Greetings, Thanks for the additional information; I’ve provided some responses inline that hopefully provide some additional context.
Best, Mark. From: Gregg Reynolds [mailto:d...@mobileink.com] Sent: Friday, August 3, 2018 12:37 AM To: Mark Trayer <m.tra...@samsung.com> Cc: iotivity-dev <iotivity-dev@lists.iotivity.org>; Heldt-Sheller, Nathan <nathan.heldt-shel...@intel.com> Subject: Re: [dev] News On Wed, Jul 25, 2018, 3:28 PM Mark Trayer <m.tra...@samsung.com<mailto:m.tra...@samsung.com>> wrote: Greetings, “Case in point: the 2.0 Cloud spec is incompatible with the core spec.” Could you expand on that some (if it’s broke, we’d like to fix it)? Hi Mark, Sorry for not getting back sooner. Briefly: OCF Cloud has an RD that munges the href and completely changes (lies about) the eps. You can do that, but the result is not a Resource Directory (which cannot do that). [MET>] Agreed that it isn’t really an RD, it looks and smells a lot like an RD but as you note there are behaviours that a ‘clean’ RD doesn’t do. OCF Cloud also subverts the OCF security model (IMHO). More generally, OCF Cloud is effectively a specification of an OCF Reverse Proxy, as far as I can tell. There are many ways to do that; why enshrine one implementation as "official? (And why on Earth call it "OCF Cloud"?) Even more generally: what precisely is the problem OCF Cloud purports to solve? Until we know what we cannot evaluate it. E.g. why do we need an account server? You (or Samsung) might need that, but that does not mean everybody does. E.g. why is a conformant RD not sufficient? Why do we need to funnel requests through a reverse proxy? Doesn't that defeat the very purpose of ipv6? [MET>] The Use Case is essentially remote access. Take a Client that is say connected to a macro-cellular network and how to enable the ability for that Client to see the Devices that are associated with the same “account” and interact with those Devices. Although everything is IPv6 there is the reality that inbound access to most home proximal networks is blocked (FW/NATs etc); hence the TLS tunnel to what gets called the “OCF Cloud” that is established from the Device out and the forcing of requests to route via the OCF Cloud by morphing the ‘eps’ of the Resources that are published to it. The Account piece is the means by which the Devices that the RD exposes are associated such that only appropriately authorised Clients can work with them. Etc. etc. Hth Gregg -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9829): https://lists.iotivity.org/g/iotivity-dev/message/9829 Mute This Topic: https://lists.iotivity.org/mt/23757849/21656 Group Owner: iotivity-dev+ow...@lists.iotivity.org Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-