I do agree that avoiding ASN.1 is a very desirable goal, for exactly that reason: high probability of human error. So my gut feeling is to go for a URI.
Regards Brian On 01-Jul-20 13:34, Michael Richardson wrote: > > Eliot Lear <l...@cisco.com> wrote: > > I think either a URI or otherName are pretty much functionally > > equivalent. I might go with URI for one particular reason, which is > > that the tooling – in particular OpenSSL – will handle it better. > > Maybe the command line stuff, but for the API, it's an identical amount of > effort. (I have running code). > > I don't think an ASN.1 encoded otherName will be better for IoT (or BFRS) > because it force the ACP application developers to learn something about > ASN.1, and history says they will get it wrong. (Because, as Nico says, lack > of access to ASN1 code generators). > > I would prefer CBOR encoding, if there is consensus that it should not be a > string. > This also anticipates more modern certificate-like artifacts (CoID). > > -- > Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > > > _______________________________________________ > Anima mailing list > Anima@ietf.org > https://www.ietf.org/mailman/listinfo/anima > _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima