IETF Logo Mail Archive

Re: [Ace] draft-ietf-ace-oauth-authz

Olaf Bergmann <bergmann@tzi.org> Mon, 04 May 2020 07:21 UTC

Return-Path: <bergmann@tzi.org>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A83D63A0D10 for <ace@ietfa.amsl.com>; Mon, 4 May 2020 00:21:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aBoMCyfzbm70 for <ace@ietfa.amsl.com>; Mon, 4 May 2020 00:21:08 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52FEB3A0D0E for <ace@ietf.org>; Mon, 4 May 2020 00:21:08 -0700 (PDT)
Received: from wangari.tzi.org (p54BDED4C.dip0.t-ipconnect.de [84.189.237.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 49FvR6620Yzyyy; Mon, 4 May 2020 09:21:06 +0200 (CEST)
From: Olaf Bergmann <bergmann@tzi.org>
To: Peter van der Stok <stokcons@bbhmail.nl>
Cc: Jim Schaad <ietf@augustcellars.com>, consultancy@vanderstok.org, 'Ace' <ace@ietf.org>
References: <56d31e581571721e176b59db20e08c23@bbhmail.nl> <00f101d61f03$a26bb920$e7432b60$@augustcellars.com> <0873a3115cab89036002cf42b1c97608@bbhmail.nl>
Date: Mon, 04 May 2020 09:21:06 +0200
In-Reply-To: <0873a3115cab89036002cf42b1c97608@bbhmail.nl> (Peter van der Stok's message of "Fri, 01 May 2020 08:56:20 +0200")
Message-ID: <87mu6o6u8t.fsf@wangari>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/CQZ7ZR16k_2CimJrU74XIDmeuJI>
Subject: Re: [Ace] draft-ietf-ace-oauth-authz
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 May 2020 07:21:11 -0000

Hi Peter,

Peter van der Stok <stokcons@bbhmail.nl> writes:

> When I want to access an OCF device I can find its IP address through
> service discovery (rfc7252 section 7) using an rt-value registered at
> the IANA core parameters registry.  For example, when I want to
> initialize the AS I have to type in the IP address of the AS.  From
> that moment on keys and certificates can be compared to continue
> initialization.
>
> Using service discovery can automate that process.
>
> My request is that authz draft registers an rt-value in core
> parameters registry for service discovery of the AS, unless a
> different process has already been established for AS initialization.

That is exaclty what originally has been done in section 9 of
draft-gerdes-ace-dcaf-authorize [1]. Somehow, this got lost in the
process.

[1] https://tools.ietf.org/html/draft-gerdes-ace-dcaf-authorize-04#page-30


Grüße
Olaf

v2.23.0 | Report a Bug | By Email