Hi Dan, Sorry to reply to such an old message...
On Sat, Dec 12, 2020 at 06:36:53PM +0100, Dan Garcia Carrillo wrote: > Hi Mališa, > > > El 11/12/2020 a las 19:45, Mališa Vučinić escribió: > > > > Hi Dan, > > > > Thanks for the clarification regarding minimal-security. The points > > that you mention below, e.g. flexible authentication or the fresh > > generation of the PSK, were never in the design scope of our work. > > > > While I fail to understand what exactly do you plan on using > > EAP-over-CoAP for, I do not object on this work being done in ACE if > > you are willing to spend cycles on it. I do have reservations on the > > lightweight aspect of this, however, considering that the sequence > > diagram that you depict in Fig. 2 in draft-marin-ace-wg-coap-eap-06 > > spans 3 pages and consumes 2 round trips just to get things started! > > Surely, we can do better? > > > Yes, we will submit an updated version of the draft. When you do, I suggest putting in some discussion of the relative size/overhead for CoAP as EAP lower-layer vs the EAP payloads themselves. I note that the IESG recently approved draft-ietf-emu-eaptlscert that discusses some pathological cases with TLS-based EAP methods and very large certificate chains. While I assume that you're not planning to do EAP-over-CoAP with such long TLS certificate chains, giving reviewers a sense for how big of an improvement this mechanism can be will presumably be helpful. Thanks, Ben _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace