On 2018-02-18 17:45, Carsten Bormann wrote:
On Feb 18, 2018, at 08:35, Hannes Tschofenig <hannes.tschofe...@arm.com> wrote:

Hi Carsten,

We should maybe add that this information is provisioned either during 
manufacturing, via a commissioning tool or some other mechanisms. Not sure 
whether this will indeed add more but it might be useful to know.

For a protocol that is meant to be interoperable, there need to be standard (if 
not MTI) ways of getting this done.
At least we need to have a defined interface between CAM (“commissioning tool”) 
and C for letting C know what was agreed about how to address AS and which RSes 
it should be used for.

Grüße, Carsten

Why don't you make a new draft where you propose such a mechanism?

I don't think this fits in the scope of the framework draft, since the framework is supposed to deal with the interaction between C-AS and C-RS (after the onboarding has happened).

I agree that onboarding is a valid concern (which is why I wrote appendix B), but lets not delay draft-ietf-ace-oauth-authz any further by adding a whole new set of functionality in it.


Ludwig Seitz, PhD
Security Lab, RISE SICS
Phone +46(0)70-349 92 51

Ace mailing list

Reply via email to