[Ace] Re: [core] Re: I-D Action: draft-ietf-core-uri-path-abbrev-01.txt and renewal-info
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 29 September 2025 16:08 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: ace@mail2.ietf.org
Delivered-To: ace@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id D70E96AA9FAC; Mon, 29 Sep 2025 09:08:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.4
X-Spam-Level:
X-Spam-Status: No, score=-4.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jca9XEk1UK2y; Mon, 29 Sep 2025 09:08:02 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 847066AA9FA4; Mon, 29 Sep 2025 09:08:02 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 38AE31800F; Mon, 29 Sep 2025 12:07:55 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavis, port 10024) with LMTP id ILyV9TRoQIHI; Mon, 29 Sep 2025 12:07:53 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1759162073; bh=6AFUyTfyJavUOEpQruuuvEYyGBkTUMPW8IiT/69JwnM=; h=From:To:Subject:In-Reply-To:References:Date:From; b=ZV18l45sjOwXPdpdj/nLSQylcXjPIOsBVl7yvmaZFyq+FfJIiWkSxwfhYiAfPsdgp HciePCs6mr0UnFBjHuO+Q5KMkKH40WRZCU9e94tOxcQt22I/XDoC/PsSXPViCD3zMM jcH4VeGDw8HzvpV/HjPr1ZEuJYXDEG2LrqL8DWMejqmyHEweQ27oO0BtfmWaNC3GCN wu1DA3nExf+r+8u6ugeEPc59JWG/z1jOhotD1jPzzV2IH/R836oksZf06HkHpesxgQ coCuqmemFMllggQ2g8xWjYIACe6reLD3T2iStKA7SbCyAaXC8V21xcgw7xKJvvKUru JbepfAoK5kAzA==
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id C559D1800E; Mon, 29 Sep 2025 12:07:53 -0400 (EDT)
Received: from obiwan.sandelman.ca (obiwan.sandelman.ca [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id BFF0A1C7; Mon, 29 Sep 2025 12:07:53 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>, =?UTF-8?Q ?Christian_Ams=C3=BCss?= <christian@amsuess.com>, core@ietf.org, ace@ietf.org, Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>, Mike Ounsworth <mike@ounsworth.ca>
In-Reply-To: <cee1acb7-cb50-45e3-9c84-49da24bcd96f@iotconsultancy.nl>
References: <175892923928.1872244.8058801630242481978@dt-datatracker-6c6cdf7f94-h6rnn> <aNcmFX_as4zvohOf@hephaistos.amsuess.com> <23143.1758994334@obiwan.sandelman.ca> <cee1acb7-cb50-45e3-9c84-49da24bcd96f@iotconsultancy.nl>
X-Mailer: MH-E 8.6+git; nmh 1.8+dev; GNU Emacs 28.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0;<'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 29 Sep 2025 12:07:53 -0400
Message-ID: <19444.1759162073@obiwan.sandelman.ca>
Message-ID-Hash: DYJPFHFQVJ7VWTPYQHPBBS24ZYFIQJ7V
X-Message-ID-Hash: DYJPFHFQVJ7VWTPYQHPBBS24ZYFIQJ7V
X-MailFrom: mcr+ietf@sandelman.ca
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ace.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Ace] Re: [core] Re: I-D Action: draft-ietf-core-uri-path-abbrev-01.txt and renewal-info
List-Id: "Authentication and Authorization for Constrained Environments (ace)" <ace.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/HTCbMzP5hvCaryg7V8WhYuF6MdY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Owner: <mailto:ace-owner@ietf.org>
List-Post: <mailto:ace@ietf.org>
List-Subscribe: <mailto:ace-join@ietf.org>
List-Unsubscribe: <mailto:ace-leave@ietf.org>
Esko Dijk <esko.dijk@iotconsultancy.nl> wrote:
> Renewal is indeed important for EST-obtained certificates, and knowing when
> to renew also.
> In draft-ietf-anima-constrained-voucher (cBRSKI) we call it "re-enrollment"
> (this includes both plain renewal as well as a potential change of domain
> TA). Do we have this term correct?
I think it's the correct term, although I don't think I've used that term as
much as I should.
> If renewal happens frequently enough, we might have a good use case for using
> Uri-Path-Abbrev. But, this is only in the following case:
> 1. Device knows, or somehow discovers, address/port of the EST Registrar and
> contacts it using a /.well-known/est/... resource.
Yes, there is definitely a question of pre-mature optimization here.
> In case 2/3, Uri-Path-Abbrev won't be used. Not a problem, just wanted to
> point this out.
Agreed.
--
Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
- [Ace] Re: [core] Re: I-D Action: draft-ietf-core-… Michael Richardson
- [Ace] Re: [core] Re: I-D Action: draft-ietf-core-… Michael Richardson
- [Ace] Re: [core] Re: I-D Action: draft-ietf-core-… Esko Dijk
- [Ace] Re: [core] Re: I-D Action: draft-ietf-core-… Michael Richardson