On Wed, Aug 24, 2022 at 04:57:21PM -0400, Michael Richardson wrote:
> > What I don’t understand is why the signature then needs to be encoded
> > as part of the objective. Why can’t I sign a combination of objectives
> > that are only valid as that combination?
>
> I think it could go somewhere else, but I'd like to first understand an
> example of this combination.
Assume i have a "controller" that is connected to a low-power network with
grasp.
Think of something like a central device in a thread network or the like with
an app model to add services. Worst case (today). Every group of devices from
every vendor needs its own separate app to be controlled.
The controller has a model where each "app" gets its own domain certificate,
e.g. think ANI/ACP certificate, each with appropriate authorization attribute.
GRASP goes though the common controller core. To minimize energy consumption in
the low-power netwokr, it aggregates the flooded objectives. Fewer multicast
flooded messages means less energy consumption. My proprietary german system
(homematic IP) does for example defines strict limits on number of messages to
be able to give lifetime expectations for client devices batteries.
Could as well simply be a function which buffers flood-messages over a period of
e.g.: 60 seconds and coalesces them together, so it's transparent to the
originators
(loose coupling).
So, now i have a single flood-message with multiple objectives, each objective
requiring its own signature, because it comes from a different
originator/certificate.
Cheers
Toerless
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
