IGl0IHRpZXMgaW50byBCUlNLSS4gIFJpZ2h0IG5vdywgdGhlIEJSU0tJ
IGRyYWZ0IGRvZXNu4oCZdCByZWZlcmVuY2UgaXQgYXQgYWxsLCBzbyB3ZeKAmWQgaGF2ZSB0byB3
YWxrIHBlb3BsZSB0aHJ1IGl0cyBhcHBsaWNhdGlvbiB0byBCUlNLSS4uLg0KDQpLLg0KDQoNCg0K
T24gMTEvOC8xNiwgMTo1OCBQTSwgIkFuaW1hLWJvb3RzdHJhcCBvbiBiZWhhbGYgb2YgTWljaGFl
bCBSaWNoYXJkc29uIiA8YW5pbWEtYm9vdHN0cmFwLWJvdW5jZXNAaWV0Zi5vcmcgb24gYmVoYWxm
IG9mIG1jcitpZXRmQHNhbmRlbG1hbi5jYT4gd3JvdGU6DQoNCg0KTWF4IFByaXRpa2luIChwcml0
aWtpbikgPHByaXRpa2luQGNpc2NvLmNvbT4gd3JvdGU6DQogICAgPiBTaW5jZSBJIHdvbuKAmXQg
YmUgYWJsZSB0byBiZSBpbiBTZW91bCBJIHdvbuKAmXQgYmUgYWJsZSB0bw0KICAgID4gcHJlc2Vu
dC4gQnV0IEkNCiAgICA+IHN1c3BlY3Qgd2Ugc2hvdWxkIGhhdmUgYSBzbG90IGZvciBwcmVzZW50
aW5nIGFuIHVwZGF0ZS4gTWljaGFlbA0KICAgID4gUmljaGFyZHNvbiwgd2lsbCB5b3UgYmUgcHJl
c2VudGluZz8gU2hvdWxkIHlvdSBjaGlwIGluIGZvciB0aGUgYWdlbmRhDQogICAgPiBzbG90Pw0K
DQpXaGF0IGRvIHdlIG5lZWQgdG8gcHV0IGluIHNsaWRlcz8NCg0KMSkgQlJTS0kgb3ZlcnZpZXcN
CjIpIHNvbWV0aGluZyBhYm91dCBvd25lcnNoaXAgdm91Y2hlcg0KMykgPw0KNCkgc2hvcnQgLS0g
cmVjYXAgb2YgcmF0aW9uYWwgZm9yIGluY29taW5nIHZzIG91dGdvaW5nIFRDUCwgRVNULCBDb0FQ
Lg0KNSkgPw0KDQpJIGZseSBvbiBUaHVyc2RheSBtb3JuaW5nLCBhcnJpdmUgRnJpZGF5IG5pZ2h0
Lg0KSSdtIHByZXR0eSBleGhhdXN0ZWQuLi4NCg0KDQotLQ0KTWljaGFlbCBSaWNoYXJkc29uIDxt
Y3IrSUVURkBzYW5kZWxtYW4uY2E+LCBTYW5kZWxtYW4gU29mdHdhcmUgV29ya3MNCiAtPSBJUHY2
IElvVCBjb25zdWx0aW5nID0tDQoNCg0KDQoNCg0K


From nobody Fri Nov 11 18:50:15 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53F10129422 for <anima-bootstrap@ietfa.amsl.com>; Fri, 11 Nov 2016 18:50:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2__HSpHwR6-5 for <anima-bootstrap@ietfa.amsl.com>; Fri, 11 Nov 2016 18:50:12 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00::f03c:91ff:feae:de77]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5904F126D74 for <anima-bootstrap@ietf.org>; Fri, 11 Nov 2016 18:50:12 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [182.172.168.109]) by relay.sandelman.ca (Postfix) with ESMTPS id DBF101F906; Sat, 12 Nov 2016 02:50:10 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id CC1CA321D; Fri, 11 Nov 2016 21:50:07 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "anima-bootstrap\@ietf.org" <anima-bootstrap@ietf.org>
In-reply-to: <6F5D5C13-F717-4D79-AB12-1C1B3A04C653@juniper.net>
References: <5D36713D8A4E7348A7E10DF7437A4B927CC293B7@NKGEML515-MBX.china.huawei.com> <5D480740-DE73-4C8C-95EB-554CEE931C16@cisco.com> <25288.1478631485@obiwan.sandelman.ca> <6F5D5C13-F717-4D79-AB12-1C1B3A04C653@juniper.net>
Comments: In-reply-to Kent Watsen <kwatsen@juniper.net> message dated "Wed, 09 Nov 2016 18:44:09 +0000."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Sat, 12 Nov 2016 11:50:07 +0900
Message-ID: <8863.1478919007@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/OqLujFulOt_49TcQHOwwkoZkKoI>
Cc: "Max Pritikin \(pritikin\)" <pritikin@cisco.com>, Kent Watsen <kwatsen@juniper.net>
Subject: Re: [Anima-bootstrap] [Anima] Call for agenda ANIMA @ IETF 97, Seoul, Korea
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2016 02:50:13 -0000

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


Kent Watsen <kwatsen@juniper.net> wrote:
    > I plan to present the voucher draft to the NETCONF WG, but to be
    > honest, that=E2=80=99s in part a discussion regarding which WG should=
 pick it
    > up.  Right now the NETCONF chairs are okay with it, but it needs to be
    > confirmed by the WG.

Agreed.  I think NETCONF and ANIMA are both in Ops, so Benoit is the common
AD, so let him decide :-)  {can't check from airplane)

    > I could present voucher also to ANIMA, with Michael=E2=80=99s assist,=
 if you
    > like.  I=E2=80=99m easily able to speak to the document itself, but I=
 might not
    > have the best answers regarding how it ties into BRSKI.  Right now, t=
he
    > BRSKI draft doesn=E2=80=99t reference it at all, so we=E2=80=99d have=
 to walk people
    > thru its application to BRSKI...

Let's do that, I will put some slides together about state of BRSKI accordi=
ng
to the list below, and segway to your part.

(I seem to have enough space to open my laptop on the airplane. Amazing.
You won't get this until I land, of course)

new agenda:
 1) quickest BRSKI overview.
 2) recap of incoming/outgoing discussion (as short as I can make it, it's a
     bike-shed question)
 3) audit token, nonce-full/nonce-less versions
 4) online view, offline view
 5) .. into ownership voucher










--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYJoNfAAoJEJVM4Vb9/EKQN4wIAJsP+T9pkCl3la6H+rrTzJfH
xV3FkSsUs0snPcZEx6kToWBVG6om/6J7JNB0er0zKSt8mgYxkfaxrmYDStd/kBhM
BzTUoL+0F+G0BQfvJ+Ys/tJNTpxPT7uBRCHO5NpMxeR++zkprVXoGYM4lHUrpIbl
FSgAMNHxbBcoE2ujLw4X+jd2ypzan3wLsfmNkzNItcZYpM0iQOkAJx8d68VfgDv3
2Cwjw9UJYDtoFp3yPJPof40aAuN3L/fZKKlTJzm+RTrGxsYReXJ90OnrlTeXXGLV
sX2HFgaExqnT9u4oxZHd13eRQTo04KE+eRt2K+RuUFjI0DQFY/brGOyPgIY27x8=
=IN3l
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Fri Nov 11 18:55:09 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86A35129443; Fri, 11 Nov 2016 18:55:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4_9RFi51w4Z5; Fri, 11 Nov 2016 18:55:07 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE062129536; Fri, 11 Nov 2016 18:55:06 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [182.172.168.109]) by relay.sandelman.ca (Postfix) with ESMTPS id 482271F906; Sat, 12 Nov 2016 02:55:05 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 83CEA3412; Fri, 11 Nov 2016 21:54:42 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Anima-bootstrap <anima-bootstrap@ietf.org>, Core <core@ietf.org>
In-reply-to: <5e9f1e40bac34f2a550dba2e72abd8cc@xs4all.nl>
References: <147775346922.30618.14590857285848221161.idtracker@ietfa.amsl.com> <e191cf557b00e7003048fac4e72ba59c@xs4all.nl> <etPan.5818b52f.a07279a.9528@AirmailxGenerated.am> <etPan.5818bad3.78c6b580.9528@tzi.org> <5e9f1e40bac34f2a550dba2e72abd8cc@xs4all.nl>
Comments: In-reply-to peter van der Stok <stokcons@xs4all.nl> message dated "Fri, 04 Nov 2016 09:57:57 +0100."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Sat, 12 Nov 2016 11:54:42 +0900
Message-ID: <9276.1478919282@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/iB53HvF7CYw50L_DkPBZV9MCh2o>
Subject: Re: [Anima-bootstrap] [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2016 02:55:08 -0000

--=-=-=
Content-Type: text/plain


peter van der Stok <stokcons@xs4all.nl> wrote:
    > It all depends on the interest generated in this document and for what
    > purpose: - BRSKI only with limited EST support - Or full EST

    > For the moment it is BRSKI without manual intervention. When things are
    > missing in that context, we will certainly add them.

Yeah, it seems to me that we could easily do what Carsten suggested, and find
a new way to combine the two reply into a single component.  It seems like a
simple application of CBOR and COSE.




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYJoRyAAoJEJVM4Vb9/EKQuxUH/Rr1YRRmQEzzu2uP0c+wI04W
SJrN3OxqFdEU60fHBNT+iVzhqsN4XvI9yDzB4H/SKVLnksXDTvRiQjtqg7pqnC1f
Mvmh/VUKhGOifZ0b175cAjJYCustCibUwmr76zfLHOTX7fwXX7WwG8giYYX4FDhO
EUQcrI/zh/sQT/K7N6hbXJ8F9k7++C/tP5JZzQdue7N0XfxzJfrcrAJySTjtUbd9
Lh8RUqDePqqCU0hLb2d0H2sAY5S7Tq1e8Knm0uVZ1nuCXZyBP2lbqnOVANMsovHe
AtMYI45Uh59jLQcDdUiiwXxEZv0450ujo4TcYCcS8s25ygYpApof2qivNewrbjA=
=s6O+
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Fri Nov 11 18:56:17 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FEDB129536 for <anima-bootstrap@ietfa.amsl.com>; Fri, 11 Nov 2016 18:56:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LpezPb_EcyFA for <anima-bootstrap@ietfa.amsl.com>; Fri, 11 Nov 2016 18:56:14 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32CC61294C0 for <anima-bootstrap@ietf.org>; Fri, 11 Nov 2016 18:56:14 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [182.172.168.109]) by relay.sandelman.ca (Postfix) with ESMTPS id B79AD1F906; Sat, 12 Nov 2016 02:56:12 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 2255B321D; Fri, 11 Nov 2016 21:56:10 -0500 (EST)
To: anima-bootstrap@ietf.org
In-reply-to: <20161101201523.GB9776@faui40p.informatik.uni-erlangen.de>
References: <20161101201523.GB9776@faui40p.informatik.uni-erlangen.de>
Comments: In-reply-to Toerless Eckert <tte+ietf@cs.fau.de> message dated "Tue, 01 Nov 2016 21:15:23 +0100."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
From: Michael Richardson <mcr@sandelman.ca>
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Sat, 12 Nov 2016 11:56:10 +0900
Message-ID: <9461.1478919370@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/-YSBi6Dz4ij4OyC6zEuIs8hPMUQ>
Cc: Toerless Eckert <tte+ietf@cs.fau.de>
Subject: Re: [Anima-bootstrap] brsky concern1: separating audit-log retrieval from voucher generation
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2016 02:56:15 -0000

--=-=-=
Content-Type: text/plain


Toerless Eckert <tte+ietf@cs.fau.de> wrote:
    > As discussed today on the call, restated for the rest of the team with
    > more detail:

    -> pledge connects to two networks, A, B.  Pledge tries to well-behave,
    -> only offers nonce to one network first, A.  (registrar of) A gets
    -> voucher. A looks at audit-log. Audit log is fine.
    >    Ultimately, A decides not to enroll pledge though.

It might be a good idea to understand why... I think it matters why here,
because it would affect if the registrar ought to have told the MASA
something or not... your next sentence says that something was audited.

    -> Pledge offers nonce to B, B gets voucher and audit-log.
    >    Audit log shows A, so B is concerned. B rejects device.  Without the
    > entry in audit log, B would have enrolled device.

    > My worry is that the current audit log approach can too easily create
    > false positives that will make enrolment fail if a device has multiple
    > network connections:

Agreed, this is a problem.

    > It's impossible for A to get an audit-log without also getting a
    > voucher, which in return would make another domain suspicious and
    > likely make it decide not to accept the device.

    > Separating out request for voucher from request for audit-log could
    > work like this:

    >   MASA: request audit-log for (pledge,nonce1)
    >   MASA: audit-log entry: "A requested audit log for pledge,
    > hash(nonce1)" [1]
    > A: reply: audit-log

    >   ... A makes up its mind if it wants pledge and decides that it does
    > NOT.

I agree, we need something like this.
I think we have a race condition here, but I think we can solve it once we
have established what the problem is, and decide what are the compromises.
I think we actually need to do a threat analysis here...
I am pretty sure Max has it all in his head, but we'll need to explain to
others..


--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYJoTJAAoJEJVM4Vb9/EKQRfgH/25h/SkbNlFY9AB+VSaUCqKo
TRxGgwihHCN/8VUrqv4Qr5ogwfRj4xpuJGA1AOrIBeMKkESOfxEgsWYd1TgwenZv
Oi7uPmLUA3PTD/6x5s7CZ6SHGhM895W86rUf740qhG2havhUVOO2gCc+f4d+pYNj
SHHqyPs+JcjTIweeexLN391KISiVON9VPEifZuT45x/3lKdnKm5N3clbr7H7W18b
0dsX9RJ9H9gMoe0QrQbvBHhmP5Z3RQpKkI3S2UT9ldhCHjKj/3tH11ZKShnZdhy4
34zzBw2H9YixG6FEe7lyGsNvECKqZn1qKWkBo66LbDGiKXO2v4GUKAITX3kTn9w=
=aYCg
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Fri Nov 11 18:56:37 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5F59129545 for <anima-bootstrap@ietfa.amsl.com>; Fri, 11 Nov 2016 18:56:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k5TzaZesePWu for <anima-bootstrap@ietfa.amsl.com>; Fri, 11 Nov 2016 18:56:34 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C116129536 for <anima-bootstrap@ietf.org>; Fri, 11 Nov 2016 18:56:34 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [182.172.168.109]) by relay.sandelman.ca (Postfix) with ESMTPS id 15FA61F906 for <anima-bootstrap@ietf.org>; Sat, 12 Nov 2016 02:56:33 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 68D2E321D; Fri, 11 Nov 2016 21:56:30 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima-bootstrap@ietf.org
In-reply-to: <20161101202856.GA2418@faui40p.informatik.uni-erlangen.de>
References: <20161101202856.GA2418@faui40p.informatik.uni-erlangen.de>
Comments: In-reply-to Toerless Eckert <tte@cs.fau.de> message dated "Tue, 01 Nov 2016 21:28:56 +0100."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Sat, 12 Nov 2016 11:56:30 +0900
Message-ID: <9497.1478919390@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/gnNCN6TRc1bEpa9m-IDIWMoKhWo>
Subject: Re: [Anima-bootstrap] brsky concern2: Timelyness of log entries
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2016 02:56:36 -0000

--=-=-=
Content-Type: text/plain


Toerless Eckert <tte@cs.fau.de> wrote:
    > Device gets later enrolled/installed later by valid owner.  Maybe
    > valid owner does re-enroll devices several times, eg: between them
    >    being put into different locations (as often requered in big
    > customers, eg: CPE and the like).

I'm concerned here.
Why would they enroll it multiple times?  This doesn't make sense to me.
If they really wanted to reset to factory default, wouldn't they reflash
completely back to factory, so:

           "Attacker has physical access to pledge at some point in time."

becomes irrelevant?  Was there a TPM? Did the attacker get access to that?
Did they get access to the manufacturer installed private key?

If they didn't really reset to factory default, then it seems that they would
use the LDevID from the first enrollment to rekey with a new LDevID.

So, this is my problem with this scenario.




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYJoTeAAoJEJVM4Vb9/EKQViYH+wU3PX/31ZEJGn0PmBF9t7nJ
7h6OkuV6dRdHlh77rJlaYT7dWKBB6zTCRcyUKQ7QMEHJiJOPv4QqnIIYgBXXUXu4
yMmYvj3p8cp8C82+JnJhbPHXDy0vntqGOjMau/ZFKmk1LSp4mlyHSwj7gTsvZAfs
59XiPBeWmQ5MPWu0Yrf7ywpLuzvy7uDof7Yvj2vM+Il/YPfmPxN+pXjQYM9FntTe
RRT56YZRhjBc9UVr2wheAVSEMj59EC7+Aog6wNENwUlJdHKzDdYaG1G2kWrJin58
JNTPv8LzD8nVcXC0rv4tJ8T2qFk7oQ2s0JxYkCLBrmZrOmmc3nRanNd62A4bKUU=
=XQdT
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Sun Nov 13 15:08:51 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33E701296A9; Sun, 13 Nov 2016 15:08:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VVcoQ-4kD2yd; Sun, 13 Nov 2016 15:08:34 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DCDA1296A8; Sun, 13 Nov 2016 15:08:26 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [182.172.168.109]) by relay.sandelman.ca (Postfix) with ESMTPS id DC6FD1F906; Sun, 13 Nov 2016 23:08:24 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 8B7DE321D; Sun, 13 Nov 2016 18:08:21 -0500 (EST)
From: Michael Richardson <mcr@sandelman.ca>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-reply-to: <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com>
References: <20351.1476971471@obiwan.sandelman.ca> <0343d14c-5b18-b821-c9ad-d77fb7dae490@gmail.com> <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com>
Comments: In-reply-to Brian E Carpenter <brian.e.carpenter@gmail.com> message dated "Thu, 27 Oct 2016 14:00:44 +1300."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <24909.1479078501.1@dooku.sandelman.ca>
Date: Mon, 14 Nov 2016 08:08:21 +0900
Message-ID: <24910.1479078501@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/Lom8QFk-LVohA0lRRYvKGcDujxI>
Cc: anima-bootstrap <anima-bootstrap@ietf.org>, 6tisch-security <6tisch-security@ietf.org>
Subject: Re: [Anima-bootstrap] 6tisch join -01 documented posted
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Nov 2016 23:08:36 -0000

Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
    > My model was that the proxy would get all the floods available and
    > choose the one it liked best, based on the available method and
    > distance, using the weight and priority as for mDNS. (Personally I
    > think the mDNS stuff is overkill, but Toerless suggested we should be
    > feature-equivalent.)

I never proposed that the Proxy would learn of the registrar via mDNS, btw.

    > 2. Your CDDL looks OK to me. The format and semantics of the value
    > field of a GRASP objective are completely flexible, so I don't see a
    > problem with the first "request" to the Registrar being [IID,
    > join-method]. The reply from the registrar could be [IID,
    > another-join-method] if it didn't like the first one proposed. Once
    > either side receives a join-method it likes, it would send
    > [M_END,,[O_ACCEPT]] and we're done.

    > 3. Mini-question, is this really IPv6-specific? If not I'd prefer a
    > name that flags it as an AN infrastructure objective, e.g. "AN_Join"

okay.  The problem in 6tisch for proxy<->registrar communication (admission
control) is the TCP stack required. 




From nobody Sun Nov 13 16:06:40 2016
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 783471295F5; Sun, 13 Nov 2016 16:06:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qo6PGw3DmjtF; Sun, 13 Nov 2016 16:06:38 -0800 (PST)
Received: from mail-pg0-x236.google.com (mail-pg0-x236.google.com [IPv6:2607:f8b0:400e:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 677FC129558; Sun, 13 Nov 2016 16:06:38 -0800 (PST)
Received: by mail-pg0-x236.google.com with SMTP id 3so46678870pgd.0; Sun, 13 Nov 2016 16:06:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;  h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=ptx6+fXFusiV8cNPB1WxjssHYZDR6swqj5oa/HxTLsU=; b=grwIjpbqusruNDB8Pd8ikgCpWmDF3KoX4o5ejMsC6TELih75QQewXPyX8gugocS6JD 789SQW/WZj0ByAMFGJ18tpPzgYcKMu8iW+qgYzzSwwI8ByRfXlWM51zHVp2sXbVM2J3U EFiI1Kge+6VXHVwVQI9qMWylVdKJKBB4kcV7V5gLaBh9McarqKfLAvVS3qyKgIvc2xzB jfdqhP6PuEeeCYz4c15EvPacXHMj5GKqzF06eTEGjSVQv75byKbcYte1Ka6EMvhjLkkj x28PGhQD+THmOVUx4n8cwYlQ3qaxd1HMv2XkT0cVCxKMI6O4c0mViLpswfpIgt+5vlRm CvQw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=ptx6+fXFusiV8cNPB1WxjssHYZDR6swqj5oa/HxTLsU=; b=HZW6nV6iwENxkcVJZ/IUX3v5VgGe6ufWvFiMTOFW9tPPptFrK+3jRtI6i/iuVqWkG6 aEA97LzuImEvmYWm7GTP0vg/1+uZ+8LdTWMvM5mpIYAokUCRtRI+D237WOgXymgzuiS8 RHubiHEsNKZqk5mpHJkfSV9xNSgz0648zrjAl+0z5FTACZ654VzysathFuW4PMkE1u2u LvVShmNpBcuud5pkwfoJvtbugQfsZ7o7imROwoE6TbIedQMSuAuT1XfTmjkyHDuPDjQh 8RV8JlVPBLzN3mjXncujpEA/RjEawX9MpnShXocbZPU6Zzq1zsQHolvVqy8o4iDpB5cC RHiQ==
X-Gm-Message-State: ABUngvfCak6wUhFGZ00pd65iExu9WsgeXvkWkYjPmX3ZvsbmdSAggnSCERG7TQ6Y3/O34g==
X-Received: by 10.99.97.15 with SMTP id v15mr24343637pgb.10.1479081997807; Sun, 13 Nov 2016 16:06:37 -0800 (PST)
Received: from [192.168.178.23] (169.221.47.163.dynamic.snap.net.nz. [163.47.221.169]) by smtp.gmail.com with ESMTPSA id c2sm30346955pfl.66.2016.11.13.16.06.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 13 Nov 2016 16:06:37 -0800 (PST)
To: Michael Richardson <mcr@sandelman.ca>
References: <20351.1476971471@obiwan.sandelman.ca> <0343d14c-5b18-b821-c9ad-d77fb7dae490@gmail.com> <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com> <24910.1479078501@dooku.sandelman.ca>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <efb2a1b9-a5b2-9e38-abd5-1c8031d9f1cd@gmail.com>
Date: Mon, 14 Nov 2016 13:06:33 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <24910.1479078501@dooku.sandelman.ca>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/PI_2gH7fd8O8WdGM5MMiIkeHeLs>
Cc: anima-bootstrap <anima-bootstrap@ietf.org>, 6tisch-security <6tisch-security@ietf.org>
Subject: Re: [Anima-bootstrap] 6tisch join -01 documented posted
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2016 00:06:39 -0000

On 14/11/2016 12:08, Michael Richardson wrote:
> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>     > My model was that the proxy would get all the floods available and
>     > choose the one it liked best, based on the available method and
>     > distance, using the weight and priority as for mDNS. (Personally I
>     > think the mDNS stuff is overkill, but Toerless suggested we should be
>     > feature-equivalent.)
> 
> I never proposed that the Proxy would learn of the registrar via mDNS, btw.
> 
>     > 2. Your CDDL looks OK to me. The format and semantics of the value
>     > field of a GRASP objective are completely flexible, so I don't see a
>     > problem with the first "request" to the Registrar being [IID,
>     > join-method]. The reply from the registrar could be [IID,
>     > another-join-method] if it didn't like the first one proposed. Once
>     > either side receives a join-method it likes, it would send
>     > [M_END,,[O_ACCEPT]] and we're done.
> 
>     > 3. Mini-question, is this really IPv6-specific? If not I'd prefer a
>     > name that flags it as an AN infrastructure objective, e.g. "AN_Join"
> 
> okay.  The problem in 6tisch for proxy<->registrar communication (admission
> control) is the TCP stack required. 

Right. I've been assuming that a "BRSKI-COAP" method is available, and if
we use GRASP Flood, no TCP is needed at the pledge side.

   Brian


From nobody Sun Nov 13 23:18:12 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14BD3129554; Sun, 13 Nov 2016 23:18:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fwNaCmuEv6jo; Sun, 13 Nov 2016 23:18:08 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7075129420; Sun, 13 Nov 2016 23:18:07 -0800 (PST)
Received: from dooku.sandelman.ca (s2001067c037001280a1196fffe0181e0.v6.meeting.ietf.org [IPv6:2001:67c:370:128:a11:96ff:fe01:81e0]) by relay.sandelman.ca (Postfix) with ESMTPS id 3EE371F8EE; Mon, 14 Nov 2016 07:18:06 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id C459F28A4; Mon, 14 Nov 2016 02:18:02 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
to: 6tisch-security <6tisch-security@ietf.org>, anima-bootstrap <anima-bootstrap@ietf.org>
In-reply-to: <efb2a1b9-a5b2-9e38-abd5-1c8031d9f1cd@gmail.com>
References: <20351.1476971471@obiwan.sandelman.ca> <0343d14c-5b18-b821-c9ad-d77fb7dae490@gmail.com> <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com> <24910.1479078501@dooku.sandelman.ca> <efb2a1b9-a5b2-9e38-abd5-1c8031d9f1cd@gmail.com>
Comments: In-reply-to Brian E Carpenter <brian.e.carpenter@gmail.com> message dated "Mon, 14 Nov 2016 13:06:33 +1300."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Mon, 14 Nov 2016 16:18:02 +0900
Message-ID: <5562.1479107882@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/DfvIMtlYOzyQYaEUTZgoT-Mrxxc>
Subject: Re: [Anima-bootstrap] 6tisch join -01 documented posted
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2016 07:18:09 -0000

--=-=-=
Content-Type: text/plain


Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
    >> > 3. Mini-question, is this really IPv6-specific? If not I'd prefer a
    >> > name that flags it as an AN infrastructure objective, e.g. "AN_Join"
    >>
    >> okay.  The problem in 6tisch for proxy<->registrar communication
    >> (admission control) is the TCP stack required.

    > Right. I've been assuming that a "BRSKI-COAP" method is available, and
    > if we use GRASP Flood, no TCP is needed at the pledge side.

BRSKI-CoAP lets us do the *ENROLLMENT* over CoAP, not the discovery.

These are the interactions, and I will try to give some names to the various
interactions in a future document, but suggestions most welcome.

1) pledge <-> Join Assistant (JA)
   Discovery of JA:   mDNS and/or M_FLOOD

2) Join Assistant *discovery* of Registrar
   in 6tisch, omitted, will be provisioned
   in ANIMA, uses GRASP M_DISCOVERY

3) Join Assistant tentative admission control (used in 6tisch, to provide
   {optional?} "move along" feedback.).
   6tisch, currently M_REQ_NEG/M_END over *TCP*, need to be fixed.

4) pledge <-> Registrar.
   in ANIMA, this is pledge---TCP/HTTPS---> Registrar (RFC7030)
   in 6tisch-zero-touch, this is Registrar ---CoAP/DTLS--> pledge [maybe EDHOC]
                   (CoMI: draft-ietf-netconf-keystore-00 )
   in 6tisch-minimal-security, this is pledge-->CoAP/EDHOC--> Registrar



--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYKWUqAAoJEJVM4Vb9/EKQGM8H/1d9jHn83fVGJvbvWSRnnRVZ
JdtOT95/oSAV3OCjkRNIPbZbMnVSFrKDy017fJC9luldwzTJYApTA0R2r2/rrsRU
Hukz6S7HckvH/2uHcdid2V9z5W8sI/VC34fq4vFvJO4jXMfPwNNoAt0UbFIVJjAO
7iLmqjuqytnS+/ulf3wOQYKtZe642AdmASMNNQoybmBYvTz80zyoQ5sLxJyBJNXB
sUmQag+t2sqWRL+xezEImOumL6qNlp1A98vpaDpMxZAzb/48ixxlk2rRPy6wx6Dq
EPD0zjWuRXlXzN6UB3KaLy/sy0FiJ7aMIdpV5uSseyFWqH5/K7d50HPK1vVHnJ0=
=j5LT
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Sun Nov 13 23:44:38 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC4541296CE; Sun, 13 Nov 2016 23:44:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G7Jduf5Q5deG; Sun, 13 Nov 2016 23:44:33 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86D501296CD; Sun, 13 Nov 2016 23:44:33 -0800 (PST)
Received: from dooku.sandelman.ca (s2001067c037001280a1196fffe0181e0.v6.meeting.ietf.org [IPv6:2001:67c:370:128:a11:96ff:fe01:81e0]) by relay.sandelman.ca (Postfix) with ESMTPS id 0437E1F8EE; Mon, 14 Nov 2016 07:44:31 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 505E31937; Mon, 14 Nov 2016 02:44:25 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
to: 6tisch-security <6tisch-security@ietf.org>, anima-bootstrap <anima-bootstrap@ietf.org>
In-reply-to: <5562.1479107882@dooku.sandelman.ca>
References: <20351.1476971471@obiwan.sandelman.ca> <0343d14c-5b18-b821-c9ad-d77fb7dae490@gmail.com> <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com> <24910.1479078501@dooku.sandelman.ca> <efb2a1b9-a5b2-9e38-abd5-1c8031d9f1cd@gmail.com> <5562.1479107882@dooku.sandelman.ca>
Comments: In-reply-to Michael Richardson <mcr+ietf@sandelman.ca> message dated "Mon, 14 Nov 2016 16:18:02 +0900."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Date: Mon, 14 Nov 2016 16:44:25 +0900
Message-ID: <9356.1479109465@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/LBlaqcgBqBhH3p9NkFC8sDPuJYo>
Subject: Re: [Anima-bootstrap] [6tisch-security] 6tisch join -01 documented posted
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2016 07:44:35 -0000

--=-=-=
Content-Type: text/plain


<#secure method=pgpmime mode=sign>

to add to my own message:

Michael Richardson <mcr+ietf@sandelman.ca> wrote:
    mcr> BRSKI-CoAP lets us do the *ENROLLMENT* over CoAP, not the discovery.

    mcr> These are the interactions, and I will try to give some names to the various
    mcr> interactions in a future document, but suggestions most welcome.

...

    mcr> 4) pledge <-> Registrar.
    mcr> in ANIMA, this is pledge---TCP/HTTPS---> Registrar (RFC7030)

It is here that https://datatracker.ietf.org/doc/draft-pritikin-coap-bootstrap/
applies, letting us actually run EST(RFC7030) over CoAP. Calling it BRSKI
over CoAP is perhaps slightly misleading, and yet slightly more correct,
because the document isn't a general EST over CoAP, but BRSKI specific.


--=-=-=
Content-Type: text/plain
Content-Disposition: inline
Content-Description: Signature

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [


--=-=-=--


From nobody Mon Nov 14 11:28:32 2016
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AF31129658; Mon, 14 Nov 2016 11:28:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XxmsU-wtPQV3; Mon, 14 Nov 2016 11:28:30 -0800 (PST)
Received: from mail-pg0-x22c.google.com (mail-pg0-x22c.google.com [IPv6:2607:f8b0:400e:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17E1B129610; Mon, 14 Nov 2016 11:28:29 -0800 (PST)
Received: by mail-pg0-x22c.google.com with SMTP id p66so57218998pga.2; Mon, 14 Nov 2016 11:28:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;  h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=sJhtFMQR49d5C+1+hEGHfB+4iO8CRDtTyJ+rdFEhals=; b=sMMW+8Mi1xH0dJOBZskm2b9LBtyC+qjNISYdzacFBmNZOHji9z/pm1bW6JvQda8DAO dsyEHUT6x/KW5b+vSbuTYrV4jC3MfiN9jIWONwj3iriSnxJrhT8+qQx1+IZVoV/bUtG4 Hq7DPWXnrf2lG4rkuGikRrHJHOkCKaiY11toBNHykUFGNIB32JfLsWFJJ+OzZIwyxLXL j/y9hTZuf5wb2TjNRmthXEGb68udOfxWn0FCJsAtTfC6QawQM3Y4LtrPXnzIXQHOHQzn cR2THyb3BRrr7z0uovx8faIYhIk4MWr7HBLUxovke1XAQ893aShQz5nJwqwKYIt3gp6j eSTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=sJhtFMQR49d5C+1+hEGHfB+4iO8CRDtTyJ+rdFEhals=; b=lbXDw79zFSy2TJttDBG6UaCamF29+ZwZ4SkBERyohjm7j3AoKAug+00FH0ZbzMHC8u EfR2XWSjVLb+ooYFQbDt8pQuaP/jRp5AYjEZ6xKpSPc04RahNDCe3Y6QOycSP2Jhcypu 8aUvBiMrl7jT0PzzQnftL1Nv1krhK3ks2bt3ThYxD41qU489auZuWu+7g8uKEVBn4Kit 29ZPjwvlUHxeUU0xdyuh2hDiU38AZDpSQNrfjYy/2f9laWoWKDdKQ/XO12hR/U3+Sk2b teqt5BjYHNhJM5AVlbGdY+PGcFupn+vnH4JdvgrpADCUXRwuAy648gSn5a8G3B5XPP4H l7ng==
X-Gm-Message-State: ABUngvfuEE0flPUaO9umKfZJ91GwPlizFtx9DyjqyKjsjgL77fom69REv/lTzpSqePRCsg==
X-Received: by 10.98.155.146 with SMTP id e18mr34825911pfk.45.1479151708496; Mon, 14 Nov 2016 11:28:28 -0800 (PST)
Received: from ?IPv6:2406:e007:4874:1:28cc:dc4c:9703:6781? ([2406:e007:4874:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id b80sm24915955pfe.52.2016.11.14.11.28.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Nov 2016 11:28:27 -0800 (PST)
To: Michael Richardson <mcr+ietf@sandelman.ca>, 6tisch-security <6tisch-security@ietf.org>, anima-bootstrap <anima-bootstrap@ietf.org>
References: <20351.1476971471@obiwan.sandelman.ca> <0343d14c-5b18-b821-c9ad-d77fb7dae490@gmail.com> <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com> <24910.1479078501@dooku.sandelman.ca> <efb2a1b9-a5b2-9e38-abd5-1c8031d9f1cd@gmail.com> <5562.1479107882@dooku.sandelman.ca>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <51679334-5725-7279-cdaf-c3866d5f2bd0@gmail.com>
Date: Tue, 15 Nov 2016 08:28:25 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <5562.1479107882@dooku.sandelman.ca>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/dcSCJ7uun4shn6-_VvM-fLX8Zzs>
Subject: Re: [Anima-bootstrap] 6tisch join -01 documented posted
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2016 19:28:31 -0000

On 14/11/2016 20:18, Michael Richardson wrote:
> 
> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>     >> > 3. Mini-question, is this really IPv6-specific? If not I'd prefer a
>     >> > name that flags it as an AN infrastructure objective, e.g. "AN_Join"
>     >>
>     >> okay.  The problem in 6tisch for proxy<->registrar communication
>     >> (admission control) is the TCP stack required.
> 
>     > Right. I've been assuming that a "BRSKI-COAP" method is available, and
>     > if we use GRASP Flood, no TCP is needed at the pledge side.
> 
> BRSKI-CoAP lets us do the *ENROLLMENT* over CoAP, not the discovery.

Yes, understood, my point was that since Flood is UDP, the pledge doesn't
need to do anything but listen for LL multicasts - no actual discovery
is neeeded. That seems like a bonus for pledges.

> These are the interactions, and I will try to give some names to the various
> interactions in a future document, but suggestions most welcome.
> 
> 1) pledge <-> Join Assistant (JA)
>    Discovery of JA:   mDNS and/or M_FLOOD

Is Join Assistant the agreed terminology (instead of Proxy)?
> 
> 2) Join Assistant *discovery* of Registrar
>    in 6tisch, omitted, will be provisioned
>    in ANIMA, uses GRASP M_DISCOVERY

Is it permissible for the Registrar to act as its own Join Assistant
for on-link neighbors? (I can't see why not.)

> 
> 3) Join Assistant tentative admission control (used in 6tisch, to provide
>    {optional?} "move along" feedback.).
>    6tisch, currently M_REQ_NEG/M_END over *TCP*, need to be fixed.
> 
> 4) pledge <-> Registrar.
>    in ANIMA, this is pledge---TCP/HTTPS---> Registrar (RFC7030)
>    in 6tisch-zero-touch, this is Registrar ---CoAP/DTLS--> pledge [maybe EDHOC]
>                    (CoMI: draft-ietf-netconf-keystore-00 )
>    in 6tisch-minimal-security, this is pledge-->CoAP/EDHOC--> Registrar
> 

Thanks, a useful summary.

   Brian


From nobody Mon Nov 14 17:02:58 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 315021295A0; Mon, 14 Nov 2016 17:02:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fgb6U3D8oiuQ; Mon, 14 Nov 2016 17:02:53 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00::f03c:91ff:feae:de77]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D631129411; Mon, 14 Nov 2016 17:02:53 -0800 (PST)
Received: from dooku.sandelman.ca (dhcp-8d96.meeting.ietf.org [31.133.141.150]) by relay.sandelman.ca (Postfix) with ESMTPS id B0DBC1F91A; Tue, 15 Nov 2016 01:02:51 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 3C3E91928; Mon, 14 Nov 2016 20:02:49 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-reply-to: <51679334-5725-7279-cdaf-c3866d5f2bd0@gmail.com>
References: <20351.1476971471@obiwan.sandelman.ca> <0343d14c-5b18-b821-c9ad-d77fb7dae490@gmail.com> <12808a8a-5de1-c6cb-3f96-945573041ee4@gmail.com> <24910.1479078501@dooku.sandelman.ca> <efb2a1b9-a5b2-9e38-abd5-1c8031d9f1cd@gmail.com> <5562.1479107882@dooku.sandelman.ca> <51679334-5725-7279-cdaf-c3866d5f2bd0@gmail.com>
Comments: In-reply-to Brian E Carpenter <brian.e.carpenter@gmail.com> message dated "Tue, 15 Nov 2016 08:28:25 +1300."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Tue, 15 Nov 2016 10:02:49 +0900
Message-ID: <4807.1479171769@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/VGibfBDzpkAAAX7C-yFTcsRY_iA>
Cc: anima-bootstrap <anima-bootstrap@ietf.org>, 6tisch-security <6tisch-security@ietf.org>
Subject: Re: [Anima-bootstrap] 6tisch join -01 documented posted
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2016 01:02:54 -0000

--=-=-=
Content-Type: text/plain


Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
    >> These are the interactions, and I will try to give some names to the various
    >> interactions in a future document, but suggestions most welcome.
    >>
    >> 1) pledge <-> Join Assistant (JA)
    >> Discovery of JA:   mDNS and/or M_FLOOD

    > Is Join Assistant the agreed terminology (instead of Proxy)?

I prefer it, and it's the accepted 6tisch terminology, but I don't think that
ANIMA has agreed to use that term, and is using Proxy.

    >> 2) Join Assistant *discovery* of Registrar
    >> in 6tisch, omitted, will be provisioned
    >> in ANIMA, uses GRASP M_DISCOVERY

    > Is it permissible for the Registrar to act as its own Join Assistant
    > for on-link neighbors? (I can't see why not.)

Yes, these are roles, not machines.

    >> 3) Join Assistant tentative admission control (used in 6tisch, to provide
    >> {optional?} "move along" feedback.).
    >> 6tisch, currently M_REQ_NEG/M_END over *TCP*, need to be fixed.
    >>
    >> 4) pledge <-> Registrar.
    >> in ANIMA, this is pledge---TCP/HTTPS---> Registrar (RFC7030)
    >> in 6tisch-zero-touch, this is Registrar ---CoAP/DTLS--> pledge [maybe EDHOC]
    >> (CoMI: draft-ietf-netconf-keystore-00 )
    >> in 6tisch-minimal-security, this is pledge-->CoAP/EDHOC--> Registrar
    >>

    > Thanks, a useful summary.

I'd like to give a name to each exchange.  BRSKI is clearly covers #4, but
arguably, it covers all four interactions, and #4 is the BRSKI mode of EST.



--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYKl65AAoJEJVM4Vb9/EKQiPgH/3iRyGjbB1ZaP0i1xm+C6MXC
qTJV4CmOrhPfnC8JTU7y12UhM68y7vYvSGyEHKG+RgF+RfwMwFuMoqbX5u+rkQ4Y
aEv5VzZTpO2QrOToe3MEorr3CukXvKrlMh32Ci4tdZTY1lZ4vKvJ59z3bFabOLJC
R8IUS3GHFJaoZ7aLYrqQjM1u+9Yavw+fr9mkWv4pB0Ok16q9VS1PIQHr0S76BVk8
zqmxMyLLM5Yv97Ta5U5ByucKABMAGcKVuWmPr7g5LJ+zbGB279JKj5mWG9UV6V8i
wCcw66on6xgcVsyT30WAiljhkEefn++brHeNBPDzyWeUWUsUYCeWN7LI4O/r1Q0=
=hzI3
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Thu Nov 17 16:16:09 2016
Return-Path: <pritikin@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E59E5129721 for <anima-bootstrap@ietfa.amsl.com>; Thu, 17 Nov 2016 16:16:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.018
X-Spam-Level: 
X-Spam-Status: No, score=-16.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FQihf9n3OdsU for <anima-bootstrap@ietfa.amsl.com>; Thu, 17 Nov 2016 16:16:07 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3AC21296BD for <anima-bootstrap@ietf.org>; Thu, 17 Nov 2016 16:16:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=170; q=dns/txt; s=iport; t=1479428166; x=1480637766; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=wmfOnsjQzBcYmT3SCobhNcX86/5nmmxCWUfffGPmPWk=; b=N1rGKkdPGiJiq2puBu4dsy5WHpc82VbO21uWm0IqaFlEsj3D7mP207zF j8eWBy/4buyxrXP9XBtb74CSSyxGI8WsnDu4jd5O/IPlNpC2RyXq+BE8P sR1p7d74D4rhj++htLi2tLwdLuo2Jf1OYADy4Rq92Bi2vLRBYSt7mZtLg Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BAAgCyRy5Y/5NdJa1eHAEBBAEBCgEBg?= =?us-ascii?q?zcBAQEBAR+BX404q3SCB4Y9ggQ/FAECAQEBAQEBAWIdC4RvIxFXASICJgIEMBU?= =?us-ascii?q?KCASIf5xgj3yCKYtaAQEBAQEFAQEBAQEBASCBCYcwhngRAYMgLYIwBZpDAZBsg?= =?us-ascii?q?VoBFYg1hgGRWgEeN10uhTuGPoEhgQwBAQE?=
X-IronPort-AV: E=Sophos;i="5.31,655,1473120000"; d="scan'208";a="172598759"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Nov 2016 00:16:06 +0000
Received: from XCH-RCD-013.cisco.com (xch-rcd-013.cisco.com [173.37.102.23]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id uAI0G6Tw016227 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <anima-bootstrap@ietf.org>; Fri, 18 Nov 2016 00:16:06 GMT
Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-RCD-013.cisco.com (173.37.102.23) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Thu, 17 Nov 2016 18:16:05 -0600
Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Thu, 17 Nov 2016 18:16:05 -0600
From: "Max Pritikin (pritikin)" <pritikin@cisco.com>
To: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
Thread-Topic: sorry i cant join tonight
Thread-Index: AQHSQTDz7sUtE5CijkSiREc9t2Q1rg==
Date: Fri, 18 Nov 2016 00:16:05 +0000
Message-ID: <2C262F2C-D910-45F2-882B-6E238D3B0434@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.99.106.5]
Content-Type: text/plain; charset="utf-8"
Content-ID: <7BACE7DF26CFC848AFE7D974C7F1ED66@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/cMfG5vuVvw-t9B0FkHotai5f8qk>
Subject: [Anima-bootstrap] sorry i cant join tonight
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2016 00:16:08 -0000

aeKAmW0gc29ycnkgaeKAmW0gdW5hYmxlIHRvIGpvaW4gW3RoaXMgbW9ybmluZyBpbiBzZW91bF0u
IGnigJlsbCByZWFkIHRoZSBtaW51dGVzIGFuZCBjb250aW51ZSB0byBlbmdhZ2Ugb24gZW1haWws
DQoNCi0gbWF4


From nobody Thu Nov 17 19:39:27 2016
Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BADCB1295E8; Thu, 17 Nov 2016 19:39:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level: 
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pKjq7yU2OrWd; Thu, 17 Nov 2016 19:39:17 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5378E1294B9; Thu, 17 Nov 2016 19:39:17 -0800 (PST)
Received: from dooku.sandelman.ca (dhcp-8d96.meeting.ietf.org [31.133.141.150]) by relay.sandelman.ca (Postfix) with ESMTPS id 0405F1F418; Fri, 18 Nov 2016 03:39:16 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id EA1062631; Fri, 18 Nov 2016 12:39:13 +0900 (KST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima-bootstrap <anima-bootstrap@ietf.org>
X-Attribution: mcr
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Fri, 18 Nov 2016 12:39:13 +0900
Message-ID: <9165.1479440353@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/rirKtmNbtRx498zNIjb8NLkq0E8>
Cc: netconf@ietf.org, anima@ietf.org
Subject: [Anima-bootstrap] weekly boostrap design team meetings
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: anima@ietf.org
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2016 03:39:19 -0000

--=-=-=
Content-Type: text/plain


The Anima Bootstrap design team (which includes work on the ownership
voucher) will continue to meet at 15:00 UTC on Tuesdays via RTC-enabled
webex.  The meeting is anchored to UTC, not EST.

anima bootstrap design team
Tuesday, November 22, 2016
10:00 am Eastern Standard Time (GMT-05:00)
Recurrence: Every Tuesday, from Tuesday,
November 22, 2016, to Tuesday, March 21, 2017

Less information
Meeting number: 644 519 877
Meeting password: bootstrap
Meeting link:
https://ietf.webex.com/ietf/j.php?MTID=m2045414e2e484e0ad47311ce67c1d596
Host key: 959942

Audio connection:
1-877-668-4493 Call-in toll free number (US/Canada)
1-650-479-3208 Call-in toll number (US/Canada)
Show toll-free dialing restrictions
Access code: 644 519 877



--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJYLnfhAAoJEJVM4Vb9/EKQp2kH/A5nxB8PBhrFA5XQEfPyzcq8
j8bZ8K4YHIUjXiwUE84iV/Wy87BJASHoUFTtYydvtYUKlt0iVM1j9+Am7lAB9f48
oGJgeF7OoQBUdVf331ksaVaI0aTgt8DJ0W8mGp/vd8ILK/RGYfuL6Ir9DK3E2kuy
FqRG+ecxOxfkbhEw+Fi5M0bYMPQSHg8CmFdcnur58nleaINj/adIwJkjJMgZebAM
9m5Lyl3VR2bXoQjbE+Qx2K89Wf9+JJzhtk9u06eKehlWblUgDbAFZud7RWePCA3B
WRnMOWkW3iDdyOesxfw3mjpnS++Xzuv4EHbKITOZLrW0aALHdIkFiOoxaWdZ4DI=
=gcld
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Tue Nov 22 06:12:29 2016
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25B5A129622 for <anima-bootstrap@ietfa.amsl.com>; Tue, 22 Nov 2016 06:12:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level: 
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id acAKBhQF9Did for <anima-bootstrap@ietfa.amsl.com>; Tue, 22 Nov 2016 06:12:26 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C34F129A0B for <anima-bootstrap@ietf.org>; Tue, 22 Nov 2016 06:12:25 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 2D1DFE225 for <anima-bootstrap@ietf.org>; Tue, 22 Nov 2016 09:28:59 -0500 (EST)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id E008D637A8 for <anima-bootstrap@ietf.org>; Tue, 22 Nov 2016 09:12:23 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: anima-bootstrap <anima-bootstrap@ietf.org>
In-Reply-To: <9165.1479440353@dooku.sandelman.ca>
References: <9165.1479440353@dooku.sandelman.ca>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Tue, 22 Nov 2016 09:12:23 -0500
Message-ID: <16712.1479823943@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/dfSwtAHFoQ1dLkqnOU0bktgYnLw>
Subject: Re: [Anima-bootstrap] [Anima] weekly boostrap design team meetings
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Nov 2016 14:12:28 -0000

--=-=-=
Content-Type: text/plain


Michael Richardson <mcr+ietf@sandelman.ca> wrote:
    > The Anima Bootstrap design team (which includes work on the ownership
    > voucher) will continue to meet at 15:00 UTC on Tuesdays via RTC-enabled
    > webex.  The meeting is anchored to UTC, not EST.

To remind, this is in 50 minutes.

Agenda items I'd like to cover include:

1) recap of IETF97.
2) some discussion about minor restructing of document
3) the pair of EST over CoAP documents
4) use of M_FLOOD
5) getting ownership voucher document into shape (last, because I
   think we should get low-hanging fruit out of the way, and this will
   overflow into next week anyway)


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWDRSRYCLcPvd0N1lAQJCwgf/UDkJUbiZk8baxmsd3cw/yVnQvIlyn2x8
0FrcUuTAItbOY2YEfj2mL45ASJ5MGPWOIERgseEVTTWNKqgjOUlohPiTaYhsVgO2
wQ06iC5t194kUorXwQXjz1NcyaTG/OHnJF4F50NNo4m2Ku7YqimL6NXIVXUaKMDC
I5+JC3sqOtHLdLYcbBJI8naLj1fyC4t412c+cIzaiJSFQIn79w9u4WL8h5ssoHOV
d4L6lqUipdVGr0FIbNY4jNgRqgp14+5tMhlxzCOI8lDwixEqzIRasCOxwjh0avUR
E/8x2Bg7DfAw7d4YoxIUWEjLGqL/ekgeuakWd7JIGm/r+04YuClJnw==
=brBr
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Thu Nov 24 11:26:39 2016
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A698129A7A for <anima-bootstrap@ietfa.amsl.com>; Thu, 24 Nov 2016 11:26:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V4pTpDWhd2cg for <anima-bootstrap@ietfa.amsl.com>; Thu, 24 Nov 2016 11:26:37 -0800 (PST)
Received: from mail-pg0-x22b.google.com (mail-pg0-x22b.google.com [IPv6:2607:f8b0:400e:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBB311295EE for <anima-bootstrap@ietf.org>; Thu, 24 Nov 2016 11:26:36 -0800 (PST)
Received: by mail-pg0-x22b.google.com with SMTP id f188so21041428pgc.3 for <anima-bootstrap@ietf.org>; Thu, 24 Nov 2016 11:26:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;  h=to:from:subject:organization:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=T4vN3oBTwVBmeQyLRHmmJGGAm6QWZsyLrPzXh/ZFvjs=; b=Jd+lUFJKTTHmuqQbUmHE/sou0g/DdDH1r907FEhAGxPWQ80N0ltxlHn3svTf7hFlVA lJo/wGUujuYTxKaLtZmKisyI3RSS7FDF4s+KQE3grLcGJsuxaCXKmf3F34kg1BFBojqO S6kuCcuTGzEmr5dtX9raBU0mX+t4mawWhKoN+1wFlPk0rgNz6wEvF07fblQgDVVKAEup +wu1pwKpw2Y3TpBUWP529lTUn8YJbvz+i+59OjYGNH9QgL/WeiE/gODJLS29eMjMw+J8 ckaA/ECzrnDDpXjvxeCS4CX5AeM8+rgHHiwAmq9weCdgzWfe4y4ZTLRAr/Rn+m64L9aj OjPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:from:subject:organization:message-id:date :user-agent:mime-version:content-transfer-encoding; bh=T4vN3oBTwVBmeQyLRHmmJGGAm6QWZsyLrPzXh/ZFvjs=; b=YZ5pQa7vQReFMCa1pLgkudAilRSXqh70RbkeaDm9Vj2K0YV1fGAXQ8Rz3qS8RwaICI mz+0QAr2rNw20q8oU1dpJlTF23x9mr4chBcZT2jNuYIQBd+WpP8v4CZ/uOTPey8hVWu5 t8C0k81Ymvt4NyjGd5ysKvu5df6A/UJN8uGCb2rLM5hmMcsI7CGKLCQArC0EUQXrXUR6 naBfY+rwEIAp3PoLcBYFV0PbB/E+pos0HeL1KTwVMzuxDFQCmtsH+j3RiBKoPo6oQtX6 CIaDtVgjsBvebY5+R8lY2RCSjP0wbxd7ppPWl2uxyZadS2u6JU85B0hc0NRZQWHBQ/7l QS1A==
X-Gm-Message-State: AKaTC02QC1TJ2rTdfSLLUnTt5nnq2e+STMj5u3cnsCDOzbIcmkh7r8yUkLZ4yS5w0FF/+g==
X-Received: by 10.84.143.68 with SMTP id 62mr8593144ply.63.1480015596039; Thu, 24 Nov 2016 11:26:36 -0800 (PST)
Received: from [192.168.178.23] (133.22.255.123.dynamic.snap.net.nz. [123.255.22.133]) by smtp.gmail.com with ESMTPSA id i124sm44262809pgd.15.2016.11.24.11.26.34 for <anima-bootstrap@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 24 Nov 2016 11:26:35 -0800 (PST)
To: anima-bootstrap@ietf.org
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <d879ef2f-dd62-45e8-4177-9e14c2742cf3@gmail.com>
Date: Fri, 25 Nov 2016 08:26:41 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.5.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/2B-VqND2Pfwp-xqL-hwpIKuEIK4>
Subject: [Anima-bootstrap] SCEP
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Nov 2016 19:26:38 -0000

Hi,

As a matter of curiousity, was https://tools.ietf.org/html/draft-gutmann-scep
a candidate for BRSKI, instead of EST? Or is that a category mistake?

(Peter Gutmann is also at the U of Auckland, so his draft caught my eye.)

   Brian


From nobody Tue Nov 29 08:00:57 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEAA01295ED for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 08:00:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level: 
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K9BBkFs2aJ0A for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 08:00:50 -0800 (PST)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C139129C0D for <anima-bootstrap@ietf.org>; Tue, 29 Nov 2016 08:00:35 -0800 (PST)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [131.188.34.77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 2536058C4B1; Tue, 29 Nov 2016 17:00:34 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id 101EDB0AFA1; Tue, 29 Nov 2016 17:00:33 +0100 (CET)
Date: Tue, 29 Nov 2016 17:00:33 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Message-ID: <20161129160033.GA29306@faui40p.informatik.uni-erlangen.de>
References: <9165.1479440353@dooku.sandelman.ca> <16712.1479823943@obiwan.sandelman.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <16712.1479823943@obiwan.sandelman.ca>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/BLYbkL-av-oIdpoTX4ivXs2Je0M>
Cc: anima-bootstrap <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] [Anima] weekly boostrap design team meetings
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Nov 2016 16:00:56 -0000

Is there a call today, and if so, on which webex ?

Thanks
    Toerless

On Tue, Nov 22, 2016 at 09:12:23AM -0500, Michael Richardson wrote:
> 
> Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>     > The Anima Bootstrap design team (which includes work on the ownership
>     > voucher) will continue to meet at 15:00 UTC on Tuesdays via RTC-enabled
>     > webex.  The meeting is anchored to UTC, not EST.
> 
> To remind, this is in 50 minutes.
> 
> Agenda items I'd like to cover include:
> 
> 1) recap of IETF97.
> 2) some discussion about minor restructing of document
> 3) the pair of EST over CoAP documents
> 4) use of M_FLOOD
> 5) getting ownership voucher document into shape (last, because I
>    think we should get low-hanging fruit out of the way, and this will
>    overflow into next week anyway)
> 
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-


From nobody Tue Nov 29 08:07:23 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05155129C0D for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 08:07:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.695
X-Spam-Level: 
X-Spam-Status: No, score=-5.695 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HT6jzJqRIqB7 for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 08:07:16 -0800 (PST)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7DB61295B5 for <anima-bootstrap@ietf.org>; Tue, 29 Nov 2016 08:07:15 -0800 (PST)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 6B26F58C4B1 for <anima-bootstrap@ietf.org>; Tue, 29 Nov 2016 17:07:14 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id 53793B0AFA1; Tue, 29 Nov 2016 17:07:14 +0100 (CET)
Date: Tue, 29 Nov 2016 17:07:14 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: anima-bootstrap <anima-bootstrap@ietf.org>
Message-ID: <20161129160714.GA29503@faui40p.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/0PUS_aZK5k_wC8zNk9U3vliP-PY>
Subject: [Anima-bootstrap] Anima bootstrap meeting 12-29-2016
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Nov 2016 16:07:22 -0000

On the etherpad - http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceFont=true

I read the following. Wondering when that meeting was.

Thanks
    Toerless

2016-12-29:
    present: mcr, max, kent.
    
    1) ownership-voucher.
    MCR talks about having read about CWT (CBOR version of JWT), and also the cose-message format which is used to sign CWT.
    CWT would express the voucher YANG definition directly.
     
        
    YANG has been used for a transactional protocol, but not been listed for something at REST.
    Kent says it is exactly what would happen if you fetched it with GET... 
    
    parking the question: "how do we deal with the encoding"
    
    2) which working group should take this on.
    It will be ANIMA, and we will create new github group.
    
    3) bearer token discussion.
    We don't want to standardize a mechanism where a New Node/Pledge would directly accept such a voucher.
    
    https://github.com/orgs/anima-wg
    


From nobody Tue Nov 29 08:10:07 2016
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1134C1295F0 for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 08:10:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level: 
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q0QBdnh6zhKU for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 08:10:02 -0800 (PST)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C9BE129BFB for <anima-bootstrap@ietf.org>; Tue, 29 Nov 2016 08:10:01 -0800 (PST)
Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 30ACE58C4B1; Tue, 29 Nov 2016 17:10:00 +0100 (CET)
Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id 1DEEAB0AFA1; Tue, 29 Nov 2016 17:10:00 +0100 (CET)
Date: Tue, 29 Nov 2016 17:10:00 +0100
From: Toerless Eckert <tte@cs.fau.de>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <20161129160959.GB29503@faui40p.informatik.uni-erlangen.de>
References: <d879ef2f-dd62-45e8-4177-9e14c2742cf3@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <d879ef2f-dd62-45e8-4177-9e14c2742cf3@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/HFMgSAx73k0yOSxTvVfsScZimps>
Cc: anima-bootstrap@ietf.org
Subject: Re: [Anima-bootstrap] SCEP
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Nov 2016 16:10:05 -0000

SCEP i used in Ciscos IOS implementation, but the Cisco contributors to anima
never wanted it considered. I think because EST was meant to superceed SCEP and
fix its issues.

On Fri, Nov 25, 2016 at 08:26:41AM +1300, Brian E Carpenter wrote:
> Hi,
> 
> As a matter of curiousity, was https://tools.ietf.org/html/draft-gutmann-scep
> a candidate for BRSKI, instead of EST? Or is that a category mistake?
> 
> (Peter Gutmann is also at the U of Auckland, so his draft caught my eye.)
> 
>    Brian
> 
> _______________________________________________
> Anima-bootstrap mailing list
> Anima-bootstrap@ietf.org
> https://www.ietf.org/mailman/listinfo/anima-bootstrap


From nobody Tue Nov 29 11:17:12 2016
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF8D1129A81 for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 11:17:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level: 
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M5t9XRD6z1yo for <anima-bootstrap@ietfa.amsl.com>; Tue, 29 Nov 2016 11:17:09 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68DC112945E for <anima-bootstrap@ietf.org>; Tue, 29 Nov 2016 11:17:09 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 797DF200A7; Tue, 29 Nov 2016 14:34:08 -0500 (EST)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 64250637A6; Tue, 29 Nov 2016 14:17:08 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Toerless Eckert <tte@cs.fau.de>
In-Reply-To: <20161129160033.GA29306@faui40p.informatik.uni-erlangen.de>
References: <9165.1479440353@dooku.sandelman.ca> <16712.1479823943@obiwan.sandelman.ca> <20161129160033.GA29306@faui40p.informatik.uni-erlangen.de>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature"
Date: Tue, 29 Nov 2016 14:17:08 -0500
Message-ID: <16045.1480447028@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/LzsSjnwk3ydMro5p_Iz1EobiLLA>
Cc: anima-bootstrap <anima-bootstrap@ietf.org>
Subject: Re: [Anima-bootstrap] [Anima] weekly boostrap design team meetings
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Nov 2016 19:17:11 -0000

--=-=-=
Content-Type: text/plain


Toerless Eckert <tte@cs.fau.de> wrote:
    > Is there a call today, and if so, on which webex ?

yes, there was.

Use the WIKI, Luke!
    https://trac.ietf.org/trac/anima/wiki/Bootstrap

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-




--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWD3UMYCLcPvd0N1lAQJqxgf9H99Wp+ogju3a500PnvQzLRXbrIj+LIqK
Z4On5xxA3g6aiSYC5KrC4gKBeoaM79yM2XV4Ojna8wVmcEdJTlN7MOq4uApH1VA2
Byd8SMHmJvFY8o2clPuaUZwOCivkqzHtmCfNE0xgRDbO3MnuiaXk5viF+ZG8VKrB
mSRxbhD+QXKgM5+Hp8+sLu67M/0S53dLdIGRmSnSw7MKJnKDRne+EP0UOO35DXEK
QFO37hvrNJkiIEUGHqoiauMx72/sgnUywupRtZtWlS2YJet2mmsIk53jrSCOZgUl
c2MtqzlBOlEanSXLE7HUN+6YC3quNFfATbTKscpO2X8HcC1FaIysBQ==
=NnoT
-----END PGP SIGNATURE-----
--=-=-=--