[Ace] Last Call: (EAP-based Authentication Service for CoAP) to Proposed Standard

2024-09-05 Thread The IESG 

The IESG has received a request from the Authentication and Authorization for
Constrained Environments WG (ace) to consider the following document: -
'EAP-based Authentication Service for CoAP'
   as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-c...@ietf.org mailing lists by 2024-09-19. Exceptionally, comments may
be sent to i...@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   This document specifies an authentication service that uses the
   Extensible Authentication Protocol (EAP) transported employing
   Constrained Application Protocol (CoAP) messages.  As such, it
   defines an EAP lower layer based on CoAP called CoAP-EAP.  One of the
   main goals is to authenticate a CoAP-enabled IoT device (EAP peer)
   that intends to join a security domain managed by a Controller (EAP
   authenticator).  Secondly, it allows deriving key material to protect
   CoAP messages exchanged between them based on Object Security for
   Constrained RESTful Environments (OSCORE), enabling the establishment
   of a security association between them.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-ace-wg-coap-eap/



No IPR declarations have been submitted directly on this I-D.





___
Ace mailing list -- ace@ietf.org
To unsubscribe send an email to ace-le...@ietf.org

Re: [Ace] Last Call: (EAP-based Authentication Service for CoAP) to Proposed Standard

2024-01-25 Thread Dan Garcia Carrillo 

Dear Carsten,

Thank you very much for the comments.

Yes, you are correct. The content of the array contains a non-empty list 
of RFC 9052 algorithm identifiers.
There is a case, where the element representing the list is not sent, 
that is intended to signify that the default cipher suites are chosen.


We will update the figure.

Best regards.


El 12/1/24 a las 2:19, Carsten Bormann escribió:

I have a quick question on Figure 6:

This says:

CoAP-EAP_Info = {
  ? 1 : array, ; cipher suite
[…]

for the cipher suite.

I assume

array

…really should be

[+ int/tstr]

…so this can be a non-empty list of RFC 9052 algorithm identifiers?

I’m not seeing an example, so I’m a bit in guessing mode here.

Grüße, Carsten
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] Last Call: (EAP-based Authentication Service for CoAP) to Proposed Standard

2024-01-11 Thread Carsten Bormann 
I have a quick question on Figure 6:

This says:

   CoAP-EAP_Info = {
 ? 1 : array, ; cipher suite
   […]

for the cipher suite.

I assume

array

…really should be

[+ int/tstr]

…so this can be a non-empty list of RFC 9052 algorithm identifiers?

I’m not seeing an example, so I’m a bit in guessing mode here.

Grüße, Carsten

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

[Ace] Last Call: (EAP-based Authentication Service for CoAP) to Proposed Standard

2024-01-11 Thread The IESG 


The IESG has received a request from the Authentication and Authorization for
Constrained Environments WG (ace) to consider the following document: -
'EAP-based Authentication Service for CoAP'
   as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-c...@ietf.org mailing lists by 2024-01-25. Exceptionally, comments may
be sent to i...@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   This document specifies an authentication service that uses the
   Extensible Authentication Protocol (EAP) transported employing
   Constrained Application Protocol (CoAP) messages.  As such, it
   defines an EAP lower layer based on CoAP called CoAP-EAP.  One of the
   main goals is to authenticate a CoAP-enabled IoT device (EAP peer)
   that intends to join a security domain managed by a Controller (EAP
   authenticator).  Secondly, it allows deriving key material to protect
   CoAP messages exchanged between them based on Object Security for
   Constrained RESTful Environments (OSCORE), enabling the establishment
   of a security association between them.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-ace-wg-coap-eap/



No IPR declarations have been submitted directly on this I-D.





___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace