%% You should probably cite rfc8995 instead of this I-D. @techreport{ietf-anima-bootstrapping-keyinfra-09, number = {draft-ietf-anima-bootstrapping-keyinfra-09}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-anima-bootstrapping-keyinfra/09/}, author = {Max Pritikin and Michael Richardson and Michael H. Behringer and Steinthor Bjarnason and Kent Watsen}, title = {{Bootstrapping Remote Secure Key Infrastructures (BRSKI)}}, pagetotal = 69, year = ** No value found for 'doc.pub_date.year' **, month = ** No value found for 'doc.pub_date' **, day = ** No value found for 'doc.pub_date.day' **, abstract = {This document specifies automated bootstrapping of a remote secure key infrastructure (BRSKI) using vendor installed X.509 certificate, in combination with a vendor's authorizing service, both online and offline. Bootstrapping a new device can occur using a routable address and a cloud service, or using only link-local connectivity, or on limited/disconnected networks. Support for lower security models, including devices with minimal identity, is described for legacy reasons but not encouraged. Bootstrapping is complete when the cryptographic identity of the new key infrastructure is successfully deployed to the device but the established secure connection can be used to deploy a locally issued certificate to the device as well.}, }