[Ace] draft-palombini-ace-coap-pubsub-profile

[Jim Schaad]

After doing some reading elsewhere, I think it would be reasonable to
outline the version of security when the pub/sub agent can be trusted.  This
makes a contrast with this model that people should understand.

Jim


___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

[Ace] draft-palombini-ace-coap-pubsub-profile-01 review

[Ari Keränen]

Hi,

I had a look at the CoAP pub/sub profile draft and overall it looked good to 
me. This mechanism is essential for e2e security with the CoAP pub/sub broker, 
so I'm happy to see this going forward.

Couple of comments below; I'll send nits separately off-list.


Section 2:

Good to mention early enough that AS1 and AS2 can be (and commonly are?) the 
same host.

Sec 5:
>  The (G) message is the subscription of the
>   Subscriber, which is unprotected.

Can't G be protected with regular DTLS?

I think the considerations about symmetric crypto could be worth lifting from 
security considerations to a separate section. That would be interesting to 
explore more; unless we want to keep that out of scope.


Cheers,
Ari
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace