David, Mohit > Von: David von Oheimb <[email protected]> > Gesendet: Donnerstag, 11. März 2021 18:51 > > To reduce the DoS risk in particular with the need to split larger messages > into smaller chunks to re-assemble them later, > it should be pretty helpful if both sides of the connection minimize the > number and contents of CMP message fields as far as possible, > for instance by leaving out unimportant optional fields, using short strings, > preferring PBM-based protection, and generally (also for the certificates > being managed) using ECC rather than RSA. > I suggest placing some remark like this in sections 2.6 and/or 5.
I would not put too many CMP specific recommendations regarding profiling CMP into the CoAP draft to keep the scope focused. I think a general recommendation to try to keep the CMP messages lean should do. Hendrik _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
