search

w3c / wot-security

a repo exclusively for security to better manage issues and security considerations for WoT
https://w3c.github.io/wot-security/
18 stars 22 forks source link

Metadata: OCF Security Model #82

Closed mmccool closed 6 years ago

mmccool commented 6 years ago

OCF is built on top of CoAP and follows ACE/COSE recommendations so it's unclear whether or not the OCF security model should have its own scheme tag. The other option here would be have a set of options available for CoAP security that are rich enough to describe the OCF security model. We probably want that anyway for non-OCF CoAP systems, so then this tag becomes a convenience for OCF. However, in that case, we should also add "convenience" tags for other CoAP-based standards (LWM2M, OMA, etc).

mmccool commented 6 years ago

Elena: problem here with a generic tag. OCF is more specific than ACE, so we should use a more specific tag than ACE. McCool: also note that OCF scheme can be used with HTTP or CoAP.

mmccool commented 6 years ago

RESOLVED: will use "ocf" specific metadata tag for OCF devices to identify the use of the OCF security scheme.

mmccool commented 6 years ago

RESOLVED: use "ocf" for OCF security scheme.