Re: [Ace] Resource, Audience, and req_aud

Ludwig Seitz <ludwig.seitz@ri.se> Mon, 11 February 2019 13:22 UTC

Return-Path: <ludwig.seitz@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CBA5130E8F for <ace@ietfa.amsl.com>; Mon, 11 Feb 2019 05:22:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PxkcZn3q9C8O for <ace@ietfa.amsl.com>; Mon, 11 Feb 2019 05:22:05 -0800 (PST)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140082.outbound.protection.outlook.com [40.107.14.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3D4A12D4EA for <ace@ietf.org>; Mon, 11 Feb 2019 05:22:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector1-ri-se; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0gzj/OQJFOhjzJ/Iz0miXZUxs9cSlasVCxDj1W6qcAQ=; b=Bh/EdU6qwJynqiFztceOXJ3Gc8gkql9PeucniRjUwT18JE+YefEEh2mL0k0kQ6KYVsV6k8d20xiT1ye+sDPAGTReEEF/Z03v7TzfAWieW/+4ChrcV0tqzaYQQjAkL+lh+Gtl2mSCjBL50RdAPM3t4bDuciveRfXHgVOtaOFgsCY=
Received: from HE1P18901CA0008.EURP189.PROD.OUTLOOK.COM (2603:10a6:3:8b::18) by HE1P189MB0332.EURP189.PROD.OUTLOOK.COM (2603:10a6:7:58::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1601.22; Mon, 11 Feb 2019 13:22:02 +0000
Received: from HE1EUR02FT013.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e05::206) by HE1P18901CA0008.outlook.office365.com (2603:10a6:3:8b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1601.19 via Frontend Transport; Mon, 11 Feb 2019 13:22:02 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by HE1EUR02FT013.mail.protection.outlook.com (10.152.10.93) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.1580.10 via Frontend Transport; Mon, 11 Feb 2019 13:22:01 +0000
Received: from [10.112.134.122] (10.100.0.158) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1531.3; Mon, 11 Feb 2019 14:22:00 +0100
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Jim Schaad <ietf@augustcellars.com>, "ace@ietf.org" <ace@ietf.org>
References: <VI1PR0801MB21126944E558E53992EB7FD3FA680@VI1PR0801MB2112.eurprd08.prod.outlook.com> <c62835cb-6d98-f5dc-d8d8-fe80181a8a5c@ri.se> <VI1PR0801MB2112BA5A6A6AC736575BC19BFA680@VI1PR0801MB2112.eurprd08.prod.outlook.com> <a8821e81-1819-5af8-7630-f61681476987@ri.se> <064c01d4c1c2$dcdfaed0$969f0c70$@augustcellars.com> <VI1PR0801MB21127EB58E703F1194AD38E4FA640@VI1PR0801MB2112.eurprd08.prod.outlook.com>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <932ac264-fe8e-5150-0bfe-6b1b2bd6568c@ri.se>
Date: Mon, 11 Feb 2019 14:21:59 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <VI1PR0801MB21127EB58E703F1194AD38E4FA640@VI1PR0801MB2112.eurprd08.prod.outlook.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060601000806050807010204"
X-Originating-IP: [10.100.0.158]
X-ClientProxiedBy: sp-mail-2.sp.se (10.100.0.162) To sp-mail-2.sp.se (10.100.0.162)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(39860400002)(136003)(346002)(396003)(376002)(2980300002)(189003)(199004)(478600001)(2501003)(229853002)(53936002)(64126003)(71190400001)(69596002)(356004)(5000100001)(36756003)(31696002)(84326002)(68736007)(7736002)(86362001)(305945005)(81156014)(568964002)(8936002)(81166006)(97736004)(5024004)(8676002)(14444005)(316002)(16576012)(235185005)(104016004)(53546011)(33896004)(106466001)(40036005)(6116002)(3846002)(186003)(65826007)(16526019)(58126008)(386003)(2906002)(93886005)(33964004)(22746008)(44832011)(76176011)(22756006)(65806001)(65956001)(336012)(26005)(486006)(6246003)(74482002)(110136005)(106002)(77096007)(2616005)(11346002)(446003)(126002)(16586007)(31686004)(476003); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1P189MB0332; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-Microsoft-Exchange-Diagnostics: 1; HE1EUR02FT013; 1:MoH3q/hXIR45k7TAz1ObtujUpSuvxnb1cJGuqS3be8S/yBq8YPe3efi4u6nrL3qr/kP8qX/BP6kDWc7r5tsPFKypGpnmUhPC3s74gmOXLgHG1rOnfGDwGj4eaIU7Ce5fj4LJxekoO9Fmz9RepzwvcA==
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 4c2c4efa-9d21-48f0-d989-08d69023e830
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4608076)(4709027)(2017052603328)(7153060)(7193020); SRVR:HE1P189MB0332;
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0332; 3:TNDsIqDZgmEDtDVEF8NuX05tT2kRAS3JtRveSurYmBLUgrRXboCLERJxlSt9r2hSGenVipT+jW83wE1256Loar58gs7gaCws46g3EJqKjulobt4CYVuecnOBe7Im0mb39nletYCtAhfikFJxO0XgPxifZOp+7QoJ54b4PDDeJMotJHOUNld1tXP6+8z5guGwIPQz2OKO40jDPaG0woFPoeBVW0yCI+XgxG1lUfzOWlBf44PINA/r0zCQfeQ7/E3qF8uJaMdiOBJ9o9R4+dD78JReDoRzYzlIfBpxHsJ55UpidrxTMgR/R3AMDP4mHc9KPHFNavIeK0fdEk5kfYZdrg65vwibOsHjj+omWN/vFhmu3WJ7RdWw6rh/LVYt6rL4; 25:9ytfKkRE/zU4dDrdQgHu7qwocFK5+9SVtn9/zLqHfJOBkozPr1voaJtye0/08+QRiCL+6Obl896JY4e8gdfz6yPKuCMrBUe895LiD8LIKr2PWq09Ne7ILXJnySQn2CuOAbOTiEBJCCfjIFQF3p5FxAODc751dtftEPyWqqTQVU2EqzRHzOuYg4RE2UguL+8GTHVthBSgYHsS0uMUl6r56vPTypNTEhK2Chvihx1UGIw8gmmd8xjQ4fBj6LS+DY7joxQc6rxdZpYja292BDAwHBH1r3PeUP/vRMoJ3zE292SOqZY8hBMFs3Uk8YPSxvC8A9KrD29a4zkoY6uCJ45xAg==
X-MS-TrafficTypeDiagnostic: HE1P189MB0332:
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0332; 31:q972KJBltaUsLDEuUKwdHEQsdYQWh2ianF2mCSYx1ikDeBFZJ+0OF9OO/TCcap5o4nd7DPqyimy6XkOmcWeFqBOEW79izFrjVC1pUXYlXCW+iZQBAnSDsVQIumEjKWTKHXGHZIXE/4e+mcip9I2WNUkZ5NOEDjQ5KcgNB+ysLYXcDf5A2Fb9cVJVadDO9lnTugvhpTbZ/K31vo7xaB8X1fUHaGsqB508mM67pJhElQs=; 20:yyUkhZgUpdBysNum0QuB+nRzEBA8YUwelftyE+ESUhEUxs4KDhOzhNhE6QGwnkVGmdjpeocKUOYSfwMxQ3RDdVa2qbuThGAsATAf62cIWzP9Py38fjNoM2i28BEtZDuUzKSLXjrVpCiE59+Go1mDsiuD1uCZOBqZOaYpFt2R1fGfPtfuga/u0WRpxtRRmCfyXGmNTPcDQULYcoWxWrc+OxIFTFjvPLNrJDXz3mjWH6qnNzWW0dTJS9rTXhBq2Gzc; 4:uUpwRWs08QXdAHHpAju8sU6y51pmIAucnKwvpqxiBtltItP+Jl0FM8pEV/hbcfSxAgYdTpE1C6RxmdEhsQ6w69BhvH3GLrBCuhfMRV9jDCOkC1RoG5wWztSiqVVBK/MKlBelT82goexnTW5krdQ3qaU2TlHHWSoiliud27v/T3AdSDtaweQFArHWv52gRe77RJWPYBf1ZhhKi1J1VzBtRWX+LxxwnyGspmhjHbxdhSBLJrw/xLRFFzQCRFiWwAiCC8UCYNbybg8BUKs49uBprsP8Z1cgFCHevMEhnlPUiczMhRHrKEUxjpiUkD7kBC+L
X-Microsoft-Antispam-PRVS: <HE1P189MB03324587EC4502D2207281CF82640@HE1P189MB0332.EURP189.PROD.OUTLOOK.COM>
X-Forefront-PRVS: 0945B0CC72
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; HE1P189MB0332; 23:/BHVv4LBBQdLn8qMEiGRoe9YSOH0bnryk4Fi8fEtr?= =?us-ascii?Q?IDDxXwMZyphkd4EquJB1IDVhCN/McKpsF2C2Y0Vo22mZR6ZCLBTzRI8oWPwQ?= =?us-ascii?Q?kSJfiR2poUpAWrHnmfBEprsw4ICFBY0oamfXEk95mTWPghDRo+p6hte0kfmo?= =?us-ascii?Q?zNEf4hsN3TsJvzxuI/yt6cAZ8Q8XT8uJW+kVj/WHwDoS72wVgWQLtIsobdEx?= =?us-ascii?Q?x8AluuX38NeOPX+EG/mxZxj7lcDa33u06SBko16qWIEWAHnBFFhyjTyB8mni?= =?us-ascii?Q?SrkucFaj4SGKnlpTU5cZW2jxXqusEXNkQFunK9O5mheNgFLh8CfGJEXAa17g?= =?us-ascii?Q?8gZQiOa/XUB5eUTFhlm4JPpYMmjz39ysjLQAK8Pz5xx0eo3p+YejXcgpqjU4?= =?us-ascii?Q?luTIHv8BYL34+2xPYJ0y26JMJCH+RheEr5tDJc9gVpBb7xkIii2AKtC16Vf2?= =?us-ascii?Q?IVNg9L44++gklKtEb9EeFLeEJedjme1z8QtQQy+djue4ZzWGL71CXeeuL1L0?= =?us-ascii?Q?Ed7gYGpxYiebpciNaaocPEB6xwgcPvuKOTGYrurcGhuj7HObXP22t6reVnYz?= =?us-ascii?Q?WS2gRFcMc8/cgVu/0t5NMhGdymJmYlE0AZ6rqFT8p93kO2lzp7RMgECw2vNN?= =?us-ascii?Q?WhA+Mklv7y3buFxjjlIFsYbnsqOSWa7gtEcB2/qUQRS0w3yNesDfalOP56Y2?= =?us-ascii?Q?d19wpTcbz9BkZVrIzamDh3EyB9JTbmONV+tpJpk/+CWg2ozrpJEYuFe/FMoo?= =?us-ascii?Q?JtgaoBWdZPW8G0k89N/FT+zhy9v+LXBxgXHp1VByKclIJTWs2Mi4Jfl9p/yF?= =?us-ascii?Q?rmsUqMxU6THA79HAWQUWyiVA2HxfVdgNMkIjitWpIepj5O0BhSVC8DZE3PeN?= =?us-ascii?Q?hkA509AroT+0R/hAeijLmyn2fm85GQOM8xE10FEKofMk7/jX3gGXWcb4AYbU?= =?us-ascii?Q?6YhRvIxqnJjZbVL0RsFBS+NVeaHz1ylUeTHbjbox0fMFQVu+b/khIX5/jcQQ?= =?us-ascii?Q?hwsOf9220TF3dDeulUHtXU3hG0kJ9PQsyulOSbWd0yL/B2R8aU8tY6lRjAsT?= =?us-ascii?Q?86EWlvEfFt2dLZo6J/mwDE07r3y3Ay5xuDxT4bKnbtVSuUwgDpjcrTu1UBoX?= =?us-ascii?Q?sBYuw2SqwAPPuzZwS4W65RnHWZ8vcn8tJ/3Ig7abU5OQVwD+lSNFdTE/eUh/?= =?us-ascii?Q?2cKPeYL51V/oJgkYUbK0ynLgHU+eShHR0v5T8m+0+zWET90Wo8n1k60nKx5r?= =?us-ascii?Q?nZCCT9XPHdb+ofbFNDLiOv0KAbGTYc959tpzGx6m0zsQZT1xUqr6pueZqeBG?= =?us-ascii?Q?nS7HXNehpjPrO6UOrmKqu7pQ4hLbUQf/UBm+Znko80U3+js3L/8o8EU6axAa?= =?us-ascii?Q?+qPrhli9updVdYyx7H5nWXUccB8j2FkUDTKU0ElmMRYoDVeuczxP5GMh8LSK?= =?us-ascii?Q?QqwRgxabRX4+M6cxRBSJLaQ2gpx0uEPrvCeYMw9c871nBIIJJymqtox0pcru?= =?us-ascii?Q?voiDxUl7573USgpJ2b7zx28GX0Iq4D9mvRg4tajrqPT9VzrthoZYex1YxfWJ?= =?us-ascii?Q?TKN+5IZIFQ073Rm3g=3D=3D?=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: j1vE6tbqvk67hVImtzah8fXIfwQvBtnxNPzYLnMSQ2qR2qQCYqgb+DL9BrjTpysfdxXW02RCTMu7u7OqnkiZxGDbA72gIu5FcZkBQzYrYIOXmRNcaERS8Q7W6bB4yorhKWGxbVzyM0I1ixBy9Qz3+P0pn1BNFiyk/utC1Fy189jCAZGwTOiUN8tN3CmlWlr1UbT5pUr5L7ha6PsUNqmz6cZVGxUlBGQzusTZ3nKULhyv8Z+5cCFTsdtfvitZK6FAlgmt8siID4gefv+L4p86IuyWMN8NsdfiQgCJGuXRh7T4vp3VOzn2VnxfEdm1FqPpdfUcUNdZlm/e+gcSa2jt3sI/Db8NvH6tKSB9ny0VsbzeZrmEQ6qily3ekHm2jM8uTrUUw0P7Czw7hKAogSw0c0vykQ0UFHRxaAl8goE4EBE=
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0332; 6:JUn5vs3YGV20A53CaNR5e0W0QyqhWkZDZVX4a3I+FNxakKp9C2sL/V3rsjr0qetalFzuzzFoql9Iu9OlpzH8DHfUs8ht/in/Wbpnm48kPl4h1m1qAJzozfIGiHaQwIzqUZiv/COr7TW4wZtWMAo0NOkiUBRCUBPHehQCjoFpI03AO1Lobw+MWI7C/wDKw9wF2pSwkXO+VvJ5hXJovSBobDIMcq3thBOJF6RIXeQTAeiZ610N7BcvcCcmIn6mO0VymbS//KkaJIjMIj7COIdCTwVRC2t9US1Siw03hrHToieLMR9ZszSwsHr+MBYSZTVhLswiay2M10D5Of/K7rI/VBqHZJB161ap4zhpj9VfTCLxjOcB5dEPS8BvU1WnFLYn1PMQD9eELy6jBm+yGgo4Dd6mDdytK73697EG7VvrVUIYMftr2owf5cX3SI8Vw6bYZLpbOai80WZL9Px/Xb6Rrg==; 5:LfBlFQ6TnUsn2GNmYtuc4jQowCtQBWFvBJ74y8Wmgk/wjUc4DSEPs2c/Mc7dAod4P2MAVAPIdBBuExElY3XG5eBKMjrSRTItbx6XqxOgnvwK+mvP0xD1ehrlKWdM1AG5WfH49ZZPRqO0qe8p07SGzkz9Q0R2yH1HB746hsKg+RX7Eiy9PRTM5t5XEsoqujUoyvhKwmoOs7kMcF6BxyTbEQ==; 7:AqR3xN6Wzd1nTs+8le5J1q+diPMn/n1p7PVTLdLadjzB1ao9B8L0MR7nuJpnTAO1nqce3FmJct6+bDmOknEdIGbKleNYdSJr9cMKoRcHnzHpgyYIICr03k0yRnG0gh2Vb67cC7IhKN/cLE9OZI+QUg==
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Feb 2019 13:22:01.1643 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 4c2c4efa-9d21-48f0-d989-08d69023e830
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P189MB0332
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/7T7ro1zRfF4NoYO5yHhR16XdaF8>
Subject: Re: [Ace] Resource, Audience, and req_aud
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2019 13:22:09 -0000

On 11/02/2019 13:55, Hannes Tschofenig wrote:
> Hi Jim, Hi Ludwig,
> 
>> Do the chairs think that this would unduly delay the progress of 
>> draft-ietf- ace-oauth-params?
> 
> [Hannes] Do you think it was inappropriate to point out this
> inconsistency?
> 

No of course not, sorry if any of my comments came across like that. I'm 
just trying to balance the alignment with OAuth vs avoiding further delays.


>> It looks like the are about the same point as we are.  So no I
>> don't think it would slow things down to make this change.
> 
> [Hannes] Jim what are you suggesting?
> 

My interpretation of Jim's comment was a go-ahead with chair hat on.

I'm in the process of making the necessary updates to both 
draft-ietf-ace-oauth-params and draft-ietf-ace-oauth-authz.

Expect an update in the next 10 minutes.

/Ludwig


-- 
Ludwig Seitz, PhD
Security Lab, RISE
Phone +46(0)70-349 92 51