-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
0RTT and other cryptographically unconfirmed situations (DTLS CIDs, OSCORE B.1.2) #39
Comments
Changing as per today's interim:
(And then this goes into a PR for better change tracking)
|
Also per today's interim, checking we're not missing anything:
|
cc @boaks |
This includes the changes from core-wg#39 (comment) Closes: core-wg#39
CoAP based documents receive comments on how to correctly work with CIDs, eg. in https://mailarchive.ietf.org/arch/msg/core/Md4gV_0tUq7K6uyIwCjuRHSJOaA/. I'd prefer if those comments would not need to be addressed in those documents but once and for all in some CoAP update such as corr-clar.
The original comments were about DTLS CIDs, but we'd have the same with any zero-round-trip encrypted requests; for example, if an OSCORE server uses RFC8613 Appendix B.1.2 recovery, it's actually legitimate to send something else than a 4.01 Unauthorized along with the Echo option (but that needs some explanation as to when that's OK; DTLS RRCs hint at something similar on the DTLS side without going into CoAP specifics).
Proposed text (wherever that'll fit):
(I think this also picks up everything that is important from Section 3.1 of draft-amsuess-lwig-oscore-00, which doesn't really have a new home with LWIG shut down)
I'm taking the liberty to CC
The text was updated successfully, but these errors were encountered: