[Ace] Re: Éric Vyncke's No Objection on draft-ietf-ace-revoked-token-notification-08: (with COMMENT)

[Marco Tiloca <marco.tiloca@ri.se>]

Hello Éric,

Thanks a lot for your review! Please find in line below our detailed 
replies to your comments.

Thanks,
/Marco

On 2024-07-08 12:01, Éric Vyncke via Datatracker wrote:
> Éric Vyncke has entered the following ballot position for
> draft-ietf-ace-revoked-token-notification-08: No Objection
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer tohttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7C3ae3b441cb6c462d16b608dc9f34fe19%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560297153739670%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=aRB53I1iswrQJfLW6u%2Fmkh6HebZXtsZZT4paI%2Fyz2QE%3D&reserved=0 
> for more information about how to handle DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-revoked-token-notification%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7C3ae3b441cb6c462d16b608dc9f34fe19%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560297153747463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=VifhUejrHyDCunuqeQzTqx895h4T%2F1tR%2B2ZViGTw%2FHw%3D&reserved=0
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Thanks for the work done on this document and thanks as well to Niklas Widell
> for his IoT directorate review
> (https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Freview-ietf-ace-revoked-token-notification-08-iotdir-telechat-widell-2024-07-04%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7C3ae3b441cb6c462d16b608dc9f34fe19%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560297153752971%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=X%2BAOU3QdMfZQxuVBsvzlRKrRCzjs%2BUFd99hZo7sQusA%3D&reserved=0)
> may I suggest to the authors to reply to Niklas' comments ?

==>MT

Certainly. Our reply to Niklas is archived at 
https://mailarchive.ietf.org/arch/msg/ace/lSE5vTfkzJueqmpGXKWvy5lCkRg/

<==

>
> Just a nit on this I-D: the text often uses Capitalisation, which is probably
> not required and is just an eye distraction (e.g., "Client" or "Server") and as
> noted by Niklas, some acronyms are introduced several times and/or never used.

==>MT

On the note from Niklas, we have addressed his comment when processing 
his review, as specifically related to the use of "RS" in the first 
paragraph of Section 1 "Introduction".

On the capitalization, you do have a point, and actually RFC 9200 uses 
the lowercase variants.

We will revise the text to use "client", "resource server", and 
"authorization server". That would also make the text consistent with 
the lowercase use of "administrator". Obvious exceptions apply to 
situations like section titles and figure captions.

In order to avoid annoying conflicts when merging the different Github 
Pull Requests, we plan to make this change as last when making the final 
editorial pass to the Editor's copy, before submitting the new version -09.

<==

>
> As a side note, I am unsure whether the whole section 3.1 is useful as it seems
> to repeat what is specified in other documents.

==>MT

Section 3.1 was added to address a comment from the GENART review that 
we received from Dale Worley during the IETF Last Call on version -06. 
The mail thread for that review is archived at 
https://mailarchive.ietf.org/arch/msg/ace/ETtaBMaSyoZKMD82kgG49P2cF9U/

As per Dale's comment, at that time the document was not describing the 
motivation for the specified construction of the hash input.

Building on Dale's input, we deemed useful to include such motivation 
and the considered design rationale, and we practically exemplified that 
with respect to the existing transport profiles of the ACE framework, 
together with surveying the CBOR/JSON and CWT/JWT variants.

Besides helping the reader in general, this sets the ground for better 
understanding the following Sections 3.2 and 3.3, and for guiding in 
using the method specified by this document.

<==

>
> Also, unsure whether using CBOR only on the TRL when the actual tokens can be
> CBOR or JSON is a simplification for the RS.

==>MT

In general, the same AS can issue both access tokens as CWTs for some of 
its registered RSs and access tokens as JWTs for other registered RSs.

With that in mind, right from the start we wanted to simply have a 
single TRL at the AS, as accessible by all the devices registered at 
that AS and simpler to maintain for the AS. Such a single TRL and its 
content/representation abstract away from the fact that a stored token 
hash corresponds specifically to a CWT or to a JWT.

The specific choice of CBOR is consistent with two points from RFC 9200 
that this document remains aligned with (also when dealing with other 
aspects). That is:

* The use of CBOR to encode exchanged messages is required if CoAP is 
used (see Section 5 of RFC 9200) and is recommended otherwise (see 
Section 3 of RFC 9200).

* The use of CWTs is a preferable option for resource-constrained RSs as 
well as the default case in the ACE framework (see Section 3 of RFC 9200).

Sure, in the case where an RS uses JWTs and communications with that RS 
are not based on CoAP, then that RS has to support CBOR in order to 
parse the responses from the TRL endpoint at the AS. This is reasonable 
for such a (presumably non-constrained) RS, and it is also aligned with 
other features of this specification that, per the same rationale, 
deliberately favors the use of CWTs instead of the use of JWTs (e.g., 
see the considerations in Section 13.6).

<==

>
> In section 6, is there a specification of an "administrator" in `If the
> requester is an administrator` ?

==>MT

The role "administrator" is intended here simply per its definition in 
Section 1.1 "Terminology", i.e.:

 > * Administrator: entity authorized to get full access to the TRL at 
the AS, and acting as a requester towards the TRL endpoint. An 
administrator is not necessarily a registered device as defined above, 
i.e., a Client requesting access tokens or an RS consuming access tokens.

... which is immediately followed by

 > * Pertaining access token:
 >
 >   - With reference to an administrator, an access token issued by the AS.
 >
 >     ...

The ACE framework (RFC 9200) does not define the concept of 
"administrator", as it is not part of the main workflow where a Client 
requests an access token from an AS to be consumed by an RS.

Consistent with the definitions above, the "administrator" introduced in 
this document refers to an entity that can have full access to the TRL, 
i.e., all the access tokens that the AS issues pertain to an 
administrator registered at the AS.

When addressing the IoT Directorate review from Niklas Widell, we also 
extended the definition of "administrator" in Section 1.1 "Terminology", 
by clarifying that:

 > An administrator might also be authorized to perform further 
administrative operations at the AS, e.g., through a dedicated admin 
interface that is out of the scope of this document.

<==

>
> Kudos for using SVG graphics ;-)
>
>
>
> Received: from MM0P280MB0101.SWEP280.PROD.OUTLOOK.COM (2603:10a6:190:15::9) by
>   GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM with HTTPS; Mon, 8 Jul 2024 16:48:02
>   +0000
> Received: from DU2PR04CA0040.eurprd04.prod.outlook.com (2603:10a6:10:234::15)
>   by MM0P280MB0101.SWEP280.PROD.OUTLOOK.COM (2603:10a6:190:15::9) with
>   Microsoft SMTP Server (version=TLS1_2,
>   cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35; Mon, 8 Jul
>   2024 16:48:01 +0000
> Received: from DU2PEPF00028D03.eurprd03.prod.outlook.com
>   (2603:10a6:10:234:cafe::1a) by DU2PR04CA0040.outlook.office365.com
>   (2603:10a6:10:234::15) with Microsoft SMTP Server (version=TLS1_2,
>   cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35 via Frontend
>   Transport; Mon, 8 Jul 2024 16:48:00 +0000
> Authentication-Results: spf=pass (sender IP is 50.223.129.194)
>   smtp.mailfrom=ietf.org; dkim=none (message not signed)
>   header.d=none;dmarc=pass action=none header.from=ietf.org;compauth=pass
>   reason=100
> Received-SPF: Pass (protection.outlook.com: domain of ietf.org designates
>   50.223.129.194 as permitted sender) receiver=protection.outlook.com;
>   client-ip=50.223.129.194; helo=mail.ietf.org; pr=C
> Received: from mail.ietf.org (50.223.129.194) by
>   DU2PEPF00028D03.mail.protection.outlook.com (10.167.242.187) with Microsoft
>   SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7762.17
>   via Frontend Transport; Mon, 8 Jul 2024 16:48:00 +0000
> Received: from [10.244.2.22] (unknown [104.131.183.230])
> 	by ietfa.amsl.com (Postfix) with ESMTP id 42826C375691;
> 	Mon,  8 Jul 2024 09:47:58 -0700 (PDT)
> Content-Type: text/plain; charset="utf-8"
> Content-Transfer-Encoding: 7bit
> From:internet-drafts@ietf.org
> To: "=?utf-8?q?Rikard_H=C3=B6glund?="<rikard.hoglund@ri.se>,
>   "Francesca Palombini"<francesca.palombini@ericsson.com>,
>   "Marco Tiloca"<marco.tiloca@ri.se>,
>   "Peter van der Stok"<stokcons@kpnmail.nl>,
>   "Rikard Hoeglund"<rikard.hoglund@ri.se>
> Subject: New Version Notification for draft-ietf-ace-oscore-gm-admin-12.txt
> X-Test-IDTracker: no
> X-IETF-IDTracker: 12.17.1
> Auto-Submitted: auto-generated
> Precedence: bulk
> Message-ID: <172045727793.450182.15374323269163351175@dt-datatracker-5f88556585-j5r2h>
> Date: Mon, 08 Jul 2024 09:47:57 -0700
> Return-Path:internet-drafts@ietf.org
> X-MS-Exchange-Organization-ExpirationStartTime: 08 Jul 2024 16:48:00.7181
>   (UTC)
> X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
> X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
> X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
> X-MS-Exchange-Organization-Network-Message-Id:
>   cc1932dc-8d23-46ab-b68f-08dc9f6dba64
> X-EOPAttributedMessage: 0
> X-EOPTenantAttributedMessage: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8:0
> X-MS-Exchange-Organization-MessageDirectionality: Incoming
> X-MS-PublicTrafficType: Email
> X-MS-TrafficTypeDiagnostic:
>   DU2PEPF00028D03:EE_|MM0P280MB0101:EE_|GVYP280MB0464:EE_
> X-MS-Exchange-Organization-AuthSource:
>   DU2PEPF00028D03.eurprd03.prod.outlook.com
> X-MS-Exchange-Organization-AuthAs: Anonymous
> X-MS-Office365-Filtering-Correlation-Id: cc1932dc-8d23-46ab-b68f-08dc9f6dba64
> X-MS-Exchange-AtpMessageProperties: SA|SL
> X-MS-Exchange-Organization-SCL: 1
> X-Microsoft-Antispam:
>   BCL:4;ARA:13230040|3072899012|3092899012|5062899012|2092899012|12012899012;
> X-Forefront-Antispam-Report:
>   CIP:50.223.129.194;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.ietf.org;PTR:mail.ietf.org;CAT:NONE;SFS:(13230040)(3072899012)(3092899012)(5062899012)(2092899012)(12012899012);DIR:INB;
> X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jul 2024 16:48:00.4056
>   (UTC)
> X-MS-Exchange-CrossTenant-Network-Message-Id: cc1932dc-8d23-46ab-b68f-08dc9f6dba64
> X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
> X-MS-Exchange-CrossTenant-AuthSource:
>   DU2PEPF00028D03.eurprd03.prod.outlook.com
> X-MS-Exchange-CrossTenant-AuthAs: Anonymous
> X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
> X-MS-Exchange-Transport-CrossTenantHeadersStamped: MM0P280MB0101
> X-MS-Exchange-Transport-EndToEndLatency: 00:00:02.2738950
> X-MS-Exchange-Processed-By-BccFoldering: 15.20.7741.016
> X-Microsoft-Antispam-Mailbox-Delivery:
> 	dwl:1;ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(831239)(255002)(410001)(930097)(140003)(1420198);
> X-Microsoft-Antispam-Message-Info:
> 	=?iso-8859-1?Q?kQYVChvSIR5yYKZ41WJ9WwroMcWExlRH4tVzOBnSybHgfkNNSO2yNHzOwC?=
>   =?iso-8859-1?Q?O3GzKfbe49DvIymT/9s1icFi1sDLdG+0IJJ8cPY6y+YyEJY2gGtkh0lWPJ?=
>   =?iso-8859-1?Q?wTEkncOC5PT+xpVfani/A/OfAFXgjaRdsF2nwh8xd5WpkyvRi/JeZdRu60?=
>   =?iso-8859-1?Q?Ddqjmwl6sE19oAVwdPU3bhtz/EIDB+wuE7bBrjTJBIqalisvHo8x01TDtH?=
>   =?iso-8859-1?Q?PTqshoo10oHktX2QrT1UegBSHqpFw2jlFJ5ka+SHHATrzOeTlGEz77Gsse?=
>   =?iso-8859-1?Q?xqo36lg4ZSZaWJrAaqEC/TdF8aVG6kQmZEdVB/HOb1pEWB9RnHfhObxIUY?=
>   =?iso-8859-1?Q?WyzhkR7+3XTW4s00Mhw6vUB5+eQHGCThZiKfhOEZ1jdiIZQ4HHI8Zbz1va?=
>   =?iso-8859-1?Q?X7tW9BeUZCgad/CgM+ef83vZUDo2d6DOvcUV/GVGsvBYRI/MqXFDk2UYXS?=
>   =?iso-8859-1?Q?gGxI5XFBBEt5QtG7/rZFB8i82973LlfN/AClMr+zxadRWoAON6b+B9qOKS?=
>   =?iso-8859-1?Q?izl4W4eYza98u9zEEgUmHMWZQakQisW9q7ke2E+Q+mNxuVjMj5xf+wSxsK?=
>   =?iso-8859-1?Q?iOBr9l++18X5KY3b5koEK6uaiOUTYPqwJYMrR9sbMFoMM/UqIk4/o9fvKu?=
>   =?iso-8859-1?Q?9w5uB3pgzTPZheacrKPI5blWZ6SSQQ2XFf41kj38xJgLbfIBh5u1OnIGr3?=
>   =?iso-8859-1?Q?WFqp36xGayq50wQC36OqJCwZcITX09aLhHBalukzyh5AHRFsCdxtTKioo7?=
>   =?iso-8859-1?Q?QncxmIv6gASNcCY0yAt7cVarnceWzAyIIiVa6N07htnL24m/ZwUfp7JNMa?=
>   =?iso-8859-1?Q?xxFRdOij7Vym5lhcLzHD9hOEkpuOyJsiKBOQ4dr0zCOB+KEo1HZEs/FMYZ?=
>   =?iso-8859-1?Q?sG8FJ5nAU0oOPEj5ZGk1ndDkT0JYxOqL3LpSLqfGiltCbM1TTbHDkIUHdP?=
>   =?iso-8859-1?Q?fxs2MlNXpWxEJf7ClRGSakWNJ3fBKf9ycPmrzV60CvOVKDBeQcR9JxMQvB?=
>   =?iso-8859-1?Q?fFAPPreI8Sa0JK8iXPk+dBoyY4K25sviYqqz+7hPYih+cfOJ+vvRwVRREQ?=
>   =?iso-8859-1?Q?2OZliupMUu8ct1V5AOn333t1dIgj3NDgX9Q16Yw2g/CMpB/qj1zhSzy6/5?=
>   =?iso-8859-1?Q?JbCceWIxi4Xr9PKxHfLC2XURV+KO3GWZ3BPdYxT4q7nCbzvAVDujJLnIjn?=
>   =?iso-8859-1?Q?yI7iSFp+WaQE2xYKe6rvjx8W+jiZ0q8mF9NlMrWcdicG5jvjm4fNln/tL1?=
>   =?iso-8859-1?Q?UolZvbADm48J+z27+BEBAgNmef0OVlk4pGyDKwUtUYxaC+ZVPwMCYwTCjA?=
>   =?iso-8859-1?Q?fGC2fn8ZVtb/rHMRqcA7e7Xo9/VRgbvBOAjZTaxyJWwpnmTgQTy+hXwgiA?=
>   =?iso-8859-1?Q?c9tPQqgiwTiHIq05cAR+2mPuqXBE9J/t5uTvn20Wve1Ah68Dspyf4ImWGr?=
>   =?iso-8859-1?Q?qpNCu9CU4uZffU0AIfphOJhx2ySsZ7ayEwPcT6E7fNY+A20fTA2/GPdznQ?=
>   =?iso-8859-1?Q?BsQa5IwfFk/4yLQ/XiV9RQnJ+kEnB10+yw99BNZaw7KYLAsYQzQgJFVseU?=
>   =?iso-8859-1?Q?a7C8GbXw0mN90kYZ95KSKN24MVxaQ4gckAFirr8myhQyLhcLNt9ciNKzNv?=
>   =?iso-8859-1?Q?ipwdJ+9Sxabl035mF/R6XrB3og42QuSTrieTfkB6HlQEqEOKNbmH/5cLxB?=
>   =?iso-8859-1?Q?YNT8Pd04f85PcuhrFjrcl82I8SjIArYVeho897Rbod7GlZFNywbdADAHCS?=
>   =?iso-8859-1?Q?W/wumOn4zg7sR+XbiPUxOP+3J+6PAeG+1/FDXQhilDhaw0lzP+GwDKP5Qb?=
>   =?iso-8859-1?Q?sA1sZNio1bZPndSHMEtVhoh9yPNojygu4Ac0ee6ZiFnP44lE9WymHIdbsX?=
>   =?iso-8859-1?Q?Od3jt3WqsfF9AcRbvJm6pqV9Ob5Hw558378WOTNCtKi7FwttvqnomKuOK9?=
>   =?iso-8859-1?Q?QDDDJloQqM47qBok+fLrcwoNgw2BIR+1xeVFnbI58P2w3XxMMTfhA1MRvJ?=
>   =?iso-8859-1?Q?KraK9165kLlp9In/+RrInzgLJElmZSqvIJJP6B8LhKLKI6rUECK6xtO4Ez?=
>   =?iso-8859-1?Q?ok8VZQpEafJsC7bXn5Tcg797LGzrt8I4AtH2Y+XV9wFYwbHHRX8YqGRRDK?=
>   =?iso-8859-1?Q?KdkuFmL8AwJig+b/tlspPBtyRbw5YUUovviDwTs+OptPnEx07YECc8iyHn?=
>   =?iso-8859-1?Q?0HMwjWrR8nnKROzh7tu8MXhC?=
> MIME-Version: 1.0
>
> A new version of Internet-Draft draft-ietf-ace-oscore-gm-admin-12.txt has been
> successfully submitted by Marco Tiloca and posted to the
> IETF repository.
>
> Name:     draft-ietf-ace-oscore-gm-admin
> Revision: 12
> Title:    Admin Interface for the OSCORE Group Manager
> Date:     2024-07-08
> Group:    ace
> Pages:    84
> URL:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-ace-oscore-gm-admin-12.txt&data=05%7C02%7Cmarco.tiloca%40ri.se%7Ccc1932dc8d2346abb68f08dc9f6dba64%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560540827703142%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=P2Y23qu0u3gpJC5NFzUqc0YCkveZPawVKba9CMo1TSI%3D&reserved=0
> Status:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-oscore-gm-admin%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7Ccc1932dc8d2346abb68f08dc9f6dba64%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560540827710941%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=FKUfk3G0%2BIA2kMc6RNWESwY4vOs4dxn3cchPARnloYI%3D&reserved=0
> HTML:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-ace-oscore-gm-admin-12.html&data=05%7C02%7Cmarco.tiloca%40ri.se%7Ccc1932dc8d2346abb68f08dc9f6dba64%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560540827716671%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=mjAP3Ng%2B2hX1hwg5rqJwRp5JuNdVcL4XJPmZi%2F2GgDs%3D&reserved=0
> HTMLized:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-ace-oscore-gm-admin&data=05%7C02%7Cmarco.tiloca%40ri.se%7Ccc1932dc8d2346abb68f08dc9f6dba64%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560540827720912%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=4kl09RL0%2FMktYD6z9thSjaOfsLoIMhmkuB3g6tjnWiQ%3D&reserved=0
> Diff:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-ietf-ace-oscore-gm-admin-12&data=05%7C02%7Cmarco.tiloca%40ri.se%7Ccc1932dc8d2346abb68f08dc9f6dba64%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560540827725472%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=61Viq2%2FyNIEGmkuWXEBNqVVJRDqaZWbml5MbgghlHk4%3D&reserved=0
>
> Abstract:
>
>     Group communication for CoAP can be secured using Group Object
>     Security for Constrained RESTful Environments (Group OSCORE).  A
>     Group Manager is responsible for handling the joining of new group
>     members, as well as managing and distributing the group keying
>     material.  This document defines a RESTful admin interface at the
>     Group Manager that allows an Administrator entity to create and
>     delete OSCORE groups, as well as to retrieve and update their
>     configuration.  The ACE framework for Authentication and
>     Authorization is used to enforce authentication and authorization of
>     the Administrator at the Group Manager.  Protocol-specific transport
>     profiles of ACE are used to achieve communication security, proof-of-
>     possession, and server authentication.
>
>
>
> The IETF Secretariat
>
>
> Received: from GVZP280MB0443.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:46::11)
>   by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM with HTTPS; Mon, 8 Jul 2024
>   16:50:13 +0000
> Received: from AM6PR04CA0036.eurprd04.prod.outlook.com (2603:10a6:20b:92::49)
>   by GVZP280MB0443.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:46::11) with
>   Microsoft SMTP Server (version=TLS1_2,
>   cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35; Mon, 8 Jul
>   2024 16:50:12 +0000
> Received: from AMS0EPF000001A2.eurprd05.prod.outlook.com
>   (2603:10a6:20b:92:cafe::5d) by AM6PR04CA0036.outlook.office365.com
>   (2603:10a6:20b:92::49) with Microsoft SMTP Server (version=TLS1_2,
>   cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35 via Frontend
>   Transport; Mon, 8 Jul 2024 16:50:12 +0000
> Authentication-Results: spf=pass (sender IP is 50.223.129.194)
>   smtp.mailfrom=ietf.org; dkim=none (message not signed)
>   header.d=none;dmarc=pass action=none header.from=ietf.org;compauth=pass
>   reason=100
> Received-SPF: Pass (protection.outlook.com: domain of ietf.org designates
>   50.223.129.194 as permitted sender) receiver=protection.outlook.com;
>   client-ip=50.223.129.194; helo=mail.ietf.org; pr=C
> Received: from mail.ietf.org (50.223.129.194) by
>   AMS0EPF000001A2.mail.protection.outlook.com (10.167.16.235) with Microsoft
>   SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7762.17
>   via Frontend Transport; Mon, 8 Jul 2024 16:50:12 +0000
> Received: from [10.244.2.22] (unknown [104.131.183.230])
> 	by ietfa.amsl.com (Postfix) with ESMTP id 84CD2C23C61A;
> 	Mon,  8 Jul 2024 09:49:54 -0700 (PDT)
> Content-Type: text/plain; charset="utf-8"
> Content-Transfer-Encoding: 7bit
> From:internet-drafts@ietf.org
> To: "=?utf-8?q?G=C3=B6ran_Selander?="<goran.selander@ericsson.com>,
>   "Goeran Selander"<goran.selander@ericsson.com>,
>   "Marco Tiloca"<marco.tiloca@ri.se>
> Subject: New Version Notification for draft-ietf-ace-workflow-and-params-02.txt
> X-Test-IDTracker: no
> X-IETF-IDTracker: 12.17.1
> Auto-Submitted: auto-generated
> Precedence: bulk
> Message-ID: <172045739420.445281.12231012262106336815@dt-datatracker-5f88556585-j5r2h>
> Date: Mon, 08 Jul 2024 09:49:54 -0700
> Return-Path:internet-drafts@ietf.org
> X-MS-Exchange-Organization-ExpirationStartTime: 08 Jul 2024 16:50:12.3920
>   (UTC)
> X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
> X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
> X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
> X-MS-Exchange-Organization-Network-Message-Id:
>   5929104c-3fe7-45d2-8dc8-08dc9f6e08e0
> X-EOPAttributedMessage: 0
> X-EOPTenantAttributedMessage: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8:0
> X-MS-Exchange-Organization-MessageDirectionality: Incoming
> X-MS-PublicTrafficType: Email
> X-MS-TrafficTypeDiagnostic:
>   AMS0EPF000001A2:EE_|GVZP280MB0443:EE_|GVYP280MB0464:EE_
> X-MS-Exchange-Organization-AuthSource:
>   AMS0EPF000001A2.eurprd05.prod.outlook.com
> X-MS-Exchange-Organization-AuthAs: Anonymous
> X-MS-Office365-Filtering-Correlation-Id: 5929104c-3fe7-45d2-8dc8-08dc9f6e08e0
> X-MS-Exchange-AtpMessageProperties: SA|SL
> X-MS-Exchange-Organization-SCL: 1
> X-Microsoft-Antispam:
>   BCL:4;ARA:13230040|5062899012|3072899012|3092899012|2092899012|12012899012;
> X-Forefront-Antispam-Report:
>   CIP:50.223.129.194;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.ietf.org;PTR:mail.ietf.org;CAT:NONE;SFS:(13230040)(5062899012)(3072899012)(3092899012)(2092899012)(12012899012);DIR:INB;
> X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jul 2024 16:50:12.0639
>   (UTC)
> X-MS-Exchange-CrossTenant-Network-Message-Id: 5929104c-3fe7-45d2-8dc8-08dc9f6e08e0
> X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
> X-MS-Exchange-CrossTenant-AuthSource:
>   AMS0EPF000001A2.eurprd05.prod.outlook.com
> X-MS-Exchange-CrossTenant-AuthAs: Anonymous
> X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
> X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVZP280MB0443
> X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.9272122
> X-MS-Exchange-Processed-By-BccFoldering: 15.20.7741.016
> X-Microsoft-Antispam-Mailbox-Delivery:
> 	dwl:1;ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(831239)(255002)(410001)(930097)(140003)(1420198);
> X-Microsoft-Antispam-Message-Info:
> 	=?iso-8859-1?Q?msVqAQquecYBio4phnLvYwic8LZ5MylPqMG7WDa8x2kOkDshmoeSjdstLi?=
>   =?iso-8859-1?Q?PZhvCA6HBvKSqTCmjG7KNoMzbs+wLjWHFv+aBOtphvfrQkz18K93ZwDkhV?=
>   =?iso-8859-1?Q?zeDaaUhvQ2+tWNET16Dc04MNCaAJs8/S76R4e7mEi5NoM47/e0UcXf/7Kk?=
>   =?iso-8859-1?Q?sX6sS8IXJ9Lnz0RG3S+H1mEeWwWwwn8Nc+BwE6EaXogBgT5+0pU49FkI3E?=
>   =?iso-8859-1?Q?ubFxrHbK/YjSX7tdZ0RzDHDTRf5KBXJryzqlS7z1skn1wWG3fuxd4Ihctx?=
>   =?iso-8859-1?Q?o7qhisk4alqZHGZ2pqkl53t7pIUOrqMhUTr/DrrE+7CLziWDQyM2nnkxQS?=
>   =?iso-8859-1?Q?fAoZdu2yD9LFBOInNkbirb511ntkQpHj1W8ih7LPFqv9WHGIHRXtVgWEfv?=
>   =?iso-8859-1?Q?LtjOKH1+yWG3CPrj+G78P9HdfPYBNHb3bm7MhsB7AINk7HFyMwgx2RWl0n?=
>   =?iso-8859-1?Q?MWecf39OLCB+6RuozdUWguPp06Zdmvh7QbejfHC6LGqG08VVhHo3RsvL2y?=
>   =?iso-8859-1?Q?1NEL4MJoxkmafZJEFz/CBFMMhUk/OCmuX24X8hE8mEMih/rcB44ts87N8Y?=
>   =?iso-8859-1?Q?sonRzLASfc+U2TLGijH3l691XwLjhvCCkGQuwzZiXkhYhEEkBYUeFlSmHQ?=
>   =?iso-8859-1?Q?kpl5BaGLJH/hbwL3bq9OuMijmTGkX1xh89SBcdvZ3lGI+Gu6OPVoKpWKve?=
>   =?iso-8859-1?Q?GCv0DR5fUvXAicyBcPP0oscQlWruSLFCU+4r6Djxfdv5sc+abYbRdfkoKy?=
>   =?iso-8859-1?Q?vi2gp2slshOoWmTEB3anM2AKhkZx1o8NaEHdkHjo9hDpRQe7bo8SSUHB/f?=
>   =?iso-8859-1?Q?7/Qj3DjsNMb1VfXOdXfR7yRXg5c3bRd6Te+dV6lNt+4bU+h+39NKAq4Mo7?=
>   =?iso-8859-1?Q?qa1y3ZX8xhphJikgedSE9GIXfH+uqJhkwcLf4Atv8hodj2TSrDfvI109ro?=
>   =?iso-8859-1?Q?31HUOm+QCOqVqc2rcykEgR0ufCcj7kIZq3SpmlCEhPoSM7EbYlkkLQfwrD?=
>   =?iso-8859-1?Q?yUCLLsZDS+C5v2qZLrvXbBwPyTWV92aDJXwIF9IXds6mIskLeDGLZ8/jiK?=
>   =?iso-8859-1?Q?7GAcdXGcLO7t5AenfL11Hs9kvlQRFUHxWzEmMODd2F14x0x4fYxzdLIiq8?=
>   =?iso-8859-1?Q?VIWznCmNrlKdkR/atsUnuiNVc9tWz0cR2mZb4ePqQk+9hgex65cSbZEqU+?=
>   =?iso-8859-1?Q?llNN7mykvFkEI8+P4OOHHiwYwgt3sgwqMAzWqPenxpUFBpM6feJeuEHLoF?=
>   =?iso-8859-1?Q?MFnILQNAv3577ai0FCTK/Egy1bdQcPe6scv8N42QCrf3/Tb/g9K8iMJPzy?=
>   =?iso-8859-1?Q?wYIK8KTZBvL6Lw2SzHUWyuepYI7c+PpmZpZO+AYjLWL6RtgRVTHGbdATM0?=
>   =?iso-8859-1?Q?Y5VbGgu4RyAFPq6qjYSAjaXAul42HInY4HSXwfi1EVrdiHiqREGxd7e5/n?=
>   =?iso-8859-1?Q?aXziMbR4UN02epbLVN7Z+M4lKDua64lDVNekYe/3RtLU3E9c8Abed9idix?=
>   =?iso-8859-1?Q?1u70lvwOYNksZ8KjfI2OOmBQRsOsCoOflIsJIVOMQF5EjHz5kPi8NE9ord?=
>   =?iso-8859-1?Q?tJBH24dFzuZ1aG40Z+Vt0q9C0LGwt3Z8EGgzNl8gvirjDOj3RP0AODF0UJ?=
>   =?iso-8859-1?Q?8f2eUzHK6IH+hWdnfXwze8nYqo7juM7vk3KiaLLJ81rFZvLftOBFp3sOoP?=
>   =?iso-8859-1?Q?RUWq5Jins4jcGLbUQIhhsAB6NJnzSXIGdOpRWv6dGI9qacK0rL6aK3nErP?=
>   =?iso-8859-1?Q?BVCIPUICuuDyhkpnPmN4ecldfDESmb80s+tBk5OVCw3LxE+UBiOte4skT3?=
>   =?iso-8859-1?Q?16dkkkRPdyHnGaaiRK+61rS5VbmQa0R2NKpnp9di3kM/7D9aNZkBepldik?=
>   =?iso-8859-1?Q?YO2/nBnIDqi03n274zovh2KI6LeXbE+EpTj5cytVvVhRa2g+oeWWbypWtw?=
>   =?iso-8859-1?Q?DZIBYrjzPnclx96JAdL4UOyftG57oTF9R/3RqRFJHZi7u02SPl+mQXsIau?=
>   =?iso-8859-1?Q?Vy1/Io1wqJoMqdDMZfOVbkzyOEdwZxl8kuNSi1caj60IP7hXyYUvQ08ul0?=
>   =?iso-8859-1?Q?RkYuQGlDYWXTGFMtzXh/qqV46RH0Wm8p0tvRfC1l6kbSMs7Ep6N3SQCkxM?=
>   =?iso-8859-1?Q?f8CkC6/htcJL6XpUOoGvrJ8TWSDoMOPtqn5umu1BiWULA/H+Tdxk3QATmv?=
>   =?iso-8859-1?Q?UEQ=3D?=
> MIME-Version: 1.0
>
> A new version of Internet-Draft draft-ietf-ace-workflow-and-params-02.txt has
> been successfully submitted by Marco Tiloca and posted to the
> IETF repository.
>
> Name:     draft-ietf-ace-workflow-and-params
> Revision: 02
> Title:    Alternative Workflow and OAuth Parameters for the Authentication and Authorization for Constrained Environments (ACE) Framework
> Date:     2024-07-08
> Group:    ace
> Pages:    52
> URL:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-ace-workflow-and-params-02.txt&data=05%7C02%7Cmarco.tiloca%40ri.se%7C5929104c3fe745d28dc808dc9f6e08e0%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542140787199%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=p%2FsujjvsAdfRKS1cz6EtX8xdOm%2FlcxCqZv7OT3Afuz8%3D&reserved=0
> Status:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-workflow-and-params%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7C5929104c3fe745d28dc808dc9f6e08e0%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542140796897%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=I2qXes8CXz%2FbHE7k5sqOLcY2OpZS7Z1EJhMZn4O7BVs%3D&reserved=0
> HTML:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-ace-workflow-and-params-02.html&data=05%7C02%7Cmarco.tiloca%40ri.se%7C5929104c3fe745d28dc808dc9f6e08e0%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542140803449%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=HdImg5jnXF03iKiCG80vs3KTtQDLGYW%2BiZqAgMyHwK0%3D&reserved=0
> HTMLized:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-ace-workflow-and-params&data=05%7C02%7Cmarco.tiloca%40ri.se%7C5929104c3fe745d28dc808dc9f6e08e0%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542140807790%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=rnp2bzVvUvZxC6sLeBv0sGcaP5%2Bi9AGBTIGjIczZiEg%3D&reserved=0
> Diff:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-ietf-ace-workflow-and-params-02&data=05%7C02%7Cmarco.tiloca%40ri.se%7C5929104c3fe745d28dc808dc9f6e08e0%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542140812240%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=Sshj3SeVZDPYdplvZfPEOGNPw6XToVgi9WE3UFuOcyc%3D&reserved=0
>
> Abstract:
>
>     This document updates the Authentication and Authorization for
>     Constrained Environments Framework (ACE, RFC 9200) as follows.
>     First, it defines a new, alternative workflow that the Authorization
>     Server can use for uploading an access token to a Resource Server on
>     behalf of the Client.  Second, it defines new parameters and
>     encodings for the OAuth 2.0 token endpoint at the Authorization
>     Server.  Third, it defines a method for the ACE framework to enforce
>     bidirectional access control by means of a single access token.
>     Fourth, it amends two of the requirements on profiles of the
>     framework.  Finally, it deprecates the original payload format of
>     error responses that convey an error code, when CBOR is used to
>     encode message payloads.  For such error responses, it defines a new
>     payload format aligned with RFC 9290, thus updating in this respect
>     also the profiles of ACE defined in RFC 9202, RFC 9203, and RFC 9431.
>
>
>
> The IETF Secretariat
>
>
> Received: from GVYP280MB0221.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:35::14)
>   by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM with HTTPS; Mon, 8 Jul 2024
>   16:51:29 +0000
> Received: from AS8PR04CA0093.eurprd04.prod.outlook.com (2603:10a6:20b:31e::8)
>   by GVYP280MB0221.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:35::14) with
>   Microsoft SMTP Server (version=TLS1_2,
>   cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.34; Mon, 8 Jul
>   2024 16:51:28 +0000
> Received: from AMS0EPF000001A5.eurprd05.prod.outlook.com
>   (2603:10a6:20b:31e:cafe::34) by AS8PR04CA0093.outlook.office365.com
>   (2603:10a6:20b:31e::8) with Microsoft SMTP Server (version=TLS1_2,
>   cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35 via Frontend
>   Transport; Mon, 8 Jul 2024 16:51:28 +0000
> Authentication-Results: spf=pass (sender IP is 50.223.129.194)
>   smtp.mailfrom=ietf.org; dkim=none (message not signed)
>   header.d=none;dmarc=pass action=none header.from=ietf.org;compauth=pass
>   reason=100
> Received-SPF: Pass (protection.outlook.com: domain of ietf.org designates
>   50.223.129.194 as permitted sender) receiver=protection.outlook.com;
>   client-ip=50.223.129.194; helo=mail.ietf.org; pr=C
> Received: from mail.ietf.org (50.223.129.194) by
>   AMS0EPF000001A5.mail.protection.outlook.com (10.167.16.232) with Microsoft
>   SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7762.17
>   via Frontend Transport; Mon, 8 Jul 2024 16:51:27 +0000
> Received: from [10.244.2.22] (unknown [104.131.183.230])
> 	by ietfa.amsl.com (Postfix) with ESMTP id 8504AC1F45B9;
> 	Mon,  8 Jul 2024 09:51:25 -0700 (PDT)
> Content-Type: text/plain; charset="utf-8"
> Content-Transfer-Encoding: 7bit
> From:internet-drafts@ietf.org
> To: "=?utf-8?q?John_Preu=C3=9F_Mattsson?="<john.mattsson@ericsson.com>,
>   "John Mattsson"<john.mattsson@ericsson.com>,
>   "Marco Tiloca"<marco.tiloca@ri.se>
> Subject: New Version Notification for draft-tiloca-ace-authcred-dtls-profile-02.txt
> X-Test-IDTracker: no
> X-IETF-IDTracker: 12.17.1
> Auto-Submitted: auto-generated
> Precedence: bulk
> Message-ID: <172045748521.461285.310059486359580714@dt-datatracker-5f88556585-j5r2h>
> Date: Mon, 08 Jul 2024 09:51:25 -0700
> Return-Path:internet-drafts@ietf.org
> X-MS-Exchange-Organization-ExpirationStartTime: 08 Jul 2024 16:51:27.7897
>   (UTC)
> X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
> X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
> X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
> X-MS-Exchange-Organization-Network-Message-Id:
>   b44afc97-82fa-499d-532b-08dc9f6e35d1
> X-EOPAttributedMessage: 0
> X-EOPTenantAttributedMessage: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8:0
> X-MS-Exchange-Organization-MessageDirectionality: Incoming
> X-MS-PublicTrafficType: Email
> X-MS-TrafficTypeDiagnostic:
>   AMS0EPF000001A5:EE_|GVYP280MB0221:EE_|GVYP280MB0464:EE_
> X-MS-Exchange-Organization-AuthSource:
>   AMS0EPF000001A5.eurprd05.prod.outlook.com
> X-MS-Exchange-Organization-AuthAs: Anonymous
> X-MS-Office365-Filtering-Correlation-Id: b44afc97-82fa-499d-532b-08dc9f6e35d1
> X-MS-Exchange-AtpMessageProperties: SA|SL
> X-MS-Exchange-Organization-SCL: 1
> X-Microsoft-Antispam:
>   BCL:4;ARA:13230040|3092899012|5062899012|3072899012|2092899012|12012899012;
> X-Forefront-Antispam-Report:
>   CIP:50.223.129.194;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.ietf.org;PTR:mail.ietf.org;CAT:NONE;SFS:(13230040)(3092899012)(5062899012)(3072899012)(2092899012)(12012899012);DIR:INB;
> X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jul 2024 16:51:27.4616
>   (UTC)
> X-MS-Exchange-CrossTenant-Network-Message-Id: b44afc97-82fa-499d-532b-08dc9f6e35d1
> X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
> X-MS-Exchange-CrossTenant-AuthSource:
>   AMS0EPF000001A5.eurprd05.prod.outlook.com
> X-MS-Exchange-CrossTenant-AuthAs: Anonymous
> X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
> X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVYP280MB0221
> X-MS-Exchange-Transport-EndToEndLatency: 00:00:02.4131118
> X-MS-Exchange-Processed-By-BccFoldering: 15.20.7741.016
> X-Microsoft-Antispam-Mailbox-Delivery:
> 	dwl:1;ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(831239)(255002)(410001)(930097)(140003)(1420198);
> X-Microsoft-Antispam-Message-Info:
> 	=?iso-8859-1?Q?oPF3EeLAp8s7nGBQiDpjdKFDZHFGnwukabNB0DMHADUgJ0kysU0uKyIU5P?=
>   =?iso-8859-1?Q?E9CHqAlW5jitMwJSp3E2TWSBjWf4m874gY2PJvbja7JfSJaYepIs64SaG1?=
>   =?iso-8859-1?Q?ZHa9RqvHDu6PjZrqzeky1Iat/xfZ+mYI/L/wiYGOD3Rm6653a5SXSMZVqJ?=
>   =?iso-8859-1?Q?c1O55BSo/VygqsM+2czXWyR03uJW3c/WtVEd20QfF4LzVMNWLuNOKXBE9h?=
>   =?iso-8859-1?Q?84NDWswNPmdt3eu+3K/KZeNDm1Dj5tg2QVrPlbib2iZsOblIQqiQ+Mtp3J?=
>   =?iso-8859-1?Q?P2/eBB7CXoC9hAH1ciAMiuqfTSw69d+UOaqPbilG3Yma/6XZXlSitsPzgz?=
>   =?iso-8859-1?Q?F8qwKSDJY5kBrvUh7M5DZRp3fcwSNZBBerAE46fjtMXla9NBHMoodDnh+/?=
>   =?iso-8859-1?Q?/JJrY7l9oZRc/X7+spimB3iepPNcn9jRVOTkFnnWxBPbpK+2xJgl5C3CoV?=
>   =?iso-8859-1?Q?AFJgm9kbkLZJgB7uOTzuyF69MuC0bgml4qVIq51ln3AIWjmTyUyoe7ELwc?=
>   =?iso-8859-1?Q?2G9Vg4aP+8NGQGjssIXbs3/od2sAtzXav9U3iX8Zc+EVbcUb2zwSZJGanf?=
>   =?iso-8859-1?Q?HGbM9Mu9wX7WJfaOt7/nRoHV6I1wc2SKEiILPdWM4BWPqJNRtiY4owr7is?=
>   =?iso-8859-1?Q?nhOOIQKQac35eixGEPbu/o3Sj+gdqLyLMj9/6Y8R978VkFlghtsJrvhM5p?=
>   =?iso-8859-1?Q?HP6osp7spgcee3h0mD0kpMf5oVdZefgI+keyiOPlCPDfJnEx9fHE4hjYbO?=
>   =?iso-8859-1?Q?AA3dvDy9hpeVmFp4ayN+4Wxu90t43eLDHVmfqu66lewEAS9w1gn2Rq77cl?=
>   =?iso-8859-1?Q?SrfoUF4s1QpQ3T8pDCB69oQzVswT9KN9ctnKeBnu0mcEV+wIiGQeJppIzr?=
>   =?iso-8859-1?Q?E/wW3hNzBBbO9QZ69D3mh14dxfiy4SanRCTqXFrFyASwNSbdxuQaOn9S/f?=
>   =?iso-8859-1?Q?qn3bdEblSU4v+uN6OamvZwj0pN60Lm+5qMcXz6+dP/7ailwrpVE29T8rfk?=
>   =?iso-8859-1?Q?A2jkoOcYmzbLeR8nydTImBw9ZNiUIq59Td+TMDX92FZh9actF2SCVEk9gv?=
>   =?iso-8859-1?Q?jxE7poLY5vmu7N9zs9FrzVShBFuS78x2J7oTdvXmAoksLDr5rUNKw53l84?=
>   =?iso-8859-1?Q?tUJkTJvKvyfY7vplwLtrzFJyER8W9aAH8xvPZD82QbdqMP1ZWx8bBwT7F9?=
>   =?iso-8859-1?Q?Y6SHXj58ndxJe8iCDFN+dW/+PcC70+8+rcALr+elMNxnvE4mc1IOSlT2AO?=
>   =?iso-8859-1?Q?Fk7e+e4hA34M7WUNhCm3Nq3AiDoFEttOljFlj4efQVsXby+nC2FIyRJ0pz?=
>   =?iso-8859-1?Q?Brp4Su3240h9QGYWFoRv4o0/YU+H60T0m+SiUAxiLnJP3E9WnmdnUGZ8Xw?=
>   =?iso-8859-1?Q?tvKxe+M4Ze31RbVrP9uAPxVlluxryER+udQ+zgvKAUFx5BmfheUGv44EYv?=
>   =?iso-8859-1?Q?I6B3xGutxMZL6ugoYYHRVmAbeU02DSDIn5onvEBnvqwD9bkVcDUzbOOdoQ?=
>   =?iso-8859-1?Q?0enDGm6rxX+lVmyB1AdZl39XZd83RWcxLRCFjnebgzubUwbZOV7O4AfZKh?=
>   =?iso-8859-1?Q?Ig4XLnHl5I1Uu/jkQaqjvKC4oEqKJneF8V+e8UrpnC/mNnHWRvFAhUqS2w?=
>   =?iso-8859-1?Q?3KsUAUzHS0XdGM6yfnTc78xd0EuuBInzJDbRVqMYqDPfxXuhZT1pY2AFLf?=
>   =?iso-8859-1?Q?HN0gN54nwLV8CICLKN1wKl5zW2u5CFx+4PMfECgK7G9sVwa8CmfJKDeUJa?=
>   =?iso-8859-1?Q?gEDQZ+TaGeUoS7QlKTUyABvNDcLqDD6tZkHcL3JqL9hgcFUCx3GWzOo+on?=
>   =?iso-8859-1?Q?8U6IkWOaYTyIkiq1g6R+9mctk3BJ7BPsLhudfUzbLm+A7vwUMidYJBv4ts?=
>   =?iso-8859-1?Q?Uw6wEFLZXg/FkLx62+bZZCuBmu5xbAnjDnSJiPVvM8NeQksq2uwXfIdmJT?=
>   =?iso-8859-1?Q?3S1/HkN+0oWWNRorSQhPO4bUMPjo9f5tIhuWPevNNDsDEC+MwNLN98jOFy?=
>   =?iso-8859-1?Q?iWSzWOvAxwaWJYPVSqpR+s/H08dBuK1OhFXG9u1kd1fVbYS0pk1SjGdUNc?=
>   =?iso-8859-1?Q?l/x/XT+Oc1v8VLGZNsTOp6boFBHgX3v3/vZuaquYZ/bw4cBu3RavGWqm5X?=
>   =?iso-8859-1?Q?me1rO6PrGxCx+BatLkznB2VjiVNVwIcgiA7U7W900v8WUDcJohlk9fTy3D?=
>   =?iso-8859-1?Q?yLs=3D?=
> MIME-Version: 1.0
>
> A new version of Internet-Draft draft-tiloca-ace-authcred-dtls-profile-02.txt
> has been successfully submitted by Marco Tiloca and posted to the
> IETF repository.
>
> Name:     draft-tiloca-ace-authcred-dtls-profile
> Revision: 02
> Title:    Additional Formats of Authentication Credentials for the Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE)
> Date:     2024-07-08
> Group:    Individual Submission
> Pages:    16
> URL:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-tiloca-ace-authcred-dtls-profile-02.txt&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cb44afc9782fa499d532b08dc9f6e35d1%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542899631039%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=0dq0SHiKf1hQv8hairVS3tPIIEjg5vnuv74dLhPpL%2BY%3D&reserved=0
> Status:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-tiloca-ace-authcred-dtls-profile%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cb44afc9782fa499d532b08dc9f6e35d1%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542899642523%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=vjCs3uu6t3i5ewua4OOp6c3GOYJGNwIzrmSRdvoMZI8%3D&reserved=0
> HTML:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-tiloca-ace-authcred-dtls-profile-02.html&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cb44afc9782fa499d532b08dc9f6e35d1%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542899650018%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=bdHFmfhhqJhilap%2BmjWVd%2FcZEFuVZiabCdEvJDVlzyw%3D&reserved=0
> HTMLized:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-tiloca-ace-authcred-dtls-profile&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cb44afc9782fa499d532b08dc9f6e35d1%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542899654929%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2FQqtBYMVzzmO3KDjeE0AIZpC4OsdRtUTzAgceSQQpJg%3D&reserved=0
> Diff:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-tiloca-ace-authcred-dtls-profile-02&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cb44afc9782fa499d532b08dc9f6e35d1%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638560542899659287%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=Mrpnshhz2NTcLtASxFSmpApZBjlFSjj4S6JVoTd8ess%3D&reserved=0
>
> Abstract:
>
>     This document updates the Datagram Transport Layer Security (DTLS)
>     Profile for Authentication and Authorization for Constrained
>     Environments (ACE).  In particular, it specifies the use of
>     additional formats of authentication credentials for establishing a
>     DTLS session, when peer authentication is based on asymmetric
>     cryptography.  Therefore, this document updates RFC 9202.  What is
>     defined in this document is seamlessly applicable also if the profile
>     uses Transport Layer Security (TLS) instead, as defined in RFC 9430.
>
>
>
> The IETF Secretariat
>

-- 
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www.ri.se