Figure 14: "supply CA certificates" versus "supply CAcerts (optional)"

anima-wg / anima-brski-prm

ANIMA BRSKI Pledge in Responder Mode

Other

0 stars 6 forks source link

Figure 14: "supply CA certificates" versus "supply CAcerts (optional)" #96

Closed siethower closed 1 year ago

siethower commented 1 year ago

Comment from Toerless to section 6.3

1991 Figure 14: Responses and status handling between pledge and 1992 registrar-agent Nice picture, but now i am confused what "supply CA certificates" is versus "supply CAcerts (optional)" (cold read: this concern is written without knowing whats written further down. But also the tree bullet points above in this section didn't distinguish between "CA certificates" and "CAcerts (optional)".

mcr commented 1 year ago

I think it means the same thing. But, "supply CA certificates" could also mean "manufacturer trust anchors" (for IDevIDs). I would have to look at the context.

stfries commented 1 year ago

This is an error in the figure. provisioning of CAcerts is unintentionally included twice. Messages should look like: |<----- optional TLS connection ----| |<------- supply voucher -----------| |--------- voucher status --------->| |<--- supply CAcerts (optional) ----| |<--- supply enrollment-response ---| |--------- enroll status ---------->|

stfries commented 1 year ago

update figure