Re: [Ace] I-D Action: draft-ietf-ace-pubsub-profile-08.txt
Cigdem Sengul <cigdem.sengul@gmail.com> Mon, 23 October 2023 20:38 UTC
Return-Path: <cigdem.sengul@gmail.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72660C16F41F for <ace@ietfa.amsl.com>; Mon, 23 Oct 2023 13:38:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XZmvl2LF7edX for <ace@ietfa.amsl.com>; Mon, 23 Oct 2023 13:38:12 -0700 (PDT)
Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com [IPv6:2607:f8b0:4864:20::42d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3118DC1519B1 for <ace@ietf.org>; Mon, 23 Oct 2023 13:36:11 -0700 (PDT)
Received: by mail-pf1-x42d.google.com with SMTP id d2e1a72fcca58-6ba54c3ed97so3624396b3a.2 for <ace@ietf.org>; Mon, 23 Oct 2023 13:36:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1698093370; x=1698698170; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=A4qsmCCZ/krRfPgfA9+mVRVJd2AlkNBfG8QRYHFhOek=; b=hbUXHfV1/TDgPbPN3xVsMoAkpsTbqA7ZK9hn4D/WRuxNU919k+WSVamu1UdTdhBONN 21pGSjgsVsmVF4DXUvKMnXd1bWUdjOmk5RVbGUlJb7VbpwelS20OiGruyb53It8WSWpJ e9HM4yWMCIC5BtkERgoHcypJa1BnbDKvjAoO2xWK1+j5NL4HGby0iaF0eQpKsGqqzUeW GqKWgdrhN7+1w6JfRaZkHf4aXYOAg1gMjKsoK2PzuVlvYUSHzssP5WiusQRrPsMUNPl7 ZcRdB2swTyKg8UkCsEHffk8yP0931gx1hunZ05wfCc9WHkO79HfR6V5mh+wxPidt05nT g5wQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698093370; x=1698698170; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=A4qsmCCZ/krRfPgfA9+mVRVJd2AlkNBfG8QRYHFhOek=; b=py3ameVK6XCQ1ds0zTHdus1dhBepiutAMLwS6A6rQDdtXZWq9A3ydntiTA9AU3Fl0z E8MEWn5NbKYs/AJs1KBqYyHHLTP0xYDZ5ZrRmmu3Ms+OI7ECaQeQefT7SD5I03YwH+3w hbkON5sbc19Aac1ZGyXRsM6sdiMnSkcQOs4YamcMTyVC1+u2Z24QpuKpDzrTVPnIxx/r tz54xqTwjeMgpD/W9UKpNdURgtPLbZ+O3YnaB/+qTRQ5frzjQgWZ1/odJ6EZg5LQX1lo FiBwWqv42CCN2+FPw/fl1147tHXaLfOOpaL88bXIzmvkgU7eoph3rY6biuwUJp1HLPKO XDOw==
X-Gm-Message-State: AOJu0Ywkxnjeie9rJ19LunBCfxx/m2qSFvhLwGXX5pD+JmZl8WFkS4L2 9wOc5xHcPv98OXKrM5k40StK9nd6b6x1q5de2sJ/HqdoYzY=
X-Google-Smtp-Source: AGHT+IFjNgPYzXutMWs8TREpegczfp2rVZXzJEfD0aplNH+R6UpZDiiekHHn922bEo+gpSgYxXdhgWlDzTEhtwS3tW4=
X-Received: by 2002:a05:6a00:2daa:b0:68f:b5cb:ced0 with SMTP id fb42-20020a056a002daa00b0068fb5cbced0mr12240523pfb.34.1698093370430; Mon, 23 Oct 2023 13:36:10 -0700 (PDT)
MIME-Version: 1.0
References: <169809317969.63820.8962491143963645261@ietfa.amsl.com>
In-Reply-To: <169809317969.63820.8962491143963645261@ietfa.amsl.com>
From: Cigdem Sengul <cigdem.sengul@gmail.com>
Date: Mon, 23 Oct 2023 21:35:59 +0100
Message-ID: <CAA7SwCPpiiD09uYSVN1_yUEubeiD-Vni7shL7CGAi8TPqHxypA@mail.gmail.com>
To: ace@ietf.org
Content-Type: multipart/alternative; boundary="00000000000023d9e90608682c64"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/EVo4WcY2y770dU0rYtGXNkmeiC4>
Subject: Re: [Ace] I-D Action: draft-ietf-ace-pubsub-profile-08.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Oct 2023 20:38:16 -0000
Dear Ace,
The new draft has the following changes:
Version -07 to -08
* Revised presentation of the scope format.
* Revised presentation of the Join Request-Response exchange.
* The 'cnonce' parameter must be present in the Join Request.
* The 'kid' of the group key is used as Group Identifier.
* Relaxed inclusion of the 'peer_roles' parameter.
* More detailed description of the encryption and signing
operations.
* Defined construction of the AEAD nonce.
* Clarifications and editorial improvements.
Thanks, Marco!
--Cigdem
On Mon, 23 Oct 2023 at 21:34, <internet-drafts@ietf.org> wrote:
> Internet-Draft draft-ietf-ace-pubsub-profile-08.txt is now available. It
> is a
> work item of the Authentication and Authorization for Constrained
> Environments
> (ACE) WG of the IETF.
>
> Title: Publish-Subscribe Profile for Authentication and Authorization
> for Constrained Environments (ACE)
> Authors: Francesca Palombini
> Cigdem Sengul
> Marco Tiloca
> Name: draft-ietf-ace-pubsub-profile-08.txt
> Pages: 48
> Dates: 2023-10-23
>
> Abstract:
>
> This document defines an application profile of the Authentication
> and Authorization for Constrained Environments (ACE) framework, to
> enable secure group communication in the Publish-Subscribe (pub/sub)
> architecture for the Constrained Application Protocol (CoAP) [draft-
> ietf-core-coap-pubsub], where Publishers and Subscribers communicate
> through a Broker. This profile relies on protocol-specific transport
> profiles of ACE to achieve communication security, server
> authentication, and proof-of-possession for a key owned by the Client
> and bound to an OAuth 2.0 Access Token. This document specifies the
> provisioning and enforcement of authorization information for Clients
> to act as Publishers and/or Subscribers, as well as the provisioning
> of keying material and security parameters that Clients use for
> protecting their communications end-to-end through the Broker.
>
> Note to RFC Editor: Please replace "[draft-ietf-core-coap-pubsub]"
> with the RFC number of that document and delete this paragraph.
>
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-ietf-ace-pubsub-profile/
>
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-ietf-ace-pubsub-profile-08.html
>
> A diff from the previous version is available at:
> https://author-tools.ietf.org/iddiff?url2=draft-ietf-ace-pubsub-profile-08
>
> Internet-Drafts are also available by rsync at:
> rsync.ietf.org::internet-drafts
>
>
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace
>
- [Ace] I-D Action: draft-ietf-ace-pubsub-profile-0… internet-drafts
- Re: [Ace] I-D Action: draft-ietf-ace-pubsub-profi… Cigdem Sengul