Hi Dan, thank you for the comment.
We have been looking through this and, yes, it might be feasible to use
EAP-NOOB together with your ideas for sending EAP over CoAP.
Regards,
Tuomas
From: Dan GarcĂa Carrillo
Sent: Wednesday, 31 October, 2018 11:02
To: Aura Tuomas
Cc: emu@ietf.org
Subject:
Hi Shiva,
You are making a valid point. I think we need to do some work on analyzing the
security threats and requirements regarding the error messages etc. When there
is an established key, we might be able to protect the integrity of the error
messages that lead to state transitions or preven
Hi Eduardo,
1.
I' not sure what kind of alternative key derivation you are suggesting. Are you
thinking about alternative ECDH curves, or RSA maybe? I believe even the
low-end devices can do ECDHE these days so it is not obvious to me why that
should be sometimes avoided.
2.
This is a valid s
