Thanks, Brian. Let me change subject to catch the attention of the authors better.
Filed as: https://github.com/anima-wg/anima-bootstrap/issues/66 > rev -16 section 5.2 has an unresolved EDNOTE pointing to a section for > "Pledge Authorization". That section was last D.1.3.2. in -07 and was then > removed when D.* was integrated back and the rest of D was removed in -08. > > I can not find offhand any stubs of D.1.3.2 integrated elsewhere into the > text, so i would suggest to reintroduce an appropriate subset of that section > (aka: anything you think is uncontentuous). On Sun, Jul 15, 2018 at 03:20:20AM +1200, Brian E Carpenter wrote: > No, of course not. But autonomic nodes aren't supposed to connect > to any old WiFi they happen to find; that's exactly the case where > secure bootstrap needs to fail. If they connect to a network on > which there's a registrar that knows nothing about them, > it won't authorize them to join the ACP. > > "The domain registrar authenticates the pledge, makes authorization > decisions,..." > > In Figure 3, I guess authorization is the tiny item "[accept device?]". > > BRSKI is defined in a nicely general way, but in an AN it's > the domain registrar's job to decide who's allowed in. > Actually there seems to be a glitch in the text on this. > We find: > > > 5.2. Pledge Requests Voucher from the Registrar > > ... > > ...The registrar performs authorization as > > detailed in [[EDNOTE: UNRESOLVED. See Appendix D "Pledge > > Authorization"]]. > > but that leads nowhere that I can find. BRSKI authors, please comment. > > Brian _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
