Add section on re-enrollment (/sren)

[EskoDijk]

We should add a section on re-enrollment (/sren). This is of course mostly the same as in BRSKI but it is good to point out any (minor) differences that may occur.

One such difference is that the "CA Certificates" (/crts) response only contains one CA certificate in the most-constrained case, where the Pledge requests the content-format TBD287 and gets only one CA cert back. This makes the case of "re-enroll with LDevID and receive a new LDevID under a new CA" somewhat different from classic BRSKI.

The proposed solution for this case is:

• The Pledge re-enrolls as usual
• It receives a new LDevID and verifies this LDevID against its existing (stored) Domain CA Trust Anchor(s).
• If it chains ok, fine - store LDevID and finish the process.
• If it does not chain ok, send the CA Certificates request (/crts) to get the new Domain CA.
• Receive the /crts response and verify this with my new LDevID.
• If it chains ok, fine - store LDevID and finish the process.
• If it does not chain ok, revert back to the old LDevID and report error (e.g. use CoAP /brski/es to report the re-enrollment status.)

[EskoDijk]

From ANIMA design team call today:

• Needs to align with EST-coaps for re-enrollment. (Check - there were some discussions on re-enrollment)
• If possible, we refer to the enrollment process instead of specifying this separately. Because overall process is same/almost-same as the part 2/2 of the initial BRSKI bootstrap+enrollment.

[mcr]

I agree with your process. I think that the problem is making sure that we have the right text in the right place. Your proposed process above, really belongs in est-coap; it's not covered in BRSKI at all, but doesn't contradict anything either. My feeling is that we should document what need to, when and where we need to, even if it turns out that are updating another document. When we are massively successful, we'll get the whole document series redone, or someone will write an authoritative book.

[mcr]

(Will you make a pull request with proposed text?)