Re: [Ace] I-D Action: draft-ietf-ace-aif-03.txt

Carsten Bormann <cabo@tzi.org> Thu, 24 June 2021 12:09 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FF083A1A7F for <ace@ietfa.amsl.com>; Thu, 24 Jun 2021 05:09:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_FAIL=0.001, SPF_HELO_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VVtUegDFCSh9 for <ace@ietfa.amsl.com>; Thu, 24 Jun 2021 05:09:56 -0700 (PDT)
Received: from gabriel-2.zfn.uni-bremen.de (gabriel-2.zfn.uni-bremen.de [IPv6:2001:638:708:32::19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 252D73A1A7C for <ace@ietf.org>; Thu, 24 Jun 2021 05:09:56 -0700 (PDT)
Received: from [192.168.217.118] (p548dcc89.dip0.t-ipconnect.de [84.141.204.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4G9f8F0trlz2xY8; Thu, 24 Jun 2021 14:09:49 +0200 (CEST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <162453651356.26719.793301307098984910@ietfa.amsl.com>
Date: Thu, 24 Jun 2021 14:09:49 +0200
X-Mao-Original-Outgoing-Id: 646229388.9594949-2a76574d1ab1f3a995058e0e99ac88ca
Content-Transfer-Encoding: quoted-printable
Message-Id: <FC1A35DA-650C-4D69-8018-CB9034230974@tzi.org>
References: <162453651356.26719.793301307098984910@ietfa.amsl.com>
To: ace@ietf.org
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/RuaZSO1ZU8piWNqEVTVPFO69iZ0>
Subject: Re: [Ace] I-D Action: draft-ietf-ace-aif-03.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2021 12:09:59 -0000

This version -03 of ACE-AIF should address all WGLC comments.

Grüße, Carsten


> On 2021-06-24, at 14:08, internet-drafts@ietf.org wrote:
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF.
> 
>        Title           : An Authorization Information Format (AIF) for ACE
>        Author          : Carsten Bormann
> 	Filename        : draft-ietf-ace-aif-03.txt
> 	Pages           : 14
> 	Date            : 2021-06-24
> 
> Abstract:
>   Constrained Devices as they are used in the "Internet of Things" need
>   security.  One important element of this security is that devices in
>   the Internet of Things need to be able to decide which operations
>   requested of them should be considered authorized, need to ascertain
>   that the authorization to request the operation does apply to the
>   actual requester, and need to ascertain that other devices they place
>   requests on are the ones they intended.
> 
>   To transfer detailed authorization information from an authorization
>   manager (such as an ACE-OAuth Authorization Server) to a device, a
>   compact representation format is needed.  This document provides a
>   suggestion for such a format, the Authorization Information Format
>   (AIF).  AIF is defined both as a general structure that can be used
>   for many different applications and as a specific refinement that
>   describes REST resources (potentially dynamically created) and the
>   permissions on them.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-ace-aif/
> 
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-ietf-ace-aif-03.html
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-aif-03
> 
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> 
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace