Re: [Ace] [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com> Fri, 26 March 2021 14:03 UTC

Return-Path: <zaheduzzaman.sarker@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B757E3A1935; Fri, 26 Mar 2021 07:03:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.351
X-Spam-Level:
X-Spam-Status: No, score=-2.351 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.251, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LbuFkg3xzw8z; Fri, 26 Mar 2021 07:03:44 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00085.outbound.protection.outlook.com [40.107.0.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DB663A1F4B; Fri, 26 Mar 2021 07:03:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ikqoIM16yPc/sgZQP2Anxjye+ARtQhphgv28RSlZvDCQJHri5cvquuqrtXWzJpSNxZqUXD5wP02R/ZuxBh0jujgU9aENsbAYYa6xscvOSOui4iCS86Xh02hCVB3h875RaZBDipVjJQm+HszXijNb25kwPp5Rnzt1TegfPz+oFHUKHt2tjcnhpqlFMTUebEnxhqO2jv//j4LWNH5zGjRAKpA933x/jqd/NG2QGr0g12NKnyjFhLlOSMbtrbiNhBI6X0TvSYAT8dHe4VwUhAdxB+FllD+oVSKSjYUpYVau/LxWiQwMCLPDSwEOodOOXjwu1zaKqvucZBEj8hHvhMLLrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6GFRrQkY/7ZG2RPYjjlCPdAr44veFUzgwNQadOGAvPg=; b=Xeiw3zWoxZ6xibS+37rjyZNJ1qGPW2aewzEXgrviocswtZj7SHbKdVflXXuBneplZGhxHVvAa3DggonYeWFFLxznofhrJLeejBQegQU5Wc/8twl/msUwbCUl0jDA9EcqBRgE0NfWdST49Xd19fRNKpKDpj0dimJgxUYZQZPVT8zIyrvZlieGyTxOv7e3ivmRsm6rH5EPxCBDsn0ShDjR+HUDa4aOpQfFguJWj6MxjojQiq1DtyNkepMkpWy1cvyc1mfWpUSR2b2YgEQAVKSwqLZPYnshzAspIyfRAnCq0Jb5FsCPdDZl5G/MtGBbREulor6gnJmL0rmwaD+tBaJ4cA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6GFRrQkY/7ZG2RPYjjlCPdAr44veFUzgwNQadOGAvPg=; b=nlgrYSgFQWVgZ26YSzLMN0imV61jn8FKEmU7u4ZJV1JjrzYHan4+oQafZI7WWF/V/yz8czLYH6PBEIlHte95UZwD0SIWp1OFwnGkndUe/CxTU61wBWo5bvHJlyOG1f1cOTQ0dGGzAnL8H424TWabr+9WXbsDdbblun/0MpQ6uPc=
Received: from HE1PR07MB4187.eurprd07.prod.outlook.com (2603:10a6:7:98::23) by HE1PR07MB3468.eurprd07.prod.outlook.com (2603:10a6:7:32::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.18; Fri, 26 Mar 2021 14:03:38 +0000
Received: from HE1PR07MB4187.eurprd07.prod.outlook.com ([fe80::9496:1cb2:ad7f:1c14]) by HE1PR07MB4187.eurprd07.prod.outlook.com ([fe80::9496:1cb2:ad7f:1c14%5]) with mapi id 15.20.3977.025; Fri, 26 Mar 2021 14:03:38 +0000
From: Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>
To: Seitz Ludwig <ludwig.seitz@combitech.se>, The IESG <iesg@ietf.org>
CC: "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "ace@ietf.org" <ace@ietf.org>, "draft-ietf-ace-oauth-params@ietf.org" <draft-ietf-ace-oauth-params@ietf.org>
Thread-Topic: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)
Thread-Index: AQHXIJBkqWhFI3yW9kCGLC/ZyWYr6KqV3t2AgACCaAA=
Date: Fri, 26 Mar 2021 14:03:38 +0000
Message-ID: <FC159D9F-D336-43F0-B4CA-CF32F7433B20@ericsson.com>
References: <161657823601.23005.5029211862521342366@ietfa.amsl.com> <276f72855baf42f4a64dbdecd86c3fe9@combitech.se>
In-Reply-To: <276f72855baf42f4a64dbdecd86c3fe9@combitech.se>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.47.21031401
authentication-results: combitech.se; dkim=none (message not signed) header.d=none;combitech.se; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [85.238.211.27]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0e733547-c528-4f9e-eb4d-08d8f05ff495
x-ms-traffictypediagnostic: HE1PR07MB3468:
x-microsoft-antispam-prvs: <HE1PR07MB34689FFA75AE14BD232A0CFD9F619@HE1PR07MB3468.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rHr3kHtJSHvIWP9P6JCBwxWAarHo7ppGIF/r1cA5k1t2nIl3MYPlLefKh5tGvV/8h6m3yUjaNBAYfJWp4/7dk6GWmQkltswQTWKbUMJOukc17xsrwixsOrtrh6F3iOmLrPlfgU80A+qXKZCbn0qM+Jaw5hcx8FVpNdoNexNwFNWeCio97Y51XIgEBtXeRsyTOroFlePi6OrI2glvHTlD2Sj3ciROp25zOeOaDE2ERZ2t+AGWjb36pP+66HZnEqwoQ3I7sQB02HDcy2HedybPYMMww7ERQ+rBBWy3GFftUTCYTVcz1lZTyTzshjIoVTGgCAGL+AetbgelEUmemEPbDpJGwGpx9Yta11NiaJjfHcjM0SPBoLM88Zmqxe5jAsb7It5VPRlEiX8vqETLpp6LFtBV4P/M4tyRzI+4lKgkOvxXr4w7e+r4LxjyKUN7jSHHecvz1axkzZWku5III75Kf2+xGHPfQ8adV1ROxgjdq98aOHBFYrU9kcMSKqS6+3/8ThBhZYACNkGyRCAytlcoA/gDjynsZ0vmEYPyCbcmPpkhI7JVd+ByVWFTH0tY+RgB5Cnn6HsMd1C/8NvJz+zSTLFWAIpiXF0pYe376IXk8gVEl8hncxvl7PzdtldD1L9rrBwRusZGWfwn1aiWhaM8BKoc5NlaNJc1BVzeor0gfYVKmLRvoBWzidxQZoVlz9Mf+EEABKpqB750BwHkH0jLodWwqTIqyZ9t5HufA/lrM9GWR+vwuHwoPtegQOLxaZPpC6l2r41uY91FRj5GN1Akuw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4187.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(376002)(346002)(366004)(136003)(39860400002)(2616005)(66556008)(966005)(86362001)(66446008)(54906003)(2906002)(36756003)(76116006)(64756008)(26005)(66476007)(8936002)(44832011)(38100700001)(83380400001)(186003)(66946007)(4326008)(71200400001)(8676002)(33656002)(478600001)(316002)(6486002)(6506007)(110136005)(53546011)(6512007)(5660300002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?QWZnREtSenNtcU9jSGhzR2hwTjEwdlQzQ3dQU0xFR2hpUWhjSUUzUmRyLzdw?= =?utf-8?B?U3FqZW1oRENUVEx2SklIRVRtbHFGRjMxdGp2RHhXamlzQjNpOUZTUmwzbm9x?= =?utf-8?B?ZGUrS0JNYjdvdzR5RG1OTEg5c0dORXNBdmZjanBkRXZZTE44emJ0MzFIWVZJ?= =?utf-8?B?U2xFRWEvaTNTV0RjNzVJTTZNbkozR1FYRHpSZHJncVowZXExbkxHdzl6YTA2?= =?utf-8?B?MStkNGEzTFJoYnIzbmVaNG0vRms3K3U5MWVTY1lhNGxBc2JCZG5PU0ZqOE5H?= =?utf-8?B?Q3YvY2JrbXgxNVNhZWNTUGZTV3lpQkIvbDUrMUJOaGxvRGJYQm0xdWdsbTJI?= =?utf-8?B?dDlGSGd3YmVNdDZmdURER216Z1l5Y1NUcXZVVlFlR2x2R1hXOGpRZERxQm43?= =?utf-8?B?QU8vVkpXUllEZ0o0WUZZTm5Od0NoWEhRbXZiM0w4YU41U0NuNVdUQ0x2UWVM?= =?utf-8?B?S1BhVWkydmYxSk9qSGo2ZDJ3dmJ6OXRtTnQva2drSFpuanZ2N25VVzRWNlZN?= =?utf-8?B?bncrekhOSllWeVhLZmVlaEVqdDlxdklzbUtqWTlTdVBxWUZJZjBtZUh0Vk5S?= =?utf-8?B?RGgrYndnL0g0anBoYi94UFhBNm5yYXdFTFRKaks5RzJSVEZxdE9EUzFnUnpZ?= =?utf-8?B?Z2Z5WGErMlBMZHIxV0IwVm5tY1JuMWdGcEtRUFpTWWYwRkFmQ2twcGcxcHhE?= =?utf-8?B?UHlINE1FNnJPSFlIdVJrLzQvaWcvSWlHYmZ5WUdxeUpocUN2NDFwR2s5Ukh2?= =?utf-8?B?S09ZUkNDdjA5ckg2dWZ3OHFtdXluajh2T3NOT01oOFBIWjZOdGswaEdUZXpl?= =?utf-8?B?U29NdHJmZm9GeWpBcUxXUnN3MkZMYXVDNnlXUTlGR2FKY1dubk5XeGJZdzlD?= =?utf-8?B?WmxRZnZpOTlQWW05dTlaUGc3ek9wc0tiVWFxVk1BSGtuRmdjaTQ3MkRkZGtH?= =?utf-8?B?enFwbkx1S1RpZDRxdkhncUplaDNoakF6RjI4ZTFyQzZLZ3M4UlVuSWFxSlZ3?= =?utf-8?B?b1Z3WGh0UTRNdlErejhpaStkaVM2WXdjamcyWE1KczRZa0JFVUw1QlJ1WEFR?= =?utf-8?B?SmhFbHlZSG9yckNnRWtMeHZaczg0ZnVRT3ZpYWtGVG9zd2N5UzRicDNCOWZ1?= =?utf-8?B?SnVIcUNzSjJjTkxCWVdqUzBRSUtYTGs2WmpXV0xqT0VzcGV6QWxiRkkwZUZI?= =?utf-8?B?alozZWJKTm5MODh5aWFjMG5FVFBpT1ZDZVAra3JYSiszcTRwVFk0dGR1M0tj?= =?utf-8?B?WVFxZzBCbHZHK0s3ZW5VbUNIaGV1NStQS3ZvVTlra0VHRDM2ZUFrdXdKWHQw?= =?utf-8?B?VUtKZFBuZlNTby9WOVVUQW1WSXF3S1BKUTMxS3JCbTRMOFJNZkpvNk9taWpL?= =?utf-8?B?MXdMdjA1YTYwcFljZjBCWTRxZWtWdDgrVDY0bGhZMExQMXlXMkRQRTFLL25j?= =?utf-8?B?b1BtbmwxZThNeXhGclVLSEhMWHBKcHptUDNQQnY5ZlBSR3F4ZFhwTGR6aDF5?= =?utf-8?B?WmVwQ056bTByQU9OMXg5blpST2JXKzdzaUR2SWFVSmZKRytqMVMvZ0F1YURD?= =?utf-8?B?cWM1YzFWd2RxRlhDdE5GQkpPUmhmTG93M2NObEdJanRKNlR1MHFOMFRENVMx?= =?utf-8?B?MXNoTGFYYkJPeXJHY0p5ZU5IMjZ4OTlxNUdQc0hMVER6bGo4SWZab3VLTE1X?= =?utf-8?B?TzJxcGNHZHNEb2hWeWhNT0NtZWtCZ0tkZ0QrN1Q0QU5HL2dDOU5OU295MVZK?= =?utf-8?Q?tDUXkawDTf14nWDg5FABnP7sBKLopgat4nEedei?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <13B16085807C774A8FFD010130B1233C@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4187.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0e733547-c528-4f9e-eb4d-08d8f05ff495
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Mar 2021 14:03:38.7747 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vPbiwxfojCwjuWRyjM1+tLQ28T5+ymxftXKbDSlzpzgSQbRKq5ZJiQQjQ7OD0fxzmyVESbWAwDIzSTSX0PIR/uiefUx+B9gihVIMIQIwRC4nb5zENidkiZf85dyrZvky
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3468
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/9JVTt5ywI9g1-YmIY-V7EtfsPQU>
Subject: Re: [Ace] [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 14:03:49 -0000

Thanks for the update. My comments are addressed now.

Found a nit : It is RECOMMENDED that an AS reject a request
      containing a symmetric key value in the 'req_cnf' field
      (kty=Symmetric), since the AS is expected to be able to generate
      better symmetric keys than a constrained client. client (Note: this does
      not apply to key identifiers referencing a symmetric key).

s/reject/rejects

BR
Zahed


On 2021-03-26, 08:17, "iesg on behalf of Seitz Ludwig" <iesg-bounces@ietf.org on behalf of ludwig.seitz@combitech.se> wrote:

    Hello Zaheduzzaman,

    Thank you for your review. The issues you found are now fixed in version -14.

    Note that there seems to be an problem with xml2rfc, since the outdated reference to draft-ietf-ace-oauth-authz-33 should have been taken care of by the tooling.
    I have notified the maintainer of xml2rfc and fixed the draft manually.

    /Ludwig

    > -----Original Message-----
    > From: Zaheduzzaman Sarker via Datatracker <noreply@ietf.org>
    > Sent: den 24 mars 2021 10:31
    > To: The IESG <iesg@ietf.org>
    > Cc: draft-ietf-ace-oauth-params@ietf.org; ace-chairs@ietf.org; ace@ietf.org
    > Subject: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-
    > oauth-params-13: (with COMMENT)
    > 
    > Zaheduzzaman Sarker has entered the following ballot position for
    > draft-ietf-ace-oauth-params-13: No Objection
    > 
    > When responding, please keep the subject line intact and reply to all email
    > addresses included in the To and CC lines. (Feel free to cut this introductory
    > paragraph, however.)
    > 
    > 
    > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
    > for more information about IESG DISCUSS and COMMENT positions.
    > 
    > 
    > The document, along with other ballot positions, can be found here:
    > https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
    > 
    > 
    > 
    > ----------------------------------------------------------------------
    > COMMENT:
    > ----------------------------------------------------------------------
    > 
    > * Section 1:
    >    Nit : s/Respresentation/Representation
    > 
    > * Section 3.1:
    >   I have similar observation as Martin Duke, and the resolution suggested by
    >   author looks fine with me as long as the cases are distinguishable.
    > 
    > * Section 12:
    >    Refers to draft-ietf-ace-oauth-authz-33, -38 version is available now.
    > 
    >