Jump to Content

RFC 8886 - Secure Device Install

Warren Kumari
Colin Doyle
IETF RFC, RFC Editor (2020), pp. 16

Abstract

Deploying a new network device in a location where the operator has no staff of its own often requires that an employee physically travel to the location to perform the initial install and configuration, even in shared facilities with "remote-hands" (or similar) support. In many cases, this could be avoided if there were an easy way to transfer the initial configuration to a new device while still maintaining confidentiality of the configuration. This document extends existing vendor proprietary auto-install to provide limited confidentiality to initial configuration during bootstrapping of the device.