Thanks, the proposed text is fine! Agree it is a minor item.
Esko
-----Original Message-----
From: Panos Kampanakis (pkampana) <pkamp...@cisco.com>
Sent: Monday, February 17, 2020 17:47
To: Esko Dijk <esko.d...@iotconsultancy.nl>; ace@ietf.org
Subject: RE: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt
Thank you for this Esko. Hmm, point taken.
I consider this a minor change and we will incorporate it in the AUTH48 phase.
I am planning to rephrase to
"[...] If the client had requested Content-
Format TBD287 (application/pkix-cert), the
server would respond with a single DER binary certificate.
That certificate would be in a multipart-core container specifically
in the case of a response to /est/skc query."
Let us know if you have any objections.
Rgs,
Panos
-----Original Message-----
From: Esko Dijk <esko.d...@iotconsultancy.nl>
Sent: Monday, February 17, 2020 3:15 AM
To: Panos Kampanakis (pkampana) <pkamp...@cisco.com>; ace@ietf.org
Subject: RE: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt
Hello Panos,
I noticed one sentence in Appendix A that seems inconsistent with the rest of
the I-D, or at least gives an incomplete view :
If the client had requested Content-
Format TBD287 (application/pkix-cert) by querying /est/skc, the
server would respond with a single DER binary certificate in the
multipart-core container.
The client here could also have POSTed to resource /est/sen with Accept:TBD287
option, indicating it is requesting TBD287 for simple enrollment, and the
server would respond with a single DER binary certificate
(application/pkix-cert). So the current text might suggest that POSTing to
/est/skc is the only way to request TBD287 format, which is not the case since
/est/sen also may support it too.
Best regards
Esko
IoTconsultancy.nl | Email/Skype: esko.d...@iotconsultancy.nl
-----Original Message-----
From: Ace <ace-boun...@ietf.org> On Behalf Of Panos Kampanakis (pkampana)
Sent: Monday, January 6, 2020 19:12
To: ace@ietf.org; i-d-annou...@ietf.org
Subject: Re: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt
Hello,
This iteration addresses all IESG reviews. More details on the feedback and
how we addressed it are in the git issues here
Rgs,
Panos
-----Original Message-----
From: Ace <ace-boun...@ietf.org> On Behalf Of internet-dra...@ietf.org
Sent: Monday, January 06, 2020 1:00 PM
To: i-d-annou...@ietf.org
Cc: ace@ietf.org
Subject: [Ace] I-D Action: draft-ietf-ace-coap-est-18.txt
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : EST over secure CoAP (EST-coaps)
Authors : Peter van der Stok
Panos Kampanakis
Michael C. Richardson
Shahid Raza
Filename : draft-ietf-ace-coap-est-18.txt
Pages : 51
Date : 2020-01-06
Abstract:
Enrollment over Secure Transport (EST) is used as a certificate
provisioning protocol over HTTPS. Low-resource devices often use the
lightweight Constrained Application Protocol (CoAP) for message
exchanges. This document defines how to transport EST payloads over
secure CoAP (EST-coaps), which allows constrained devices to use
existing EST functionality for provisioning certificates.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ace-coap-est-18
https://datatracker.ietf.org/doc/html/draft-ietf-ace-coap-est-18
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-coap-est-18
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
