Re: [Ace] I-D Action: draft-ietf-ace-oauth-authz-20.txt

Ludwig Seitz <ludwig.seitz@ri.se> Mon, 11 February 2019 14:04 UTC

Return-Path: <ludwig.seitz@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0529712008A for <ace@ietfa.amsl.com>; Mon, 11 Feb 2019 06:04:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KJbGkh5qty9Y for <ace@ietfa.amsl.com>; Mon, 11 Feb 2019 06:04:34 -0800 (PST)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30076.outbound.protection.outlook.com [40.107.3.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20936130E95 for <ace@ietf.org>; Mon, 11 Feb 2019 06:04:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector1-ri-se; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0K6OL83NdJ4OyS+7jDNSrv+ZqJtIRlLE7Y1gcAozAv0=; b=DXDM62Q6HHJY/OqQ44BsQV4EonUAH3RxCU7GC4HjWTak+r2paRBEGkH7N29AFNUup7tHGduFYvv9tm9pzWJwveviyxDMtzNsfDkgLwhy8/PS97Rq55G0n2tBdcW1nUyd+EevnCzbcExqce8Gq78XDIUNDsVZDdO3ZO17zQYEAUI=
Received: from VI1P189CA0026.EURP189.PROD.OUTLOOK.COM (2603:10a6:802:2a::39) by HE1P189MB0329.EURP189.PROD.OUTLOOK.COM (2603:10a6:7:58::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1601.21; Mon, 11 Feb 2019 14:04:29 +0000
Received: from HE1EUR02FT063.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e05::203) by VI1P189CA0026.outlook.office365.com (2603:10a6:802:2a::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1601.22 via Frontend Transport; Mon, 11 Feb 2019 14:04:29 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by HE1EUR02FT063.mail.protection.outlook.com (10.152.11.211) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.1580.10 via Frontend Transport; Mon, 11 Feb 2019 14:04:28 +0000
Received: from [10.112.134.122] (10.100.0.158) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1531.3; Mon, 11 Feb 2019 15:04:28 +0100
To: <ace@ietf.org>
References: <154989368061.18697.721029169041568972@ietfa.amsl.com>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <2fd7e0f7-ca51-601a-bb70-3081ca047e9d@ri.se>
Date: Mon, 11 Feb 2019 15:04:28 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <154989368061.18697.721029169041568972@ietfa.amsl.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060401040701020108080000"
X-Originating-IP: [10.100.0.158]
X-ClientProxiedBy: sp-mail-2.sp.se (10.100.0.162) To sp-mail-2.sp.se (10.100.0.162)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(136003)(376002)(396003)(346002)(39860400002)(2980300002)(189003)(199004)(58126008)(16586007)(16576012)(31686004)(106466001)(2906002)(6916009)(235185005)(11346002)(97736004)(476003)(106002)(22746008)(44832011)(316002)(229853002)(336012)(86362001)(31696002)(2616005)(68736007)(36756003)(6246003)(16526019)(478600001)(26005)(14444005)(186003)(71190400001)(5024004)(356004)(386003)(76176011)(33896004)(33964004)(5000100001)(8676002)(7736002)(22756006)(84326002)(74482002)(65826007)(64126003)(2351001)(126002)(446003)(568964002)(3846002)(6116002)(486006)(65956001)(305945005)(65806001)(40036005)(53936002)(8936002)(81166006)(81156014)(77096007)(104016004)(69596002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1P189MB0329; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-Microsoft-Exchange-Diagnostics: 1; HE1EUR02FT063; 1:tbemv4htK6M0LNA3svodl/Ww49aR80rqu5tqw6cUj3LnRCKnBPbdHSsHExP5O1G589qfzWwtrHyofsRujoy603BqeTuYrCZpDDnJzWwDw2siv9Of1MTTz2Ml7bopFsXsAb8cW2VF6hRmjFUORw7S/A==
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7529d7d7-dbc5-47e7-b338-08d69029d6ad
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4608076)(4709027)(2017052603328)(7153060)(7193020); SRVR:HE1P189MB0329;
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0329; 3:wnB5OXUmfL7BZDeHLNd1YboO72htPunqcvgvvubqqyVHM1gTuuHufhzmyofT0N4WCusLNYBcE4qdK2q6sbNGKWekA2/dDt5rdrv052LSZdFNxtAzh5+3i9JOVked+6tzZvWox7o2wRHek7B6I4qjaTZfw+68CcozvBiqHC06AqgYOv5ivhc8MajR1iYQxOrEUf1IhAlkCkssHxWYqKphzhevF4wqxcjJjdg9EYa2TAj2h5kE2uBb9x1qeRxUNgnLioZgO0xtT6z5nvkrBh6txwU2DwdpXjmNzlMA3y1DcbfsBHb8TUiTbaRSueQ2M1kIVZJBNifOegpZkGgNFYUoa/8zu1K2MKbgXVpIDR8I2FCiDEHWPeBPBCviccApoj7F; 25:TPmwB5IzkGOzBY6fuaPeBxVhBM4D0L/sVm4Kfd6ZyS+ddMoN1WpHOuKOeID6He7JXBS02yxm3HQYPsbfLkSpDevdiud4UOPEgPCKbR0qbMQXvBNC2gAjfBBav1UKj/WSPChTCKyqDWyqlUMojv/pbSg/ZYXUtmE3nvxKyncny3OGu9V50ViTvHz5OmJwywvYrpTI4QhWmng9/NFxg+ylRQBwaw+yapXBIAy9cqTgIWPPWuIU6P3FAlJ6G4K5uHu2iJxZF2ABKXKJnZXoNIe7vojKR4EKDlCgoRel9FlKl1FhDv1X1+WTze6Nh0Ckg1TBq55G2Wrk0NeZwga7+cDRXA==
X-MS-TrafficTypeDiagnostic: HE1P189MB0329:
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0329; 31:wafBqBKB6w0BkNOdqnPzZt/p7EWyBllSHlo9YJ/F142b0VliMt2pjiQkoG7rtXgs334NYIEmJeXTOJCu4GAhcr82eJ588eK5Z9uOd65Fhih2JMTH5SEUlv1+GG/aUOFJIlQtsrzJJGPHvGffCVzoPjlzSTxB7JaMKgQbZJ42kTLdvnt4el41E36xH7wdwyJ/KsD91Dn2hN9qiGHhpv372W1aG+xScemyRl0FUO8J2A8=; 20:Jhu9ZyZAnrAeZRAwS7nf1j+vVVpU0tAcTNt0DMoJyZl6ap6l5VT1z1K93DTakbWdBKxCu9Mq6IwsYKBvWv3TaGFwbPgr8ej2BOQnGALhfNMV1zJKYFGNDv2s1obYjmKNu/S7BC7IiknQ+j7VfjzkwV7AuegZrOkyyUHMOUVljg6m+1Gk78KbtHSiFdnDr/qT0m5n6P/kTQZGtBIDvMQxsIbFz+3d1rCnkB6i9NChnmmZovJMXO5ORQExqXO6xoKg; 4:RNguEXai1nqM1Xv4evd4JBaA9BjWksuUZ+bpfd/yD9s3B8mJNGxCSchgtwd9HCxwJbk8E25YE6wRm5Md2SdPHN/zulPjKJAOBVKvvBvA4fCNN+S+cvI8W8Gyh3rDheNM8Sp2lzT8ykfsvWuaRyspwWfmWLzu1TnJ2UaTnerGUgvIS910UoDSu2Ys9W9eA8nWyO5p/S4KU3PdLxQCqx2/ILH1suGLAjbkgiN9Kzmkv39qKBfIevJHFXswGXUCAVyzNOxd4SBho+NmWeKgB76m0ZtJgmX/m+8VPpr2OpKOaN4=
X-Microsoft-Antispam-PRVS: <HE1P189MB032962D86C7EE770160F0C9982640@HE1P189MB0329.EURP189.PROD.OUTLOOK.COM>
X-Forefront-PRVS: 0945B0CC72
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; HE1P189MB0329; 23:Qr8V6rBcYYbsgehzgQ/S+G+HyB9/GmbK8pi1+pOz1?= =?us-ascii?Q?TXXnU7tAq+Ta50K2uOA+MjSbsQ5R1YR/q72pW5IoMGaQ+pD9FK4+uDnGOzKO?= =?us-ascii?Q?IeSTfjNOJedw4zQD4bJdQ/+seaKYx08Wc72ya5xyXnjK9tN01CZNsDRJuuyi?= =?us-ascii?Q?chi7owcN2JGcasT7BakgAOZeWwVyIluengHeJ/JirLGCwJsP5+AMVftvRmpY?= =?us-ascii?Q?gntnEDpsar4aIj/h88vyCahWDHlLOSkUZzEno8mnXi3PXim/ekKZAo9B0p6T?= =?us-ascii?Q?HcI7R/5b9d8+hhz6FRzIVli/01bEFwoGfop9L+LHr4HOJ4hD8+UG5noByQXK?= =?us-ascii?Q?3YNJu8rzQ9e/Bhvvr/JQgh/zhhGO15Msuoxpxy3Ft+wA+s9Ipz+kCLn3qosw?= =?us-ascii?Q?9F2A9T4qFzbY9FXUJzST1EglO1E6tmHhjxm/QGLBqcbFaYf75YwMeXQNzoZb?= =?us-ascii?Q?yKFrL3XzCHsmIyKScXjGqjqhiHtDstA+ErMgfePzN40Zz5NDTsAg+8Z1Gfl9?= =?us-ascii?Q?pgrq1dEHOaKP55ddolMAWFMeMxqhXQDk/pP7ymhEHDzoC2Zddv6xE2Tkge3Y?= =?us-ascii?Q?y8ebYP51Ci2YdVwLTltD7rmsxqnuCA7tI2gATzb8kcb1EkqlZOAStAFaaJZH?= =?us-ascii?Q?2Gpdro9hOiDCOOlffmtVUNqnSt/btC3vhzCKzzjTv3FpOhHz8qVpe5OsLN+K?= =?us-ascii?Q?gqTRDY1lh0dUm/1zSsLbKrorgS83pqORxhGtl8PnKqG3sP4/sozxcFXaDL7w?= =?us-ascii?Q?SZEV0D6FxSctFE3ymuEopUGWaWxt7j/uGJyLQ9VnxsyLt4XyeT139l6EiZO1?= =?us-ascii?Q?DYh4BBgqDSlmXVfDOGlhS7shXKZhRJ9hYlhEmpT/FEuQeA5eisz5dBXXdvij?= =?us-ascii?Q?+jmHP9g1IFUmIyFJCUikkqf+Ni9oG9GtX+r1ppykt/1dTTW6SL2pI7KBa/lh?= =?us-ascii?Q?vB0cm0MZRnwGKqymzjoSyLGi3RyBmFyOBxegOPOhH4OlyRZyIBS6pJcKo2l+?= =?us-ascii?Q?c7hGvAcxhBqB8R5qgPAbo5Zq6HBdlTqzQ2oyR5S9oUqR0Tc6HMmcwEoWJeO4?= =?us-ascii?Q?JduncibQOhcestXZAdRa1UedbVvBiHNO6iNfPW6lkxT3GeeoCoP6uB0FkhpW?= =?us-ascii?Q?0Kh48eeZFxa2cIpuSg5hV1ptABSEJsPj0pVREmse658V3Y7ztAGUCenH6Gl/?= =?us-ascii?Q?2ALoxAGHJVAlM9HLf8OmO9fopJqwT3LD1rPxJATNj39KxlU1ch2kdG62v/2s?= =?us-ascii?Q?XP1DAxK1Xz3NsNyXurD9lTp4DgtL5HG7lQgQ2C8c+hinFDAuEanVWVyeOKhH?= =?us-ascii?Q?zf3FyPSkEhJ+hDL47GTENtVbYmQsxTuIQBUWgqzquXVXef5/mF51yvHRNERv?= =?us-ascii?Q?cTB8uNo11HwDOqG+d3t5sx529ADH+wN/3VbptYKiAGQOw4X0kRmvju+S5pks?= =?us-ascii?Q?gEiUzvzjSO6iK7d+V195iWo0hRq1AwdZBHiv0mle/f2HXC9PNubttIe3O5wk?= =?us-ascii?Q?PcRu15Jeou9TJTLcRtEteHWar2Y7ey/WOI=3D?=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 2gw6JhA370klu74t91PF6lOovKRcFd+AEW9zxqxSK10/q7pORqAxECQg1mxGY77thE0C8oshWZ7GCZ8jNuTHjSqyJsIcBFbaZEecLRKrpYDqVQqZ8iA9ep9Coiq5RAfYVZDOMUdyhzycKxYmIEhG4lXWtFREn/eH1Oc/XD7bo/PjmFCM8Qt+uoI2Xe6ksMWNOspM8F8UePg3QzjyTexbv5EW/w60LnIXLyhzmFSvUdCe6kJwBSZFANeHyK/EEMGAB1VLofa+0Psk8HEE2CZuHOkhBm6Nu9/bayEJFW2X/7h79nbVbvXi2q1Prb7Y6ZlyFOEh/wMfjOmmPeUn4RNla7G54yD52PD3FejPA5cuSu6qXv7vDv0O+8+NeKlP5ELFZ0Foav5c3BpfTPiH4dxOp+VWtXkVs0kafYtkffMR1lc=
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0329; 6:a6IKjOd+vAIR82+Yl0LL3ISnWG5fEsvtqzeBn387UZQjRb31e8kUd0fT7HUQBqq+pnFMsoPQVxtI+iWEXvrm23w0uhGTXY+8GW4D5cx9WTyQiHJ1GMYGs4EhzU1kdK3a+lYsfevZLVa6T4jay0XGZwJmQmbjTjPePbdAU9q7i5MIq6x8g1IsO3ir+qmae6VikFBneHeGTQWNafSi8yZSoUPW2U+m42oJfyn9lxSmO3hRsg+dyIclljwK/lP1EG9commTFCfT9rxtmklYYO0r1/N030N313lPPhUHEIa5vLwtvSc6pAQjFbmriHbX8IB15U3IufjdTJza0uw0OLJ19v9TemfGu2EHuqSwDzURtnZJnP0468R5GTKeX0xgDbAc2YmeEeSGHaeGb3dbtEr/UOUjltBBAFYlqaGEar6lT3rMH/mYdatU2nMQjOujuYPkNH9hKhI0A/P+un0GiGpoEQ==; 5:zIU9rIaKV6koVpOImdbj2yBzPfR+VWiZoAo6zUYNYkNwsVrw7ebXFQuT4+ja0fci8N96IU3mzNcY7jYceg6uq4lx7w73302VTy4/btu/ZDFXjjF6i6uAw4XG++M0wcdcbW5bejm9XQMTDcWxHPQGI4q8YSXTYin58d/kDGK3W6sJ0qsF9GInbQmzMZgJPbilsf0x2/X4rHWuFQn3gkjtiw==; 7:q6Yd/wYVP1iNRvocuPNpnh2oSWHyolDqXTyagzDGFfJCf5iEDcP7JR0wRgvX/knDDkHpwFpdmdjWKg/n8UPrTmsiS+11Zml+5K8GhXh5XiS1bhv+kKUo9D3zNuPFi+a9tAWD7fQSI4alSdSYqwGeOA==
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Feb 2019 14:04:28.8539 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 7529d7d7-dbc5-47e7-b338-08d69029d6ad
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P189MB0329
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/AQ5BFJnSdpD8MZXoSQajLbmVWzo>
Subject: Re: [Ace] I-D Action: draft-ietf-ace-oauth-authz-20.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2019 14:04:37 -0000

Hello ACE,

I've updated both draft-ietf-ace-oauth-authz and 
draft-ietf-ace-oauth-params to replace the "req_aud" parameter with the 
equivalent "audience" parameter (not to be confused with "aud") from 
draft-ietf-oauth-token-exchange.


/Ludwig


-- 
Ludwig Seitz, PhD
Security Lab, RISE
Phone +46(0)70-349 92 51