Clarify whether security is mandatory #230
Comments
|
I recommend they should all be optional. |
|
We discussed this at length a while ago and decided the simplest solution was to make them mandatory only at the top level, which avoids a lot of complicated checking, and at worst adds only one line to the TD. To go along with this there is a new "nosec" security scheme, which is needed in the case there is no security. Somehow my previous edits to make this change did not "stick" so I just created another PR: #265 |
|
since a long time, security is a mandatory requirement in the TD. This should increase awareness for IoT applications. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently all "security" fields are "optional" which is confusing since in fact the rule is that security is necessary at "at least one level". Matthias suggested a way around this would be to make the top-level security mandatory and the rest at lower levels (eg in forms) optional. In effect the top level would define the "default" value of the security field, then it is overridden only for exceptions.
The text was updated successfully, but these errors were encountered: