Hi Hendrik and AD*, Hendrik - Thank you for your reply! We have updated the document accordingly. Please review the document carefully to ensure satisfaction as we do not make changes once it has been published as an RFC. Contact us with any further updates or with your approval of the document in its current form. We will await approvals from each author prior to moving forward in the publication process.
*Deb - As AD, please review and approve the changes in the first paragraph of Appendix B. The changes are best viewed in this diff file: https://www.rfc-editor.org/authors/rfc9809-auth48diff.html. We’ve also included the updated text here: Original: Automation products connected to the Internet would bear the so-called CE marking [CE-marking] to indicate they comply. Current: Automation products connected to the Internet and sold in the EU after 2027 must bear the so-called “CE marking" [CE-marking] to indicate they also comply with the EU-CRA. — FILES (please refresh) — Updated XML file: https://www.rfc-editor.org/authors/rfc9809.xml Updated output files: https://www.rfc-editor.org/authors/rfc9809.txt https://www.rfc-editor.org/authors/rfc9809.pdf https://www.rfc-editor.org/authors/rfc9809.html Diff file showing all changes made during AUTH48: https://www.rfc-editor.org/authors/rfc9809-auth48diff.html https://www.rfc-editor.org/authors/rfc9809-auth48rfcdiff.html (side by side) Diff files showing all changes: https://www.rfc-editor.org/authors/rfc9809-diff.html https://www.rfc-editor.org/authors/rfc9809-rfcdiff.html (side by side) https://www.rfc-editor.org/authors/rfc9809-alt-diff.html (diff showing changes where text is moved or deleted) For the AUTH48 status of this document, please see: https://www.rfc-editor.org/auth48/rfc9809 Thank you, RFC Editor/rv > On Jun 27, 2025, at 5:05 AM, Brockhaus, Hendrik > <hendrik.brockhaus=40siemens....@dmarc.ietf.org> wrote: > > Dear RFC Editor > > Thank you for your review and all proposals. > Please see our responses on you questions inline below. > If you have any further questions, please let us know. > > Hendrik > >> -----Ursprüngliche Nachricht----- >> Von: rfc-edi...@rfc-editor.org <rfc-edi...@rfc-editor.org> >> Gesendet: Donnerstag, 26. Juni 2025 23:21 >> An: Brockhaus, Hendrik (FT RPD CST SEA-DE) >> <hendrik.brockh...@siemens.com>; Goltzsche, David (SMO RI R&D F SEC) >> <david.goltzs...@siemens.com> >> Cc: rfc-edi...@rfc-editor.org; lamps-...@ietf.org; lamps-cha...@ietf.org; >> hous...@vigilsec.com; debcool...@gmail.com; auth48archive@rfc-editor.org >> Betreff: Re: AUTH48: RFC-to-be 9809 >> <draft-ietf-lamps-automation-keyusages-08> for >> your review >> >> Authors, >> >> While reviewing this document during AUTH48, please resolve (as necessary) >> the >> following questions, which are also in the XML file. >> >> >> 1) <!-- [rfced] Should the document title be updated to use "X.509 >> Certificate" >> rather than "X.509" to align with the titles of RFCs 9509 and 9336? Or is >> the current >> okay? >> >> Original: >> X.509 Extended Key Usage (EKU) for configuration, updates and safety- >> communication >> >> Current: >> X.509 Extended Key Usage (EKU) for Configuration, Updates, and Safety >> Communication >> >> Perhaps: >> X.509 Certificate Extended Key Usage (EKU) for Configuration, Updates, and >> Safety >> Communication >> --> > > [HB] I like your proposal. > > Please also perform the following change to be consistent with the rest of > the document. > OLD: “Safety Communication” > NEW: “Safety-Critical Communication” > > Please also perform this change in the title of Section 3 and in the second > paragraph of Section 3. > >> >> >> 2) <!-- [rfced] Please clarify the text following "i.e.,". >> >> Original: >> If the purpose of an issued certificate is not restricted, i.e., the >> type of operations for which a public key contained in the >> certificate can be used in unintended ways, the risk of cross- >> application attacks is increased. >> >> Perhaps: >> If the purpose of an issued certificate is not restricted (i.e., >> the operations of the public key contained in the >> certificate can be used in unintended ways), the risk of cross- >> application attacks is increased. >> --> > > [HB] I like your proposal > >> >> >> 3) <!-- [rfced] May we update this text to be list to improve readability? >> >> Original: >> This specification defines the KeyPurposeIds id-kp-configSigning, id- >> kp-trustAnchorConfigSigning, id-kp-updatePackageSigning, and id-kp- >> safetyCommunication. These KeyPurposeIds are used, respectively, >> for: signing general-purpose configuration files or trust anchor >> configuration files, signing software or firmware update packages, or >> authenticating communication peers for safety-critical communication. >> >> Perhaps: >> This specification defines the following KeyPurposeIds: >> >> * id-kp-configSigning: Used for signing general-purpose configuration >> files. >> >> * id-kp-trustAnchorConfigSigning: Used for signing trust anchor >> configuration files. >> >> * id-kp-updatePackageSigning: Used for signing software or firmware >> update packages. >> >> * id-kp-safetyCommunication: Used for authenticating communication peers >> for safety-critical communication. >> --> > > [HB] I like your proposal > >> >> >> 4) <!-- [rfced] Would you like the references to be alphabetized or left in >> their current >> order? >> --> > > [HB] I would like to keep them as they are. > >> >> >> 5) <!-- [rfced] FYI - The URLs in the reference entries below do not work >> (go to blank >> page). We updated the URLs as follows. Please review. >> >> Original: >> [X.680] ITU-T, "Information Technology - Abstract Syntax Notation >> One (ASN.1): Specification of basic notation", ITU-T >> Recommendation X.680 , February 2021, >> >> <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.itu.int%252 >> Frec%2FT- >> REC.X.680&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff071 >> 44ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6 >> 38865696699011277%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW >> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D% >> 7C0%7C%7C%7C&sdata=rfHEXu0qTsfyatOEsFni5sV9kHImV7r8FYdVq161zYo%3D& >> reserved=0>. >> >> [X.690] ITU-T, "Information Technology - ASN.1 encoding rules: >> Specification of Basic Encoding Rules (BER), Canonical >> Encoding Rules (CER) and Distinguished Encoding Rules >> (DER)", ITU-T Recommendation X.690 , February 2021, >> >> <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.itu.int%252 >> Frec%2FT- >> REC.X.690&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff071 >> 44ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6 >> 38865696699042775%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW >> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D% >> 7C0%7C%7C%7C&sdata=ZiF3MvcJrM1X9Nh87Ksgk6hJQtOjenU4ghBkl9C82s0%3D >> &reserved=0>. >> >> Updated: >> [X.680] ITU-T, "Information Technology - Abstract Syntax Notation >> One (ASN.1): Specification of basic notation", ITU-T >> Recommendation X.680, February 2021, >> >> <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.itu.int%252 >> Frec%2FT-REC-X.680-202102- >> I%2Fen&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144e >> d08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6388 >> 65696699059532%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIl >> YiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0 >> %7C%7C%7C&sdata=iMFytMSMvGtYGEaTnnBaD5C9MBwqC12Sk1fDBOn3WQ4%3 >> D&reserved=0>. >> >> [X.690] ITU-T, "Information Technology - ASN.1 encoding rules: >> Specification of Basic Encoding Rules (BER), Canonical >> Encoding Rules (CER) and Distinguished Encoding Rules >> (DER)", ITU-T Recommendation X.690, February 2021, >> >> <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.itu.int%252 >> Frec%2FT-REC-X.690-202102- >> I%2Fen&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144e >> d08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6388 >> 65696699075948%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIl >> YiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0 >> %7C%7C%7C&sdata=Y9jYYqbcWsbUdIlmpwpESe472x4BSIHEIWB%2FSw%2Fn4ts >> %3D&reserved=0>. >> --> > > [HB] Thank you for updating the URLs. > >> >> >> 6) <!-- [rfced] The URL in this reference entry directs to a page titled >> "Cyber Resilience >> Act". Should the title of this reference entry be updated accordingly (see >> Perhaps 1 >> below)? Or should the URL be updated to match a document with that title (see >> Perhaps 2 below)? >> >> Original: >> [EU-CRA] European Commission, "Proposal for a REGULATION OF THE >> EUROPEAN PARLIAMENT AND OF THE COUNCIL on horizontal >> cybersecurity requirements for products with digital >> elements and amending Regulation (EU) 2019/1020", >> September 2022, <https://digital- >> strategy.ec.europa.eu/en/library/cyber-resilience-act>. >> >> Perhaps 1 (updated title): >> [EU-CRA] European Union, "Cyber Resilience Act", >> September 2022, <https://digital- >> strategy.ec.europa.eu/en/library/cyber-resilience-act>. >> >> Perhaps 2 (updated URL): >> [EU-CRA] European Commission, "Proposal for a REGULATION OF THE >> EUROPEAN PARLIAMENT AND OF THE COUNCIL on horizontal >> cybersecurity requirements for products with digital >> elements and amending Regulation (EU) 2019/1020", >> September 2022, >> <https://eur-/ >> lex.europa.eu%2Flegal- >> content%2FEN%2FTXT%2F%3Furi%3DCELEX%3A52022PC0454&data=05%7C02% >> 7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C3 >> 8ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638865696699091704%7CUnkn >> own%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiO >> iJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=sEkB >> SVpUshm29KYdNS2HCBa3E%2B1fREyo%2B%2BcmrUwIz%2B0%3D&reserved=0>. >> --> > > [HB] In the meantime the regulation is officially published. Therefore, I > would like to update the Reference to the following: > NEW: > [EU-CRA] European Commission, "Regulation (EU) 2024/2847 of the > European Parliament and of the Council of 23 October 2024 > on horizontal cybersecurity requirements for products with > digital elements and amending Regulations (EU) No 168/2013 > and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber > Resilience Act)", November 2024, > https://eur-lex.europa.eu/eli/reg/2024/2847/oj. > >> >> >> 7) <!-- [rfced] The original title for the reference below is "Directive (EU) >> 2022/2555 of the European Parliament and of the Council", but the URL >> directs to the >> NIST CSRC's glossary entry for the term "safety". Based off the context from >> the >> document, we updated this reference entry title to "safety" to match the >> content at the >> URL. >> >> Original: >> [NIST_Glossary] >> NIST CSRC, "Directive (EU) 2022/2555 of the European >> Parliament and of the Council", n.d., >> >> <https://csrc.nist.gov/ >> %2Fglossary%2Fterm%2Fsafety&data=05%7C02%7Chendrik.brockhaus%40siemens >> .com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d >> 55a%7C1%7C0%7C638865696699107536%7CUnknown%7CTWFpbGZsb3d8eyJFbX >> B0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIl >> dUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=uyUrMC38tP0BkQshFx%2BEshHGm >> VLtxgymcgXhhzR%2B4jo%3D&reserved=0>. >> >> Current: >> [NIST_Glossary] >> NIST CSRC, "safety", >> >> <https://csrc.nist.gov/ >> %2Fglossary%2Fterm%2Fsafety&data=05%7C02%7Chendrik.brockhaus%40siemens >> .com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d >> 55a%7C1%7C0%7C638865696699127753%7CUnknown%7CTWFpbGZsb3d8eyJFbX >> B0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIl >> dUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=dQBAXrN%2FT26bKrFMTdNENTMnz >> sem60NvOV2hkZxMwwQ%3D&reserved=0>. >> >> However, please note that NIST provides the following guidance for citing >> terms in >> their glossary >> (https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcsrc.nist.gov%25 >> 2Fglossary&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff071 >> 44ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6 >> 38865696699143977%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW >> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D% >> 7C0%7C%7C%7C&sdata=9tavuwGcdOSXqZ7IIsd54TONfpGgzZDDgNwMqfPCRlg%3 >> D&reserved=0): >> >> Cite the source publication, not this website. As our documents are >> published and withdrawn, the terminology on these web pages will >> change. When citing terms and definitions, we encourage you to cite >> the source publication for the authoritative terminology and to >> understand it in its proper context. Many terms on this website have >> different definitions, from multiple publications. >> >> Based on this, would you like to cite NIST SP 800-160, which is listed as >> the source >> for the definition of "safety" in the NIST glossary, rather than citing the >> glossary entry? >> Or is citing the glossary okay in this context? >> >> https://nvlpubs.nist.go/ >> v%2Fnistpubs%2FSpecialPublications%2FNIST.SP.800- >> 160v2r1.pdf&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff071 >> 44ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6 >> 38865696699159300%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW >> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D% >> 7C0%7C%7C%7C&sdata=v1QTBvmBvA%2B7OxiCh9Cjo%2BkmAiLyRGbNDJEGYa >> 21Z%2F0%3D&reserved=0 >> --> > > [HB] Thank you for spotting my copy-paste error. > If the NIST glossary should not be directly references, I would like to > change this reference to > NIST SP 800-160v1r1. Please update Section 2 accordingly. > OLD: > [NIST_Glossary] > NIST CSRC, "safety", > https://csrc.nist.gov/glossary/term/safety. > NEW: > [NIST.SP.800-160v1r1] > Ron Ross, Mark Winstead, Michael McEvilley, and NIST, > "Engineering Trustworthy Secure Systems", NIST Special > Publications 800-160v1r1, DOI 10.6028/NIST.SP.160v1r1, 2022, > https://doi.org/10.6028/NIST.SP.800-160v1r1 > >> >> >> 8) <!-- [rfced] FYI - We updated the date for this reference from "December >> 2024" >> to "November 2017" to match the date at the URL provided. >> >> Original: >> [ISO.IEC.IEEE_12207] >> ISO/IEC/IEEE, "Systems and software engineering - Software >> life cycle processes", December 2024, >> >> <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.iso.org%25 >> 2Fstandard%2F63712.html&data=05%7C02%7Chendrik.brockhaus%40siemens.com >> %7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a% >> 7C1%7C0%7C638865696699175161%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1 >> hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoy >> fQ%3D%3D%7C0%7C%7C%7C&sdata=TJjSf4YlRe5b8M4Ad2an1azdbTJPPeregCQ1 >> UkacLJc%3D&reserved=0>. >> >> Current: >> [ISO.IEC.IEEE_12207] >> ISO/IEC/IEEE, "Systems and software engineering - Software >> life cycle processes", ISO/IEC/IEEE 12207:2017, November >> 2017, >> <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.iso.org%25 >> 2Fstandard%2F63712.html&data=05%7C02%7Chendrik.brockhaus%40siemens.com >> %7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a% >> 7C1%7C0%7C638865696699190349%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1 >> hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoy >> fQ%3D%3D%7C0%7C%7C%7C&sdata=BOe4%2BEOq2IX914Trja6IKW839l0JIcLX89 >> Q%2BGuMcFKM%3D&reserved=0>. >> --> > > [HB] Thank you > >> >> >> 9) <!-- [rfced] Please review "would bear" here. Should this be updated to >> "bear" >> or "should bear"? >> >> Original: >> Automation products connected to the >> Internet would bear the so-called CE marking [CE-marking] to indicate >> they comply. >> >> Perhaps: >> Automation products connected to the >> Internet bear the so-called "CE marking" [CE-marking] to indicate >> they comply. >> >> Or: >> Automation products connected to the >> Internet should bear the so-called "CE marking" [CE-marking] to indicate >> they comply. >> --> > > NEW: > Automation products connected to the Internet and sold in the EU after > 2027 must bear the so-called "CE marking" [CE-marking] to indicate they > also comply with the EU-CRA. > >> >> >> 10) <!-- [rfced] How may we clarify "NIS2 Framework, Directive" here? >> >> Original: >> Such regulation was announced in the 2020 EU >> Cybersecurity Strategy [EU-STRATEGY], and complements other >> legislation in this area, like the NIS2 Framework, Directive on >> measures for a high common level of cybersecurity across the Union >> [NIS2]. >> >> Perhaps: >> Such regulation was announced in the 2020 EU >> Cybersecurity Strategy [EU-STRATEGY] and complements other >> legislation in this area, like the NIS2 Directive on >> measures for a high common level of cybersecurity across the European Union >> [NIS2]. >> --> > > [HB] I like your proposal. > Maybe you also want to expand "NIS" to "network and information systems". > > NEW: > Such regulation was announced in the 2020 EU > Cybersecurity Strategy [EU-STRATEGY] and complements other > legislation in this area, like the directive on measures for > a high common level of cybersecurity of network and information > systems (NIS) across the European Union [NIS2]. > >> >> >> 11) <!-- [rfced] Would you like to remove the titles of [IEC.62443-4-2] and >> [IEC.62443- >> 3-3] in this sentence to improve readability? Note that the titles appear >> in the >> reference entries. >> >> Original: >> 2020 EU Cybersecurity Strategy [EU-STRATEGY] suggests to implement >> and extend international standards such as the Security for >> industrial automation and control systems - Part 4-2: Technical >> security requirements for IACS components [IEC.62443-4-2] (IACS >> refers to industrial automation and control system) and the >> Industrial communication networks - Network and system security - >> Part 3-3: System security requirements and security levels >> [IEC.62443-3-3]. >> >> Perhaps: >> The 2020 EU Cybersecurity Strategy [EU-STRATEGY] suggests implementing >> and extending international standards such as >> [IEC.62443-4-2] and [IEC.62443-3-3]. >> --> > > [HB] That is fine with me. > >> >> >> 12) <!-- [rfced] The citations [ERJU] and [Directive-2016_797] do not appear >> in the >> direct quote. We have moved these to appear after the direct quote as shown >> below. >> Please review and let us know any concerns. >> >> Original: >> A concrete example for automation is a Rail Automation system. The >> Europe's Rail web page [ERJU-web] states: "The System Pillar [ERJU] >> brings rail sector representatives under a single coordination body. >> To achieve this, the System Pillar will deliver a unified operational >> concept and a functional, safe and secure system architecture, with >> due consideration of cyber-security aspects, focused on the European >> railway network to which Directive 2016/797 [Directive-2016_797] >> applies (i.e. the heavy rail network) as well as associated >> specifications and/or standards." >> >> Perhaps: >> A concrete example for automation is a rail automation system. The >> Europe's Rail web page [ERJU-web] states: >> >> | The System Pillar brings rail sector representatives under >> | a single coordination body. To achieve this, the System Pillar >> | will deliver a unified operational concept and a functional, safe >> | and secure system architecture, with due consideration of cyber- >> | security aspects, focused on the European railway network to which >> | Directive 2016/797 applies (i.e. the heavy >> | rail network) as well as associated specifications and/or >> | standards. >> >> See [Directive-2016_797]. For details about the System Pillar, see [ERJU]. >> --> > > [HB] This looks much better. Thank you. > >> >> >> 13) <!-- [rfced] We updated two instances of <artwork> to <sourcecode> in >> Section 4. >> Should the "type" attribute be set to "asn.1" for these? Note that it is >> also acceptable >> to leave the "type" attribute not set. >> >> The current list of preferred values for "type" is available here: >> https://www.rfc-/ >> editor.org%2Frpc%2Fwiki%2Fdoku.php%3Fid%3Dsourcecode- >> types&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144ed0 >> 8ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C638865 >> 696699205461%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYi >> OiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0% >> 7C%7C%7C&sdata=UoGQ9PYT2QqEj6DKK3cDT1seSdPjG2e57TmnWMdGpiE%3D& >> reserved=0. If the list does not contain an applicable type, then feel free >> to suggest a >> new one. >> --> > > [HB] I guess asn.1 is the best fit. > >> >> >> 14) <!-- [rfced] We see the following forms in the document. Should these be >> uniform? >> If so, please let us know which form is preferred. >> >> safety communication >> safety-critical communication >> >> KeyUsage extension >> Key Usage (KU) extension >> --> > > [HB] This makes sense. Thank you. > >> >> >> 15) <!-- [rfced] Abbreviations >> >> a) We updated the expansion for "KeyPurposeIds" as follows per RFCs 9336 and >> 9509. Let us know any concerns. >> >> key purpose identifiers (KeyPurposeIds) > > [HB] Looks good. > >> >> >> b) How should "NIS2" be expanded? We do not see an expansion in [NIS2]. >> >> Original: >> Such regulation was announced in the 2020 EU >> Cybersecurity Strategy [EU-STRATEGY] and complements other >> legislation in this area, like the NIS2 Framework, Directive on >> measures for a high common level of cybersecurity across the Union >> [NIS2]. >> --> > > [HB] The expansion is I provides a proposal in 10) > >> >> >> 16) <!-- [rfced] Please review the "Inclusive Language" portion of the >> online Style >> Guide >> <https://www.rfc-/ >> editor.org%2Fstyleguide%2Fpart2%2F%23inclusive_language&data=05%7C02%7Che >> ndrik.brockhaus%40siemens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3 >> bcd95794fd4addab42e1495d55a%7C1%7C0%7C638865696699220423%7CUnknown >> %7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJX >> aW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=raJ3k%2 >> F2h6CdQ7x7TCTrGaZA%2F%2BlRHahFg8ONqn%2B%2FFIcA%3D&reserved=0> >> and let us know if any changes are needed. Updates of this nature typically >> result in >> more precise language, which is helpful for readers. >> >> Note that our script did not flag any words in particular, but this should >> still be >> reviewed as a best practice. >> --> > > [HB] I did not spot any need for changes. > >> >> >> Thank you. >> >> RFC Editor/rv >> >> >> On Jun 26, 2025, at 2:16 PM, rfc-edi...@rfc-editor.org wrote: >> >> *****IMPORTANT***** >> >> Updated 2025/06/26 >> >> RFC Author(s): >> -------------- >> >> Instructions for Completing AUTH48 >> >> Your document has now entered AUTH48. Once it has been reviewed and >> approved by you and all coauthors, it will be published as an RFC. >> If an author is no longer available, there are several remedies >> available as listed in the FAQ >> (https://www.rfc-/ >> editor.org%2Ffaq%2F&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C5 >> 1fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1% >> 7C0%7C638865696699235935%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGki >> OnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3 >> D%3D%7C0%7C%7C%7C&sdata=EfJARXgGB3Pw4oc%2B%2F8tNreIrHCbmcTjx%2 >> Fu7C1xFnX2c%3D&reserved=0). >> >> You and you coauthors are responsible for engaging other parties >> (e.g., Contributors or Working Group) as necessary before providing >> your approval. >> >> Planning your review >> --------------------- >> >> Please review the following aspects of your document: >> >> * RFC Editor questions >> >> Please review and resolve any questions raised by the RFC Editor >> that have been included in the XML file as comments marked as >> follows: >> >> <!-- [rfced] ... --> >> >> These questions will also be sent in a subsequent email. >> >> * Changes submitted by coauthors >> >> Please ensure that you review any changes submitted by your >> coauthors. We assume that if you do not speak up that you >> agree to changes submitted by your coauthors. >> >> * Content >> >> Please review the full content of the document, as this cannot >> change once the RFC is published. Please pay particular attention to: >> - IANA considerations updates (if applicable) >> - contact information >> - references >> >> * Copyright notices and legends >> >> Please review the copyright notice and legends as defined in >> RFC 5378 and the Trust Legal Provisions >> (TLP – >> https://trustee.ietf.org/ >> %2Flicense- >> info&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144ed08 >> ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6388656 >> 96699250864%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOi >> IwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C >> %7C%7C&sdata=PcsccvewlztzzDwi4UGMnKdTgcDeP4uqvt1NE4ogFUo%3D&reserv >> ed=0). >> >> * Semantic markup >> >> Please review the markup in the XML file to ensure that elements of >> content are correctly tagged. For example, ensure that <sourcecode> >> and <artwork> are set correctly. See details at >> >> <https://authors.ietf.or/ >> g%2Frfcxml- >> vocabulary&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff071 >> 44ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6 >> 38865696699266823%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW >> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D% >> 7C0%7C%7C%7C&sdata=Gixeq8q2USPw%2F76LXiDtESLe4iYuFUO%2ForqqB4iCiL >> s%3D&reserved=0>. >> >> * Formatted output >> >> Please review the PDF, HTML, and TXT files to ensure that the >> formatted output, as generated from the markup in the XML file, is >> reasonable. Please note that the TXT will have formatting >> limitations compared to the PDF and HTML. >> >> >> Submitting changes >> ------------------ >> >> To submit changes, please reply to this email using ‘REPLY ALL’ as all >> the parties CCed on this message need to see your changes. The parties >> include: >> >> * your coauthors >> >> * rfc-edi...@rfc-editor.org (the RPC team) >> >> * other document participants, depending on the stream (e.g., >> IETF Stream participants are your working group chairs, the >> responsible ADs, and the document shepherd). >> >> * auth48archive@rfc-editor.org, which is a new archival mailing list >> to preserve AUTH48 conversations; it is not an active discussion >> list: >> >> * More info: >> >> https://mailarchive.ietf/ >> .org%2Farch%2Fmsg%2Fietf-announce%2Fyb6lpIGh- >> 4Q9l2USxIAe6P8O4Zc&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C >> 51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1 >> %7C0%7C638865696699285346%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hc >> GkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ >> %3D%3D%7C0%7C%7C%7C&sdata=G2M0ABqCps4bIbcP1q7Z9HANhOH3sxwfdZ4j >> AYnH5BY%3D&reserved=0 >> >> * The archive itself: >> >> https://mailarchive.ietf/ >> .org%2Farch%2Fbrowse%2Fauth48archive%2F&data=05%7C02%7Chendrik.brockha >> us%40siemens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4 >> addab42e1495d55a%7C1%7C0%7C638865696699300810%7CUnknown%7CTWFpbG >> Zsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkF >> OIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=yWqUEZubJi1Uq28S >> CIm132ySkp64HegOZQ6%2BoyWeZh8%3D&reserved=0 >> >> * Note: If only absolutely necessary, you may temporarily opt out >> of the archiving of messages (e.g., to discuss a sensitive matter). >> If needed, please add a note at the top of the message that you >> have dropped the address. When the discussion is concluded, >> auth48archive@rfc-editor.org will be re-added to the CC list and >> its addition will be noted at the top of the message. >> >> You may submit your changes in one of two ways: >> >> An update to the provided XML file >> — OR — >> An explicit list of changes in this format >> >> Section # (or indicate Global) >> >> OLD: >> old text >> >> NEW: >> new text >> >> You do not need to reply with both an updated XML file and an explicit >> list of changes, as either form is sufficient. >> >> We will ask a stream manager to review and approve any changes that seem >> beyond editorial in nature, e.g., addition of new text, deletion of text, >> and technical changes. Information about stream managers can be found in >> the FAQ. Editorial changes do not require approval from a stream manager. >> >> >> Approving for publication >> -------------------------- >> >> To approve your RFC for publication, please reply to this email stating >> that you approve this RFC for publication. Please use ‘REPLY ALL’, >> as all the parties CCed on this message need to see your approval. >> >> >> Files >> ----- >> >> The files are available here: >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809.xml&data=05%7C02%7Chendrik.brockhaus%40sie >> mens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1 >> 495d55a%7C1%7C0%7C638865696699316048%7CUnknown%7CTWFpbGZsb3d8eyJ >> FbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpb >> CIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=FNL6NL%2BKUr5tVtvRNljea4oYd >> Jf8NPq2dfBhSxaRc6w%3D&reserved=0 >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809.html&data=05%7C02%7Chendrik.brockhaus%40sie >> mens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1 >> 495d55a%7C1%7C0%7C638865696699331291%7CUnknown%7CTWFpbGZsb3d8eyJ >> FbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpb >> CIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Gsjdij38TzO5gr%2FcRd7KuVzest >> u%2FBb49QdiM3OG58cs%3D&reserved=0 >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809.pdf&data=05%7C02%7Chendrik.brockhaus%40sie >> mens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1 >> 495d55a%7C1%7C0%7C638865696699346676%7CUnknown%7CTWFpbGZsb3d8eyJ >> FbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpb >> CIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=VTheZFhGWN60wI83tpBHbgv67a >> JkOZL9cjFkGEAe1k8%3D&reserved=0 >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809.txt&data=05%7C02%7Chendrik.brockhaus%40siem >> ens.com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e14 >> 95d55a%7C1%7C0%7C638865696699362040%7CUnknown%7CTWFpbGZsb3d8eyJF >> bXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbC >> IsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=3MfUPfph9fce7aV5KzwOo%2BaU >> D7He41eH3kHFRAi31hk%3D&reserved=0 >> >> Diff file of the text: >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809- >> diff.html&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144e >> d08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6388 >> 65696699376933%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIl >> YiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0 >> %7C%7C%7C&sdata=W5XZI5FNg7WyiXGHtDrylVVDyDel3bfTkTGzoyjPhRg%3D&re >> served=0 >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809- >> rfcdiff.html&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff0714 >> 4ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C63 >> 8865696699391941%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWU >> sIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7 >> C0%7C%7C%7C&sdata=kl1HZI7GR73rZIFnK1JabBjwOz4PKvQGDyyH18YSgFY%3 >> D&reserved=0 (side by side) >> >> Alt-diff of the text (allows you to more easily view changes >> where text has been deleted or moved): >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809-alt- >> diff.html&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07144e >> d08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C6388 >> 65696699406977%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIl >> YiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0 >> %7C%7C%7C&sdata=6nuGrcSviyji1fRpCeSqTCdGay1jQLzfTqSOzq9roD4%3D&reser >> ved=0 >> >> Diff of the XML: >> https://www.rfc-/ >> editor.org%2Fauthors%2Frfc9809- >> xmldiff1.html&data=05%7C02%7Chendrik.brockhaus%40siemens.com%7C51fb39ff07 >> 144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C0%7C >> 638865696699422302%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW >> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D% >> 7C0%7C%7C%7C&sdata=wmfUf5P2EWccMtKS3XCD4ddrTXP2hlc92QeC%2B98xX2 >> k%3D&reserved=0 >> >> >> Tracking progress >> ----------------- >> >> The details of the AUTH48 status of your document are here: >> https://www.rfc-/ >> editor.org%2Fauth48%2Frfc9809&data=05%7C02%7Chendrik.brockhaus%40siemens >> .com%7C51fb39ff07144ed08ed308ddb4f74bea%7C38ae3bcd95794fd4addab42e1495d >> 55a%7C1%7C0%7C638865696699439899%7CUnknown%7CTWFpbGZsb3d8eyJFbX >> B0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIl >> dUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=HaP5V0n8Gr8NmfaQKGa1hzc56rQW >> KUbJJuSh5%2Fdu7fc%3D&reserved=0 >> >> Please let us know if you have any questions. >> >> Thank you for your cooperation, >> >> RFC Editor >> >> -------------------------------------- >> RFC9809 (draft-ietf-lamps-automation-keyusages-08) >> >> Title : X.509 Extended Key Usage (EKU) for configuration, updates >> and safety- >> communication >> Author(s) : H. Brockhaus, D. Goltzsche >> WG Chair(s) : Russ Housley, Tim Hollebeek >> Area Director(s) : Deb Cooley, Paul Wouters > -- auth48archive mailing list -- auth48archive@rfc-editor.org To unsubscribe send an email to auth48archive-le...@rfc-editor.org
