Hello Dan & Rafa, On Fri, Sep 10, 2021 at 10:42:56AM +0200, Dan Garcia Carrillo wrote: > > * OSCORE ID derivation: > > > > * Randomly assigned full-length ideas look like an odd choice. > > [...] > > > > Any chance something like that can still make it in? > > [Authors] Did not see that as random but parametrised according to the > crypto suite. We will try to make this as straightforward as possible > following your comments.
the construction we recently discussed (where both peers decide actively on the OSCORE Recipient IDs (or client ID for DTLS) they'd later want to use as inputs to EAP) would resolve this issue conveniently. (See coming follow-up in "About securing last exchange CoAP-EAP"[1] on how this makes things easier over there). BR c [1]: https://mailarchive.ietf.org/arch/msg/emu/bnMFV4_1uTW7sSwVOp7WzVZZCAI/ -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
