Hello Ludwig,
Thank you for reviewing our draft. We will start working on addressing your
comments asap.
Thanks,
--Cigdem
On Tue, May 15, 2018 at 10:04 AM, Ludwig Seitz wrote:
> Hello ACE,
>
> I've reviewed draft-sengul-ace-mqtt-tls-profile-02. I think this is a
> very relevant draft, due to
Agreed. I see your point. I had read your whitepaper sometime back I think.
Indeed ACE-Oath, or LWM2M KDC, or OCF DOXS could provide address the credential
management issue. But I don't think we can tell endpoints that they are on
their own unless they get the right hardware or they comply with
Hannes Tschofenig wrote:
> I am curious whether it would be possible to ask for early media-type
registration of at least these two types:
> - application/pkcs7-mime
> - application/pkcs10
As previously said, these are already defined as MIME-TYPES, but
we need to get them CoAP CT=
FWIW I would untangle the tamper resistance property from the lifetime of these
keys.
You will want to issue new keys periodically anyway.
From: Ace [mailto:ace-boun...@ietf.org] On Behalf Of Panos Kampanakis (pkampana)
Sent: 15 May 2018 16:01
To: Mohit Sethi; ace@ietf.org
Subject: Re: [Ace] EST
Hi Mohit,
These priv/public keypairs+cert are provisioned and used on the endpoint as
identity for authentication. If tamper-resistance is not supported on the
endpoint, the keypairs could be reprovisioned more often than the traditional
cert lifetime as the server-side key gen transaction does
On 2018-05-07 18:44, Jim Schaad wrote:
I have been meaning to get this out for a while and have failed. A doodle
poll to setup an interop event for this work is at
https://doodle.com/poll/k27g9r26bghvnytu If you want to participate and none
of the times are good please let me know.
Things for t
On May 15, 2018, at 10:56, Hannes Tschofenig wrote:
>
> I am curious whether it would be possible to ask for early media-type
> registration of at least these two types:
> - application/pkcs7-mime
> - application/pkcs10
There already are registered.
I think you are talking about getting Conten
Here is a proposal to change the introduction to the relevant parts only and to
avoid repetition.
(The current document still keeps talking about IEEE 802.15.4 when there are so
many other radio technologies as well.
There is nothing in this spec that makes this 15.4 specific. I understand that
Hello ACE,
I've reviewed draft-sengul-ace-mqtt-tls-profile-02. I think this is a
very relevant draft, due to the amount of IoT devices that use MQTT. I
would encourage the WG to pick this up as the third profile of
draft-ietf-ace-oauth-authz
Detailed comments below.
/Ludwig
1. Introduct
I get the impression that the EST over CoAP spec will not completed as soon as
I had hoped.
I am curious whether it would be possible to ask for early media-type
registration of at least these two types:
- application/pkcs7-mime
- application/pkcs10
Ciao
Hannes
IMPORTANT NOTICE: The contents o
Hi Mike,
You are getting the story wrong.
First, the boundary between what is IoT and what isn't isn't that clear. One
man's IoT is another man's data center.
Second, many of the problems we run into are fundamental to crypto rather than
the protocol design. There is just no free lunch even if
Hi Panos,
I would say forget class 1 devices when you want to use public key crypto.
https://factorable.net/paper.html (and
https://jhalderm.com/pub/papers/https-imc13.pdf since it revisits the earlier
analysis) was a problem with understanding where the entropy comes from. If you
take a regu
12 matches
Mail list logo