You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-core-groupcomm-proxy.md
+5-3Lines changed: 5 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -53,7 +53,7 @@ normative:
53
53
informative:
54
54
I-D.bormann-coap-misc:
55
55
I-D.tiloca-core-oscore-discovery:
56
-
I-D.amsuess-core-cachable-oscore:
56
+
I-D.ietf-core-cacheable-oscore:
57
57
I-D.ietf-ace-key-groupcomm-oscore:
58
58
I-D.ietf-core-oscore-capable-proxies:
59
59
RFC8446:
@@ -582,7 +582,7 @@ It can be actually possible to enable revalidation of responses between proxy an
582
582
583
583
Fundamentally, this requires to define the possible use of the ETag Option also as an outer option for OSCORE. Thus, in addition to the normal inner ETag, a server can add also an outer ETag option intended for the proxy.
584
584
585
-
Since validation of responses assumes that cacheability of responses is possible in the first place, it would be convenient to define the use of ETag as outer option in {{I-D.amsuess-core-cachable-oscore}}.
585
+
Since validation of responses assumes that cacheability of responses is possible in the first place, it would be convenient to define the use of ETag as outer option in {{I-D.ietf-core-cacheable-oscore}}.
586
586
587
587
In case OSCORE is also used between the proxy and an individual origin server as per {{I-D.ietf-core-oscore-capable-proxies}}, then the outer ETag Option would be seamlessly protected with the OSCORE Security Context shared between the proxy and the origin server.
588
588
@@ -670,7 +670,7 @@ In fact, when starting from the same plain CoAP message, different clients gener
670
670
671
671
### Deterministic Requests to Achieve Cacheability # {#sec-det-req}
672
672
673
-
For application scenarios that use secure group communication, it is still possible to achieve cacheability of responses at proxies by using the approach defined in {{I-D.amsuess-core-cachable-oscore}}, which is based on Deterministic Requests protected with the pairwise mode of Group OSCORE. This approach is limited to group requests that are safe (in the RESTful sense) to process and do not yield side effects at the servers. As for any protected group request, it requires the clients and all the servers in the CoAP group to have already joined the correct OSCORE group.
673
+
For application scenarios that use secure group communication, it is still possible to achieve cacheability of responses at proxies by using the approach defined in {{I-D.ietf-core-cacheable-oscore}}, which is based on Deterministic Requests protected with the pairwise mode of Group OSCORE. This approach is limited to group requests that are safe (in the RESTful sense) to process and do not yield side effects at the servers. As for any protected group request, it requires the clients and all the servers in the CoAP group to have already joined the correct OSCORE group.
674
674
675
675
Starting from the same plain CoAP request, this allows different clients in the OSCORE group to deterministically generate the same request protected with Group OSCORE, which is sent to the proxy for being forwarded to the CoAP group. The proxy can now effectively cache the resulting responses from the servers in the CoAP group, since the same plain CoAP request will result again in the same Deterministic Request and thus will produce a cache hit.
676
676
@@ -1490,6 +1490,8 @@ C P S1 S2
1490
1490
1491
1491
* Extended security considerations on client authentication.
0 commit comments