Mandate "osc" attribute in links to EST resources

[malishav]

Marco Tiloca wrote:

Per Section 9 of RFC 8613, the "osc" attribute is optionally included in a link to specify that a resource has to be accessed with OSCORE. Should it remain optional here too? Consider a setup where OSCORE and DTLS are combined. Especially when discovering EST resources on a non-default port number, the links to those resources would have URI scheme "coaps". Then, the absence of the "osc" attribute might wrongly suggest that the EST server is actually using EST-coaps. Therefore, it might be worth mandating the use of the attribute "osc" in links to EST resources accessed as in this specification. An alternative would be defining a new set of EST-OSCORE-related Resource Type values, such as "ace.est.osc.*".

[malishav]

As discussed in the meeting, the proposed action here is to mandate the use of the attribute “osc” in links to EST resources.