geonnave
commented
7 months ago Can you please move this issue to https://github.com/lake-wg/authz ?
@gselander I think we could archive this repository or add a pointer to the new one (I don't have the permission to do so in this one).
chrysn
Processing some deployment scenarios (involving CoAP-over-GATT), I've found that sometimes the roles of I and R would be reversed.
Apart from the aspect of vulnerable-identities, is there anything fundamentally keeping the ENC_U_INFO from being in message 2, and the voucher from being in message 3? The credential database lookup would then be against ID_CRED_R, but that'd be the same interface as for ID_CRED_I.
Let's not sink too much time into this if it turns out to be complicated -- I'm not sure whether running EDHOC over CoAP in reverse flow may not be the better choice in this situation anyway, but if this has ever been contemplated in other places, this issue might be a good spot to spool ideas.