Hi, This mail is to notify the WG of a minor change to the OSCORE profile. It was brought up in the github issues by Christian (see: https://github.com/ace-wg/ace-oscore-profile/issues/40 ) and discussed offline during IETF108 that the profile adds a requirement of the token always being encrypted, that is not inherited from the framework. The reason for this additional requirement was that the authors assumed the token to always be self-contained. After discussion, we have come to the conclusion that this requirements does not need to be in the profile, and we have removed it: https://github.com/ace-wg/ace-oscore-profile/commit/dd7a9b5a30dacd0ca55a1eb42b26cd13d1048d57
We do not think this is a major change, but rather a fix, so we don't think we need to move back to the WG, but the chairs/AD can let us know if that's not the case. We are ready to submit a v-11 including this change and updates following Last Call reviews and IANA review, assuming there is no objection. Pull request including all changes is here: https://github.com/ace-wg/ace-oscore-profile/pull/42 Once v-11 is up, we consider all comments addressed, and are ready for the next step. Thanks, Fracesca _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
