Clarify that issuing C509 certs is optional

ace-wg / est-oscore

Other

0 stars 0 forks source link

Clarify that issuing C509 certs is optional #18

Closed malishav closed 7 months ago

malishav commented 1 year ago

From John Mattsson's review (https://mailarchive.ietf.org/arch/msg/ace/h85KdNLkMxqzCZjJlY-fGlPEyVw/):

The document makes heavy use of EDHOC and states that C509 might be use as an optimization. Other parts of the draft seems 100% ASN.1. EDHOC makes heavy use of CWT/CSS/C509. It would make sense to be able to request the server to issue C509 certificates. Currently that does not seem to be possible.

malishav commented 11 months ago

Note: Check how the negotiation is done when using C509. Accept header.

malishav commented 9 months ago

Addressed by #37