How to sign a client cert (SP-relative-AE-ID required) when CSE-ID is not known
An issue in stackoverflow has been raised (https://stackoverflow.com/questions/77951492/should-the-onem2m-ae-id-attribute-of-the-ae-resource-always-be-represented-as-sp/77951732?noredirect=1#comment137482759_77951732) which describes a problem when using mutual auth (requiring a client cert which requires SP-relative-AE-ID) for mca requests after registration and CSE-ID not being known by the AE. AE registration can still be done by using the CSEBase name shortcut ("-"), but afterwards no other request can be sent until CSE-ID is retrieved.
Some proposals for resolving this:
- Use CSE-ID for the CSEBase resource ID, so that the response to the AE registration contains it in the parentId attribute of the resource
- Make mandatory for the registrar CSE to include the From parameter in the response to any AE (eventually CSE) registration.