great, so I suggest we publish the update before next interim meeting.
Yours,
Daniel
From: Olaf Bergmann
Sent: Wednesday, February 3, 2021 12:58 PM
To: Francesca Palombini
Cc: ace@ietf.org ; Benjamin Kaduk ; Daniel Migault
Subject: Re: [Ace] draft-ietf-ace
On 2021-01-29, Francesca Palombini
wrote:
> So my preference would update the text in the DTLS profile:
>
> NEW:
>The use of CoAP
>and DTLS for this communication is RECOMMENDED in this profile, other
>protocols fulfilling the security
>requirements defined in section 5 of [I-D.i
I agree with Francesca that we should only RECOMMEND CoAP+DTLS for "both
legs" of communication with the AS -- the intent of the framework is that
we can decouple the protocol used in the different interactions if needed.
-Ben
P.S. The sentence prior to the quoted ones refers to Sections 5.6 and
Hi Olaf,
When I read the draft I don't see how the change is reflected in your summary,
actually your summary shows no difference between OSCORE and DTLS profile,
while actually there is one. This is the difference we are discussing in the
DTLS profile, about secure communication between Client
Hi Daniel,
On 2021-01-28, Daniel Migault
wrote:
> Apparently, the change on the DTLS profile has not been noticed by
> everyone in the WG, so I am bringing the discussion here.
>
> The change has been made as a response to a comment from the security
> directorate. Please provide your feed back
Apparently, the change on the DTLS profile has not been noticed by everyone in
the WG, so I am bringing the discussion here.
The change has been made as a response to a comment from the security
directorate. Please provide your feed backs by Feb 4 (but preferably before)-
and potentially propos
Hello Hannes,
Thank you very much for your comments. I am replying to the comment that
Ludwig did not yet address:
Ludwig Seitz writes:
> On 2017-10-01 11:35, Hannes Tschofenig wrote:
>> - What is the reasoning behind this statement:
>>
>> "This specification mandates that at least the key
On 2017-10-01 11:35, Hannes Tschofenig wrote:
[chair hat off]
Hi all,
Hello Hannes,
thank you for your comments. Replies inline.
/Ludwig
I took a look at the draft and noticed a few minor things:
- The document should talk about "profiles" rather than "profile" since
it specifies at leas
[chair hat off]
Hi all,
I took a look at the draft and noticed a few minor things:
- The document should talk about "profiles" rather than "profile" since
it specifies at least two profiles, namely the RPK and the PSK profiles
with DTLS. I suspect an implementation is only expected to implement