Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)

Ludwig Seitz <ludwig_seitz@gmx.de> Sat, 10 July 2021 15:58 UTC

Return-Path: <ludwig_seitz@gmx.de>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3297F3A1251; Sat, 10 Jul 2021 08:58:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TQTcqo4x_i7o; Sat, 10 Jul 2021 08:58:34 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37D1A3A124E; Sat, 10 Jul 2021 08:58:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1625932700; bh=jiLxBCmg9s9ATAWfw98y9LJXxM1/cGur8ZI9Z8Tp3Vs=; h=X-UI-Sender-Class:Date:Subject:From:To:Cc:In-Reply-To:References; b=R030ggAChAqboORbphNfRY3CMf+SSUMEXU1bPW20Lmui+pHcCEcgvWzPlljeWutPX rMi9OXJNI3GEMNDmEhGzBynOivOFoZ/GnMTPGumZjLw7uE4dlRKdXe8EVCDjXp2Pbn jZxljKRmy5/5/feVb2OFh8UBKv+Tu6LADFa9r608=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [172.28.224.22] ([90.235.120.95]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MI5Q5-1lzH6C2ucp-00FATf; Sat, 10 Jul 2021 17:58:19 +0200
Date: Sat, 10 Jul 2021 17:58:16 +0200
Message-ID: <ac0rgtp9q4nig4hg6gll61cn.1625932626406@email.android.com>
From: Ludwig Seitz <ludwig_seitz@gmx.de>
To: Carsten Bormann <cabo@tzi.org>, Olaf Bergmann <bergmann@tzi.org>
Cc: ace-chairs@ietf.org, Ludwig Seitz <ludwig.seitz@combitech.com>, Cigdem Sengul <cigdem.sengul@gmail.com>, Daniel Migault <mglt.ietf@gmail.com>, ace@ietf.org, "Apple Inc." <goran.selander@ericsson.com>, Francesca Palombini <francesca.palombini@ericsson.com>
MIME-Version: 1.0
In-Reply-To: <87czrqjpur.fsf@wangari>
References: <161659738410.3239.3955409176349739508@ietfa.amsl.com> <5634f824f7b14878b5d7d1fdd3b2ed33@combitech.se> <EE1CBB56-8951-473C-A006-875D49BEE350@ericsson.com> <AM0PR0302MB3363E4EB817969E6B34FBBCF9E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <F44C49D2-C08E-4C04-A751-05ECBBB1DBA9@tzi.org> <AM0PR0302MB3363C4C6DBD796E67986BD079E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <43222AD5-BA56-423F-98C7-65128A6C35B6@tzi.org> <CADZyTknQEYbv=3vo_MfjGeWmJOcU-QfkFua-ZGnFHfXhni=omQ@mail.gmail.com> <3AF922BD-D6D7-4D20-AA39-5E0D5BEC8A29@tzi.org> <a040239b-fc8c-b2a3-c055-481246f4397c@tzi.de> <AM0PR0302MB3363B7DBB026447BE536D61D9E1C9@AM0PR0302MB3363.eurprd03.prod.outlook.com> <A15462D1-DD0F-4B3C-8C59-7652C6A5F471@ericsson.com> <78BAB6EA-0DDE-4C6C-A923-815E73F1B197@tzi.org> <F329D30F-EF2A-4BE3-B29A-8425CE44A6D2@tzi.org> <15769C3B-A3B5-46E6-AD3A-9FBA63783EAD@ericsson.com> <AM0PR0302MB33635AEFE7CE8642EDEE3B039E1B9@AM0PR0302MB3363.eurprd03.prod.outlook.com> <5C41B62D-C4BD-469A-B370-99DFA0BC1873@tzi.org> <pie1vmtegr4pcaoch9pi0pih.1625911605608@email.android.com> <41DB83EF-28D7-4601-8685-30E2DE33EA75@tzi.org> <87czrqjpur.fsf@wangari>
Content-Type: multipart/alternative; boundary="--_com.sonymobile.email_1009230263531140"
X-Provags-ID: V03:K1:qX1mrfHZOaoLkeO8Fw7Qy6R1DQyjcTV/XDnsKrOX6sawrA/J1S9 rUzkAX72jXiYurQQt1AQohX6iS/hYTqyEfqlfmhR8rQN9FlILj2pzdgOovUmygO3CG5CLqz 9Ghlw2uTQHeTg6myWSBT1h7G3jmwAzDMJTgiAJz2pn8iVXxvAaqL84y69K4QkxJT5Xo599m lkP0erKxZdlPNORrCTUbA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:EPU8FDgfW9Y=:OQKEyoae2ovgIjlGLEYv1H s+JyMa5024IqffjE0iyI84V/a7xbAzMUFiwDsy/wzDYKwXKKdOa//KlPZBF2NHQTHwARVahIc vC/fkh1wJPKDU73IOK2UUWtkIPZxLbBDVQ6i+pkrrtS5Xz7Lpv50rjYQmMrSmRBFjXad+5o+R Iu6f+MLYKSzCJ2HV/YCEwmYE5Z3zxn77ohG9tKdfpcozCBaVqymUJtQ6YC9B6ky/86YU/wgGo 8ndppR2bxIVwQodOUxwvhJMV+rTb2m7rkkht3sCS/zOHOPG/4Of4l4FZG3c9SZ3whMZWEpWln ih4eeA9Kvgmmm8QazXo+ZlQQ//ZR3+4b27uuEqdrgqTFB4UeIZT5axslX4odWO3l+L4GZW3UB LFK5+e115CTyC3jXp8q8dNj9e+8oa8zOyNOETgBCcMk2uRO2YhTtSg3kR77MchO8IisSzh/Pm XvW3eXWFoBLuFnuf21LHBFDzT4HthYAOdra8jsbns+ZCXAj9BF5uKNkL8Vf8rt5NXsQeoFTH4 JV0GukMjOHtCQkUueTsVZYjCQUjmNcGCUEVkif7sKjMz5uCUvhF/LiHR6EMNn3DO1VG0HWs43 378TVAB4DdvQdZ8pU6SwN/rPoUXJHcUfkfJjHu4SF7V43GJUEriJ1JU+UvoYl3w4N19BsWb2O x+vnA0nmrmzd+v1szlQDE6VlATbqXNJsSjU1ZdpmR7kaJYyC8bpmi6Hl7y7CuVlVCetgmHUnL bWaX7M92iWW2C1fkDtG49CsVQ8q/HmUk+ftPN3QVLzz8pz/yqRWxwkWHF/AJOPtinkf410AYj B1st8AESFGMYCP9LUlrej7YqJosa3rKOa0OnqMw1zt12q4ZqXCjzZrYJtda6LQMmPju3E0VLu ubCnpg8OoaB1mtEFhNUteT8nDVSOSKUnyCJDYgvXxXzqzoamReqzFT5p3QSi++rHjQ33yEfhh GLg8R8nWawdXW7pssbSvEuJk4aO8SkzyfY/X2G8H6DDxQ4p/DL8XERYk3ekkIrG645BR+sbux 5phiWZeYf9WsuRBRm0dvCos43F+hemDq66COcvdWom6jqdWh9NcTZtNeMib0EeCKHGHn4qMel dYGWGUn11+PHp4tGgsc/2Ez438JIBV8YLeD
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/TqPLkEDnFkE9QAPGcW1fvxqHJk0>
Subject: Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Jul 2021 15:58:39 -0000

Olaf's compromise text looks OK to me. If no one objects I'll submit this later today. 

/Ludwig 

Sent from my smartphone

---- Olaf Bergmann wrote ----

>Hi Carsten, Ludwig,
>
>I think removing the discussed is not an option as the whole discussion
>was about "something needs to be said" but not being clear about what
>this is.
>
>On 2021-07-10, Carsten Bormann <cabo@tzi.org> wrote:
>
>> Maybe we can combine these two into one sentence that covers a common requirement?
>
>The result would be text that makes a profile document its security
>requirements and a new profile that combines existing profiles to
>document how the combination meets these requirements.
>
>From Francesca's previous proposal and your previous proposals this
>could be:
>
>NEW^n+1:
>
>   There may be use cases where different transport and security
>   protocols are allowed for the different interactions, and, if that is
>   not explicitly covered by an existing profile, it corresponds to
>   combining profiles into a new one.  For example, a new profile could
>   specify that a previously-defined MQTT-TLS profile is used between
>   the client and the RS in combination with a previously-defined
>   CoAP-DTLS profile for interactions between the client and the AS. The
>   new profile that combines existing profiles MUST specify how the
>   existing profiles' security properties are achieved. Any profile
>   therefore MUST clearly specify its security requirements and MUST
>   document if its security depends on the combination of various
>   protocol interactions.
>
>Grüße
>Olaf