Paul Wouters has entered the following ballot position for draft-ietf-ace-extend-dtls-authorize-06: Yes
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-extend-dtls-authorize/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I also have a but of trouble interpreting this sentence: As resource-constrained devices are not expected to support both transport layer security mechanisms. Clients and Resource Servers SHOULD support DTLS and MAY support TLS. A Client that implements either TLS or DTLS but not both might fail in establishing a secure communication channel with the Resource Server altogether. I am assuming the Resource Servers(RS) are not constrained. Would it not make sense to say that RS SHOULD support both TLS and DTLS to ensure interoperability with resource-constrained clients that support either TLS or DTLS but not both ? _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
