Hi Jim, Thank you. Sorry I couldn't make it to the CORE interim meeting.
I see the challenge with content-format ID explosion in option c. So I agree that in the long run, there needs to be a long-term solution and option b seems the best for the general case. There are challenges with option b and EST-coaps though. If we broke the requests to different URIs, it means that a client needs to keep track of his transactions and on top of it he needs to correlate the key and the cert he receives at a later time. So, after pulling the two URIs he has to cryptographically confirm the key is tied to the certificate. Additionally, this deviates from the logic of the EST protocol which we are trying to profile on. We are adding new APIs to the protocol. Because of these challenges, I would like to use option c in the ETS-coaps draft. It is not violating RFC7252 and it does not affect the long term plan (option b) either. There are only to content types we are talking about in EST-coaps, a key and a cert. A key can be encrypted or not. A cert can be in PKCS#7 or plain pkix-cert. That makes four combinations. The number cannot explode further, so we could live with it in this context. Any strong objections? Rgs, Panos -----Original Message----- From: Ace <ace-boun...@ietf.org> On Behalf Of Jim Schaad Sent: Wednesday, February 20, 2019 12:59 PM To: ace@ietf.org Cc: draft-ietf-ace-coap-...@ietf.org Subject: [Ace] Embedded Content Types The CoRE working had an interesting virtual meeting this morning (my time) where the main topic of discussion was how to deal with embedded content types. This is a current problem that needs to be addressed with the EST document which is currently trying to deal with last call comments. The log from the meeting can be found at https://etherpad.tools.ietf.org/p/core-interim-2019-02-20. The takeaway from this that I got was: 1. There is a real problem and we need to figure out the best ways to try and deal with this in a generic manner. This is a problem not only here, but it the Publish/Subscribe CoRE document and in many other cases that we can see. 2. We are not going to get a general solution immediately so EST needs to look at doing something now. 3. A couple of different possibilities where discussed that could be used: a) Return a list of links rather than a multipart content and let the client sort through that list and download the things that they want. This is a purely reactive solution. b) Use a different URI to ask for the different options. This could be done either by the use of a different URI path or by the use of a query parameter. c) Register a different content type for each of the possible return values. There was a general preference for the use of a different URI as being the solution that should be used today. The idea of registering multiple content types was generally disliked as it does not really extend well. There was no specific preference on whether the use of a different URI path or a query parameter would be preferred. The use of a different URI would allow for better discovery of capabilities. The idea of listing nested content types in the 'ct' link type was also universally disliked. The CoRE, T2TRG and other forums are expected to continue discussions on this topic in different contexts such as Pub-Sub and CoRAL. To come up with both proactive and reactive solutions to the more general problem. Jim _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
