On Wed, Mar 09, 2022 at 10:35:01PM -0800, Murray Kucherawy via Datatracker wrote: > Murray Kucherawy has entered the following ballot position for > draft-ietf-ace-mqtt-tls-profile-15: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-ace-mqtt-tls-profile/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > This should be quick to resolve. In Section 3.2: > > The Broker MUST NOT forward messages to unauthorized subscribers. > There is no way to inform the Clients with invalid tokens that an > authorization error has occurred other than sending a DISCONNECT > packet. Therefore, the Broker SHOULD send a DISCONNECT packet with > the reason code '0x87 (Not authorized)'. > > This seems like a contradiction. How is that SHOULD not a MUST?
I suppose you could also be less informative and just drop the transport connection with no DISCONNECT (or simply hold it open while passing no traffic). I think that's what I had in mind when I reviewed this with the SHOULD. -Ben _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
