Hannes Tschofenig <hannes.tschofe...@arm.com> wrote:
> At IETF#101 Peter presented a list of open issues with the EST over CoAP
draft, see
>
https://datatracker.ietf.org/meeting/101/materials/slides-101-ace-est-over-secure-coap-00
> - Operational parameter values
> - Server side key generation using simple multipart encoding
> - Explain trust relations for http/coap proxying
> I have challenged the usefulness of the server-side key generation
> during the meeting but in general I am curious where we are with the
> document. It would be great to get it finalized. It appears that we are
> adding new features and therefore will not be able to complete the work
> in any reasonable timeframe.
Server side key generation is not the only way to use this, and I'm not
interested in it myself.
I don't think we can do http/coap proxying in any meaningful way if
we are using TLS/DTLS for the secure transport. I have encouraged my
co-authors to either take it out, or realize that they are confusing
the EST link (over DTLS) with the Registration Authority<->Certificate
Authority link (over HTTPS).
> So, do we have a plan for how to complete the document?
I am implementing at this time, with CoAP over DTLS using OpenSSL today,
and mbedTLS for the pledge side in a week or two. I believe that we can
finish this document by the end of the summer. I don't think we'd get to
WGLC before IETF102, and as August is a dead zone for IETF work, having a
WGLC before September 1 would seem pointless.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
