[Ace] Alexey Melnikov's Discuss on draft-ietf-ace-coap-est-17: (with DISCUSS and COMMENT)
Alexey Melnikov via Datatracker <noreply@ietf.org> Wed, 18 December 2019 13:27 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CA9C12003E; Wed, 18 Dec 2019 05:27:06 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alexey Melnikov via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ace-coap-est@ietf.org, Jim Schaad <ietf@augustcellars.com>, ace-chairs@ietf.org, ietf@augustcellars.com, ace@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.113.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Alexey Melnikov <aamelnikov@fastmail.fm>
Message-ID: <157667562611.29907.6804425237641037015.idtracker@ietfa.amsl.com>
Date: Wed, 18 Dec 2019 05:27:06 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/AVcZ1wTUs0auSl8QcuODvKyYYRg>
Subject: [Ace] Alexey Melnikov's Discuss on draft-ietf-ace-coap-est-17: (with DISCUSS and COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Dec 2019 13:27:06 -0000
Alexey Melnikov has entered the following ballot position for draft-ietf-ace-coap-est-17: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thank you for this well written document. I have a couple of small DISCUSS points and a few minor comments/questions that I would like to discuss. DISCUSS: 5.4. Message Bindings o The CoAP Options used are Uri-Host, Uri-Path, Uri-Port, Content- Format, Block1, Block2, and Accept. These CoAP Options are used to communicate the HTTP fields specified in the EST REST messages. The Uri-host and Uri-Port Options can be omitted from the COAP message sent on the wire. The statement above When omitted, they are logically assumed to be the transport protocol destination address and port respectively. Explicit Uri-Host and Uri-Port Options are typically used when an endpoint hosts multiple virtual servers and uses the Options to route the requests accordingly. and the last quoted statement: How can the sender know whether or not it is Ok to omit Uri-Host/Uri-Port? 7. Parameters It is recommended, based on experiments, to follow the default CoAP configuration parameters ([RFC7252]). However, depending on the implementation scenario, retransmissions and timeouts can also occur on other networking layers, governed by other configuration parameters. When a change in a server parameter has taken place, the parameter values in the communicating endpoints MUST be adjusted as necessary. The last sentence: use of MUST with passive voice is really unhelpful here. Adjusted by whom? How can this MUST be satisfied? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Comment: 5.1. Discovery and URIs Clients and servers MUST support the short resource EST-coaps URIs. Just to clarify: the original EST URIs are prohibited in COAP-EST? In 5.8: In the case where the asymmetric encryption key is suitable for transport key operations the generated private key is encrypted with a symmetric key which is encrypted by the client-defined (in the CSR) I would break up this sentence into 2 to make it clearer, as I initially read this as 2 encryption operations applying to the generated private key itself. So I suggest something like: In the case where the asymmetric encryption key is suitable for transport key operations the generated private key is encrypted with a symmetric key. The symmetric key itself is encrypted by the client-defined (in the CSR) asymmetric public key and is carried in an encryptedKey attribute in a KeyTransRecipientInfo structure. Finally, if the asymmetric encryption key is suitable for key agreement, the generated private key is encrypted with a symmetric key which is encrypted by the client defined (in the CSR) asymmetric public key and is carried in an recipientEncryptedKeys attribute in a KeyAgreeRecipientInfo. As above.
- [Ace] Alexey Melnikov's Discuss on draft-ietf-ace… Alexey Melnikov via Datatracker
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Jim Schaad
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Carsten Bormann
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Peter van der Stok
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Alexey Melnikov
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Alexey Melnikov
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Klaus Hartke
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Carsten Bormann
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Panos Kampanakis (pkampana)
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Peter van der Stok
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Alexey Melnikov
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Panos Kampanakis (pkampana)
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Ace] Alexey Melnikov's Discuss on draft-ietf… Alexey Melnikov