Signing and
> Encryption mechanism described in RFC7515.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
An
her-request)
-> jose-voucher (voucher, voucher-request)
and my question was a bit about how we manage all their things inherited.
It's really the classic CS multiple inheritance problem.
{A Cat is an Mammal
A Cat is an Four-legged creature
A Cat is Nocturnal.}
--
Michael Richa
7-10-25.yang&orgtags=&recursion=0&show_rfcs=1&show_subm=1&show_dir=dependents>
Yeah, I knew about that, but others might not.
I was basically trying to distill it down into a few words.
--
] Never tell me the odds! | ipv6 mesh netw
27;s way outside my
> expertise, but it seems necessary so I would support adoption.
Thanks.
What parts did you understand?
It's just RFC8366 with a different signature.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Wor
t form of Updates we care
about.
It is not Amends.
It is not quite Extends.
It is mostly in the See Also.
ps: RFC editor will prefer "artifact" over "artefact" :-)
https://github.com/mcr/anima-jose-voucher/commit/66d39393d1d3ccbcb0e74674e10ea6599288eb28
--
Michael Richardson. o
signing encoding
> and new privacy considerations). This qualifies exactly what type
> of update this RFC will be.
Yes, that's what we are obligated to do now anyway.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Wo
t
Status:
https://datatracker.ietf.org/doc/draft-richardson-anima-rfc8366bis/
Html:
https://www.ietf.org/archive/id/draft-richardson-anima-rfc8366bis-00.html
Htmlized:
https://datatracker.ietf.org/doc/html/draft-richardson-anima-rfc8366bis
--
Michael Richardson. o O (
RFC8366 gets updated when IANA revises the module. I think, it mostly
doesn't matter because none of are generating code from YANG... AT THIS TIME.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc,
Michael Richardson wrote:
> I propose that the WG adopt this as the -00, and then we change the
document
> to change this into an RFC7224-style IANA-maintained YANG module.
> (In DHC WG, when we did RFC3315bis to make RFC8415 we did a -00 which was
> whitespace e
trusted.
(In the context of above statement, it means that Registrar will
operate with any manufacturer, that is, not{3})
> * New issue #122: Use of CoAP 4.03 Forbidden vs 4.01 Unauthorized
> - https://github.com/anima-wg/constrained-voucher/issues/122
--
Michael Ri
examples are intended to provide meaningful input for unit tests.
This is quite common for anything involve cryptographic operations.
We don't intend to remove it. Our experiences is that people outside of the
IETF find protocols without examples to be challenging to implement.
Should we me
l be (usually a guess and usually wrong but it helps to have the
tp> assumptions about the requirements spelt out) and such like.
tp> As an engineer, I do like to know the requirements before working on
the design!
We need to be able to write RFCs that extend the voucher types.
Not
to value is part of the specification of an enumeration - not in
> YANG).
yes, it's a text string for XML and JSON,
this isn't the case for YANG-CBOR if a value is set.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa
he interop planning document at:
https://docs.google.com/document/d/1T8Rtfk1zia_p05_6eb_WQA2Mmid-eP1-cAgnwdpF9Xk/edit?usp=sharing
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_
for instance in Cisco's libEST, which
> has remained extremely sketchy regarding the csrattrs topic.
Are there examples in libest that we can use?
Is there unit test code in there that could be exercised to validate other
examples?
Are we back to redoing this in JSON?
--
Mich
ditor to delete the
> IANA-maintained module.
I think you mean, the RFC-maintained module :-)
How do we keep the YANG catalog from latching onto it.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signatu
Carsten Bormann wrote:
> On 2021-07-05, at 20:16, Michael Richardson wrote:
>>
>>
>> https://www.iana.org/assignments/cose/cose.xhtml#header-parameters
> Is there a time-warp somewhere?
> x5bag (TEMPORARY - registered 2019-08-20, exten
could consider is if it wants to merge this work into
an RFC8366bis. There are positives and negatives about such a thing.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
si
bit of code you want to extend.
LAMPS chairs: can we have ten minutes for this discussion on the Thursday
Session III meeting at IETF111?
The Monday Session II is conflicted with ANIMA.
I'm gonna voluntold Eliot to lead this discussion :-)
--
Michael Richardson. o O ( IPv6 Iø
SNI support) is REQUIRED. TLS 1.3 (or newer) SHOULD be available.
I don't know if is worth an errata.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_
nated.
> Welcome to comment, review or contribute it.
> Best wishes,
> Joanna
> ___
> Anima mailing list
> Anima@ietf.org
> https://www.ietf.org/mailman/listinfo/anima
--
Michael Richardson. o O ( IPv6 IøT consultin
route, which I understand should be regarded as a route discovery
JD> process. I also would like to hear more of your thoughts on this
JD> point.
I don't have the background in traffic engineering to know.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman S
like "Self-Driving-Network" as a new expansion of SDN :-)
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing lis
are situation, recognizing that many
network anomalies are precusors to attacks? If so, assuming that we can
even figure out what the network state is, do we have any chance of
anonymizing the data?
--
Michael Richardson. o O ( IPv6 IøT consulting )
Brian E Carpenter wrote:
> Although we probably want to produce one more version, I think the
> authors of this draft feel it is as complete as seems possible at
> present. So is it possible to plan a WG Last Call as soon as the next
> version comes out?
I concur.
___
ll as
constrained-join-proxy, but ietf-constrained-voucher still needs more
Security Considerations and some Applicability statement.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP sign
t happened that resulted in the duplication.
The sorting is by SID value. Should we invert and present this more as a
table?
I'm trying to make sure that it's driven by pyang.
4) I have removed the comment in section 8 relating to http://comi.space.
--
Michael Richardson , Sa
Peter,
Can you tell us what the critical mbedtls operation was that made the SNI
communication with my MASA work in the end? Just for the benefit of the
archives.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
s a WG group draft.
Do you want me to post identical text as -00 (and then -01 with suggestions),
or do you want me post richardson-02 with suggestions, and then identical -00?
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa a
;
} 172The issues of how [RFC8366] vouchers are used in a [RFC8995] system
} 173is addressed in
tte> EOUTOFCOFFEE ?
yes. Oops.
} 388 A.2. Example Parboiled Voucher Request (from Registrar to MASA)
tte> (15) If you want to keep "parboiled", please add a refere
3.html#section-2.2
but, this is for the server to validate that the client is really there.
Should we recommend that Registrar put something at / that produces a 2.00?
(lowercase recommend)
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Wor
t the certificate was rejected.
Perhaps someone else will find this email useful.
Mostly, it convinces me to never set any EKU bits.
I guess, I need to set serverAuth too, now that I think about it.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software W
3IPrcjkiPVnhoCosUBpTzbqOBhzCBhDAdBgNVHQ4EFgQU/g+KaX9o\nDEKY2K3NGe7Vr/9geDAwCQYDVR0TBAIwADArBgNVHREEJDAioCAGCSsGAQQBgu5S\nAaATDBEwMC1EMC1FNS0wMi0wMC0yRTArBgkrBgEEAYLuUgIEHgwcbWFzYS5ob25l\neWR1a2VzLnNhbmRlbG1hbi5jYTAKBggqhkjOPQQDAgNpADBmAjEAuEwTKPMzS/Xm\nAhR4tFtDo3YHoPoBsaw/6UUYDHot4EoKy2L8AlriFzti/iNmH67/AjEAnRjH2R0T\n98DZjBIhz7W8LM52AeymMdCtsJyuDRjtVuncGEfMO
Carsten Bormann wrote:
> On 20. Jul 2021, at 23:19, Toerless Eckert wrote:
>>
>> Optional parameters: cose-type
> Ugh.
removed from git copy.
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
ld make it the core of the document, explaining
each bit of arcana. If it's worth publishing this as a new RFC, then it's
worth obsoleting RFC6838. Otherwise, I suggest some nice HTML, maybe in the
new-fangled single-hop-over-building wiki.
("Go big, or go home")
--
Michael Rich
Toerless Eckert wrote:
> Working on IETF111 chair slides i just stumbled over one process step:
> a) Dear authors of draft-richardson-anima-jose-voucher and ANIMA WG:
> This is the IPR poll for draft-richardson-anima-jose-voucher
> We need for each of you authors to make an IPR
indicate the exact media type.
Yes!
> For example my servers should also accept content-format 18 just as TBD3.
Esko, do you think the draft needs to include this option?
I prefer not to include.
--
Michael Richardson. o O ( IPv6 IøT consulting
e protons.
They contain YANG-serialized CBOR inside (like quarks)
This stuff inside doesn't have an existence: you never get to mess with the
quarks without knowing how they are contained.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa a
erly.
https://github.com/anima-wg/constrained-voucher/issues/140
> (12) Pinning of Raw Public Keys
> "However, if the Pledge is known to also support RPK pinning and the MASA
> intends to pin the Registrar's identity (not a CA), then MASA SHOULD pin
the
> RPK
he new-fangled
>> single-hop-over-building wiki. ("Go big, or go home")
> I think my parser is failing here.
I'm saying that if we aren't going to publish, then it goes into the new wiki.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting
cher-cose+cbor in section 13.5.1
We fit voucher-request into the same content.
(that's distinguished by the SID values)
I think you are overthinking this.
And we transport constrained-vouchers with that MIME type over HTTPS between
Registrar and MASA. And we use it in the Accept: header.
--
ak)
Anyway, let's ask for an early allocation.
We'll be 3-6 months before we get past the IESG and into IANA land to get a
number.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
__
0-07T19:31:42Z",
> "expires-on": "2016-10-21T19:31:42Z", "assertion": "verified",
> "serial-number": "JADA123456789", "idevid-issuer":
> "base64encodedvalue==", "pinned-domain-cert"
(We had an unsigned voucher request, but we axed it in 2019)
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
der "content type" field because the
> encoding is never "ambiguous" according to RFC8152 Section 3.1. If a
> constrained voucher contains this field, it MUST be ignored by the
> processing described in this document.
I don't think that this is useful to a
ter signatures, because we use
CoSESIGN1, and not not CoseSign0.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
it until we
have something additional to show. (Like code)
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
so ask for early allocation if you are trying to do interop.
RFC8994 and RFC8994 do GRASP Objective allocations, you could use that as
your template.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP sig
we need to make sure that we have some examples with
idevid-issuer so that we can test all code paths.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
-> device.crt
PLEDGE_KEY -> key.pem
MASA_SRV_CRT -> masa.crt
CA_MASA_CRT -> vendor.crt
> Any superfluous ones ?
Should this terms go into my masa-considerations document?
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelm
Christer Holmberg wrote:
> Maybe not exactly what people are looking for, but below is a link to
> the thin-ICE presentation from the T2TRG 2019 session in Singapore.
No, not what we want.
We just want to prove connectivity as part of debugging what's going on.
signature.asc
Descrip
ditions to coap gem
are rough. I guess my changes to OpenSSL are only required by the server side.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_
ed slides on jws-voucher (renamed from jose-voucher as requested)
I suggest they go after constrained-voucher.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP
m [RFC8995] to [BRSKI] for references.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://ww
Hackathon are rather minor editorial bits.
As the slides say, we did open some 30 new tickets as a result of reviews and
the like.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
ve.
I agree that we could clarify the use of this field.
One thing that I don't like is that it's hard to write/edit/revise the
"description" field in the YANG, and more and more, I'd like to just say,
"See RFC section Y.Z" in the description.
That might not
uff in that doesn't belong, but it will get ignored.
https://github.com/anima-wg/constrained-voucher/issues/145
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP s
ep this for considerations for a BRSKI-bis document.
So, I've opened https://github.com/anima-wg/constrained-voucher/issues/146.
I agree that we should put it constrained-voucher.
It sounds like you also think it deserves an errata.
--
Michael Richardson. o O ( IPv6 IøT consulting )
he
F_NEG or something like that?
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
te issues:
what about draft-richardson-masa-operational-considerations and
draft-richardson-registrar-operational-considerations?
(yes, I think one needs to be reposted)
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and
we introduce new things.
If we say that anything new causes the VR to be dropped, then we can never
add new things, because it causes interoperation issues if the pledge
starts adding them before the Registrar is ready.
--
] Never tell me the odds! | ipv6 mes
7;t get to insert entropy into the nonce?
All of this coming to a draft near you.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://ww
eel that perhaps we need an entire virtual interim on this.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@
clearly
we need more.
Perhaps you'd like to declare one of the Thursday BRSKI design meetings as a
virtual-interim (maybe at the very end of August?) and we could go through
them.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa
strapping Protocols
> Authors : Michael Richardson
> Thomas Werner
> Filename: draft-ietf-anima-jws-voucher-00.txt
> Pages : 16
> Date: 2021-07-25
> Abstract:
> RFC8366 defines a digital artifact called vouche
ound.
Also, BTW, LAMPS thread says that the way that RFC8994 uses CSRATTRS is
wrong. I've suggested a virtual interim for LAMPS for this subject
around September 2 in that slot as well.
This might also affect SZTP's CSR YANG spec too!
--
Michael Richardson. o O ( IPv6 IøT consult
would proceed as WG documents.
Are there common parts that would argue for three documents
(B--referencing-->A, and C--referencing-->A)
"A" could also be RFC8366bis.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Softw
ircular.
We do get clusters with the relationship is a DAG, but they aren't as much of
a problem, and just represent the RPC being overworked, I think.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc
strar
> is kept as close as possible to BRSKI by relying on an enhanced voucher
> and utilizing EST with enhanced objects for enrollment. Based on that,
> use case 2 document would not reference use case 1 document.
I thought that the enrollment objects in use case 2 cou
into RFC8366bis.
Plus: fewer documents.
Negative: potentially opens up RFC8366bis to new semantics?
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
On 2021-08-01 5:36 p.m., Russ Housley wrote:
Due to a schedule conflict, we did not talk about the ESR CSR Attr topics at
IETF 111. This topic is getting more urgent, so we want to virtual interim for
it, but we do not want to take away from the separate virtual interim for PQC.
For this rea
IANA managed YANG module.
Can someone point me at some specific text/explanation?
Maybe there is a PHB version? Maybe just an email from the dawn of YANG-time.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
ne can point them
> out.
Conceivably, you might have an L2 network which is opaque to etherype 0x86DD
then there might be an issue. Is that really the case?
In which case we could discuss running over IPv4-Link-Local.
--
Michael Richardson. o O ( IPv6 IøT consulting )
San
ons.Pledges ought to not send it, since they don't really know
what to put.
(Is that a SHOULD NOT, or a MUST NOT, or what, I am not sure. The requirement
is on the receiver to ignore it)
That's a second errata.
--
] Never tell me the odds! | ipv6 me
know, the pledge did a mDNS discovery to find a join proxy and
that's why it's using the wrong name.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
This matters to RFC8994.
--- Begin Message ---
The Limited Additional Mechanisms for PKIX and SMIME (lamps) WG will hold
a virtual interim meeting on 2021-08-30 from 13:30 to 15:00 America/New_York
(17:30 to 19:00 UTC).
Agenda:
Discuss issues with EST CSR Attrs
Information about remote partici
eeds to go into the
Applicability statement, I think.
We included that in RFC9031, see section 8.4.2, "JRC address", but your
application does not run 6tisch.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signatur
reshad> "vcr". While this is valid, I am curious why.
I didn't think the prefix had relevance outside of the module, but I don't
know a lot here.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Sof
close visually, and we condsidered:
PdVR and ReVR, but did not go that way.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing
On 2021-08-15 11:22 a.m., Reshad Rahman via Datatracker wrote:
It was correctly pointed out that the enumeration for "leaf assertion" in
RFC8366 can not be augmented. If my understanding is correct, there is a
suggestion to do a IANA-maintained module for the assertion and republish a new
YANG mo
5.3.1. Pledge Extensions . . . . . . . . . . . . . . . . . . 9
5.3.2. Registrar Extensions . . . . . . . . . . . . . . . . 10
** 5.4 DTLS Considerations
Peter, we can't use Blockwise on the DTLS handshake, because that part is
outside of the CoAP header. We can only blockwise
omeone getting confused, but probably that's not the only thing
that they'd have trouble with.
We were trying to get to PvdS, as the TLA, but we failed.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signat
don't know yet.
It's not clear me that we need to do this network-wide, but we could do that.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
ragment before encrypt. Reassemble after decrypt.
2) encrypt and then fragment the ESP.
Depends upon ESP assembly buffer being big enough.
Both tend to work, up to some ill-defined limit which is not always 64K.
(1) is likely easier to fix if it's broken, since re-assembly happens in the
co
Group (anima@ietf.org) or IETF Operations and
Management Area Working Group (ops...@ietf.org)
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
o that's all redundant.
I think that we will say this (voucher-requests do not need idevid-issuer) in
the constrained-voucher document. Since we extend the YANG, we can refine
the constrained-voucher part.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Sof
w YANG module to add to async
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mai
alas.)
> "do not need idevid-issuer" is mostly true for the Voucher. I do see a
> particular corner case where idevid-issuer is needed in the Voucher to
> avoid identity confusion,
> I can write that down some other time.
Thank you.
My other idea is to obsolet
sm to
specify SAN
(new document in ANIMA)
Perhaps you can think of others.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing
n't you want to define _that_ signalling instead of overloading
> a different protocol?
I'd love to define that protocol.
But, we thought CSRattrs was that protocol.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worl
I started a github/kramdown for this work and invited Toerless and Dan.
I think that having a 6-10 examples would be helpful for the document.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description
Anyway, we are going to enhance the CSRattr description to support all the
requirements.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
/architecture" document that
> we keep alive and extend with whatever we need to keep in common,
> and then 2 or maybe over time more protocol specification parts of
> the pieces we are adding.
I would call the third document the applicability statement for uses in
industry
DTLS between
nodes rekeys.
{My reading of MATTER spec didn't reveal any rollover support. Hmm}
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sa
some networks do a combination of these for different
purposes.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima
ugmented CSRs that have goo and there are practical considerations to
> rolling out a solution here that compel the use of CSRAttrs.
I agree. I'd like to see a RA->CA protocol that augments rather than replaces.
I agree that this takes time, but
--
Michael Richardson. o O ( IPv
te above is
the same as forgetting how documents 1/2 relate.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
Anima mailing list
Anima
using some sort of REST API. There
> is no standard for this of course, perhaps ACME is the closest to a
> standardized REST API you get today?
Yes, I'd say so.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Wor
m.
> So this seems what was meant with "Authority Key Identifier OCTET
> STRING" in RFC 8366 -> "Authority Key Identifier extension OCTET STRING
> (i.e. the extnValue)"
Worthwhile clarifying in constrained-voucher.
Should it also be an errata against
Identifier (20 bytes).
We think this consistent with other users of Authority Key Identifier.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.s
1 - 100 of 1383 matches
Mail list logo
