►
From YouTube: IETF105-ANIMA-20190723-1330
Description
ANIMA meeting session at IETF105
2019/07/23 1330
https://datatracker.ietf.org/meeting/105/proceedings/
A
C
C
B
C
C
C
Michael,
could
you
do
that
again,
chipper
and
means
taker,
sex,
como
and
all
the
slides
already
uploaded
and
the
most
meaning
list
should
be
the
main
working
posts
and
this
working
group
chaired
by
meshing
and
tarish.
This
is
the
agenda
for
this
afternoon.
We
have
the
frisky
update.
First,
that's
recent
to
the
ISD
and
still
have
a
few
rocks
yeah,
but
hopefully
a
work
as
well,
and
then
we
have
the.
C
Constraint,
nature
and
also
made
by
Michael
Richardson
and
then,
after
that,
it's
constraint
joint
practice.
A
for
pesky
protect
homes
by
people.
The
support
for
synchronizing
use
only
resumed
whiskey
by
in
it,
and
then,
let's
say,
a
semi
integrating
with
brewski
by
oven
any
art
in
a
passion
once
twice
go
so
Michael.
E
Hi
good
afternoon,
guten
abend,
no,
that's
good.
Marty
tryna
learn
journey
anyway,
so
I've
been
working
on
the
we,
the
enema
bootstrap
kinky
boots
trapping
key
infrastructure
documents,
otherwise
known
as
brewski,
and
we
are
been
in
the
is
G
review
for
some
time.
That
does
not
work
next
slide.
E
E
E
I
never
discusses
so
there
were
six
substantive
discusses
plus
about
three,
oh
by
the
way,
I
have
I'm
posting
no
comment
or
or
what
was
the
right
words
anyway,
the
opposite
of
discuss
and
but
here
are
some
comments
anyway,
okay
and
then
several
abstains
that
who
people
who
said-
and
I
also
agree
with
so-and-so-
is
discussed.
So
there
was
a
lot
of
stuff,
so
I
grown
through
the
the
bulk
six-and-a-half
five
and
a
half
of
the
six
discusses
and
I
have
some
substantive
comments
from
Ben
could
left
to
do.
E
Your
comments
on
the
mailing
list
would
be
much
appreciated
to
understand.
What's
going
on
christian,
read
him
out
posted
a
revision
to
his
review
at
the
beginning
of
June.
I
didn't
see
it
until
I
was
asked
why
I
didn't
solve
his
problems
so
from
what
I
can
tell
from
having
reviewed
it,
I
believe
that
all
his
issues
overlap
with
Adam
and
Ben
comments,
and
so
either
sells
them
in
one
group
or
I.
I
won't
I
am
hoping
to
finish
those
comments.
E
Probably
tonight
I'm
not
going
to
the
social
and
post
a
new
version
by
the
end
of
the
week,
which
I
hope
will
be
will
be
it
and
if
not,
I
will
spend
some
time
with
the
appropriate
area
directors
trying
to
understand.
What's
going
on
directly
next
slide,
please
we
have
done
been
doing
Interop
testing
of
burski,
mostly
between
myself
and
a
team
from
siemens,
and
some
people
are
working
with
them
from
Zed
H,
a
W
which
is
the
Elliott,
might
get
it
for
me.
E
E
My
co-author
max
Pritikin
has
been
given
a
task
that
he
could
not
say
no
to
a
you've,
been
complaining
for
several
years
and
now
yours,
your
opportunity
to
fix
it
so
shut
up
or
do
something,
and
so
that's
why
you
haven't
seen
a
lot
of
him,
but
we
actually
do
chat
most
every
week
about
this.
You
just
won't
see
much
of
him,
his
conscious
self,
so
go
on
to
the
next
part.
I
wrote
constrained.
E
Button
yeah,
so
Peter
Pan
else
and
I
have
been
working
on
this
document
or
since
a
while
there's
not
a
lot
of
substantive
changes
to
the
core
of
the
document
we
updated.
Some
examples
of
Coast's
signed,
C
bore
and
Jim
shock,
ran
it
through
his
coast
implementation
and
found
that
they
were
wrong.
So
it's
probably
as
important
to
find
out
that
they
were
right
chill
trying
to
figure
it
exactly
where
they're
wrong
at
this
point,
but
we'll
get
that
right
and
we'll
have
to
update
those
examples
again.
E
I
have
validated
Peters
CMS
signed
example,
and
that's
okay,
I,
don't
know
what
this
word
variety
is
in
there.
Some
spell
checking
has
someone.
That's
has
got
me
yesterday.
Most
issues
reported
by
various
people,
I
think
it's
supposed
to
saying.
Having
resolved,
we
I
did
introduce
this
leaf.
Node,
pin,
sha-256
or
subject
of
public
key
info
and
its
utility
is
still
under
dispute
and
I
would
sure,
like
some
some
comments
about
that,
we
can
make
really
long
leaf
names
because
they
get
translated
to
an
integer
anyway.
So
don't
worry
about.
E
E
Draft
RIT,
of
course,
CID
they
have
more
or
less
been
statically
written
into
the
file.
We
believe
that
we
can
generate
them
correctly
with
PA
now,
but
more
or
less
we're
we're
not
we're
not
being
overly
optimistic
about
it
being
consistent
because
the
the
code
is
still
not
accepted
upstream
and
had
some
conversations
of
this
so
there's
a
peeing
extension
that
lets
us
translate.
The
RFC,
83
66
vote
trick
model
to
see
Boer
and
it's
an
automated
fashion.
E
B
E
I
know
that's
just
talking
to
a
working
group.
She
was
just
once
the
enter
milestone,
so
I
think
that
the
right
answer
is
into
submitted
to
iesg
right
after
106,
so
working
group
last
call
you
know,
I
think
we
could
do
that.
We
could
be
finished
that
by
106
is
so
that
you
could
put
it
into
iesg
review
there,
but
for
this
document
this
this
does
require
I,
think
it
would
I
think
it
would
be
helpful
to
have
someone
else
who
might
implement
the
voucher.
The
voucher
part
particularly
did.
C
C
E
E
Of
slides
yeah,
so
so
is
it
is.
It
is
true
that
longer
documents
are
harder
to
deal
with,
but
I
would
also
say
that
it
depends
on
the
this
there's
the
the
there
should
be
no
political
discussion
about
this
document
because
we're
just
re-encoding
brewski
into
some
other
thing,
so
I
hope
that
will
be
easier
to
discuss
right.
F
Thanks
for
the
slides
there
same
time,
okay
I
will
talk
about
the
constraint,
join
proxy
services
down
together
is
Michael
and
please
the
next
slide.
So
it's
a
tells
you
it
is
in
continuation
of
the
Biscay
work
is
in
translation
and
talks
actually
about
the
about
the
joint
proxy.
Please
go
on.
We
have
done
this
already
last
step,
so
on
graphic
explanation
of
what
goes
on.
We
have
to
brace
give
us
the
pledge
which
wants
to
be
entered
into
the
network.
F
F
It
keeps
the
addresses
of
the
plates
so
that
when
the
answer
comes
backs,
he
knows
where
to
sent
it
and
the
state
less
is
less
information
in
the
joint
proxy.
So
this
information
is
stored
in
the
packet
yep.
Next,
if
there
any
questions,
please
speak
out
loud.
So
the
discovery
is
one
of
the
parties,
maybe
will
provoke
discussion.
F
So
what
we
have
is
that
you
use
coop
and
then
we
look
at
the
pledge
and
the
joint
proxy.
This
will
be
a
link,
local
poetry,
mostly
on
a
mesh.
It
can
be
on
other
things,
but
for
the
moment
you
think
of
using
this
on
the
mesh
and
link
locally.
So
how
will
the
Pledge
discover
that
you're
in
proxy
I
by
doing
co-op
discovery,
which
is
explained
in
the
document
and
is
also
the
explained
in
the
resource,
discovery,
etc?
F
And
there
is
the
six
dish
which
uses
to
the
house
beacon
and
Michael
can
explain
that
if
needed
and
then
further
on
that,
if
we
go
to
the
global
one,
we
will
get
either
we
use
the
Annie
grasp
bomb
if
it
is
accurate.
This
is
for
this
environment
supports
it.
If
not
any
on
e,
then
the
will
be
done
co-op
discovery.
Is
there
anyone
who
thinks
that
more
should
be
done
or
less
discoveries
Brian?
F
You
can
do
so.
What
what
you
can
do
is
two
things
you
have.
You
can
send
and
naughty
casts
this
co-op.
This
co-op
discovery,
which
is
discouraged
and
you
sent
two
well-known
core
and
all
the
ones
which
feel
worse.
We
can
do
this.
We
sent
to
announcer
it's
discouraged,
we
other
thing
which
you
have
a
student
and
resource
directory.
Okay,
so
the
resource
directory
is
in
central.
F
F
F
It
stands
stores
to
the
addresses
for
the
for
the
link,
local
addresses
and
for
that
to
use
multi-part
core
and
after
point
out
that
this
is
a
new
media
format
which
is
done
in
court
and
which
is
also
used
in
the
constraint
voucher
draft,
which
has
been
proposed
just
a
former
speaker,
so
that
store
there
and
then
it
goes
back
down
below
I
have
an
example
of
what
the
what
it
looks
like.
So
you
have
an
uber
array
and
in
the
super
array
you
first
put
in
what
is
the
format
of
the
next
item.
F
In
this
case
it
is
an
array
of
two
identities
and
then
there
is
the
next
one
which
tells
you
that
it
is
in
the
format,
the
format
which
was
roost
in
the
standard
EST,
and
then
it
gives
you
the
detail:
s
content,
no
IP
an
IP.
Think
Michael
is
right
that
before,
but
it
is
more
complex,
you
have
a
lot
of
Archer,
headers,
etc,
and
while
this
is
about
our
locally
done
and
shorter
I
showed
this
one
before
which
is
in.
F
F
B
As
far
as
the
milestones,
even
for
for
for
the
stuff
or
especially
for
the
stuff,
that
is
a
meant
to
be
first
adopted
and
is
on
the
list.
There
we've
been
asked
to
come
up
with
milestones,
so
we
basically
been
thinking
that
adoption
could
hopefully
start
before
106
in
depending
on
I,
be
you
know
not
sleeping
at
the
wheel,
and
so
you
know
what
what
do
you
think
how
much
work
would
be
left
from
that
point
on
this.
F
B
And
so
I
asked
how
many
people
have
read
the
draft.
F
B
A
C
A
B
G
All
right
so
I'm,
presenting
today
on
behalf
of
my
co-author,
is
Stefan
freeze
and
Hendrick
rock
house,
who
are
the
major
drivers
of
this
draft
I'm.
The
least
major
driver
of
the
traffic
slide.
Please
we're
talking
about
in
this
context
is
a
a
draft,
and
one
before
this
is
that
yeah.
Thank
you
so
that
this
draft
is
misnomer.
G
It's
not
really
a
brewski
problem
that
we're
attempting
to
address,
but
there's
a
little
bit
of
a
trick
in
est
that
we
wanted
to
highlight
with
regard
to
some
asynchronous
enrollment
issues,
and
so
the
issue
that
this
and
I
think
this
draft
was
presented
last
time,
so
I'm
going
to
be
relatively
quick.
The
fundamental
issue
here
is:
what
happens
if
the
CA,
in
some
form
another,
is
detached
from
the
join
registrar
and
is
unable
to
issue
certificates
in
any
given
moment
in
time
now
it
turns
out.
Est
in
RFC.
G
70/30
anticipates
this
problem
a
little
bit
in
terms
of
being
able
to
take
its
to
offer
with
various
return
codes.
However,
I'm
pretty
sure
that
our
implementations
haven't
anticipated
this
in
pace
of
at
the
same
pace,
and
so
this
draft
addresses
the
asynchronous
nature
that
may
occur
where
you
want
to
have
essentially
in
a
fully
encapsulated
and
self-sufficient
certificate
request,
with
a
fully
encapsulated
and
I'm
talking
about
a
piece,
a
cue
pkcs7
request
for
the
pkcs7
response.
G
Next
slide.
Please
so
I've
been
a
couple
of
changes
from
the
previous
draft.
We've
updated
the
examples,
because
I
myself
didn't
understand
the
darn
thing
in
terms
of
how
this
would
work
in
building
automation,
which
is
where
a
lot
of
the
work
focusing
on-
and
this
is
definitely
one
of
those
cases
where
you
have
intermittent
intermittent
connectivity
and
so
having
a
mechanism
to
to
to
address
the
certificate
enrollment
in
that
environment
is
very
important.
What
we've
also
done
is
a
bit
of
a
mapping
to
the
various
enrollment
protocols,
so
when
mr.
G
G
C
G
Well:
here's
the
X
x
marks
the
spot,
so
the
asynchronous
enrollment
in
terms
of
self-contained
objects.
So
the
key
thing
here
is
that
we
need
for
the
proof
of
possession
the
private
key
in
terms
of
corresponding
the
public
key,
as
it
says
here
three
self-contained
and
we
need
an
indication
essentially
when
a
request
goes
out
to
the
in
EST
that
I'd
like
a
certificate,
please.
G
G
Now,
if
you
guys
don't
know
the
reference
of
no
suit
for
you,
that's
Jerry
Seinfeld
and
a
particular
character
there
when
he
gets
annoyed
and
he
tells
somebody
no
soup
for
you
in
this
case
the
the
annoyances,
with
the
fact
that
the
CA
is
not
present
so
no
suit,
for
you
come
back
for
your
for
your
certificate
request
for
your
stupid.
Think
of
it
responds
in
in
some
period
of
time.
F
G
G
Right
so
the
point
of
this
this
this
draft.
Actually,
what
becomes
of
this
draft
is
something
we
need
to
discuss,
because
it's
clear
that
it
there's
at
least
some
guidance
here
just
for
70/30,
there's,
probably
additional
text
that
the
constrained
est
co-op
draft
needs
to
take
a
good
stare
up
to
make
sure
you
have
your
return
codes
correct
in
terms
of
how
you're
managing
those
since
this
full
restful
interface
I.
G
Hope
it
is
that
one
looks
better
okay,
so
this
diagram
is
updated.
This
isn't
a
draft
and
you
can
see
clearly
that
what
we've
done
here
is
we've
separated
out
the
join
proxy
from
the
lra,
and
that
is
really
the
the
key
to
all
of
this
is
that
there
is,
and
whenever
you
see
an
either
an
LRA
or
SCA
there's
this
idea
that
one
or
the
other
may
not
be
available
at
any
particular
point
in
time.
G
Now
it's
already
well
anticipated
that
the
Massa
may
not
be
available
at
some
point
in
time,
but
the
idea
that
the
LRA
is
not
available
in
any
particular
point
in
time.
That's
something
that
at
least
the
code
doesn't
test
right
in
some
cases,
from
what
I
hear
so
next
slide,
please,
alright!
So
here's
the
mapping
that
was
done
so
for
est
for
this
to
work.
G
What
we
need
is
a
full
full
CMC
request
and
you
need
to
make
sure
that
you're
returning
it
202
status
when
the
LRA
is
not
available,
and
that's
because
there
are
times
when
the
as
you
see
there,
the
pkcs
10
has
to
be
regenerated.
If
the,
if
there's
a
teardown
event,
similarly
with
CMP
pretty
much,
this
capability
is
already
available
if
you're
using
CRM
F.
So
there's
nothing
to
do,
and
so
the
there's
also
a
cert
waiting
indication
available
as
I
understand
it
in
CMP
already
so
again,
there's
nothing
to
use
and
so
forth
est.
G
The
key
thing
here
is
that
you
there,
you
can't
use
the
simple
request
which
people
sometimes
use.
In
order
to
this,
you
need
a
full
CMC,
and
so
that's
the
the
the
key
thing
that
Stephane
fries
would
call
out,
and
the
reason
for
that
is
that
the
request
has
to
be
self-contained
and
that
you're,
relying
on
the
identity
of
the
signer
in
the
full
CMC,
rather
than
anything
else
for
for
authentication,
Michael,
Michael.
G
E
We
all
know
that
when
you
post
a
CSR
on
your
simple
enroll,
you
post
a
CSR
yeah,
it's
yes,
it's
the
key
cs10,
so
I
don't
understand
what
what
I
never
understood.
The
full
CMC
did
other
than
add
more
asn.1
you
so
I,
I'm,
gonna,
say
I'm,
just
ignorant
of
not
understanding
that
at
all
so
I
would.
Perhaps
you
could
motivate
us
more
to
understand
what
what
it
is
that
you
think
is
tell
us
what
it
is
lacking
understanding
what
it's
lacking
so.
G
There's
not
there's
my
understanding
is.
There
are
two
things
that
are
lacking
and
it's
Stefan
who's
gonna
have
to
answer
this,
an
email
more
than
more
so
than
me
almost
representing
him.
The
first.
The
first
thing
that
is
lacking
is
that
there's
no
serialization
for
the
requests
available
in
the
in
the
simpler
neural
so
that
you
can't
keep
track
of
the
requests
on
one
side
or
the
other,
and
that's
so
that's
one
thing
that
he.
E
G
E
E
E
E
E
That
that
this
thing
will
be
anyway
exactly
but
I'm
just
trying
to
think
about
what
what
how
much
changes
are
required
to
each
component
by
this,
and
if
it's
something
that
it
was,
you
know
blue
or
orange,
and
we
picked
blue
and
you
want
an
orange
solves
the
problem
and
there's
only
two
two
or
three
implementations
out
there
and
maybe
we've
implemented
orange
as
well.
Anyway,
then
we
should
just
say:
do
orange
and
forget.
B
G
E
These
cases,
where
you
don't
need
full
yeah,
I'm
John
I,
have
never
from
reading
the
specifications
had
any
understanding
of
what
full
CMC
did.
Other
than
give
you
lots
of
extension
points
that
no
one
implemented.
That's
always
been
my
observations
like
well,
that's
cool!
That's
a
you
know.
Mr.
Inspector
Gadget
hat
blue,
blue,
blue
and
I
just
wanted
a
knife
right.
G
So
no
I
actually
think
that
the
what
this
is.
If
we
need
to
update,
then
we
update,
but
what
I
was
hoping
for
more
and
maybe
that
one
word
change
would
be
that
there's
a
minimum
set
that
you
can
implement
with
ruski
and
if
you
have
to
implement
and
for
these
particular
use
cases,
then
you
do
the
full
CMC
inset.
G
So
it's
what
I
was
really
hoping
for
was
more
of
a
BCP
or
something
along
those
lines
to
where,
where
you
essentially
say:
here's
how
you
do
this
with
brewski
here's,
how
you
do
this
with
EST
and
actually
there
there
aren't
any
protocol
changes
needed
in
those
particular
cases.
So
it
could
be
that
if
you
want
to
tweak
a
word
or
two
to
allow
for
that
possibility,
now's
a
good
time
to
do
that
all
right.
And
then
then
this
can
come
out
as
some
sort
of
ECP.
But.
B
I
mean
you
know
you're
implementing
something.
What
do
I
need
to
implement?
That's
a
standards
intra
equation,
so
brueski
right
now
says
csr,
which
is
fine
which
doesn't
solve
all
the
use
cases.
We
figure
out
somewhat
later
the
the
this
thing
fully.
We
make
it
an
update,
that's
an
additional
thing.
I,
don't
know
if
there
is
such
a
big
difference
in
the
actual
coding
to
support
both
of
these
messages
and
just
in
further
you
know,
convoluting
the
existing
brewski
with
something
which
might
have
been
a
better
choice.
G
F
G
B
G
G
B
G
May
not
know
the
exact
timing,
but
they
made
me
an
implement.
A
back-off
algorithm,
like
the
joint
registrar,
might
implement
a
back-off
algorithm
on
its
side,
so
the
idea
would
be
well.
You
know
on
the
building
on
under
construction,
you
know
connectivity
is
spotty
or
whatever
the
case
may
be
back.
You
know
back
off
and
determine
if
it's
a
short
term
fail
your
long
term
failure
and
eventually
the
devices
get
registered
and
then
it'll
also
be
based.
G
B
B
B
But
I'm
saying
that
this
local
thing
that's
always
available
or
maybe
not
even
that
always
available
I'm
saying
right.
If,
if
this
whole
thing
is
about
not
only
interrupted
network
connectivity
but
also
interrupted
operations
of
things
on
site
and
I'm,
just
wondering
how
how
much
more
we
should
say
not
only
about
the
protocol
stuff,
but
also
the
note
behavior,
to
make
it
to
create
a
reliable
system
right,
yeah.
G
I
think
so
to
wrap
this
up.
We
think
that
the
use
case
is
really
valid.
That
much
I'll
say
you
know
it's
absolutely
necessary
that
we
understand
that
intermittent
connectivity
will
happen
for
some
of
these
use
cases.
This
address
is
one
particular
component
that
we
previously
looked
as
an
internal
component
to
the
join
registrar
which
we're
externalizing
right
and
so
in
in
externalizing
it.
G
We
need
to
make
sure
that
the
that,
first
of
all,
that
the
join
registrar
is
able
is
in
a
position
to
say,
come
back,
which
we
have
the
text
there
to
do,
that
that
the
certificate
request
and
the
certificate
the
certificate
request
itself
can
be
passed
forward
to
the
to
the
to
the
CA
when
it's
available
and
then
responded
to
in
a
timely
manner
when
that,
when
the
when
the
CA
comes
back
online,
and
the
key
thing
here
right
is
the
depending
on
the
timing
right,
the
CA
may
be
online
when
the
device
isn't,
and
vice
versa-
and
that's
that's
a
use
case
that
we
have
to
be
able
to
handle
as
well.
B
G
B
G
B
G
So
with
that
without
having
been
said
right,
that's
a
discussion
for
the
working
group
us
and
what
I'd
ask
is
that
if,
if
we
can
consider
adopting
this
I
think
it
would
be
useful,
you
know
the
next,
and
so
that
with
the
working
group
can
start
work
on
it
in
the
next
cycle.
This
presumes
that
the
brewski
draft
is
approved,
well
that
actually,
even
if
the
brewski
draft
isn't
approved,
we
probably
want
to
look
at
this.
In
the
context
of
you
know
what
about
est
alone,
but
I'm,
presuming
that
the
the
the.
G
What
I
said
was
I'd
like
to
I'd
like
to
see
this
draft
adopted,
please
if
the
if
the
working
group
has
interest
and
but
of
course
that
presumes
that
draft
anima
boots,
you
know
bootstrapping
remote
key
infrastructure
is
approved
by
the
isg
right,
because
otherwise,
what?
What
would
we
do
with
this
drop?
Okay,.
I
Bonus
so
the
status
of
the
brewski
Draft
is
that
it
there
was
a
question
raised
in
AGA.
Are
they?
Is
there
fundamentally
against
all
of
this
or
just
the
problems
that
specific
problems
that
identified
need
to
be
fixed
and
it's
a
problems
that
need
to
be
fixed?
So
you
have
a
big
list
of
discusses
that
needs
to
be
addressed,
and
that
is
going
somehow
not
fast,
but
that
is
moving
so
once
that
is
resolved,
the
document
is
approved
mm-hm.
So
it's
it's
not
a
question
that
there
is
a
fundamental
opposition
to
the
brueski
itself.
G
B
D
D
So
if
you
don't
need
to
run
through
this
wrong
with
you
fast,
what
the
EST,
which
they
just
basically
define,
is
the
mechanism
by
which
an
endpoint
exchanges,
CSRs
and
signed
certificates
with
the
RA
and
but
the
EST
doesn't
define
the
mechanism
by
which
the
RA
talks
to
the
certificate
authority.
An
ACME
defines
the
protocol
that
a
CA
and
an
African
can
use
to
automatic
automate
the
process
of
cert
issuance
and
what
this
trap
covers.
While
a
covers
multiple
use
cases,
but
one
is
how
a
nice
tra
can
turn
around
the
news.
B
D
Because,
actually
is
it
still,
it's
the
only
public
standard
for
automating
suresh
ones
to
a
CA
okay.
So
it's
we've
goodness
an
idea
than
the
a
quick
working
group
witness
here.
It's
it's
sticking
to
do
together,
but
there
are.
There
are
gaps
you
dressed.
You
want
to
do
that,
and
so
there's
multiple
there's
multiple
use
cases
in
in
the
draft
and
the
first
one
is
important:
Acme
issuances,
Optima
inserts,
so
for
those
that
are
familiar
with
Acme.
D
The
draft
covers
multiple
different
client
device
integrations
and
it's
built
on
top
of
the
sodium
inserts
and
the
subdomain
insert
stuff
is
really
a
an
optimization.
It
cuts
out
all
the
challenges
and
cost
Halawa
dns
traffic
and
the
draft
coverage
for
use
gives
the
est
brewski
T
and
T
brewski,
and
what
I'm
going
to
cover
today
is
just
a
brewski
one
and
there's
a
couple
of
related
drafts.
D
Saritha
trees
here
is
trying
to
figure
out
how
to
use
acne
for
issuing
search
securely
to
client
devices,
which
is
exactly
what
brewski
does
and
that's
exactly
what
I'm
trying
to
do
here
as
well
is
use
acne
for
issuing
certs
security
to
client
devices.
So
it's
a
bit
of
work
required
to
align
these
huge
rafts
and
figure
out
how
to
work
out
together.
Kathleen
also
has
a
draft
published
Donna
using
acne
free
Xuan
client-side
device
as
well.
So
it's
a
bit
of
work
required
to
figure
out
how
these
three
things
align.
D
D
What
I'm
going
to
jump
in
through
now
is
at
a
very,
very
high
level
how
you
can
stitch.
Please
connect
me
together,
so
this
is
straight
from
the
Acme
specification.
It's
copy.
These
screenshots
were
taken
directly
from
the
Acme
integrations
draft.
It
just
covers
how
a
pledge
or
a
cloud
it
covers
how
a
nice
DRA
can
prove
ownership
of
a
parent
domain
using
standard
Acme
procedures.
D
The
pledge
will
then
do
a
simple
enroll,
not
standing.
The
previous
presentation
that
we
just
made
pledge
will
do
a
simple
roll
on
poster
because
he
is
10,
get
back
a
tool
to
retry
after
and
then
the
RA
will
then
turn
around
and
talk,
and
it's
back
ends
to
Acme
to
complete
that
order
and
get
issued
a
signed
certificate.
D
One
of
the
interesting
things
here
for
the
Acme
people
after
people
that
were
familiar
Acme
in
the
room,
is
that
there's
no
challenges
involved
here,
there's
no
interaction
between
the
est
or
in
DNS,
because
there's
no
need
to
prove
ownership
of
all
the
subdomain
identifiers,
and
one
thing
that
I've
shown
here
is
that
the
CSR
that
the
pledge
has
generated
has
pledged
Aidid
at
domain.com.
So
one
thing
that
is
not
specified
really
in
EST
or
on
brewsky
Oran.
This
draft
here
is
how
the
pledge
securely
determines
what
the
main
to
put
into
CSR
requests.
H
D
Acme
allows
this
yes,
it'd,
be
based
on
to
see
a
policy
for
acne
analysis,
and
this
is
how
public
sees
operation
you
can
prove
ownership
of
safe
or
calm,
but
some
see
is
anyway,
your
public's
here,
you,
you,
prove
ownership
before
to
come
and
then
see
a
will
happily
issue
you
certificate
with
magenta
fire
for
subdomain
the
4.com.
If.
D
E
Michael
johnson
anti-drugs
point
when
she
the
way
that
you
prove
that
control
of
the
domain
is
such
that
you
actually
could,
if
you
were
challenged,
prove
control
of
any
other
name
underneath
that
domain
and
so
acme
says
well,
you
proved
your
name
is
Doug
I.
Don't
need
you
to
show
do
anything
else,
you
any!
You
don't
have
to
prove
that
your
left
leg
belong.
Also,
your
left
leg
and
your
right
leg
is
your
right
leg.
You're
done
it's
all
of
you!
You're
you've
been
offended
right.
So
that's
the
the
point.
E
D
E
D
E
What
I
said
so
so,
with
the
exception
that
I
have
to
prove
every
mean
so
I
do
a
DNS
chat
or
one
challenge
each
time,
I,
actually
a
running
code.
That
does
exactly
what
you're
saying
okay.
As
for
how
does
the
pledge
get
his
name?
Well,
he
doesn't
see
us
again,
get
the
CSR
attributes
part
and
in
the
ACP
context
right.
We
had
the
discussion
this
morning
about
the
the
RFC
22
name,
which
is
generated
and
returned.
The
pledge
puts
that
in
someone
wants
to
use
Brustein.
E
D
E
Not
as
well
specified
as
you'd
like
because
it's
kind
of
like
well,
of
course,
you
would
know
in
est
context,
because
you
authenticated
the
device
and
you're
the
thing,
and
you
knew
who
the
guys
thing
was.
We
went
to
LDAP
or
something
whatever.
Well,
you
know
what
the
name
you're
supposed
to
tell
it
put
in,
and
the
device
knows
the
name
that's
supposed
to
put
in
as
well
or
the
endpoint
knows
that,
because
it
authenticated
with
some
other
out
of
bad
mechanism.
E
So
it
was
all
known
by
pre
configuration
and
so
now,
when
we
do
this
autonomically
now
we
have
to
say
ooh.
We
don't
know
it
by
pre
configuration,
so
we
have
to
find
something
out:
I'm,
not
really
real
fond
of
this
get
CSR
attributes
or
that's
called
sears.
Our
tributes
return.
It's
made
up
at
the
ASA.
One
is
made
up
it's
the
subject
of
one
of
the
year,
otters
about.
Yes,
that
someone
thinks
the
a
s
the
S
one
is
nonsense
and
I
had
to
implement
it.
E
I
found
it
very
difficult
to
figure
out
what
was
wrong
and
I
only
really
implemented
it
by
changing
my
code
until
I
produced
the
same
output
that
the
draft
produced
right
so
josh
has
an
example,
no
idea
how
it
really
works,
because
I
couldn't
understand
the
ESN
one
and
so
I
just
kept
fixing
my
code
changing
the
nesting
of
sequences
and
sets
until
I
got
the
same
answer
for
the
same
inputs
at
which
point
I
think
it's
correct.
But
so
that's
good.
E
E
B
So
I
think
I
was
lost
in
in
in
in
the
sequence
of
events
a
little
bit.
So
let
me
turn
it
around
from
right.
From
the
perspective
of
doing
an
na
and
I,
you
know
enrolling
devices
with
a
CP
certificate,
so
to
speak
with
this
RFC
822
names,
the
the
model,
how
understood
brewski
so
far
is
that
whatever
you
know
protocol
the
Registrar
uses
with
the
certificate
authority,
it
would
just
have
the
you
know.
However,
the
RA
is
authenticating
against
the
CA.
That's
fine!
It's
up
to
the
protocol
and
then
that's,
basically,
all
the
authentication.
B
That's
done
on
that
link
which
basically
says
that
exactly
as
Michael
mentioned,
CSR
requests
all
the
stuff
that
figures
out
what
should
be
in
the
certificate
signing
request.
That's
basically
figured
out
between
the
RA
and
the
client,
and
that
thing
then
goes
to
the
CA
and
the
CA
simply
signs
off
on
that
and
says:
yeah
fine
I'll
give
you
everything
you
want,
because
you're
a
trusted
RA
I'm,
just
trying
to
overemphasize
what
I
thought
to
be
the
simple
model,
so
I'm
very
suspicious
now
that
this
actually
is
the
model
of
of
trust
and
verification.
B
B
That
that
was
my
understanding
also
when
talking
long
time
ago,
now,
with
with
with
Max
that,
basically
you
need-
and
that's
also
I,
think
what
I'll
need
to
go
back
and
figure
out.
I
thought
I'd
been
written,
writing
something
about
that
in
the
ACP
stuff,
I'm,
not
quite
sure,
but
that's
my
mental
model
of
the
model
between
the
RA,
ACP
registrar,
call
it
and
the
CA
that
the
CA
blindly
trust
so
to
speak,
the
RA
to
basically
only
send
it.
B
You
know
signing
request
that
the
are
because
we've
been
basically
coming
from
the
premise
that
the
back
end
from
the
RA
to
ca
can
use
arbitrary
protocols
and
we
don't
want
the
CA
to
do
anything
new,
specifically
for
a
and
I
autonomic
right.
So
all
this
additional
attribute,
crap
that
we're
adding
for
the
ACP
is
something
the
RA
which
is
an
ACP
registra
shouldn't,
be
aware
of
control
and
do
the
right
thing
with
it
assign
address
field
and
so
on,
but
the
CA
doesn't
need
to
care
about
it.
B
E
E
Reason
the
Taurus
is
confused
is
because
he
because
you're
thinking
that
this
that
the
acne
part
changes
the
RA
in
some
significant
way,
and
it
doesn't
all
it's
happening,
is
that
we
have
previously
said
that
the
are
the
Registrar
has
a
CA
within
it
or
connected
to
it.
That's
all
we've
said
before:
we've
never
assumed
anything
else
and
Stefan
is
saying,
and
if
that
connection
is
Acme,
this
is
what
the
whole
story
looks
like.
Okay,
and
there
are
perhaps
unresolved
at
this
point,
additional
requirements
on
the
pledge
because
of
the
interaction
with
acne.
E
D
D
Well,
because
acne
has
acne
has
specific
requirements
on
the
format
of
the
domain
and
how
you
do
domain
challenges,
which
were
kind
of
changing
a
little
bit
with
the
subdomain
stuff.
But
acne
has
specific
requirements
on
how
you
do
two
main
challenges,
and
that
means
that
the
played
you
must
know
exactly
which
which
domain
to
put
in
the
CSR
and
a
must
correspond
to
the
domain
that
the
RA
has
previously
verified.
Right.
E
And
and
what
that's
why
earlier
I
said,
what
was
missing
in
his
in
his
state
diagram
was
the
get
CSR,
because
that
actually
provides
the
information.
The
pledge
probably
needs
and
and
if
that's
enough
correct
information,
then
we're
okay.
What
Elliott
has
just
pointed
out
to
me
that
I
have
something
wrong
in
my
CSRs,
because
I'm
missing
the
binding
of
the
TLS
channel
and
the
CSR
and
that's
part
of
the
issue
and
that
may
actually
affect
it.
Acne
may
be
upset
about
the
TLS
unique
that's
supposed
to
be
in
there.
E
D
B
If
I
try
to
translate
this,
then
there
is
something
like
a
domain
stuff.
There
needs
to
be
some
of
the
authentication
on
that.
If
the
pledge
doesn't
want
to
have
very
specific
code
on
that,
the
RA
would
give
it
through
the
csr
attribute
request
to
the
client.
The
client
then
issues
the
signing
request
and
the
acme
CA
can
be
happy
something
around.
D
We've,
given
this
presentation,
Arachne
anima
and
we're
giving
it
you
tomorrow,
so
hopefully
he'll
that
we'll
have
enough
people
coming
who
will
be
able
to
answer
the
questions
and
the
other
thing
we
want
to
do
is
is
aligned
with
what
we
thought
is
doing,
which
is
a
different
slant,
and
it's
a
different
take
on
this
in
a
different
take
on
how
you
might
issue
or
use
Acme
to
issue
device
ID
service.
So.
D
It
may
be
that
the
way
the
draft
is
currently
structured
needs
to
split
apart,
because
the
Acme
issue
in
the
subdomain
certs
is
a
very
distinct
thing.
Then
he
acne
working
group
is
happy
to
do
and
wants
to
do
and
for
how
you
do
the
integration
between
acne
and
brewski
or
est.
That
seems
like
it.
It's
here,
okay,.
B
F
D
D
G
D
B
D
Might
be
better
here:
okay,
yeah
and
similar
set
of
conversations
will
happen
tomorrow
at
EMU,
so
it
may
be
that
well,
certainly
the
subdomain
stuff
probably
warrants
a
draft,
and
so
interacting
with
the
care,
and-
and
it
may
be,
that
the
brewski
and
tip
stuff
require
two
servers
documents.
We
do
not
know.
D
B
C
Yeah,
actually,
that's
roughly
cases
we
actually
take.
You
know
almost
double
time,
so
we
had
no
more
in
other
IT
meeting,
because
this
I
mean
family
right
beginning
we
intentionally
wrong
anima
every
ITF
of
for
two
session,
but
no
made
the
second
setting
is
for
the
you
know,
out
of
scope
items
to
this
meeting
we
actually
giving
the
stators.
We
have.
You
know
the
old
charter
and
some
potential
work
items
for
new
charter,
so
we
actually
have
two
sessions,
and
so
we
use
a
1000
if
you
still
want
to
something.