Re: [Ace] Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08

Mike Jones <Michael.Jones@microsoft.com> Fri, 18 October 2019 22:57 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2031120046; Fri, 18 Oct 2019 15:57:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n5hDE2nQNR1h; Fri, 18 Oct 2019 15:57:09 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-eopbgr640139.outbound.protection.outlook.com [40.107.64.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3B3312002E; Fri, 18 Oct 2019 15:57:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kXtJSWQToWxlHhloq3qJLVOCUTclkiNOAv3RTYCHpvepKtCYGhh64rvKHydC+qp3hy1N/IvBTHLPazbpbHwLaDmNX5KtmZi+DO7/lui1leIOBF2h7c+TxFYzaBQt6SL9kcyWiqwAiMeSF7Af1QSRJnXAK4ZAmfBAIfAGxiBaXuI15gS10ilp5dk3lGaxC+dv02IAJ3/dGD9oZFMkb1hyMZyF/NpZN8uLoMhFzPaBZnvXNgKri9OHkOGfF4rOiGCHtBGmF6z0nuu4bq7creQ4ut9VYbftYYDmtOwCF+/Fmu1TbhUT84sDtLrmuLbK7vXqdfzI53Dtvp7IkO6LAZ5QUQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0zxSUOs9pgfdqVAR6yZw1aXiwtJ1tMW79BI1ZqUJiQM=; b=gNe7H/V96efW7JAgaShfBvpzA/ULrYdw/yg//J0jGsQ7/JFMBJp3zokYkHl8k93N7znJJG6fchWu83dpoaF3K9JPWk5g5yWAwUOL1D05PkG5kDxSzCo6huuEuZ7r9B9OsQiFRDtWVCgzeWlv0p+yv4Rq9u+ldoSaX/yXY6yPaFllQBUBaIF/IBza1Ne09iqFX5B9CUga5+AO+hinILXadgRdtys3SEL/MGvLjTVdH+QTp7pNI58WUb3vrlS9y+EmYRNHR4jTkCWuhSDlicO+dzToj8Wb5euL4N18bQ0zyS+5L+MWwZKR4yMeExo+KsTYCm380aJz8xrH/mekmL6EpA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0zxSUOs9pgfdqVAR6yZw1aXiwtJ1tMW79BI1ZqUJiQM=; b=A41ksEY/0nBZRiA9jVfQ7g9pV6qvUuKGJAAX5vJqSTsoXam3tjPMmFzEGIiHqvsVDQkw3hslXwU8JmeyasrMm2njAzNCx/rtC/tLfAxw38yKhogKlvF0zOSVk6veFukTTLBdmbch0nmEwbLhwWW9vIo1xLVdTCDwAjLXddjS/fo=
Received: from BYAPR00MB0565.namprd00.prod.outlook.com (20.179.56.23) by BYAPR00MB0565.namprd00.prod.outlook.com (20.179.56.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2403.0; Fri, 18 Oct 2019 22:57:06 +0000
Received: from BYAPR00MB0565.namprd00.prod.outlook.com ([fe80::4d8f:c1b3:70d4:2de4]) by BYAPR00MB0565.namprd00.prod.outlook.com ([fe80::4d8f:c1b3:70d4:2de4%5]) with mapi id 15.20.2403.000; Fri, 18 Oct 2019 22:57:06 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>, "gen-art@ietf.org" <gen-art@ietf.org>
CC: "draft-ietf-ace-cwt-proof-of-possession.all@ietf.org" <draft-ietf-ace-cwt-proof-of-possession.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08
Thread-Index: AQHVettbQ32ECifdD0O+TX7Aa2ifMadduf7wgANeELA=
Date: Fri, 18 Oct 2019 22:57:06 +0000
Message-ID: <BYAPR00MB0565E923C1482C57AFDAF0C5F56C0@BYAPR00MB0565.namprd00.prod.outlook.com>
References: <157021105722.1446.14439223392992273252@ietfa.amsl.com> <DM6PR00MB0569B15A50D4CA0EEA4B4DECF5920@DM6PR00MB0569.namprd00.prod.outlook.com>
In-Reply-To: <DM6PR00MB0569B15A50D4CA0EEA4B4DECF5920@DM6PR00MB0569.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=92595862-c8a0-449e-9d88-0000d093eac5; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-16T19:28:15Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [50.47.93.218]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c4c9918e-fe71-4dd0-4934-08d7541e7fea
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: BYAPR00MB0565:
x-microsoft-antispam-prvs: <BYAPR00MB05652283443DEF6B329B11CFF56C0@BYAPR00MB0565.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01949FE337
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(376002)(366004)(136003)(346002)(396003)(39860400002)(199004)(189003)(13464003)(64756008)(10290500003)(11346002)(14454004)(66946007)(316002)(54896002)(66556008)(2501003)(55016002)(71190400001)(6246003)(6436002)(71200400001)(10090500001)(606006)(476003)(76116006)(4326008)(446003)(99286004)(22452003)(110136005)(478600001)(66476007)(54906003)(6306002)(9686003)(966005)(236005)(66446008)(8990500004)(486006)(5660300002)(256004)(8936002)(26005)(66066001)(52536014)(229853002)(14444005)(76176011)(74316002)(2906002)(7736002)(53546011)(6116002)(790700001)(3846002)(7696005)(33656002)(6506007)(81156014)(81166006)(8676002)(186003)(102836004)(86362001)(25786009); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR00MB0565; H:BYAPR00MB0565.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 2XJKOoqMknPILxO6yUA/gdmUApD64Y8WOv9u5ezg9N1jbXagU8MO4oCHqjK2KPZSo4jzsS8twotS3kxHYXdwRk+GouBiyomz8RdvRXiMFMMJkC/Iv7wt+2A1dvkxb72CV4dK+bOQexOJUYKvEMUCZ2XLiJUyt1aGnuHqP7VmKCCzcnBIrdDr1jS1VQK/l9p/DSIQNBBvAtzFsUAX3x+nI0I814lm4XVgy+OiFFFUA4U6WLburuMavDza0r0V2mKwKCH7b8vln3Sb4jDW2QjxXrJGTW2v4n+wUI2n8OfzYNvHSHaXwiJse4B1NPkNADPbkhpDrW/Zo4vokVHj0dCq78A8efwDyJO62HsQaMQnhtYwz4OMWER8et6uYYdEns7ZFQmIJW7uCwHMnLd2ZZMlr37Ogyb5U/CBtjoLyZuVnZE=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR00MB0565E923C1482C57AFDAF0C5F56C0BYAPR00MB0565namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c4c9918e-fe71-4dd0-4934-08d7541e7fea
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Oct 2019 22:57:06.7187 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZUY03MUi3IfRZwM6n6mxwaErczD5EUv74a1kGu/wRjSoi3B5O9BEoEdvlPnrQgFnF1JH2VwhEvViwZzXMjH3sg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR00MB0565
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/G_k9D8m-2e-Jc-_-gvwYhiU7vuE>
Subject: Re: [Ace] Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Oct 2019 22:57:13 -0000

Hi Christer,

https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-09 has been published, which addresses your review comments in the ways proposed below.  Thanks again for your review!

                                                       -- Mike

From: Mike Jones
Sent: Wednesday, October 16, 2019 12:40 PM
To: Christer Holmberg <christer.holmberg@ericsson.com>;; gen-art@ietf.org
Cc: draft-ietf-ace-cwt-proof-of-possession.all@ietf.org; ietf@ietf.org; ace@ietf.org
Subject: RE: Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08


Thanks for your review, Christer.  Replies are inline, prefixed by "Mike>"…



-----Original Message-----
From: Christer Holmberg via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>>
Sent: Friday, October 4, 2019 10:44 AM
To: gen-art@ietf.org<mailto:gen-art@ietf.org>
Cc: draft-ietf-ace-cwt-proof-of-possession.all@ietf.org<mailto:draft-ietf-ace-cwt-proof-of-possession.all@ietf.org>; ietf@ietf.org<mailto:ietf@ietf.org>; ace@ietf.org<mailto:ace@ietf.org>
Subject: Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08



Reviewer: Christer Holmberg

Review result: Ready with Issues



I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair.  Please treat these comments just like any other last call comments.



For more information, please see the FAQ at



<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.ietf.org%2Ftrac%2Fgen%2Fwiki%2FGenArtfaq&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C4ffc136d2e014bc995db08d748f27b79%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C637058078607739810&amp;sdata=Lusqkbg276AKiI%2Fd5MNEMGYKLcP3y%2FfrHP5L1u6UqYw%3D&amp;reserved=0>;.



Document: draft-ietf-ace-cwt-proof-of-possession-08

Reviewer: Christer Holmberg

Review Date: 2019-10-04

IETF LC End Date: 2019-10-09

IESG Telechat date: Not scheduled for a telechat



Summary: For most part the document is ready, but I have a few editorial comments and an issue.



Major issues: N/A



Minor issues:



The text says in the Security Considerations that one must ensure that the might not understand the "cnf" claim, and that applications must ensure that receivers support it.



Q1: How are you going to ensure that, and why do you have to ensure that? RFC

8392 doesn't even seem to require that one must ensure that the receivers support CWT.



Mike> I agree that this text isn't actually actionable.  I propose that we simply delete it.



Q2: For receivers that do support CWT, RFC 8392 says that unsupported claims must be discarded. If that can't be applied for "cnf" I think you need to explain why.



Mike> The RFC 8392 requirement does apply.  This is also aligned with the text in 3.1, so I don't think there are any changes needed to the spec for this.



Nits/editorial comments:



Q_ED_1: Please use [RFC8392] instead of [CWT] when referencing to RFC 8392.



Mike> OK – will do.



Q_ED_2: Shall CBOR be enhanced on first occurrence (in the Abstract or Introduction), or is it on the list of well-known abbreviations?



Mike> I’d be glad to expand it to enhance readability.



Q_ED_3: Add a reference for CBOR map on first occurrence.



(I was looking in RFC 7049, and while it mentions maps in many places I could not find a proper definition for "CBOR map")



Mike> Sure.  I can add a reference to Section 2.1 of RFC 7049.