Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Mon, 09 March 2020 20:01 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3EE23A1695 for <ace@ietfa.amsl.com>; Mon, 9 Mar 2020 13:01:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=yp7bfoFi; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=yp7bfoFi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ue6vQqMdcpsP for <ace@ietfa.amsl.com>; Mon, 9 Mar 2020 13:01:20 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150089.outbound.protection.outlook.com [40.107.15.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C8C83A16A9 for <ace@ietf.org>; Mon, 9 Mar 2020 13:01:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1V+PmABWTXca9UpQLcKqAqjyC18TwcoCLXTJnu0fwik=; b=yp7bfoFiL757HnLKJNJ9nqmdIF3AK2CsHc0gZEtttNaibaETYE//lX7TQ3dUItCMB9Fe3u4IQUaGQhKTWEyl0/5AAxh0+qG8R3lHFY8+d1uuL3q3ctOjoFl2cecbnwjIVKHZsJPnUkT0E8G2ZaRd1+OXjdlzVY/E0s4yMlQ41PY=
Received: from AM6P192CA0064.EURP192.PROD.OUTLOOK.COM (2603:10a6:209:82::41) by VE1PR08MB5200.eurprd08.prod.outlook.com (2603:10a6:803:105::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.17; Mon, 9 Mar 2020 20:01:12 +0000
Received: from VE1EUR03FT024.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:82:cafe::8c) by AM6P192CA0064.outlook.office365.com (2603:10a6:209:82::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.15 via Frontend Transport; Mon, 9 Mar 2020 20:01:12 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT024.mail.protection.outlook.com (10.152.18.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.11 via Frontend Transport; Mon, 9 Mar 2020 20:01:11 +0000
Received: ("Tessian outbound efdea641ed36:v42"); Mon, 09 Mar 2020 20:01:11 +0000
X-CR-MTA-TID: 64aa7808
Received: from 7ecc1196fa65.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 3AD89999-6176-4081-A18C-D86E06B40A6C.1; Mon, 09 Mar 2020 20:01:06 +0000
Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 7ecc1196fa65.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 09 Mar 2020 20:01:06 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H1XQSsjzWzvUd2LSHHqj9oeTaRcH3N5MG63+fC613bqrITo7uL/T0mCSWSCLUDqL4Fh2AHqZfTwcH9FfSn6rJxAyGZavGoGOKK5S2Az8nslEi+X6ZTpt0O4H+ZuGj7+7IOms9MbXh/ab0FaoNtkDHkEX4pGJ6ZFO8YlrI/v3ewY6LNe8wTm3A1j5WKhUzxwzwlX/2D8zXr6GSzEz0OyjI1+aVGXJWELwfn7DRW4euM5yE4GVMpaOT+IZIVBf5cR+KT7w61392zdOw8IW34kXUqfsUO1jDnvPY/07UzHXvCfnVFGHx5MIG/fIiH3XROk88K598AOv+xqh2mnYriosYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=1V+PmABWTXca9UpQLcKqAqjyC18TwcoCLXTJnu0fwik=; b=lWXg0eoi1KrgEnkoZ71MJ2MqfIFk60x5egr79nxECsAi1fcJal1L14CTEhZRoYgCHbggFap791+6NYjwol7TPQKMe+plPiHtEvtr37gkkU0LmDbW90RjnA5+nWOFoJOqXEyrHH+4Hk945YC5kTA8Yu8ZDTdBbpuRumiNgo2G0x4qk9DDCRvkn+k18q4sOErY8IiO1rhuhryFgOKL6OWrQoRD1c7TdSNPVfsVIvi3kzPpwX6uLN9pQmyAUrLMLPUP4l8jmBwjYfJEpRnSfRTWv6rBHFZVTbj1pEtn5SieYsJ9DC+r1C+vLX/QlEuSUG8Z3HR6ikh6XHPnVrnsWxSkpA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1V+PmABWTXca9UpQLcKqAqjyC18TwcoCLXTJnu0fwik=; b=yp7bfoFiL757HnLKJNJ9nqmdIF3AK2CsHc0gZEtttNaibaETYE//lX7TQ3dUItCMB9Fe3u4IQUaGQhKTWEyl0/5AAxh0+qG8R3lHFY8+d1uuL3q3ctOjoFl2cecbnwjIVKHZsJPnUkT0E8G2ZaRd1+OXjdlzVY/E0s4yMlQ41PY=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (20.178.23.205) by AM0PR08MB3378.eurprd08.prod.outlook.com (20.177.109.78) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.17; Mon, 9 Mar 2020 20:01:04 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::2159:870b:25df:e612]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::2159:870b:25df:e612%5]) with mapi id 15.20.2793.013; Mon, 9 Mar 2020 20:01:04 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Cigdem Sengul <cigdem.sengul@gmail.com>
CC: "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] draft-ietf-ace-mqtt-tls-profile-03
Thread-Index: AdXrwPKVlOWry/rCSraJ6rVcwUtPZQAJFd8AAFsSKHAAMo6agAAAuhVQAgumIpA=
Date: Mon, 09 Mar 2020 20:01:04 +0000
Message-ID: <AM0PR08MB3716154E3259FD76101148C5FAFE0@AM0PR08MB3716.eurprd08.prod.outlook.com>
References: <AM0PR08MB371601D0F66969D7ECB504AAFAED0@AM0PR08MB3716.eurprd08.prod.outlook.com><CAA7SwCOnY1K=b=fYYMHH57ho0rFZRmN+EuT1K7qt7qxtN3fghw@mail.gmail.com> <AM0PR08MB37165CE98F43A5AEBDA3F411FAE80@AM0PR08MB3716.eurprd08.prod.outlook.com><CAA7SwCMVnO2-SUNyH7bDQ1jEwdbxVsL5bySG72b8GD=HH16=3g@mail.gmail.com> <AM0PR08MB37160FD0F8B34F8C1470EE82FAE80@AM0PR08MB3716.eurprd08.prod.outlook.com>
In-Reply-To: <AM0PR08MB37160FD0F8B34F8C1470EE82FAE80@AM0PR08MB3716.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: ee55e3a6-fe37-4faa-ac9e-f48f51afc403.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.121.13]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: d4d48e16-ae4d-405d-3b60-08d7c4649dde
X-MS-TrafficTypeDiagnostic: AM0PR08MB3378:|VE1PR08MB5200:
X-Microsoft-Antispam-PRVS: <VE1PR08MB5200217E984B2DCEECA3D1C8FAFE0@VE1PR08MB5200.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:6430;OLM:8882;
x-forefront-prvs: 0337AFFE9A
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(39860400002)(136003)(376002)(346002)(189003)(199004)(4326008)(55016002)(86362001)(81156014)(9686003)(8936002)(81166006)(478600001)(52536014)(6916009)(5660300002)(71200400001)(7696005)(26005)(6506007)(33656002)(53546011)(186003)(316002)(66946007)(66476007)(9326002)(8676002)(76116006)(2906002)(66446008)(66556008)(64756008); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR08MB3378; H:AM0PR08MB3716.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: +QvotrcixdQ8Zul9hHpY81eXnGGWE/arqruXOVBE+3BfFC/Y57cetmOkAl5MSTWcnsgwvhcbzYI4/bHOXdenPP6CB0sCDF/34Cbe3zWmFbbsyj9cAG756lS8B+vZkiu0PlZO4WRHYFt7YLMGHVx375eJZOJXmCx2WopUCL/HNRxWimt1/iWwBYcxcHG4FbepKEP9m8Z0l8I/lbPQp423/2SYbL95RwJfBMV7Atnl3WcuwNwTKJhKy2pZxQ+dcZgN5qPZXmHOAJ4tkfJvAegKpqtl4usXKXURq6GhYTcMfbOF3eUy/vagf6NhqcEya6cDQCi4qKixEuoOVcwPdrRGRBYAxqYPoJ/bRXLFuAOTPx6Z7s28VQcCq18fv5aACa5267Tk8EJ1qTq279LI07Ilr3oe07vqxZJoUdMBC62pJlCBNY8iqG8uzOKmcEB3Ok9D
x-ms-exchange-antispam-messagedata: keQMXvvpNWUFOE6vTR7XEd45nAkbaACwnm1hPmNE2wROuSCv43vjXjdyJ5m7NCm0gtzJlpRqchxrJ9Ip4Q/7dmFtP+vX1qIrWrArbW6EefBVhuAnZoB/brA2J1ddTNEubhcNlAL4/9hu42Ef7IuJng==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR08MB3716154E3259FD76101148C5FAFE0AM0PR08MB3716eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3378
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT024.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(376002)(39860400002)(396003)(346002)(199004)(189003)(478600001)(5660300002)(55016002)(86362001)(70586007)(70206006)(9686003)(2906002)(26005)(316002)(186003)(336012)(36906005)(52536014)(33656002)(33964004)(7696005)(6506007)(53546011)(8936002)(4326008)(8676002)(6862004)(26826003)(81156014)(81166006)(9326002)(356004); DIR:OUT; SFP:1101; SCL:1; SRVR:VE1PR08MB5200; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 428b242c-0604-4bc0-67f2-08d7c4649995
X-Forefront-PRVS: 0337AFFE9A
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: F2FHIxlTlE5syTU6Q8p0iWrMIdCsNRghS+piTk0WaDPeKPErl7sXFuSiE+xCooWcO6wNVODb2jlI4dSTMgXV3xiUqJdtG+1vBk3Iz1SxmQkpY5ti2R1RF6F+1wB8LnS3zUaXLjCDzI+dro0jOPL7UAegTnWijF+9/Gifmre/WfeVwZEj2ILQdgNy1mhCDQdarJJS2Fdox+qBD3kPWQQFW1guZfN+UN1+9+JBqoGD81kOiHUjBmaCkJuOumau7kkK7VPeW5VfwtCIViXCLIduvC+8mw5HJUBU0sNo7zJo1ym8dfJOmt3xAXJ05OpbQ0hN99oArjompZ2vTWqMDAwv4kaYyEbGOK7Z3KoQ7te//t1EzZichlTISKW/jVxnNUf8Cd7mFLtVBAiXvY2OU+z1/B1EkbD2Rj2tdAQ8Ot2get6X5kA2NF7oZG6ly4ct2jCt
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2020 20:01:11.9234 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: d4d48e16-ae4d-405d-3b60-08d7c4649dde
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1PR08MB5200
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/qteVUVkt93Q0DvF2QpYgAsoHdkU>
Subject: Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2020 20:01:30 -0000
Hi Cigdem, Following the OAuth virtual interim meeting call today I wonder whether it makes sense to describe how the key transport with the PoP token using the communication between the client and the authorization server over the HTTP interface works. Ciao Hannes From: Hannes Tschofenig Sent: Friday, February 28, 2020 11:08 AM To: Cigdem Sengul <cigdem.sengul@gmail.com> Cc: ace@ietf.org Subject: RE: [Ace] draft-ietf-ace-mqtt-tls-profile-03 * I plan to join. I have been aware of the issue, but could not follow how it was planned to be resolved. * I was looking at this: draft-ietf-oauth-pop-key-distribution Yes, that’s what the group wanted to do. Now, new ideas showed up on the radar that are incompatible with that approach that offer a much tighter integration with HTTP signing. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Ace] draft-ietf-ace-mqtt-tls-profile-03 Hannes Tschofenig
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Cigdem Sengul
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Hannes Tschofenig
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Cigdem Sengul
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Hannes Tschofenig
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Jim Schaad
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Hannes Tschofenig
- Re: [Ace] draft-ietf-ace-mqtt-tls-profile-03 Cigdem Sengul