core-wg / echo-request-tag

Other
0 stars 0 forks source link

Wording around inner options, outer options and DTLS #69

Closed chrysn closed 3 years ago

chrysn commented 3 years ago

From Eliot's review:

The last sentence in 2.2: is this meant to be limited to OSCORE or all uses of DTLS? I found the inner/outer text confusing, and that a diagram might actually help.

That sentence is merely illustrating the corner case exception, I'm confident we can enhance readability here a bit by not referring to DTLS. (It is general to DTLS in that in DTLS all proxies always see the CoAP options; it says something about OSCORE is that (DTLS or not), proxies see the outer options only).

On the general inner/outer diagram ... hm, we could add something for sure, but I'd be worried that it'd distract by putting focus on a topic that really belongs to OSCORE. I'll leave an issue open in the authors' tracker to revisit this when more reviews have come in.

I think the sentence will read easier if it's more like "Outer options are visible to proxies, and to other parties up to the point of encryption on any lower layer". I don't think we'll need an illustration, but if we do, it could be tied to the text (rather than showing generic OSCORE stuff) by having an outer Echo option that "verifies aliveness of the proxy", and an inner option that "provides synchronization of the authenticated peer".