Closed malishav closed 2 months ago
As a reminder, use of challengePassword
in the specification is OPTIONAL and left up to the application profile:
How challengePassword is generated is outside of the scope of this specification and can be specified by an application profile.
The proposal is to update the text in order to mention the case of CSR signed with a key different from the one used in EDHOC, but to leave the optionality and the exact specification to the application profile.
The alternative is to define the use of EDHOC_Exporter
interface which would populate the challengePassword
field.
Related to #9.
@gselander: