Hi Hannes, On 12/19/2018 12:36 PM, Hannes Tschofenig wrote: > Hi Steffi, > > Are you focused on token expiry or the case where a token + symmetric key has > been leaked?
I am talking about the expiry of the keying material for RS that AS provides to C. > > Is the threat you are describing the case where the client uses DTLS/TLS with > the RS (potentially long after a token has been presented), or the case where > the client contacts the RS and presents a token? I am worried about cases where the client communicates securely with RS, e.g., using DTLS/TLS or object security, not about presenting the token to RS. Viele Grüße Steffi _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace