Julien, for our current work in OAuth-ACE we don't need such support since the equivalent functionality is already provided in https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-02
It is work we re-use from OAuth and it nicely integrated into the rest of the flow exchange. Ciao Hannes On 06/03/2016 05:08 PM, Samuel Erdtman wrote: > The company I previously worked for where looking into adopting EST for > this purpose, the benefit of EST compared to cmp or scep was that it > defined the process for server side generated keys, which could be > beneficial if key generation would be to cumbersome for the device or if > you don't trust the device to generate a "good" key. > > Maybe Shahid could give sold more updates since he was helping us with > this project > > On Thursday, 2 June 2016, Julien Vermillard <[email protected] > <mailto:[email protected]>> wrote: > > Hi, > In industrial or enterprise M2M/IoT application we often use PSK for > authentication, but more and more user want to enroll the device on > their public key infrastructure like they does with some routers > using SCEP/CMP. > > I wonder if it was explored to enroll devices, and renew > certificates on PKI only using CoAP and not HTTP? > > -- > Julien Vermillard > > > > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
