I oppose adoption.
IETF in the past has come up with SCEP, CMP, CMC and EST, all of them for the most part doing the same thing with minor differences. I don’t think we need two enrollment protocols to run over COAP. We should not repeat mistakes of the past. In ACE we have EST-coaps which is done. We worked on it because EST was in IEC 62351 and we needed a solution for some COAP usecases. Since then EST-coaps has been picked up by Fairhair and Thread. The argument about L7 protection in CMPv2 could also be satisfied by draft-selander-ace-coap-est-oscore. draft-selander-ace-coap-est-oscore was trying to secure EST over L7 encrypted COSE messages. Additionally, I would argue that L7 proof-of-identity is not a strong advantage in an (L)RA trust model for both EST-coaps and CMPv2-coaps. What is more, having the CA trust all potential manufacturer roots in order to do L7 proof of identity will not be trivial unless the CA is a private one. And in a private CA and (L)RA scenario I don’t know that end-to-end proof or identity is that important. I oppose adoption unless there is a compelling reason why. Also I am not sure where this draft would be implemented and used. If this is just for one or two vendors I don’t think ACE needs to spend the cycles. Thanks, Panos From: Ace <ace-boun...@ietf.org> On Behalf Of Mohit Sahni Sent: Monday, October 05, 2020 3:21 AM To: Ace Wg <ace@ietf.org> Cc: stripa...@paloaltonetworks.com; saurabh.tripa...@gmail.com; Mohit Sahni <msa...@paloaltonetworks.com>; Brockhaus, Hendrik <hendrik.brockh...@siemens.com> Subject: [Ace] Call for adoption draft-msahni-ace-cmpv2-coap-transport-01 Hello Ace WG, I am presenting the draft-msahni-ace-cmpv2-coap-transport-01 to be adopted by ACE WG. This document supplements the "Lightweight CMP Profile" draft (https://tools.ietf.org/html/draft-brockhaus-lamps-lightweight-cmp-profile-03) which specify the modifications to the CMPv2 protocol for it to be used efficiently by the constrained devices for PKI operations. I discussed this draft in IETF-108 ACE session and the need for the recharter of ACE WG in order to adopt this draft, to which we had a consensus. Please state your opinion on whether this draft should be adopted by ACE WG. Link to the draft https://datatracker.ietf.org/doc/draft-msahni-ace-cmpv2-coap-transport/ Regards, Mohit Sahni
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
