[Ace] Re: AD review of draft-ietf-ace-key-groupcomm-oscore-17
Marco Tiloca <marco.tiloca@ri.se> Mon, 06 October 2025 14:57 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: ace@mail2.ietf.org
Delivered-To: ace@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7DC7B6DFF7AD for <ace@mail2.ietf.org>; Mon, 6 Oct 2025 07:57:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=ri.se
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mOIjqoKrFGEx for <ace@mail2.ietf.org>; Mon, 6 Oct 2025 07:57:27 -0700 (PDT)
Received: from GVZP280CU001.outbound.protection.outlook.com (mail-swedencentralazon11021135.outbound.protection.outlook.com [52.101.81.135]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 8B7F66DFF7A4 for <ace@ietf.org>; Mon, 6 Oct 2025 07:57:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=oO4hv1cgI/HB7dM3nmRPm2/LT/hb3NLnSOEGD0l3E4b1tG1kUmhvjX9W/RmZKqC11MzCilLy4hlqyXcHX03PDHPWeIW69+McmYjU6cB9l2+IzYcgI4XDlvCnSR89keU3eWy+FUPzMRLkTQP6fUAdMe4rDBTLtwbMNj5XlCbF/Ax+2eoSnTpzQ1/0vKaAELTVqQlOF62MXkVpxAOgmRlaB83vUE5WAOaXoRdKS4J5AR1sQ5jDN5d5mgme6bS14MYWHXBHtYc+YEyUARAn7bLwpQd7HqewdEExLthpd5ep2egbCTvbFDU3myw1iksZ8/9LWzwaP3qP4ZBj/iY7mdonUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zqiB7n5cTVzm8K7+J6fS6OehW2songEw180ZUklwEA4=; b=uD8k1Ew6BXIw2f3yI5O4fiFNnMHCUPaYcTJPgHu68MUGJf02goks48TEMOpSeJcEJbYXDc7QLIIADvNGWgYUm9qgeMDJaJ57JtcjGx1OV6oM+Ewaw1DeEk485nX7Efea1YqIrtyyDacB3ht087csc3N7qAiQmQWxJTNjIXLbh9nPZKKj6W2PAaFpYljdm5LEpKvZ52xEKshkXJOVV+Osa6L1c3Ucv83XLvuSvcC0UioNaZwFa5et6OFcalp2XOW4haZIcSAWza0FOX3kXZZndtakC2x+h699FuhCU1kVwDLwjHQClhtR+vBkZzrukxN6ZG0UZWAu4yzIEQTOO26gHg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zqiB7n5cTVzm8K7+J6fS6OehW2songEw180ZUklwEA4=; b=I9OZL3lAZbxKplPq1iJyfegpK0O7UQL5YySGqOkEuUnuj4AxaOqegilG2i4lHnqvhGW13B/MoReUdlSTg89uCzTWXwtrii4Zp7uYak76HKL1OOZT1kZpwliYX0PTUuapuc+n+657Neh3fshR2xPgIhCkyij+k5Vy4KXdk0KXdWNXmSmLwYgCJi5xl0w6WMBT0qpxDS58VNq7PF+Tk0dg+W3O/b/ADIUwE+ofDoGcV7CdvTOSQWZnhZn42As+fFUYACC4RzTdIyxg+M/Heql47gBGCaPla7y/9TGPgRR9zm8v6WzCwE8HPkrbCsgCc++u1gEV/BmTTW3uogoC2SFaCQ==
Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17) by GVYP280MB0222.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:36::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9182.20; Mon, 6 Oct 2025 14:57:18 +0000
Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::b1d3:d63d:ce0b:3f70]) by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::b1d3:d63d:ce0b:3f70%6]) with mapi id 15.20.9182.017; Mon, 6 Oct 2025 14:57:18 +0000
From: Marco Tiloca <marco.tiloca@ri.se>
To: Paul Wouters <paul.wouters@aiven.io>, Francesca Palombini <francesca.palombini@ericsson.com>
Thread-Topic: AD review of draft-ietf-ace-key-groupcomm-oscore-17
Thread-Index: AQHb+gzBwpIVnVpqC066gqt2DpzvvLR4O0aAgBYXQICAJ1sHnA==
Date: Mon, 06 Oct 2025 14:57:18 +0000
Message-ID: <GVYP280MB0464A7E8FE537C90EBC065C899E3A@GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM>
References: <CAGL5yWY+YK_GDwv2oYSaJ22kzRvA8d2gLzUsLSCfyznqCzb1_Q@mail.gmail.com> <PAXPR07MB783847E8A89F93529BB76481983BA@PAXPR07MB7838.eurprd07.prod.outlook.com> <CAGL5yWYh4mbfwCqKt=FShPcScDVLf16p3PH9De=x-1-=bc-3OQ@mail.gmail.com>
In-Reply-To: <CAGL5yWYh4mbfwCqKt=FShPcScDVLf16p3PH9De=x-1-=bc-3OQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_Enabled=True;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_SiteId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_SetDate=2025-10-06T14:57:18.226Z;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_Name=K2 Intern;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_ContentBits=1;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_Method=Standard;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVYP280MB0464:EE_|GVYP280MB0222:EE_
x-ms-office365-filtering-correlation-id: 1b901077-03a0-401d-3b80-08de04e8a563
x-ld-processed: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|19092799006|8096899003|13003099007|7053199007|38070700021;
x-microsoft-antispam-message-info: 0w5pEzbcrkyt3yZ8xHjHFpV9BWIy/N9Jjn+XENUU33FkaU/4nQkkt5GOTvLspP+INEl8R5Uf7e1P9eAmewNLux7N9FgIz7ZuTnm7STfRolINUwuTAaa5+OUBtT2cdN9FzDM0VJ81FROVqPANXC1TU/R7OKVVsMyWG3Y5rPzjuzs0gEUfxHod3yfi4whC6N9qJ/Dca2Z5IjouyCm0uy2VpeFkiZb3WKD0ntUZ1HucO+KeFm/gbk7jZ7rGfOC5DObXSjGBfdFq4RRY0xYqVim+CxNu5bL2thB2tVy3vPcy3ocxntdKnBh3WJGu0CWUDc7iDVe/AswziuXLT7xoaIgz5eKoLlLuQMRNNHGEtzHe46WhZcB3SxkKV1JLmXc5MliLYBpk2yHjCT9LE5bINDB+AIVOROgoROpBMkXuuPtEjdJjVnM/Y4wVg3EH8F69jTvYUzl9AGxNLpter52awSIL87qUrpXEyK7WLpaDhIyKNXlMho3923ymYvChzdC4SUCCMdYBeiXi/dwDfg3F2G2DAqdDyFOWhlhNJlDm+enjTs0NZMhOshH0te/DCAywP+2F750m8VS4ctUhpf4BCd08lCS2ZwaDqw63O5aBkrPqN6AXCEA4AtwYEP9X40x9yBYkRpLOiRW69t3uh519NdVLhF/yOSVB+3OKS3996jpVfCODQoo7nwU4Y9xbdHaWovq3kIQp8omY3O6d/trBzAjZXqkXg/QEVWN/nWEg1Uf3vs+GHUIVQDhDxyS2mS/5FE2a5gRn1eOK97wOlv1cDm0agQD+Rze3W63eTiYPU7IN/HPA4qOQzAS3VmPJoM+/vh4gf/ofkIHv23wt22HSWe+wb80sNcq12V/qH6HEWfrv2Bfz3TbUjYzpm8n2tURuvzYyy1unXGn0EYSg9Tc6kRm1/v87qBaI49dh3hJM6nzzdWJ4nzvK8X1stEr61/U8xKj7XiyYN6vXfZ8ELagM0B/cbwn0EvZVMU+EIqejHR3udvtI70TOO+nS4JBtzpNVVyiueiChGXOZyRldHvkY+jK/BGgdZv6juCSB8yGVbh6aioosyBrd8xVFLwWe51MDF89Lm+rRc03+LOTi4GVQ3OUoHrNhzH4WnJ3niyAkhB0Q9q4gjRsWR7+UemEyFeyOj5+dmHQu1rCx2prAsxXrAdHk0CEBodnAG32OWeMaudsOkLcrz2iAvpOOx3EP9Y6XocZtznyjo2sqb0eQS+lyotvB5SsDGy6m8XG03iPtHB7pFdSAQ19i80JhUgtxnvE2VZxTzEnInGayVgb5lbXAzOvX2uz+8m38DRU4GOTIfe7BwHeRme0Pg+9EGqVk3G775t+cX1rHDLgeUompU/h7hE2IUHLEswF06e2Vi6RfAsGYBtSYCQ5iQuN1Qr6x6ZCFCkvHXqB1EABq8YtnVw85FqGfvFBKK0Narhvgu+wW/9Gu69ZgjmqyMInliPhL+vApZFBjpQzTqweGsmpCawx8mh1EuU6M/RmmqZRFM4maGFrH4B9OaP6bYjffpFL1x+k4Vwuoe1hma8tepuzHkxua8+Kf4w==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(19092799006)(8096899003)(13003099007)(7053199007)(38070700021);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 2j2kvjd2oOc9cHC/WdqJkyHDXHYSF6koJfjcrgZd2YarRSUg0XNcgnv5SedtBkmGCuhtkRNtjiioHxKWkRoTO72JW9CaG+qpnyZprUAiOq0E6LeSEBFbBBfU/58lLLsPFXGDtqW98OHF3GfwNhyjPUzDQ7HfEn3NK74TVF6cA1tcEr/JEvuzFt3P5jCdeKeybWW389EMyinUBehZH2cnATct69TXULeWHBnYjnzeOxh3NiVPE7pDunK56Tl/nUhaWaCI7Xf1EHzn5YipJ8oZWQSxlpJ0/FM1RocUHgWkEg0IpCRBDVhDq2cArFxIdHj9hRQR6sOXbKm3gmJxI+3KGLIRHaAVKmNGNGbtBzss5TCrnpLjFtMnLkz32x/4n5xoFRTz4FM0/lvTn9EwNK6kOd4qEcqkc683O7qVqarztpoF8REDbkY9L2RRgeBTfkz68iCGEgLPAQ/Qky+u1aZ5LnODMZciJStrEn2KUz3HG9uBlnfG3kcRlkCUHJRzJWgfPUJhYv3GoD9e77CEZsCfYKGyp6+v4wLN8vRXwUMfjSkiIcgeZfg00+9bg3W1oOGUqE9D1ArjwfH5mZ40mT1pFuZD6VOy/EIthlP1udJhbhtaakFvNXGSgx0o45ZTJY1TwnkmKDR4VqTPkbur0zxVddIPfmfzTL5s6g+yLTvIO7biuYscU6g2G9VBXtw3rfx9dHeIkrdDvW9nCAjQK4OfV5TS4mr7p6w39FW9XU141TU5F1hvm3smt+RgolRNc9CWjej2/v/s+3vU3hK28+2/YNo4bmflML5kV0+Tylc2xo/RaRzG4EX5m7ODLX5sypxy77SNZn9mZKVEUeKv7W1FGjQfXZ4skUCLWycFYBhIctQJprTWXG2v9/CkGeZoqy6JmrHudOQ4UxzWOOB3yZNe2E5s+paeNgCdsXEH3XcOP/h3ed1aAwZZYDUjIJgBBGZu6LMMmdvvg3bEjgAXsQqTesNB12rC4sQ4O8uG3Sorwm81ahO0pMUsWK0UiLc9ZQ5z/WMo0bdCwf1icEgohD2GbdNokKWfdOhDy0F6KhOhbjThzZwhKNidOzG4YdrQbAz0yylAfnE27WDn05IxKF65Ipcx23IQJQjyyaDCQB7lS5Ueq3r+1cBAB/9imjAVBelzNRj+rD8LqQai6YE9uV/usD2yttClOt2SfPlmPTVvNKH3+aj/9W8CCaySGXn5IPU6llS6haQZ4vmBLiQSzy3kbJEr+sk8ZDPZzcUYdmRMeWRtgXIpvogF14s2CWUfZrfAbG416iZc3n0lHcoTzDKBgrR3ZTodCBdReQY1NvTwDEhO3+VztM0kR5ku8n4rPf221+wZDh6V01hLfklxlc2L9Yodj2ag++DADTKQVSKFhH9gcjmOHRUS7ZHqEQhzkrxXcKPl/4d2J9eLKAezP6fbdVDiLaEcM7I2wh+Sq7ZD3Z1hp5vs+pbU2j0g68sfVEY2ZqkI4Nl7DDOBEy+FCxBeiLDLKoXE+qJiKIJDlq2hS7sfqg6DuSjXQ8KR631PYO+iTxiE/ZxoibVsTyLb93l4YL4f6bgfJv5jWPjchjVgKAX6noZ7LQsI4rMXVP8anFmU
Content-Type: multipart/alternative; boundary="_000_GVYP280MB0464A7E8FE537C90EBC065C899E3AGVYP280MB0464SWEP_"
MIME-Version: 1.0
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 1b901077-03a0-401d-3b80-08de04e8a563
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Oct 2025 14:57:18.6506 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /R1sjN0mJCa1wdcldlZPmxLenCRGl46XhXm9z4Q6iVgtZ8dHy3DTuqem9MBTh1aLnzFA9lVHp2kjIuW2nuLi0A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVYP280MB0222
Message-ID-Hash: 4QUJBTKD247UMBXWODTTXB4QGMLIQE6O
X-Message-ID-Hash: 4QUJBTKD247UMBXWODTTXB4QGMLIQE6O
X-MailFrom: marco.tiloca@ri.se
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ace.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Ace Wg <ace@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Ace] Re: AD review of draft-ietf-ace-key-groupcomm-oscore-17
List-Id: "Authentication and Authorization for Constrained Environments (ace)" <ace.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/GbK2_LUWczMAWPuXFEO6039SD50>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Owner: <mailto:ace-owner@ietf.org>
List-Post: <mailto:ace@ietf.org>
List-Subscribe: <mailto:ace-join@ietf.org>
List-Unsubscribe: <mailto:ace-leave@ietf.org>
Hello Paul, Thanks for the follow-up comments. We have been addressing your latest points in a new Github branch at [1]. Please see inline below the specific commits addressing each point. Best, /Marco [1] https://github.com/ace-wg/ace-key-groupcomm-oscore/tree/ad-review-2 ________________________________ From: Paul Wouters <paul.wouters@aiven.io> Sent: Thursday, September 11, 2025 3:52 PM To: Francesca Palombini <francesca.palombini@ericsson.com> Cc: Ace Wg <ace@ietf.org>; Marco Tiloca <marco.tiloca@ri.se> Subject: Re: AD review of draft-ietf-ace-key-groupcomm-oscore-17 On Thu, Aug 28, 2025 at 8:32 AM Francesca Palombini <francesca.palombini@ericsson.com<mailto:francesca.palombini@ericsson.com>> wrote: Thank you very much for the in-depth review, and apologies for the delayed response. We have submitted a new version that should hopefully address all your comments. Thanks for the extensive response! I've cut all the things we agreed on. > Section 6 > > > it is RECOMMENDED to use an 8-byte long random nonce. > > Can 8 zero bytes be used? I assume not? So perhaps this needs to > say a little bit more? Or perhaps this RECOMMENDED is a MUST ? We are not sure to understand the comment. I was not sure whether the RECOMMENDED bound to "8 bytes" or "random bytes or "8 random bytes" and what would be "not recommended but still acceptable". Normally nonces are a security thing and there is a minimum requirement. Eg if you say: It is RECOMMENDED that the random nonce is at least 8 bytes Then the random part is a requirement, and one cannot use 8 zero bytes all the time. Your above text does not make it clear if the implementation cannot always use 8 zero bytes (not recommended but still okay) Since the nonce is randomly generated Is it? Or is it only RECOMMENDED? :) If the question is more about recommended size of nonces, those implications are discussed in the security considerations (see Section1 15.2). So perhaps my phrasing above is better then? ==>MT Addressed at https://github.com/ace-wg/ace-key-groupcomm-oscore/commit/1e236bf14db0d92913663e7939e57b48532d20f7 <== > > In order to prevent the acceptance of Ed25519 and Ed448 > > public keys that cannot be successfully converted to > > Montgomery coordinates, and thus cannot be used for > > the derivation of pairwise keys (see Section 2.5.1 of > > [I-D.ietf-core-oscore-groupcomm]), the Group Manager MAY reply > > with a 4.00 (Bad Request) error response in case all the following > > conditions hold: > > Why is this a MAY and not a MUST ? Because, even if the group uses the pairwise mode, that specific joining node might not support the pairwise mode or might not plan to use the pairwise mode in the group, which is fine. Can that not be clearly indicated? Instead of the MAY, it would be better to state these differences? In such a case, unless the Group Manager is strict about that, the joining node will still be able to join the group and to use the group mode for sending messages protected with the group mode, signing those with its EdDSA private key, even though the corresponding public key is not eligible to be converted to Montgomery coordinates. Perhaps something like "If the Group Manager is enforcing [technobabble], it MUST send 4.00 (Bad Request)". ==>MT Addressed at https://github.com/ace-wg/ace-key-groupcomm-oscore/commit/a1d482e4abcee2f98a81f446d86b2eeb35203d81 <== However, your comment made us notice that this same handling should have happened also for the POST handler in Section 9.4 "Upload a New Authentication Credential", so we have added a bullet point to cover that. [ed01b52](https://github.com/ace-wg/ace-key-groupcomm-oscore/commit/ed01b52) > > The 'cnonce' parameter MUST include a new dedicated nonce N_C > > generated by the joining node. > > Is the Group Manager supposed to track this to enforce? If so, perhaps > explicit text for that should be added or else implementers won't enforce > this. The Group Manager is not supposed to explicitly check whether the new N_C is different from the previous one or not. It is in the interest of the Client to use a different N_C, in order to "salt" in a different way the computation of the proof-of-possession evidence for its own authentication credential and for the Group Manager's. Then maybe a MUST should be avoided here? I am thinking of an implementer that needs to justify with code and testcase every MUST, and you seem to indicate here that this MUST would have no code or test case since the Group Manager isn't supposed to check the freshness of the nonce? Maybe "the 'cnonce' parameter is expected to include a new ......" (but not a hill for me to die on) ==>MT Addressed at https://github.com/ace-wg/ace-key-groupcomm-oscore/commit/44063acb91b1652bc59ffa642e7dd6421724146f <== As these are all minor points and not blockers, I have started the IETF LC. Paul
- [Ace] AD review of draft-ietf-ace-key-groupcomm-o… Paul Wouters
- [Ace] Re: AD review of draft-ietf-ace-key-groupco… Francesca Palombini
- [Ace] Re: AD review of draft-ietf-ace-key-groupco… Paul Wouters
- [Ace] Re: AD review of draft-ietf-ace-key-groupco… Marco Tiloca
- [Ace] Re: AD review of draft-ietf-ace-key-groupco… Paul Wouters
- [Ace] Re: AD review of draft-ietf-ace-key-groupco… Marco Tiloca