Re: [Ace] OSCORE Profile IANA questions

Seitz Ludwig <ludwig.seitz@combitech.se> Mon, 31 August 2020 13:42 UTC

Return-Path: <ludwig.seitz@combitech.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B42723A13C0; Mon, 31 Aug 2020 06:42:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FD0uuHzbhfWi; Mon, 31 Aug 2020 06:42:46 -0700 (PDT)
Received: from weald.air.saab.se (weald.air.saab.se [136.163.212.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD20E3A13B5; Mon, 31 Aug 2020 06:42:44 -0700 (PDT)
Received: from mailhub2.air.saab.se ([136.163.213.5]) by weald.air.saab.se (8.14.4/8.14.4) with ESMTP id 07VDggwA015552 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 31 Aug 2020 15:42:42 +0200
DKIM-Filter: OpenDKIM Filter v2.11.0 weald.air.saab.se 07VDggwA015552
Received: from corpappl16594.corp.saab.se (corpappl16594.corp.saab.se [10.12.12.126]) by mailhub2.air.saab.se (8.13.8/8.13.8) with ESMTP id 07VDgS0T007375 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 31 Aug 2020 15:42:28 +0200
Received: from corpappl16595.corp.saab.se (10.12.12.127) by corpappl16594.corp.saab.se (10.12.12.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Mon, 31 Aug 2020 15:42:28 +0200
Received: from corpappl16595.corp.saab.se ([fe80::3c3e:6470:4c56:a86f]) by corpappl16595.corp.saab.se ([fe80::3c3e:6470:4c56:a86f%4]) with mapi id 15.01.1979.003; Mon, 31 Aug 2020 15:42:28 +0200
From: Seitz Ludwig <ludwig.seitz@combitech.se>
To: Francesca Palombini <francesca.palombini=40ericsson.com@dmarc.ietf.org>, Ace Wg <ace@ietf.org>
CC: "ace-chairs@ietf.org" <ace-chairs@ietf.org>
Thread-Topic: OSCORE Profile IANA questions
Thread-Index: AQHWf5W01luwmoZHhU++qk7AvzRo4alSOI+g
Date: Mon, 31 Aug 2020 13:42:27 +0000
Message-ID: <3547a70f710c48c1b84cd70b70e0e873@combitech.se>
References: <40F43BA8-1127-4066-8A5E-6929F962B052@ericsson.com>
In-Reply-To: <40F43BA8-1127-4066-8A5E-6929F962B052@ericsson.com>
Accept-Language: en-SE, sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.12.13.198]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Saab-MailScanner-Information: Please contact the ISP for more information
X-Saab-MailScanner-ID: 07VDgS0T007375
X-Saab-MailScanner: Found to be clean
X-Saab-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-0.999, required 5, autolearn=not spam, ALL_TRUSTED -1.00, URIBL_BLOCKED 0.00)
X-Saab-MailScanner-From: ludwig.seitz@combitech.se
X-Saab-MailScanner-Watermark: 1599486148.87916@ycP8mkh7Cl55TlcBToHFuQ
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (weald.air.saab.se [136.163.212.3]); Mon, 31 Aug 2020 15:42:42 +0200 (CEST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/Sr2t7_5ftOT5O9owE2UrlvpTV-g>
Subject: Re: [Ace] OSCORE Profile IANA questions
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2020 13:42:49 -0000

1.) I would not put these parameters in the "token request" category, they belong into a new category. Whether they should be registered in the OAuth parameters registry is doubtful to me, since I don't see them being used in a non-ACE OAuth context. Somewhere in the ACE registries?

2.)  I would propose to put it on ACE page to be created for the framework by IANA.

/Ludwig

-----Original Message-----
From: Ace <ace-bounces@ietf.org> On Behalf Of Francesca Palombini
Sent: den 31 augusti 2020 14:53
To: Ace Wg <ace@ietf.org>
Cc: ace-chairs@ietf.org
Subject: [Ace] OSCORE Profile IANA questions

Hi all,

I have two quick questions concerning IANA actions to be done for the OSCORE profile:

1) The framework (-params) and the profile are currently conflicting on the registration of parameters, and we need to fix that.
In the framework, parameters that are sent from Client to AS (such as req_cnf) are registered in the OAuth Parameters Registry as having "Parameter Usage Location: token request". The OSCORE profile registers parameters sent from Client to RS (such as nonce1) with "Parameter Usage Location: token request". The possible "Parameter Usage Location" are "token request" "token response" "authorization request" "authorization response" (see https://tools.ietf.org/html/rfc6749#section-11.2.1 ). It seems that "authorization request/response" are to the Resource Owner, and "token request/response" are to the Authorization Server. I think the framework is using the right names, but I am not sure what other location to put there, I think there is no name for Client-to-RS and RS-to-Client in the registry right now.

2) The OSCORE profile defines a new registry, the OSCORE Security Context Parameters registry. The question is where to put this registry? My proposal is to put it under https://www.iana.org/assignments/core-parameters/core-parameters.xhtml . Any objections?

Thanks,
Francesca

_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace