Re: [Ace] [Gen-art] Genart last call review of draft-ietf-ace-oauth-params-06
Ludwig Seitz <ludwig_seitz@gmx.de> Sat, 21 December 2019 12:22 UTC
Return-Path: <ludwig_seitz@gmx.de>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4A4B120A47; Sat, 21 Dec 2019 04:22:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y0fmdjIuGifJ; Sat, 21 Dec 2019 04:22:35 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4F29120A42; Sat, 21 Dec 2019 04:22:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1576930950; bh=PAgucxF7fFYdQWmcVVZPUDfnj6fmKMphhne7vwVy5/k=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=lY1WIS0df0EG2Pg+KEaTbmP5SYhiwfdCgKt+ZeVwapJhdNtfoxbUcC+RSidbBjncO gibv7OoaPoEWgI8izJBESKuUe9u9MtaFBku3/5ogcG4DuYqoOmtzC8+beDu5VmcK/R owbdfh5AX9smlIHk4EFGidhvvWOz553mLCK+M00Y=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.1.220] ([84.217.44.37]) by mail.gmx.com (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MTiPv-1iFJEJ1iyz-00TyLZ; Sat, 21 Dec 2019 13:22:30 +0100
To: elwynd <elwynd@folly.org.uk>, elwynd@dial.pipex.com
Cc: last-call@ietf.org, gen-art@ietf.org, ace@ietf.org
References: <E1ii2Kx-0000RA-1P@b-painless.mh.aa.net.uk>
From: Ludwig Seitz <ludwig_seitz@gmx.de>
Message-ID: <f04e3ddc-e33f-ef9c-1cf5-57ee817d8923@gmx.de>
Date: Sat, 21 Dec 2019 13:22:29 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2
MIME-Version: 1.0
In-Reply-To: <E1ii2Kx-0000RA-1P@b-painless.mh.aa.net.uk>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:XVZtn7gTOwtnIEgAI42qohb6GFJtqLsvdFAiA6GTLNHh8d5YVZ7 sLjxZpSRq07lWDl4CzQUOcbttRLx+zdyhv+y9nOpe+tTAvUYtZ9M+4nqyhBWQ+hQkPs1cDK jTbIQ92ZM+/O+JGdsu5VFvCRbJtJVHKXL7zkQ+argPcyuD557ioe2rGM3uuyEiW/0MUTA/d cfp9DWf+OetZbKg36nEnw==
X-UI-Out-Filterresults: notjunk:1;V03:K0:7BcfLeo99B0=:NWRJSWbboxwyffCdlhULfn 8O5y1vbYQoCFPRUxJ4Hnen5d8jubsHBv7U/6x4DsuOrVnIw4nSo0OazUrg5Zk92Llm94u3MPa 7AgYWPEcZuzdLL1LER+YeHM68ii8ZlCstVxQqCz+IPe5WmRo8CPBQiRP0diJ9T4p3zJKoyRaH yA8cJNpL6uymdKo9BQe+JefqXZnYwKv7kiFRCLrFyDuMkTDV/woOEaRum+JmlhUmSLuMurCdW AUhLqFIvqHcj9wwTRz/mC0xwLfG1A+IcLCGGy8B7qwnlo3WqrCkyn1EdPNnuSq4Faap6al092 RRIfyi4MN7P8MbjiHhZR1kaxFveD5FJn1FKtEArXq4Gi2VxWyQlWK+VjejoijS3sl81kHqZ0i OBmzw02RPnhymrNA1h8drVpdREBFoZZxlLM9VEZIJWnkBAzjv2vUCwNkLfgZ8QLEPfdda/xQV p5WHg2p5GdO1Bt63JVnK4Cyz7Hpk6uAxaXyjlnXCD8l/EY1Jl3r5Q28BkdSeLWrzgQE3Pcwa+ ggFz4+7IKqJdNXvjgTauhrqpJ61FgB+RZCAyG3n1G4pZwEbdNsbLrrobxg06JTtcebW83G/BR fZfnXGs5rR7ibVd9tpCJ099YVis7ll+AAHv8dRGAczcN/GmKvdhXAuEZ5tpQ88RmAhmd48UcX yGxzGibR/XrHaYaguoM3JJlL7FAHx4yH59uXu6mBYo7349hR+ROcXV31XBCbkeRY/yQBOnn9P SI5p8kxz/7T2A8qr8GVh2sJMEQeL6cv35lIKh0SGh3nu5h7KMN4ll4ewSOSbS9sqTV0ZFum0O /yqFKccyzGuNvdpLSbgJXyyYXoclDfvlxm06Xxk/K4DckH8Gl2JhE6YzLCLCvMHQVTi/XoJhv oDs2dvoMmoJi7hzCbTLScUGzs2GbXaUdsD8oy+1uGJeHYhprqLC+ZmgBYIFc1CKYGZwWE8RLh IO3Gnj/YRg9/rCv8ieLmoYt7LM3pQu9M3mWPuajZTARBPTeXpRvAQJJTFH8+4P280efukMu7f D9NxHur97NYKIWKxPyo8q3A3xnwdeEQsoreqbeEasQqSevYvH8MNRKgYL/KDQQ5B36+KLygvo XZFJcJSdxQNfFQQyRUk34zD5eBF/gFEUuI+0nNRl+ipDdFH+EWTKWCk0NwFcnYgUTQ7TuSMSv R2ddBMtK2SAP5EeF9isSEruHMeQIe47k1IQoXRh3MTV61sJoRBjHQdq5m+zMqhF79BKaWb6BZ 4UhA5s6C+SxnfSmP73cviAH+X+BLM+GKO8lSF3WqKAz/buoJ/f4bGSHsX3Tg=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/CGTmxiPnhxKdkxrSs2LWZc-3RC0>
Subject: Re: [Ace] [Gen-art] Genart last call review of draft-ietf-ace-oauth-params-06
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Dec 2019 12:22:37 -0000
On 2019-12-19 21:23, elwynd wrote: > Hi, Ludwig. > > Thanks for the prompt response. > > Regarding he major issue, I understand what the intention of the split > was, but as far as early implementations are concerned, there is no such > thing as a 'minimal breakage'; unless there is some cunning mechanism in > the basic ace-oauth-authz protocol, changes to the structure of the > items defined here will break the protocol. One possibility that I > could see is the addition of extra keys in the COSE_Key dictionary > structure: In this case you could add some extra words (in the > ace-oauth-authz document) to indicate that unrecognized keys should be > ignored. This is associated with the editorial comments I made about > s3.1 that would allow any other keys to be present in the COSE_Key > object structure. Similarly, the obects defined here are effectively > JSON/CBOR dictionaries. The changes could be accomodated by adding > comments in ace-oauth that extra keys in the items defined would be > ignored. > > In my opinion, it would be best to remove the comments about possible > changes and just state that they have been separated out because they > might be used in other contexts. The possible 'changes to the > definitions' issue is just a matter of 'institutional memory'. If there > is some mechanism, such as I mentioned above, to accommodate changes > without neeeding an update to the ace-oauth-authz (or other protocols > using these items), this should be explained. I have submitted an updated draft (-08) that removes the comments about possible changes. Does this address your major issue? > > Regarding the h vs b64 representations, since they are only examples > (and the strings are essentially arbitrary as the actual keys aren't in > the document), I'd be inclined to put in h representations to avoid my > question arisng. In my newly submitted draft all the b64 representations have been replaced by equivalent h representations. Note that none of these strings are arbitrary, since they do parse to actual keys. The abbreviated b64 strings representing tokens obviously do not parse as such, but come from the actual binary representation of tokens. Happy holidays, Ludwig
- [Ace] Genart last call review of draft-ietf-ace-o… Elwyn Davies via Datatracker
- Re: [Ace] Genart last call review of draft-ietf-a… Ludwig Seitz
- Re: [Ace] [Gen-art] Genart last call review of dr… elwynd
- Re: [Ace] [Gen-art] Genart last call review of dr… Ludwig Seitz
- Re: [Ace] [Gen-art] Genart last call review of dr… elwynd
- Re: [Ace] Genart last call review of draft-ietf-a… Ludwig Seitz
- Re: [Ace] [Gen-art] Genart last call review of dr… elwynd
- Re: [Ace] [Gen-art] Genart last call review of dr… Seitz Ludwig
- Re: [Ace] [Gen-art] Genart last call review of dr… Jim Schaad
- Re: [Ace] [Gen-art] Genart last call review of dr… Ludwig Seitz
- Re: [Ace] [Gen-art] Genart last call review of dr… elwynd