Hi Roman, Thank you for your thoughts.
I’m currently collecting updates into https://github.com/cabo/ace-aif until the ID submission opens again. > On 2022-03-09, at 02:36, Roman Danyliw via Datatracker <[email protected]> > wrote: > > Roman Danyliw has entered the following ballot position for > draft-ietf-ace-aif-06: No Objection […] > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > ** Section 5.2. > The registration policy is Specification required [RFC8126]. The > designated expert will engage with the submitter to ascertain the > requirements of this document are addressed. > > To help the DE, is there a way to be clearer on what requirements need to be > satisfied? Is it the bulleted list in the SecCons? Section 4? DE instructions are good, but may be a bit tedious in this document. I’m not sure the DE will be able to assess the level of quality to which the seccons bullets are realized (which is not only hard in general, but here also requires knowledge of the application context), so I reduced this to a more abstract formulation. RFC 6838 also poses requirements on the names allocated, which probably should be further limited by some common-sense thinking. Addressed in https://github.com/cabo/ace-aif/commit/18fe26e > ** Section 6. I was under the impression that AIF didn’t have an explicit > requirement to use CoAP. For example, draft-ietf-ace-mqtt-tls-profile appears > to use the information model but isn’t restricted to CoAP. Therefore, is it > more accurate to say: > > OLD > The security considerations of [RFC7252] apply > > NEW > When AIF is used with CoAP, the security considerations of [RFC7252] apply. It’s a bit more complicated, as Section 11.1 of those is applicable to many other configurations. Fixed in https://github.com/cabo/ace-aif/commit/5e24927 Grüße, Carsten _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
