Open malishav opened 1 week ago
Göran wrote:
In general we have tried to follow EST-CoAPs unless other optimizations or features seemed relevant. I haven’t checked if it mentions initial authentication, but the mindset has been some existing credential, like IDevID, or a previously made authentication. For example, running EST-OSCORE immediately following the voucher-based authorization (draft-ietf-lake-authz), optimally using combined EDHOC and OSCORE protocol (draft-ietf-core-oscore-edhoc), would enable authentication, authorization and certificate enrolment completed in two round trips and avoiding the transport of some duplicate information. That is something that we defintiely should clarify.
The draft currently states:
Prior to running EST-oscore, the protocol defined in this specification, there must exist a trust relation between the EST-oscore client and the EST-oscore server. This trust relation may be based on the pre-shared OSCORE security context, or based on the common root of trust. In case there is a pre-shared OSCORE security context, the CoAP exchange carrying EST payloads can occur immediately. In case there is a common root of trust, a security handshake based on the Ephemeral Diffie-Hellman over COSE (EDHOC, {{RFC9528}}) protocol needs to occur prior to running CoAP. How this trust relation is established is out of scope of this document.
@gselander I believe the existing text is clear that the initial authentication credentials are out of scope of the document. Let me know what do you think.
I think this is fine. This comment came from Esko's first scan, let's see if the comment remains after the review.
@EskoDijk see comments above
The draft needs to clarify how the initial authentication is established.
Esko wrote: