[Ace] Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec addressing Gen-ART and SecDir reviews

Mike Jones <Michael.Jones@microsoft.com> Mon, 21 October 2019 20:04 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4015A120947 for <ace@ietfa.amsl.com>; Mon, 21 Oct 2019 13:04:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VNEygle6sQaw for <ace@ietfa.amsl.com>; Mon, 21 Oct 2019 13:04:05 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650095.outbound.protection.outlook.com [40.107.65.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD434120936 for <ace@ietf.org>; Mon, 21 Oct 2019 13:03:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IvKrBpK2vpSl+vVhGQXAEzcJp+kFfp1inHwtQeBHN9F5N/peuQiSLF7jVyjxthXTL3ySgrdafEIMiM9F+YkK75cF5bv/WHw8DBTivUx7YKHiswGd5/tlIbLSaRaPZjCQ5WNjPXUIl9JvMYzIr3/LaFVqqiP7ltGXm5YMdhygD5NixtOKta611btGbZD6Jdvuc7gl2V9hTrnHFGxNo7dBSGv9Em1NYzZ5w5C3IjLTm8OPXt7mxPkEmh7yXYbFG2FrQ0bdw3JlY4ahPUQDg3qHyK5P2zVIY6bJEXEVDd1DkdeKHyppMF5OwPL1XhkzoQjBUxBSuOx9LpJM6omBBcfjNw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ydWl1fQxY9zxdUsmMrCyhTprl/7naH6yltvuBHvLxHA=; b=HcVJtMvV6JcXPsWjxpncXKt1duEoXWnklgHNyGirMtXMOMExY3rzdg3WqDfzdlTihQvDCH2nTMNcv6URonRcDu1hHczAoQxMXoq6Mc6Q/MyxqCRt/IdQsQU+ZfpZHAhtg/oSmJsqQDeLgMw0YdeIaMG76n9NVE40seW3uM8cP0Zux3xIJeQ233sSppA+PIaHeaA8k+Eq/OK5/wfU601Qsw/RrypsU/g/1K3lCdxNt/FrWdMCiy1O++Nu/b/FNpAbk61BcCZS3Tsi1hED1CD1a1YjmU5XuD8eUZ5mT4OaaQVXdfh5uqmsoH3Pawkl9D1QwB8aQeMhCNoMScCb1KRMKg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ydWl1fQxY9zxdUsmMrCyhTprl/7naH6yltvuBHvLxHA=; b=UIFaKXcwAWGOhFGDNZb9nbBLtFdC45RgL5hkkptcE0JPw4u3orVm/t+F2PrkcX6nztMGMrWgFX/A1cnQKveGAHLn40MxWAmAzZAQOMWlWOhzXmbHsRaF8mv9RpnMzsmrLonCUxPkyDhXKfxyhRaV4gNP4j7fgIFPl7HvJUlOHcw=
Received: from BN8PR00MB0563.namprd00.prod.outlook.com (20.179.72.150) by BN8PR00MB0546.namprd00.prod.outlook.com (20.179.72.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2422.0; Mon, 21 Oct 2019 20:03:56 +0000
Received: from BN8PR00MB0563.namprd00.prod.outlook.com ([fe80::e17f:be07:82a2:12db]) by BN8PR00MB0563.namprd00.prod.outlook.com ([fe80::e17f:be07:82a2:12db%9]) with mapi id 15.20.2421.000; Mon, 21 Oct 2019 20:03:56 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "ace@ietf.org" <ace@ietf.org>
CC: Christer Holmberg <christer.holmberg@ericsson.com>, Yoav Nir <ynir.ietf@gmail.com>
Thread-Topic: Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec addressing Gen-ART and SecDir reviews
Thread-Index: AdWISUzizf75y3DXQE6viU8tMCuYDw==
Date: Mon, 21 Oct 2019 20:03:55 +0000
Message-ID: <BN8PR00MB0563CAB85436F68CB24A12A9F5690@BN8PR00MB0563.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=47cf3cea-cd42-4024-9fe9-0000441aabaa; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-21T19:54:04Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [24.18.207.73]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6aa9da19-992a-46c7-a665-08d75661cde7
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: BN8PR00MB0546:
x-microsoft-antispam-prvs: <BN8PR00MB0546638D8FF491ED8A6E76B3F5690@BN8PR00MB0546.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0197AFBD92
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(376002)(346002)(136003)(366004)(39860400002)(396003)(209900001)(199004)(189003)(74316002)(7696005)(7736002)(236005)(5640700003)(102836004)(86362001)(54896002)(66946007)(66446008)(66556008)(66476007)(64756008)(6436002)(76116006)(6306002)(9686003)(71190400001)(6506007)(25786009)(22452003)(54906003)(99286004)(6916009)(55016002)(6116002)(3846002)(790700001)(966005)(4744005)(14454004)(2906002)(316002)(26005)(71200400001)(66066001)(5660300002)(4326008)(33656002)(2351001)(10290500003)(186003)(256004)(81156014)(1730700003)(8676002)(606006)(81166006)(52536014)(8936002)(2501003)(486006)(10090500001)(476003)(478600001)(21615005)(8990500004)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN8PR00MB0546; H:BN8PR00MB0563.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 40XRpuLTJuHUhd406aKaKBZfLCDfCSalvhfdS+QFexU7/6GNmRD1fc50o8QewYPxnSZgM9jTgWYQ9rUwv6wkvdKPuLkendPjDUWdpKsMhshHjw2eAIf1R3MANFjy1zG5xuY15Ps33vcYLc2ROsFYJkOqRMqo9Rw6NIZcjh9jFT6RZthAmqcjJnmUEatNRvZJRoBS95YHKMmcE4t3MOZm4ddkkc1IsrDgvkbhDHDFXHQMG4O5Yb8SGckdLUvgzdz7fKQcIQsKMy3G16A2/j+2hFVKmduJRb4gC0EiX5KVOELktgzrUL4ZDlFdVpO1E4yTvxnu87uicM2zuPn7tmvAdT9uTYg5dcY984uGTal7E7ZZDuVyIkcV9olC2tx6wPspzJrMMEfJfArLSH9t8HEY5M9F2tvI8TGl/60spDES/gvNZPUYjgVTOsMQIrIYyTJG
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN8PR00MB0563CAB85436F68CB24A12A9F5690BN8PR00MB0563namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6aa9da19-992a-46c7-a665-08d75661cde7
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Oct 2019 20:03:56.0143 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gjQRu9F6maZbdS1gY/q/0CUHLljEg9dT4YsYBUNJGxKULc6GUa+iMph6qSs5MJcHCsiPrVbN1wv0wW21m/rjkg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR00MB0546
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/3GyV87_YQehrQZ2nee9Ju0mqkpI>
Subject: [Ace] Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec addressing Gen-ART and SecDir reviews
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Oct 2019 20:04:07 -0000

A new version of the Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) specification has been published addressing the Gen-ART and SecDir review comments.  Thanks to Christer Holmberg and Yoav Nir, respectively, for these useful reviews.

The specification is available at:

  *   https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-09

An HTML-formatted version is also available at:

  *   http://self-issued.info/docs/draft-ietf-ace-cwt-proof-of-possession-09.html

                                                       -- Mike

P.S.  This note was also posted at http://self-issued.info/?p=2016 and as @selfissued<https://twitter.com/selfissued>.