Hello CoRE and LWIG groups, when discussing re-registration of observations in the context of OSCORE with Jim and the OSCORE authors, we stumbled upon the sentence "All options MUST be identical to those in the original request except for the set of ETag Options." about this in RFC7641.
This is something that servers, especially proxies, should not try to enforce, because every case of a request with differing options (or FETCH payload) could just as well be a new observation from the client on the token whose observation cancellation got lost, or the client simply rebooted. I'd like to take that recommendation down somewhere (or have it challenged before it's relied on by OSCORE). Where would that fit? RFC7641 errata? draft-ietf-lwig-coap? Best regards Christian PS. if you're interested in the context: ETag is an encrypted option in OSCORE. Changing the ETag means re-encrypting the message, which requires a new nonce and thus also changes the Content-Security option -- and thus we'll allow that there. I think it's OK to do that because the underlying rule is unenforcable anyway. -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
signature.asc
Description: PGP signature
_______________________________________________ Lwip mailing list [email protected] https://www.ietf.org/mailman/listinfo/lwip
