Hannes Tschofenig <[email protected]> wrote: > Thanks for the feedback.
> Why do you think it takes so long to get this document finished? In the
> end, you are just carrying EST over CoAP instead of conveying it over
> HTTP.
It's not really just us, it's time to get people to do the reviews required :-)
It's also constrained about getting other documents out. RFC8366 spent 4
weeks in AUTH48 due to a small YANG correction discovered at the last minute.
(And we had to bikeshed the title)
> PS: Regarding the use of DTLS/TLS for the proxy. There are obviously
> ways to get this accomplished but the question for me is whether this
> functionality should go into this version of the spec or rather a
> companion document.
I don't understand the use case.
EST requires a secure transport from requesting entity to Registrar.
A DTLS/TLS proxy represents a MITM, and I don't see a way for either party to
trust it. I have been pushing to better detail how people want this to work.
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
