Voucher and Voucher Revocation Profiles for Bootstrapping Protocols
draft-kwatsen-netconf-voucher-00

Document Type Replaced Internet-Draft (individual)
Last updated 2016-10-31
Replaced by draft-kwatsen-anima-voucher
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-kwatsen-anima-voucher
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-kwatsen-netconf-voucher-00.txt

Abstract

This memo defines the two artifacts "voucher" and "voucher- revocation", which are YANG-defined structures that have been signed by a TBD algorithm. The voucher artifact is generated by the device's manufacture or delegate. The voucher's purpose is to securely assign one or more devices to an owner. The voucher informs each device which entity it should consider to be its owner. The voucher revocation artifact is used by the manufacturer or delegate (i.e. the issuer of the voucher) to revoke vouchers, if ever necessary. The voucher revocation format defined herein supports both issuer-wide and voucher-specific constructs, enabling usage flexibility. For both artifacts, this memo only defines the artifact, leaving it to future work to describe specialized protocols for accessing them.

Authors

Kent Watsen (kwatsen@juniper.net)
Michael Richardson (mcr+ietf@sandelman.ca)
Max Pritikin (pritikin@cisco.com)
Toerless Eckert (tte+anima@cs.fau.de)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)