Skip to content

Commit

Permalink
Update draft-hmntsharma-bmp-over-tls.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@hmntsharma
hmntsharma authored Jul 23, 2024
1 parent 305741e commit 7de9cdc
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion draft-hmntsharma-bmp-over-tls.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ In regular TLS connections, the server has a TLS certificate along with a public

For BMP over TLS (BMPS), it is REQUIRED to implement mutual TLS (mTLS), wherein both the server (BMP station) and the client (network element) have certificates, and both sides authenticate each other using their respective public/private key pairs.

The organizations implementing mTLS SHOULD have their own self-signed "root" certificate. The certificates issued to both the BMP station and NEs should correspond to this root certificate.
A self-signed "root" TLS certificate is REQUIRED for mTLS, allowing an organization to act as its own certificate authority. The certificates issued to both the BMP station and NEs should correspond to this root certificate.

The operational flow of BMP over TLS is similar to standard TLS operations:

Expand Down

0 comments on commit 7de9cdc

Please sign in to comment.