Hello, On Sat, Aug 14, 2021 at 01:37:06PM +0200, Dan Garcia Carrillo wrote: > As such, CoAP server (left side) could not see the content of the CoAP > message (message 7) without deciphering it. Moreover, as the URI-path is > also ciphered we cannot point to the right application to process the > message to achieve an alternate indication of success.
If the recipient ID were available a bit earlier (and not derived from the MSK), would it then be viable to infer from the OSCORE ID that this is the last message, process an "EAP success", and start derivation just to extract the session lifetime (and thereby confirm the keys)? (That'd be all assuming that the "EAP success" contains really just the EAP success code and no further information, which would be "compressed" into the "some OSCORE is sent on this" information, and that the Session-Lifetime does not need to be known to advance the EAP state machine). BR c -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
