Hi,
I had a look at the CoAP pub/sub profile draft and overall it looked good to
me. This mechanism is essential for e2e security with the CoAP pub/sub broker,
so I'm happy to see this going forward.
Couple of comments below; I'll send nits separately off-list.
Section 2:
Good to mention early enough that AS1 and AS2 can be (and commonly are?) the
same host.
Sec 5:
> The (G) message is the subscription of the
> Subscriber, which is unprotected.
Can't G be protected with regular DTLS?
I think the considerations about symmetric crypto could be worth lifting from
security considerations to a separate section. That would be interesting to
explore more; unless we want to keep that out of scope.
Cheers,
Ari
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace