Thanks, the proposed text is fine! Agree it is a minor item. Esko
-----Original Message----- From: Panos Kampanakis (pkampana) <pkamp...@cisco.com> Sent: Monday, February 17, 2020 17:47 To: Esko Dijk <esko.d...@iotconsultancy.nl>; ace@ietf.org Subject: RE: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt Thank you for this Esko. Hmm, point taken. I consider this a minor change and we will incorporate it in the AUTH48 phase. I am planning to rephrase to "[...] If the client had requested Content- Format TBD287 (application/pkix-cert), the server would respond with a single DER binary certificate. That certificate would be in a multipart-core container specifically in the case of a response to /est/skc query." Let us know if you have any objections. Rgs, Panos -----Original Message----- From: Esko Dijk <esko.d...@iotconsultancy.nl> Sent: Monday, February 17, 2020 3:15 AM To: Panos Kampanakis (pkampana) <pkamp...@cisco.com>; ace@ietf.org Subject: RE: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt Hello Panos, I noticed one sentence in Appendix A that seems inconsistent with the rest of the I-D, or at least gives an incomplete view : If the client had requested Content- Format TBD287 (application/pkix-cert) by querying /est/skc, the server would respond with a single DER binary certificate in the multipart-core container. The client here could also have POSTed to resource /est/sen with Accept:TBD287 option, indicating it is requesting TBD287 for simple enrollment, and the server would respond with a single DER binary certificate (application/pkix-cert). So the current text might suggest that POSTing to /est/skc is the only way to request TBD287 format, which is not the case since /est/sen also may support it too. Best regards Esko IoTconsultancy.nl | Email/Skype: esko.d...@iotconsultancy.nl -----Original Message----- From: Ace <ace-boun...@ietf.org> On Behalf Of Panos Kampanakis (pkampana) Sent: Monday, January 6, 2020 19:12 To: ace@ietf.org; i-d-annou...@ietf.org Subject: Re: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt Hello, This iteration addresses all IESG reviews. More details on the feedback and how we addressed it are in the git issues here Rgs, Panos -----Original Message----- From: Ace <ace-boun...@ietf.org> On Behalf Of internet-dra...@ietf.org Sent: Monday, January 06, 2020 1:00 PM To: i-d-annou...@ietf.org Cc: ace@ietf.org Subject: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF. Title : EST over secure CoAP (EST-coaps) Authors : Peter van der Stok Panos Kampanakis Michael C. Richardson Shahid Raza Filename : draft-ietf-ace-coap-est-18.txt Pages : 51 Date : 2020-01-06 Abstract: Enrollment over Secure Transport (EST) is used as a certificate provisioning protocol over HTTPS. Low-resource devices often use the lightweight Constrained Application Protocol (CoAP) for message exchanges. This document defines how to transport EST payloads over secure CoAP (EST-coaps), which allows constrained devices to use existing EST functionality for provisioning certificates. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-ace-coap-est-18 https://datatracker.ietf.org/doc/html/draft-ietf-ace-coap-est-18 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-coap-est-18 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace