I am strongly minded to suggest a spinning plates model of security.
Remember the vaudeville act with plates spinning on a stick, the performer gets one, two, five, ten going. And each time he adds a plate they have to go back to give one of the plates he started earlier another push.
Well... I think this is at the very limit of the number of plates I can spin.
Well... I think this is at the very limit of the number of plates I can spin.
On Fri, May 21, 2021 at 8:57 PM Daniel Migault <mglt.ietf@xxxxxxxxx> wrote:
Thanks Phillip for the review.Yours,
DanielOn Fri, May 21, 2021 at 7:41 PM Phillip Hallam-Baker via Datatracker <noreply@xxxxxxxx> wrote:Reviewer: Phillip Hallam-Baker
Review result: Ready
This draft was previously reviewed by Steve Kent for the -27 version. My review
therefore mostly consists of checking that the changes recommended have been
made and that no new issues have arisen. Note that contrary to the data in the
tracker, I was not given the assignment in 2019.
If you decide that you want to use OAUTH for authorization security for
Internet of Things, this is a reasonable approach to take. This is not a simple
proposition or for the fainthearted. OAuth is built around the various
constraints of the browser world to which the constraints of being a
constrained device are added.
The issues raised by Steve have all been addressed as far as I can see. It
looks good to go but since it is a security spec, ADs should still take note.
_______________________________________________
Ace mailing list
Ace@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ace
--Daniel MigaultEricsson
Website: http://hallambaker.com/
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
