Re: [Ace] [EXTERNAL] Roman Danyliw's Yes on draft-ietf-ace-oauth-authz-38: (with COMMENT)
Seitz Ludwig <ludwig.seitz@combitech.se> Wed, 24 March 2021 11:57 UTC
Return-Path: <ludwig.seitz@combitech.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E17363A2B8C; Wed, 24 Mar 2021 04:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jeFiQy8gKOwW; Wed, 24 Mar 2021 04:57:35 -0700 (PDT)
Received: from weald2.air.saab.se (weald2.air.saab.se [136.163.212.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65B063A2B88; Wed, 24 Mar 2021 04:57:29 -0700 (PDT)
Received: from mailhub2.air.saab.se ([136.163.213.5]) by weald2.air.saab.se (8.14.7/8.14.7) with ESMTP id 12OBvISn009803 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Wed, 24 Mar 2021 12:57:18 +0100
Received: from corpappl17775.corp.saab.se (corpappl17775.corp.saab.se [10.12.196.82]) by mailhub2.air.saab.se (8.13.8/8.13.8) with ESMTP id 12OBv5Mf005314 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=OK); Wed, 24 Mar 2021 12:57:06 +0100
Received: from corpappl17773.corp.saab.se (10.12.196.80) by corpappl17775.corp.saab.se (10.12.196.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Wed, 24 Mar 2021 12:57:05 +0100
Received: from corpappl17773.corp.saab.se ([fe80::20a9:e9fa:54a3:2afd]) by corpappl17773.corp.saab.se ([fe80::20a9:e9fa:54a3:2afd%17]) with mapi id 15.02.0792.010; Wed, 24 Mar 2021 12:57:05 +0100
From: Seitz Ludwig <ludwig.seitz@combitech.se>
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
CC: "draft-ietf-ace-oauth-authz@ietf.org" <draft-ietf-ace-oauth-authz@ietf.org>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [EXTERNAL] Roman Danyliw's Yes on draft-ietf-ace-oauth-authz-38: (with COMMENT)
Thread-Index: AQHXH5Faz5aZ+htb9UOTtrroSqQdsqqTCOaQ
Date: Wed, 24 Mar 2021 11:57:05 +0000
Message-ID: <3218f8e93bbb4a889630661e75ff214d@combitech.se>
References: <161646869070.23075.303761097693732783@ietfa.amsl.com>
In-Reply-To: <161646869070.23075.303761097693732783@ietfa.amsl.com>
Accept-Language: en-SE, sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [136.163.101.121]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Saab-MailScanner-Information: Please contact the ISP for more information
X-Saab-MailScanner-ID: 12OBv5Mf005314
X-Saab-MailScanner: Found to be clean
X-Saab-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=0.294, required 5, BAYES_00 -0.50, HELO_NO_DOMAIN 0.00, RDNS_NONE 0.79)
X-Saab-MailScanner-From: ludwig.seitz@combitech.se
X-Saab-MailScanner-Watermark: 1617191826.64686@bGR6FuJuXVb098Z2zMu5wA
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/Bqt6wmcPpvJIuRmJ5CBklAMqH0s>
Subject: Re: [Ace] [EXTERNAL] Roman Danyliw's Yes on draft-ietf-ace-oauth-authz-38: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 11:57:38 -0000
Hello Roman, Thank you for your review. I have taken the liberty to copy your text suggestion for the differences to OAuth 2.0 directly into the document as a new appendix (you will also find an acknowledgment in the acknowledgments section). For the issue below, I need to coordinate with the main authors of the other drafts you refer to. This may take a bit longer than the rest: > > ** Would the first paragraph of Section 7.2 of draft-ietf-ace-dtls-authorize > providing caution about the challenges of multiple access tokens be better > served by placing it in this document? Section 7 of draft-ietf-ace-oscore- > profile has similar words too. > I have implemented fixes for your other comments and plan to submit an update (including fixes for other IESG reviews as well) by the end of this week. Regards, Ludwig
- [Ace] Roman Danyliw's Yes on draft-ietf-ace-oauth… Roman Danyliw via Datatracker
- Re: [Ace] [EXTERNAL] Roman Danyliw's Yes on draft… Seitz Ludwig
- Re: [Ace] [EXTERNAL] Roman Danyliw's Yes on draft… Seitz Ludwig