Hi Behcet: > El 15 ago 2016, a las 18:18, Behcet Sarikaya <[email protected]> > escribió: > > Hi Rafa, > > On Sun, Aug 14, 2016 at 7:05 AM, Rafa Marin Lopez <[email protected]> wrote: >> Dear all: >> >> Related with the usage of CoAP for bootstrapping in constrained devices >> (using EAP and AAA infrastructures) we wrote this I-D: >> >> https://tools.ietf.org/html/draft-marin-ace-wg-coap-eap-03 >> >> and wrote this paper that may be of your interest: >> >> http://www.mdpi.com/1424-8220/16/3/358 >> > > > Thanks for your work.
[Rafa] Thanks for your comments. > > One thing I would like to clarify: > IoT bootstrapping should be done before the device gets an IP address. [Rafa] As you may know IPv6 link-local address may be used. I may agree with your statement in a “global” or “routable" IP address. But, I guess, it will depend on the scenario. In any case, I think we should first agree in what IoT bootstrapping means and what are the requirements (MAY, MUST, SHOULD, …) > I think that CoAP works over IP, i.e.e the device already has been > assigned an IP address. [Rafa] CoAP is being considered to be transported over the link-layer directly (e.g. draft-bormann-6lo-coap-802-15-ie-00 or draft-wang-6tisch-6top-coapie-01). Another example in LP-WAN (draft-pelov-core-cosol-01) Btw there are also other protocols working on top of UDP (as CoAP) considered to be transported directly over the link-layer (e.g. IKEv2) as you may know. > > So whatever you do can not be called bootstrapping maybe something > else which is security related, maybe some application layer key > establishment. [Rafa] For the reasons mentioned above, I still call it bootstrapping Best Regards. > > Regards, > > Behcet >> Comments are welcome. >> >> Best Regards. >> >>> El 3 ago 2016, a las 15:55, Eliot Lear <[email protected]> escribió: >>> >>> Dear authors of draft-ietf-anima-bootstrapping-keyinfra and WG, >>> >>> The Fairhair alliance focuses on lighting and building automation. Our >>> security team has been reviewing your draft, and we appreciate the >>> effort that you are devoting in this direction. We would just like to >>> highlight at this junction that there is a preference for device >>> communications from the autonomic device to the registrar to be via COAP >>> over DTLS rather than HTTP over TLS, primarily because the devices that >>> we are working with will already have a CoAP implementation. As such, >>> there is some interest in draft-pritikin-coap-bootstrap-03.txt. We look >>> forward to seeing that work further developed. >>> >>> On behalf of the Fairhair security subgroup, >>> >>> Eliot >>> >>> ps: as usual, I will encourage fairhair members to directly chime in >>> with their own views on this matter. >>> >>> >>> >>> _______________________________________________ >>> Anima mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/anima >> >> ------------------------------------------------------- >> Rafael Marin Lopez, PhD >> Dept. Information and Communications Engineering (DIIC) >> Faculty of Computer Science-University of Murcia >> 30100 Murcia - Spain >> Telf: +34868888501 Fax: +34868884151 e-mail: [email protected] >> ------------------------------------------------------- >> >> >> >> >> _______________________________________________ >> Anima mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/anima > > _______________________________________________ > Anima mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/anima ------------------------------------------------------- Rafael Marin Lopez, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888501 Fax: +34868884151 e-mail: [email protected] ------------------------------------------------------- _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
