[Ace] Eric Rescorla's No Objection on draft-ietf-ace-cbor-web-token-13: (with COMMENT)
Eric Rescorla <ekr@rtfm.com> Wed, 07 March 2018 20:40 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 929F1129C6B; Wed, 7 Mar 2018 12:40:00 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Eric Rescorla <ekr@rtfm.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ace-cbor-web-token@ietf.org, ace-chairs@ietf.org, kaduk@mit.edu, ace@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.74.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152045520055.17654.5520380651718604431.idtracker@ietfa.amsl.com>
Date: Wed, 07 Mar 2018 12:40:00 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/FJz4IiQxdj-PrIcWItbUKkIED8k>
Subject: [Ace] Eric Rescorla's No Objection on draft-ietf-ace-cbor-web-token-13: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 20:40:01 -0000
Eric Rescorla has entered the following ballot position for draft-ietf-ace-cbor-web-token-13: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-cbor-web-token/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- The claim values defined in this specification MUST NOT be prefixed with any CBOR tag. For instance, while CBOR tag 1 (epoch-based date/ time) could logically be prefixed to values of the "exp", "nbf", and "iat" claims, this is unnecessary, since the representation of the claim values is already specified by the claim definitions. Tagging claim values would only take up extra space without adding information. However, this does not prohibit future claim definitions from requiring the use of CBOR tags for those specific claims. Why do you need a MUST NOT here? This seems like not really an interop requirement 4. Verify that the resulting COSE Header includes only parameters and values whose syntax and semantics are both understood and supported or that are specified as being ignored when not understood. I'm surprised to find that this is not a generic 8152 processing rule. Can you explain why this is necessary here?
- [Ace] Eric Rescorla's No Objection on draft-ietf-… Eric Rescorla
- Re: [Ace] Eric Rescorla's No Objection on draft-i… Kathleen Moriarty
- Re: [Ace] Eric Rescorla's No Objection on draft-i… Mike Jones
- Re: [Ace] Eric Rescorla's No Objection on draft-i… Eric Rescorla
- Re: [Ace] Eric Rescorla's No Objection on draft-i… Mike Jones
- Re: [Ace] Eric Rescorla's No Objection on draft-i… Eric Rescorla
- Re: [Ace] Eric Rescorla's No Objection on draft-i… Kathleen Moriarty