Re: [Ace] ace-coap-est: unclear definition of /.well-known/est URI

Esko Dijk <esko.dijk@iotconsultancy.nl> Fri, 21 September 2018 08:24 UTC

Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20B28126CC7 for <ace@ietfa.amsl.com>; Fri, 21 Sep 2018 01:24:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancynl.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jcOolBelRChZ for <ace@ietfa.amsl.com>; Fri, 21 Sep 2018 01:24:41 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0729.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1f::729]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57900130DDF for <ace@ietf.org>; Fri, 21 Sep 2018 01:24:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancynl.onmicrosoft.com; s=selector1-iotconsultancy-nl; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JvilwSUbblIeX9SN2KgP06I/bYYxTrbqFnPdULXvWRk=; b=l3tmsVPlwxYRvONXQ5ObTzF2NXAKU7+PEYY7I5hf+67cUYaaioe1udKxKJ6Z/bM+gcVEd8D0Dpv15//aTUA5Rc97gv7MsQgIt4O9wqyVx3hOVPAxemRsbI0d248qbZGweK155kgCUbJ7Y/oWnld/udo6Ja3ejQDsCrddem4ZqHU=
Received: from DB6P190MB0054.EURP190.PROD.OUTLOOK.COM (10.172.229.12) by DB6P190MB0086.EURP190.PROD.OUTLOOK.COM (10.172.229.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Fri, 21 Sep 2018 08:24:36 +0000
Received: from DB6P190MB0054.EURP190.PROD.OUTLOOK.COM ([fe80::74a4:5356:e25e:c0b1]) by DB6P190MB0054.EURP190.PROD.OUTLOOK.COM ([fe80::74a4:5356:e25e:c0b1%5]) with mapi id 15.20.1143.017; Fri, 21 Sep 2018 08:24:36 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "consultancy@vanderstok.org" <consultancy@vanderstok.org>, "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] ace-coap-est: unclear definition of /.well-known/est URI
Thread-Index: AdRKqeFCUK1AzigFR5qvzUaQ2+R0GgAAdGzwAJTV7HAAalmT4AAs2fUAAGVhPIAAAC+vgAAAisCAAAtEZoAAGF/SkA==
Date: Fri, 21 Sep 2018 08:24:36 +0000
Message-ID: <DB6P190MB0054BB06A482C9E5BE1A1E9FFD120@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM>
References: <DB6P190MB005479015E3F02D4028541A9FD1B0@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <39ff6ec1903c4c3a9d333c41a38a1ad9@XCH-ALN-010.cisco.com> <DB6P190MB00548845B38C0B0DF2380CD1FD180@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <fc396115e9a54f80babfe9a9f5ae9e74@XCH-ALN-010.cisco.com> <DB6P190MB005441A30B3C3414EFF55D5EFD1D0@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <26476.1537455069@localhost> <1c3188c5281a3bc921b97c9c7bc6b053@bbhmail.nl> <DB6P190MB00547429FEA6C0B70337AB69FD130@DB6P190MB0054.EURP190.PROD.OUTLOOK.COM> <7584.1537475677@localhost>
In-Reply-To: <7584.1537475677@localhost>
Accept-Language: en-US, nl-NL
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=esko.dijk@iotconsultancy.nl;
x-originating-ip: [2001:1c02:3100:b700:1856:ce37:3c5a:7053]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB6P190MB0086; 6:s1Fu1CflOlg5ISStCfwbE4xwwxRNIw8p8O0+TcrldcqNgueLv76LgcIHcboBySOViRkt2mQYCzy2M3r3sysqO5rrV0Re/L/YwJMlTvjTqeT62qorzoCfFDhzuMvbJcltvtQyJXWWSqPO/Wr1z/qp01yp7QtWcT+NS9o7HLq8SBzvLuLLxdTb9sdUwXyGzPn2Ni6WFqbdeBIKv4nMlRX5yQ6ocI5FTSG5ngORDls5SXOFD++i2L2DGJgW3wCypZNDK0G+bk/9LJaSCi6LIFhQZv0Yx+yXBXX3ehC66ujA9he+6VbGqKbLipwkOiaQAmizg0loqmISXYcx2PDUPgKPCZclGZn4goYv3fX699QfrRqWlk4fSp/r09kIn13ziTc0+iYtwvA+lqVu4+egHExlInwP0228YQH/xTJYTrOCM05XPZKYNLJ9khqeIuH4RuB/KFhYVOL5BuDsQ51HPM5Tpw==; 5:UzemEiBnvyXngWzbJMKfHAus2hW0/16x5QiGydmXFs8ARIla/bdzEHWSRvrrlUAuxpwHL2WNO63s7Q41rdd/1uI0NzdzzAVIjBgd3Wg0BNVfjAiZl9CwkVb9f/fHQYyW6Ei8X8VJmVFehDuDsgXMmCguAog7I6owppvkBNmiq3A=; 7:2F81w4pTGXN07Z0ihiHOE3WdWZiXpsg8SraQ3mkrlPhFrHxFUOStSdVeXNnYHszlmTM9w2WbHWXJoAPuLLLZUt7/SD72W3F7dwxJS7A/TC1ap0bn72cXG9X2FoH1STBq5Cn41S0g/CgZ8tPtCHLcCRpNkrN9OhXoq8GWlpivPgKa57ZbSQjg0q+kkuRQUssNWLgc2CZ+IK3Z0e8wuU1TP+hRgxzmZ3Ec+DAVYYPejWxHDLCuicrWizqo5dDlj0A1
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: fbdbb6e6-e110-4dbd-ffbf-08d61f9baab1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(7021125)(8989299)(4534165)(7022125)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:DB6P190MB0086;
x-ms-traffictypediagnostic: DB6P190MB0086:
x-microsoft-antispam-prvs: <DB6P190MB0086525322BA64007E364DD7FD120@DB6P190MB0086.EURP190.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231355)(944501410)(52105095)(149027)(150027)(6041310)(2016111802025)(20161123564045)(20161123558120)(20161123562045)(20161123560045)(6043046)(201708071742011)(7699051); SRVR:DB6P190MB0086; BCL:0; PCL:0; RULEID:; SRVR:DB6P190MB0086;
x-forefront-prvs: 0802ADD973
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(136003)(396003)(39830400003)(346002)(366004)(199004)(189003)(53936002)(6506007)(2900100001)(105586002)(44832011)(9686003)(106356001)(186003)(8936002)(5250100002)(99286004)(508600001)(6246003)(6116002)(229853002)(54906003)(33656002)(8676002)(81166006)(81156014)(446003)(11346002)(74482002)(486006)(4326008)(476003)(97736004)(2906002)(76176011)(74316002)(102836004)(14454004)(7696005)(46003)(25786009)(55016002)(256004)(86362001)(93886005)(5660300001)(6436002)(68736007)(71190400001)(71200400001)(305945005)(7736002)(316002); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6P190MB0086; H:DB6P190MB0054.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: iotconsultancy.nl does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 5kOClZ+BTRHTpVij67USHh1jL7vwzIbNGX319cD1PHZYr/B4MpFbfbnbcUPTQX/jhDwl+kGc50U7cQbUHvCc9udVyQ91JI/jN5rvZWpyKgQIptn3kHHaQXBP0yXn6W2jcQwEIsQkaQ8qs3/jub5WS+DWAXCRzFrJrgzYnwyx8zsA5Psq4jA5ojh9H0I0s91OHWjbaB4JPb04Fk8nPrYFlv3NT1x6ZhbGdKnV6n6n+HAt2G2rxaZA9bkiea03ZE+TuGbS6LOdK/f6pzt1f0YPkD0TIwS62QEv5FbdWOAsRqQdAS4abDq1fnM/WzT7kKK3kvJE5Skf2IkF5AvZRvPBbBTSMIMQpFndLk7Sj+SHl8w=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-Network-Message-Id: fbdbb6e6-e110-4dbd-ffbf-08d61f9baab1
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2018 08:24:36.3257 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P190MB0086
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/1JRjtD0N5SCx_FQ_ovanjyYkMuM>
Subject: Re: [Ace] ace-coap-est: unclear definition of /.well-known/est URI
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Sep 2018 08:24:43 -0000

> I've asked if discovery is always required, permitted, or encouraged.

Normally it is always encouraged to use discovery in favour of fixed URIs at the server, to avoid specs squatting the URI namespace. But in our case the /.well-known/est space is already assigned (RFC 7030) so we have to support it also in coaps-est and no additional squatting takes place. Besides support for the well-known URI location, discovery by a client is permitted to find "ace.est" type resources at other places e.g. to get shorter URIs or to get 6lowpan-compressible port numbers, or both.

> I.e. - can the client avoid the round trip to do the discovery?
>      - does the server have to provide the discovery?
>      -- if not, what does a client do that performs the discovery and fails?
> I've been told it was required.

- So it can't be required for the client, is my opinion. 
- The server must support it (being a good CoAP-citizen) in some way as in the previous email.
- If it fails, the client might try another time using the /.well-known/est resource, or retry the discovery later on. (There could be various implementation-specific tactics here. Maybe the IP address of the EST server was configured wrongly; and the process that lead to this IP address can be redone by the client.)

Esko