Eliot Lear <l...@cisco.com> wrote:
> I think either a URI or otherName are pretty much functionally
> equivalent. I might go with URI for one particular reason, which is
> that the tooling – in particular OpenSSL – will handle it better.Maybe the command line stuff, but for the API, it's an identical amount of effort. (I have running code). I don't think an ASN.1 encoded otherName will be better for IoT (or BFRS) because it force the ACP application developers to learn something about ASN.1, and history says they will get it wrong. (Because, as Nico says, lack of access to ASN1 code generators). I would prefer CBOR encoding, if there is consensus that it should not be a string. This also anticipates more modern certificate-like artifacts (CoID). -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
