In the ISO/DIS 17978-3 standard, the behavior of /modes/security and /modes/authentication isn't well defined, and mingled together. There should be a clear distinction between the services, since they both perform different tasks (authenticating levels vs. roles).
A behavior should be recommended for RequestSeed/SendKey in /modes/security, and the different authentication modes for /modes/authentication in the uds spec. Ideally allowing OEM specific payloads, since the standard just defines "records", which benefit greatly from OEM specific names for things in those records.
In the ISO/DIS 17978-3 standard, the behavior of /modes/security and /modes/authentication isn't well defined, and mingled together. There should be a clear distinction between the services, since they both perform different tasks (authenticating levels vs. roles).
A behavior should be recommended for RequestSeed/SendKey in /modes/security, and the different authentication modes for /modes/authentication in the uds spec. Ideally allowing OEM specific payloads, since the standard just defines "records", which benefit greatly from OEM specific names for things in those records.