IETF Logo Mail Archive

Re: [Ace] WGLC for draft-ietf-ace-oscore-gm-admin

Göran Selander <goran.selander@ericsson.com> Sun, 18 February 2024 08:52 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9334DC14F5F8 for <ace@ietfa.amsl.com>; Sun, 18 Feb 2024 00:52:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KEBRnUlAQaRH for <ace@ietfa.amsl.com>; Sun, 18 Feb 2024 00:52:27 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2060.outbound.protection.outlook.com [40.107.21.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9E27C14F5E8 for <ace@ietf.org>; Sun, 18 Feb 2024 00:52:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=myx0yN4Je3RtDMjk8YAtz9GiaHZaX/M95ItAAMhpxEYbj8U+25xrs86PuU1HuNDsiDrVTfa1uwFnKsqKLo6Kk+p8rRvBSTz4SyqQ4HiSeGKi6PyRtoMod8/wYDqkBGAAAErH0KQfp8Rof35rOmBnJox6naBGNzWv4LzYZHRNnSxFg/3bE7vhqvQvpbuQoz8dN6lGgZ+TkGoRXBN7M6ULwiCM6VLdDCo6e290FmQiGeohEtPZ0XDLgTOovK9ONsHmyXjOVudx3CiyVMWWJdgZfRtcrKFSdzQO9qWrVwHeiVwLVRAp9v5iZHNmKnr82wNZvZ9b8A5rP+fQTRoVvsAf7A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3J5gb5Ael1+7/vX8omEcM7xeax5YLx3hxwLkPPFP8TA=; b=eR9IrDLaF0iS7UgViIOTj/6Z9pNZqSu4Pk8IOZ/F3Ybo8qfHzrIaeo4RzbXEysK+963sb/4DcR+EZ6Pygu9GjSEWlK2yvZfYgQsBmLsK/Q60zphe1MujSYupCZr1NmRqAFHIYNoY625f3reEYWNI13GSlAFr5v3Jcu2LxVi5txB1HMVA1XyF565cy1e3exMuXqMXGqH88/zmUkTZzsqHS6Cn5OhN7rEnqyGlkxfNPTMIIGe1XNj9gIW/6uYiot7xwgIe1b9y9mE9Qb0S7cs6h8tMeehlKvh0giNqzYdtIOtdsc+4F8Bo55AofyifSYtvOA1LkWEV8dlA72jmqOAOMw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3J5gb5Ael1+7/vX8omEcM7xeax5YLx3hxwLkPPFP8TA=; b=b8G/3+i/GD9KtCf0B/Y048xKkL9KrNOHKq8Cu0PXQanuwv5TYnByyQLQSuERdroXbvnf9huWThfKKCmI+pJY0h3/p0JAblDC+xeufVzoHd+NJ6C1P8RJNIhpV04Jym5HnRWRIZg0qdu8gnS6Tys6r/vkAN186mMLo2ZcyrSRFg3pWCidzzMZ1A1EnuHpcBNCnJIUWRBiMMxqXU3u3OEzK47uW+OLkxyXwqZ9NAShDIpS3DleeZhXeiUL20WvsCUpw73G8ZRDS58R5+bW0A2HfU9j7rABF+1F6uiNV1g2sZrZJL+zn1rFYf7GWaTI9p6/UmczXlQMDzoRa3hvng2Mrw==
Received: from PAXPR07MB8844.eurprd07.prod.outlook.com (2603:10a6:102:24a::19) by AM7PR07MB6707.eurprd07.prod.outlook.com (2603:10a6:20b:1af::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.34; Sun, 18 Feb 2024 08:52:23 +0000
Received: from PAXPR07MB8844.eurprd07.prod.outlook.com ([fe80::a420:c00a:a4c9:f384]) by PAXPR07MB8844.eurprd07.prod.outlook.com ([fe80::a420:c00a:a4c9:f384%5]) with mapi id 15.20.7292.026; Sun, 18 Feb 2024 08:52:23 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Cigdem Sengul <cigdem.sengul@gmail.com>, "ace@ietf.org" <ace@ietf.org>
CC: Tim Hollebeek <tim.hollebeek=40digicert.com@dmarc.ietf.org>
Thread-Topic: [Ace] WGLC for draft-ietf-ace-oscore-gm-admin
Thread-Index: AdpYaAF9ZggzLJ/1SVeN57saT75AoAIqPoAQAAXeq4AARv25yw==
Date: Sun, 18 Feb 2024 08:52:23 +0000
Message-ID: <PAXPR07MB88445B4BE7D5D379AB9A336DF4522@PAXPR07MB8844.eurprd07.prod.outlook.com>
References: <SN7PR14MB64923C9DDDB116F7D6512B9783472@SN7PR14MB6492.namprd14.prod.outlook.com> <SN7PR14MB6492D843C3596805AB0B1826834C2@SN7PR14MB6492.namprd14.prod.outlook.com> <CAA7SwCPSQTZV4WD_b6pCQY=kPjUEiYxFSmfOxHmrtjOiUL5Pjw@mail.gmail.com>
In-Reply-To: <CAA7SwCPSQTZV4WD_b6pCQY=kPjUEiYxFSmfOxHmrtjOiUL5Pjw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PAXPR07MB8844:EE_|AM7PR07MB6707:EE_
x-ms-office365-filtering-correlation-id: 8da598df-f828-467d-2c20-08dc305eecb4
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ON3f26NJiQjm6CCXFn+UaSV1gQu62hB/l9RiBAj/fkH8TTXE3+3BKqR6/2L7HgKTkWvdyazJK9Uz4pLy/XBzfra+p9MXZHqvVRw5vsbEKnzJNx4OCS8hz+rilaWzp1isXTQYlcgwrn7LbxrTBLsUtz7H/hmJOiHKaYHb3B6OfuyRcium/6t/5dglqNEABY4mHVUuWuB4nU0E3hLmfVaRfwbkSwzf8bUrSOw5jZAcCkZAUEGfSzhyF1FNLSG9+LoaLy3UDUtJd43qpoqmytiIJXOivbn2RHW/piMv2V127ZTb3+qd6Oujr9PebVKbfoz16o0WnQrw0SOh43IeMY+8F7prmZxwQTxZVJPV4mVUfzze7pY8DJLwP//TWFxm3A1B5DrGAZb1t9uT4z10SH565S6wkXAyVOsN/4wdy0/2BuuZ5go1J9X5r5ym5mB4HB2U+o1HMoz3HqF3rW0gINeNBYwoouDwuROXp4fTQ7F2VYBGGLMhIXqIH3Zwx5dPQYj7UYyGHEfVsfRi/V1UkEUHnlaBJp+AWlMm76aeUmx4id5Yvwpm5dv7j0RgzjS4Sv0UdBA0KkSQQkHiCFMc9g1stzcS9WU0kerOIEOtM0e+GVw=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PAXPR07MB8844.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(136003)(346002)(376002)(39860400002)(396003)(230922051799003)(64100799003)(186009)(451199024)(1800799012)(52536014)(55016003)(2906002)(41300700001)(4326008)(8936002)(8676002)(5660300002)(38100700002)(83380400001)(82960400001)(122000001)(33656002)(86362001)(38070700009)(26005)(71200400001)(110136005)(66946007)(76116006)(6506007)(7696005)(53546011)(66574015)(166002)(66556008)(66476007)(66446008)(64756008)(316002)(966005)(478600001)(9686003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ud/3Qvkx3ilfgZdg0hw1ro9CvzxhA+3y4oBwOY7AGpozPLi++q82AOCXy6d7tdqRBfceFjb6Cx5EQj5VGUpPllzzHvO+kQJKBJj3K+aOafjVYHg5DHSYImJGtsFtitkvpyJc8I7M+q5aTiTkmUmgFnTOqfAn+GMrlcQMqlhXz0pMb5lZ9z/hceeHhZEsY+52GzU3c1FjKbQKxG+wRDRYhpAHI6TuTub5kEPIDlXv2UdX62iCtENHCk7Io+DMeoewCn8+EPvDIcRwckdjz1amoIbfHcQMeMoEWMKhtpJjBv2/6o2lkJNaY0WlLTf8UHf48nzV6HjpLDVQbYi64gTesGWfk1Iq89zF7uyNjZh4fD5DSzzEmJw5jSRW4mpPm8IYpeTeGChXAwZDkrIQ/ZpqoN0qXmYjyoLQMQunjEh2LLvMHMkmvMFxr1w1eF7RZ4R9q8HTWEBOhJkcygcokJUNVyiQcFSW1m29wp924ocrphcCflyBiWustJT8wY/BIcfNR0SNSipj+IUWqDOL/Q2v95zbihhwasXsgFmitetfoyNfp33J6USU35QwsJliSsn9UBfLJi4Z78lkA1ZR3lP8dgSyKwzhna9WM7PH5lJaeode3H8bTaG+LDAgV2g/kp3LgE0IuT1niwCMTV8oqp38FHWQAgTlpQJkh8lqUbJdGglgpTv7IzYaAHcGaPxU54PeKfMlYsCkS/aMsJqmFYG4IkCRkG0vWXRMUXup+A3xD5PRfnMpStizxjztvBonhy0r1K93i+talqq2LDJ7B4Pvq2p/j+mDh0OaeRDSok4dp2McS1QY1CUNI5TNI4ZPYZRDzmspFqsGQRxFKKWdVt37MRdCuRzHKtpGNGQ+K3T1dHtMGZw59uHNHwSVatK0u5MID2oFWLFD0rcymctWk+mbA/b1q1TUX1D5BlIOH59lnB5d2fPPl8FF31FMoJwxXfAsPS0HYMCXuUQSXlTB46NXBVYspq5skO0GoifljAGB23DA3GyZR2SP6FU7tlLMZx1DeBLviLSw7QY61gWkgNTR63Rqe4XcFRFw5ZAzaeyWA5e6/h4mjqJoP0eBb/v5nXXA9iKXyIS8Xux9ViRioM5H9CBaWox+lJkv1RVfgaIzANcPAAXcE/+buRIEwlTq1Ia4AartSA/97shRe9DLvoZIrKfboCDdAxDqUNDkKQ5fA3gZ7XzR0Sq/j+k8HdTWAXxPO8Jv4pJOLH2HF7olKviAlXZT3zidQNI2ZauRAbTq8OmAWg9SKLxHNqIOOVqtzuKUQCqUn/5OwTF4mtKQOJVeFjMSO6DjKUc7dFSxZ+jW2xKKs/fpnRrDf+vbAGmgX79MX0MnRhEexooDgwZrh7y5RBSQNGLlrA3wgj6r4D5fvU0dD04CifZRyA/Aa4Brx3kUN6XDYzIq1tQtk5RiWq5RnWUInpqzueuJfzIlc0LeXroU6NEQxVga2JrUcij4WowwiRRHxUb/8e/+rxyNPY2O0chnJ9gwMtCmOb1VPJYFgNX+6gH1nHOYVkOMagodfxZid/7oiUygKPC/dssZZCLKOv58whotxbr4jwWK6YrVziPNGiqcLhmhVyPLqLeCZ2rk0eI9oGSRWjDFESILAiBG9xvJwYRkQaraoDX842C3hyk=
Content-Type: multipart/alternative; boundary="_000_PAXPR07MB88445B4BE7D5D379AB9A336DF4522PAXPR07MB8844eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PAXPR07MB8844.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8da598df-f828-467d-2c20-08dc305eecb4
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2024 08:52:23.6043 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: X+1eT+geglfVAav1tSveIkpubOwktEr02dKCFNZRRgU1ddKT4QmTjUyHQ2iv9LNI3FTjr/zaIwmDR/PSfh+NPO617DEYXMeA85kqc0VHUEc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6707
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/4r6CN7GXaS4PVg8CGotD0l8Gi_M>
Subject: Re: [Ace] WGLC for draft-ietf-ace-oscore-gm-admin
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Feb 2024 08:52:31 -0000

Hi,

I’ve been following the development of this draft and think it is ready in the working group. In addition to some comments already made by Cigdem, I found only a few nits in the latest version:


Section 3



’In the rest of this section, these are referred to as "user scope entries".’



…



’In the rest of this section, these are referred to as "admin scope entries".’



  *   Remove “In the rest of this section” in these sentences, as the terms are used throughout the document.
  *   Move the text about the convention to abbreviate “admin scope entry” with “scope entry”   from the end of section 3.0 to where the former is defined, to keep definitions of “scope” together in the document.






Thanks,
Göran


From: Ace <ace-bounces@ietf.org> on behalf of Cigdem Sengul <cigdem.sengul@gmail.com>
Date: Friday, 16 February 2024 at 23:36
To: ace@ietf.org <ace@ietf.org>
Cc: Tim Hollebeek <tim.hollebeek=40digicert.com@dmarc.ietf.org>
Subject: Re: [Ace] WGLC for draft-ietf-ace-oscore-gm-admin
Hello ace,

I've reviewed the document and found it largely ready.

Below, I make some suggestions to improve clarity and list a few editorial comments, hope it helps.
Kind regards,
--Cigdem


Section 2. Group Administration
"The AS MAY release Access Tokens to the Administrator for other purposes than accessing admin resources of registered Group Managers"

=> Reading further into the document, it becomes clear later that " Building on the above, the same single scope can include user scope entries as well as admin scope entries"

i.e., tokens may express permissions for user resources). It would be good to clarify this earlier.

Section 3. Format of Scope

=> The object identifier ("Toid") examples for wildcard patterns and complex patterns would be useful.
=> Can the Create permission be paired with a "literal" Toid? So, the admin has the right to create a specific config for a specific group name?

Figure 2:
Write  | 3     | Change group configurations

=>Instread of "Change", Update group configurations?

Section 3.1

"The Administrator may have established a secure communication association with the Group Manager based on a first Access Token   T1, and then created an OSCORE group G.  Following the
      invalidation of T1 (e.g., due to expiration) and the establishment of a new secure communication association with the Group Manager based on a new Access Token T2, the Administrator can seamlessly perform authorized operations on the previously created group G."

The example is not clear to me. Why does the G having a wildcard or complex pattern help in this case?

5.1.2

'group_title', with value either a human-readable description of the OSCORE group encoded as a CBOR text string, or the CBOR simple value "null" (0xf6) if no description is specified.

==>If this is group description, group_desc sounds more fitting than group_title?

5.2
"A possible reason for the Group Manager to consider default values different from those recommended in this section is to ensure that each of those are consistent with what the Group Manager supports, e.g., in terms of signature algorithm and format of authentication credentials used in the OSCORE group."

Is this mainly saying, "The Group Manager MAY choose different default values instead of those recommended in this section ... "


6.2 Retrieve a List of Group Configurations by Filters

It would be good to give an example with status filters as well. For example, is it possible to use a complex pattern for group_name filter?

6.3 Create a New Group Configuration (and also 6.6.)

"Alternatively, the Administrator can perform the registration in the Resource Directory on behalf of the Group Manager, acting as  Commissioning Tool."

Why consider this option when

"Therefore, it is RECOMMENDED that registrations of links to group-membership resources in the Resource Directory are made (and possibly updated) directly by the Group Manager, rather than by the Administrator."


Editorial
Abstract
OLD:
A Group Manager is responsible to handle the joining of new group
  members, as well as to manage and distribute the group keying
   material.

NEW:
A Group Manager is responsible for handling the joining of new group
   members, as well as managing and distributing the group keying
   material.

OLD:
This document defines a RESTful admin interface at the
   Group Manager, that

NEW:
This document defines a RESTful admin interface at the
   Group Manager that

Introduction
OLD:
 When group communication for CoAP is protected with Group OSCORE,
   nodes are required to explicitly join the correct OSCORE group.

NEW:
When group communication for CoAP is protected with Group OSCORE,
   nodes are required to join the correct OSCORE group explicitly.

OLD:
e.g., based on
   the current application state or on pre-installed policies.

NEW:
e.g., based on
   the current application state or pre-installed policies.

TERMINOLOGY
OLD:
An OSCORE group is used as security group for
         one or many application groups.

NEW:
An OSCORE group is used as a security group for
         one or many application groups.

3.1
OLD:
When relying on wildcard patterns and complex patterns, the Administrator and the AS do not need to know exact group names for
      requesting and issuing an Access Token, respectively (see
      Section 4).

NEW:
When relying on wildcard patterns and complex patterns, the Administrator and the AS do not need to know the exact group names for
      requesting and issuing an Access Token, respectively (see
      Section 4).

4.1
OLD:
With respect to the main Administrator, such assistant Administrators
   are expected to have less permissions to perform administrative
   operations related to the OSCORE group at the Group Manager.

NEW:
With respect to the main Administrator, such assistant Administrators
   are expected to have fewer permissions to perform administrative
   operations related to the OSCORE group at the Group Manager.

OLD:  For
   example, they may not be authorized to create the OSCORE group if not
   existing already, or to delete the OSCORE group and its
   configuration.

NEW:
 For example, they may not be authorized to create an OSCORE group, or to delete an OSCORE group and its
   configuration.

6.3
OLD: "If the POST request did not specify certain parameters and the Group Manager used default values different from the ones recommended in Section 5.2, then the response payload MUST include also those
   parameters, specifying the values chosen by the Group Manager for the
   current group configuration."

NEW: "If the POST request did not specify certain parameters and the Group Manager used default values different from the ones recommended in Section 5.2, then the response payload MUST also include those
   parameters, specifying the values chosen by the Group Manager for the
   current group configuration.

6.6.2
OLD: "Retrieve from the Group Manager the new Group Manager's
            authentication credential "

NEW: Retrieve from the Group Manager the Group Manager's new
            authentication credential

8.

Sentence hard to parse:
"This option
         fundamentally relies on the Group Manager freeing up group
         names, hence it is not viable if considerably or indefinitely
         postponing the creation of the group is not acceptable."

On Fri, 16 Feb 2024 at 19:48, Tim Hollebeek <tim.hollebeek=40digicert.com@dmarc.ietf.org<mailto:40digicert.com@dmarc.ietf.org>> wrote:
Just as a reminder, this WGLC closes in three days.  Please provide feedback
as to whether this document is ready to be sent to IESG or not.

-Tim

From: Tim Hollebeek
Sent: Monday, February 5, 2024 2:18 PM
To: ace@ietf.org<mailto:ace@ietf.org>
Subject: WGLC for draft-ietf-ace-oscore-gm-admin

Hello ACE Working Group members,

We’re finally ready to do a Working Group Last Call for the document
draft-ietf-ace-oscore-gm-admin:

https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-gm-admin/

Admin Interface for the OSCORE Group Manager
                   draft-ietf-ace-oscore-gm-admin-10

Abstract

   Group communication for CoAP can be secured using Group Object
   Security for Constrained RESTful Environments (Group OSCORE).  A
   Group Manager is responsible to handle the joining of new group
   members, as well as to manage and distribute the group keying
   material.  This document defines a RESTful admin interface at the
   Group Manager, that allows an Administrator entity to create and
   delete OSCORE groups, as well as to retrieve and update their
   configuration.  The ACE framework for Authentication and
   Authorization is used to enforce authentication and authorization of
   the Administrator at the Group Manager.  Protocol-specific transport
   profiles of ACE are used to achieve communication security, proof-of-
   possession, and server authentication.

Please review the document and provide feedback to the list by
19 February 2024.

For the chairs,

-Tim

_______________________________________________
Ace mailing list
Ace@ietf.org<mailto:Ace@ietf.org>
https://www.ietf.org/mailman/listinfo/ace

v2.23.0 | Report a Bug | By Email