UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF - RFC 8995

Bootstrapping Remote Secure Key Infrastructure (BRSKI)

active, Most Current
Organization: IETF
Publication Date: 1 May 2021
Status: active
Page Count: 116
scope:

Abstract

This document specifies automated bootstrapping of an Autonomic Control Plane. To do this, a Secure Key Infrastructure is bootstrapped. This is done using manufacturer-installed X.509 certificates, in combination with a manufacturer's authorizing service, both online and offline. We call this process the Bootstrapping Remote Secure Key Infrastructure (BRSKI) protocol. Bootstrapping a new device can occur when using a routable address and a cloud service, only link-local connectivity, or limited/disconnected networks. Support for deployment models with less stringent security requirements is included. Bootstrapping is complete when the cryptographic identity of the new key infrastructure is successfully deployed to the device. The established secure connection can be used to deploy a locally issued certificate to the device as well.

Document History

RFC 8995
May 1, 2021
Bootstrapping Remote Secure Key Infrastructure (BRSKI)
Abstract This document specifies automated bootstrapping of an Autonomic Control Plane. To do this, a Secure Key Infrastructure is bootstrapped. This is done using manufacturer-installed X.509...

References

This document references:
RFC 8990 - GeneRic Autonomic Signaling Protocol (GRASP)
Published by IETF on May 1, 2021
Abstract This document specifies the GeneRic Autonomic Signaling Protocol (GRASP), which enables autonomic nodes and Autonomic Service Agents to dynamically discover peers, to synchronize state with...
This document references:
RFC 8994 - An Autonomic Control Plane (ACP)
Published by IETF on May 1, 2021
Applicability and Scope Please see the following Terminology section (Section 2) for explanations of terms used in this section. The design of the ACP as defined in this document is considered to be...
This document references:
RFC 2131 - Dynamic Host Configuration Protocol
Published by IETF on March 1, 1997
A description is not available for this item.
This document references:
IETF RFC 3339 - Date and Time on the Internet: Timestamps
Published by IETF on July 1, 2002
This document defines a date and time format for use in Internet protocols that is a profile of the ISO 8601 standard for representation of dates and times using the Gregorian calendar.
This document references:
IETF RFC 3927 - Dynamic Configuration of IPv4 Link-Local Addresses
Published by IETF on May 1, 2005
To participate in wide-area IP networking, a host needs to be configured with IP addresses for its interfaces, either manually by the user or automatically from a source on the network such as a...
This document references:
IETF RFC 4519 - Lightweight Directory Access Protocol (LDAP): Schema for User Applications
Published by IETF on June 1, 2006
This document is an integral part of the Lightweight Directory Access Protocol (LDAP) technical specification. It provides a technical specification of attribute types and object classes intended for...
This document references:
RFC 8994 - An Autonomic Control Plane (ACP)
Published by IETF on May 1, 2021
Applicability and Scope Please see the following Terminology section (Section 2) for explanations of terms used in this section. The design of the ACP as defined in this document is considered to be...
This document references:
RFC 8990 - GeneRic Autonomic Signaling Protocol (GRASP)
Published by IETF on May 1, 2021
Abstract This document specifies the GeneRic Autonomic Signaling Protocol (GRASP), which enables autonomic nodes and Autonomic Service Agents to dynamically discover peers, to synchronize state with...
This document is referenced by:
GR ZSM 004 - Zero-touch network and Service Management (ZSM); Landscape
Published by ETSI on January 1, 2022
The present document updates the existing landscape report for Zero-touch network and Service Management (ZSM) based on its current and future developments. It identifies and includes information...
This document is referenced by:
23/30480980 DC - Draft BS EN IEC/IEEE 60802 Time-sensitive networking profile for industrial automation
Published by BSI on October 6, 2023
A description is not available for this item.
This document is referenced by:
62351-9 - Power systems management and associated information exchange – Data and communications security – Part 9: Cyber security key management for power system equipment
Published by IEC on June 1, 2023
This part of IEC 62351 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and...
View Less
View All
Advertisement