Re: [Ace] ace-coap-est: unclear definition of /.well-known/est URI
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 20 September 2018 19:47 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5536130EBC for <ace@ietfa.amsl.com>; Thu, 20 Sep 2018 12:47:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YLk72T_uleum for <ace@ietfa.amsl.com>; Thu, 20 Sep 2018 12:47:01 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73B8C130E6A for <ace@ietf.org>; Thu, 20 Sep 2018 12:47:01 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 8EEBC20496; Thu, 20 Sep 2018 16:06:25 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 2253416A5; Thu, 20 Sep 2018 15:47:00 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 1D9FA4B0; Thu, 20 Sep 2018 15:47:00 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>
cc: "consultancy@vanderstok.org" <consultancy@vanderstok.org>, "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, "ace@ietf.org" <ace@ietf.org>
In-Reply-To: <DB6P190MB00547429FEA6C0B70337AB69FD130@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM>
References: <DB6P190MB005479015E3F02D4028541A9FD1B0@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <39ff6ec1903c4c3a9d333c41a38a1ad9@XCH-ALN-010.cisco.com> <DB6P190MB00548845B38C0B0DF2380CD1FD180@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <fc396115e9a54f80babfe9a9f5ae9e74@XCH-ALN-010.cisco.com> <DB6P190MB005441A30B3C3414EFF55D5EFD1D0@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <26476.1537455069@localhost> <1c3188c5281a3bc921b97c9c7bc6b053@bbhmail.nl> <DB6P190MB00547429FEA6C0B70337AB69FD130@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Thu, 20 Sep 2018 15:47:00 -0400
Message-ID: <29572.1537472820@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/XIsuN85QkRpwzlS_dXTt5wyNocw>
Subject: Re: [Ace] ace-coap-est: unclear definition of /.well-known/est URI
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Sep 2018 19:47:11 -0000
Esko Dijk <esko.dijk@iotconsultancy.nl> wrote: > Indeed, and the ace-coap-est examples use port 61616 mostly. The > discovery Link Format is quite inefficient when returning results on > *different* endpoints. Example: > REQ: GET coap://[2001:db8::2:1]/.well-known/core?rt=ace.est > RES: 2.05 Content > <coaps://hostcanhavealongname.example.com:61616/est>;rt="ace.est" I understand. > Although in above case the server could shorten the response payload by > returning its IP address ( <coaps:// > [2001:db8::2:1]:61616/est>;rt="ace.est"). But still it’s a waste of > bytes. It could have multiple addresses!!! I've seen it just return </est>, but I guess if you want to return the port number, you have to return the hostname... <:61616/est> won't do? > The current example in Section 5 of ace-coap-est is problematic, > because discovery is on port 5683 and the hosted EST endpoint is on the > secure port 5684. So the following won’t work according to RFC 7252 / So I've assumed that discovery happens on 5684, under DTLS. You are suggesting that we need to run an unencrypted CoAP to offer the discovery option as well. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [Ace] ace-coap-est: unclear definition of /.well-… Esko Dijk
- Re: [Ace] ace-coap-est: unclear definition of /.w… Panos Kampanakis (pkampana)
- Re: [Ace] ace-coap-est: unclear definition of /.w… Peter van der Stok
- Re: [Ace] ace-coap-est: unclear definition of /.w… Esko Dijk
- Re: [Ace] ace-coap-est: unclear definition of /.w… Panos Kampanakis (pkampana)
- Re: [Ace] ace-coap-est: unclear definition of /.w… Esko Dijk
- Re: [Ace] ace-coap-est: unclear definition of /.w… Michael Richardson
- Re: [Ace] ace-coap-est: unclear definition of /.w… Peter van der Stok
- Re: [Ace] ace-coap-est: unclear definition of /.w… Esko Dijk
- Re: [Ace] ace-coap-est: unclear definition of /.w… Michael Richardson
- Re: [Ace] ace-coap-est: unclear definition of /.w… Michael Richardson
- Re: [Ace] ace-coap-est: unclear definition of /.w… Esko Dijk
- Re: [Ace] ace-coap-est: unclear definition of /.w… Esko Dijk
- Re: [Ace] ace-coap-est: unclear definition of /.w… Peter van der Stok
- Re: [Ace] ace-coap-est: unclear definition of /.w… Peter van der Stok
- Re: [Ace] ace-coap-est: unclear definition of /.w… Panos Kampanakis (pkampana)
- Re: [Ace] ace-coap-est: unclear definition of /.w… Michael Richardson
- Re: [Ace] ace-coap-est: unclear definition of /.w… Jim Schaad