Hi, > Looking into Mohits draft, cmp-over-coap is much simpler than est-over-coaps, as CMP does not need any binding to an underlying (D)TLS handshake.
Not sure that is accurate. And EST does not bind to the tunnel protocol either unless proof of possession is used. For now the cmp-over-coap draft says When the end to end secrecy is desired for CoAP transport, CoAP over DTLS [RFC6347] as a transport medium SHOULD be used. COAP can run over DTLS or plain UDP and in rare cases TCP, TLS and maybe Websockets. I am not sure someone would run cmp-over-coap over TCP because then he could just run CMP natively without COAP in the middle. Any application layer protocol (CMP etc) can run over any transport but I am not sure there are more transports than the usual ones for cmp-over-coap anyway. I agree that if this gets picked up it should be by ACE. I would like to understand what gaps it is filling compared to est-over-coaps which took a lot of work and where it will be used and implemented in. Panos -----Original Message----- From: Ace <[email protected]> On Behalf Of Brockhaus, Hendrik Sent: Wednesday, July 22, 2020 3:51 AM To: Benjamin Kaduk <[email protected]>; Michael Richardson <[email protected]> Cc: Mohit Sahni <[email protected]>; [email protected]; [email protected] Subject: Re: [Ace] IETF 108 tentative agenda and presentations (Daniel Migault) > Von: Ace <[email protected]> Im Auftrag von Benjamin Kaduk > > On Tue, Jul 21, 2020 at 04:31:05PM -0400, Michael Richardson wrote: > > > > Mohit Sahni <[email protected]> wrote: > > > To give some background, this draft is an extension of Light Weight CMP > > > Profile ( > > > > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf .. > org%2Fhtml%2Fdraft-ietf-lamps-lightweight-cmp-profile- > 02&data=02%7C01%7Chendrik.brockhaus%40siemens.com%7Cc3b352cdfd > 174b0a7e2008d82dc1484f%7C38ae3bcd95794fd4addab42e1495d55a%7C1%7C > 0%7C637309655452109222&sdata=QWHu3IEwf4TIIpaW0cvKuMiGXixV1AX > dws6g0vBQJPY%3D&reserved=0) > > > draft currently under development in the LAMPS WG. We > > discussed the > "CMPv2 > > > over CoAP" draft in the LAMPS WG and figured out that ACE WG > > is a > more > > > appropriate place for this draft. However, Jim suggested that > > we will > need > > > to modify the charter of the ACE WG to adopt this draft. > > > > We did est-over-coaps [still in the queue], why shouldn't we do > > cmp-over- > coap(s)? > > It may just be that "est-over-coaps is so obviously us" that I didn't > check the charter carefully at that time. But, at this point, we're > probably overdue for a recharter anyway, as the core framework is making its way to the IESG. > Steffen and I discussed this with Jim last year in Prague, if I remember correctly, and he recommended to submit cmp-over-coap to ACE and not to LAMPS. As est-over-coaps was in scope of ACE, I also think it is quite obvious to discuss cmp-over-coap in ACE. Looking into Mohits draft, cmp-over-coap is much simpler than est-over-coaps, as CMP does not need any binding to an underlying (D)TLS handshake. If you think this needs rechartering, we should go for it. - Hendrik _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
