Re: [Ace] Éric Vyncke's No Objection on draft-ietf-ace-dtls-authorize-16: (with COMMENT)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Mon, 10 May 2021 13:22 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D07283A1C92; Mon, 10 May 2021 06:22:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.896
X-Spam-Level:
X-Spam-Status: No, score=-11.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=m+Hni5uH; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=YVWfbIWc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QqYBRyhPiwFv; Mon, 10 May 2021 06:22:29 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11F713A1C91; Mon, 10 May 2021 06:22:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5358; q=dns/txt; s=iport; t=1620652949; x=1621862549; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=yygeWu5HpOGvb8uViNEtcX7s80D5MofXyrejazHdERQ=; b=m+Hni5uHDHvAhcL4opN2vUUzExN6FP6nldN2jYNcqbq34bLqB6QDcAle N4CvdCeeRYtZZ+vB4OS1k4wNGUuIjA0UeAQz2j+UGgRh5EBE7x7nmzPY/ U8xnZ3yjWaN1IIf47AFBnw4xj60tJfjlHFopXbm3hUwnIZzPHS3TzVQt/ A=;
X-IPAS-Result: =?us-ascii?q?A0A7AABBM5lgmIYNJK1aHAEBAQEBAQcBARIBAQQEAQFAg?= =?us-ascii?q?UUFAQELAYFSUX5aNjGER4NIA4U5iFElA483iiCBLhSBEQNUCwEBAQ0BASULC?= =?us-ascii?q?gIEAQGEUAIXgWwCJTYHDgIEAQEBAQMCAwEBAQEFAQEFAQEBAgEGBBQBAQEBA?= =?us-ascii?q?QEBAWiFUA2GRAEBAQQBIhEMAQE3AQsEAgEGAhEDAQIDAiYCAgIwFQUDCAIEA?= =?us-ascii?q?Q0FgnEBglUDLwEOjSmQbgKKH3qBMoEBggYBAQYEBIFIQYMhGIITAwaBECoBg?= =?us-ascii?q?nmEDoJEhBUnHIFJQoEVJwwQgl8+gVGBDwIBAoEoARIBCRiDFzaCK4IUdCYEI?= =?us-ascii?q?hkQBgJ/GQE2MnOQbYM5pWWBFQqDFIl+jXuFQAUig1aLEZZFhRyQFYwCklEwG?= =?us-ascii?q?IRRAgICAgQFAg4BAQY1gSYOI2tYEQdwFWUBgj5QFwIOjh8ZHoM5hRSFSXMCN?= =?us-ascii?q?gIGAQkBAQMJAXuMEwEB?=
IronPort-PHdr: A9a23:FEhv1hcUiG3r3dT3egv5xqZBlGM/q4qcDmcuAtIPl6BPNKO58MeqM E/e4KBri1nEFcXe5ulfguXb+6bnRSQb4JmHvXxDFf4EVxIMhcgM2QB1BsmDBB7nPv+saDY1T 4xOUVZ/9CS9Nk5YUM/1e1zVpCi06jgfUhXyPAZ4PKL7AInX2s+2zOu1vZbUZlYguQ==
IronPort-HdrOrdr: A9a23:8+f1Ualx2YMwWNnGt2ltenqkhGrpDfPvimdD5ihNYBxZY6Wkfp +V/cjzhCWbtN9OYh4dcIi7Sda9qXO1z+8T3WGIVY3SHDUOy1HYUr2KirGSgAEIeheOt9K1sJ 0BT0EQMqyKMbEXt7ee3OD8Kadd/DDlytHruQ699QYWcegCUcgJhG0VZnf5Yy9LrUt9dOcE/f Gnl6x6Tk+bCAwqh7OAdwA4tob41rn2vaOjRSRDKw8s6QGIgz/twqX9CQKk0hAXVC4K6as+8E De+jaJo5mLgrWe8FvxxmXT55NZlJ/K0d1YHvGBjcATN3HFlhuoXoJ8QLeP1QpF5N1HqWxa1+ UkkS1QZvib2EmhJl1dZiGdgDUI5QxerUMKD2Xo20cL7/aJGQ7SQPAx9L6xOiGpm3bI+usMjJ 6iGwmixsRq5dSqplWj2zGAbWAZqqL/y0BS4tI7njhRV5ATZ6RWqpFa9ERJEI0YFCa/84w/Fv JyZfusqMq+XGnqJUwxhFMfjeBEn05DVytuSXJy9fB9EwIm10yR6nFoivD3sk1wg67VeqM0r9 gsaJ4Y4I2mZvVmG56VKt1xNPeKNg==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.82,287,1613433600"; d="scan'208";a="712092662"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 10 May 2021 13:22:09 +0000
Received: from mail.cisco.com (xbe-aln-005.cisco.com [173.36.7.20]) by alln-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id 14ADM9ZD007016 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Mon, 10 May 2021 13:22:09 GMT
Received: from xfe-aln-001.cisco.com (173.37.135.121) by xbe-aln-005.cisco.com (173.36.7.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Mon, 10 May 2021 08:22:09 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xfe-aln-001.cisco.com (173.37.135.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.3; Mon, 10 May 2021 08:22:08 -0500
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 10 May 2021 09:22:08 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WAz9WRA692G8w4DFN+0DBVixtHsvNfTWGOskx6Wx4Iy4yBYYf08vVj5ZJtQVJ3gycnB69vOdhjgYl2Gj7JDNzh7Kl6xYb0ueTcFEqAA6jkjcGBm4qNrn6OHwFQG+YphgojorQbQZZQ+TP4F3mTpyPnzwhUJNR7OIOij+6oIfLft2dzhynNV0pTRefhZjOfjggVnHtzQSRFrf3u3G16mR/36ixrU9jpLKt9UKSHe6MEMjnQL/v53DcPoZ6N7jDRo/whO+d+M3YhDFJHTRQDRHrOyui0rLAuSl2RuhIGvECdqIklnbEdFczGegAdteJigUQOEIyIUg7AJwRvayuVmyKg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yygeWu5HpOGvb8uViNEtcX7s80D5MofXyrejazHdERQ=; b=ORGoaMuERMxDrhQMOz+dJmN5iIXj4IQ1H3zwFQ8P5ThJbyldODHn6St68v2ykAcOjZnnreAxWC4V5YRaNThaPZFnH5/ejcCaTsDbAr6q4+WnqDeP9uB3eG7usZCUYTk5JznZMhgPWLIf8ORW0N8Rw9TBfHliuMAR9h3CGqRL67nudpVvvsVyOLkuvqxpyNlhTkI5KbAgsJCXAzADaN2ckV31jNCvgymAhsHKg/UrRB3eYanrQILYKZWDkCaKGnb0zWjQYAseOT2ah31tMw3CHuY9KpUpaMumqW6t72wqF1jt8/3Th3BWw6SfyorKBzjA5WWF4NbarCXAtsW4LbkCaA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yygeWu5HpOGvb8uViNEtcX7s80D5MofXyrejazHdERQ=; b=YVWfbIWcZgpgI0jApMFL3HaU++0Pc/jo+1+HrzJej1LoI8wUcK6RBlqmJB+cd5ouBF7IQFi5j0BaKt/mHEzcQWaw9mwY9tjG/xA/Lm6jTjbYC7ULhc1bgieP7bn2we0QWCldpOZ7Z8CQ5RuEH7JY55aZMVevYGkFKgwPIVf+ZOE=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB4887.namprd11.prod.outlook.com (2603:10b6:510:30::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.25; Mon, 10 May 2021 13:22:07 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::ccc:1b78:44b5:b74b]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::ccc:1b78:44b5:b74b%3]) with mapi id 15.20.4108.031; Mon, 10 May 2021 13:22:07 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Olaf Bergmann <bergmann@tzi.org>, =?utf-8?B?w4lyaWMgVnluY2tlIHZpYSBEYXRhdHJhY2tlcg==?= <noreply@ietf.org>
CC: The IESG <iesg@ietf.org>, "draft-ietf-ace-dtls-authorize@ietf.org" <draft-ietf-ace-dtls-authorize@ietf.org>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: =?utf-8?B?w4lyaWMgVnluY2tlJ3MgTm8gT2JqZWN0aW9uIG9uIGRyYWZ0LWlldGYtYWNl?= =?utf-8?Q?-dtls-authorize-16:_(with_COMMENT)?=
Thread-Index: AQHXRZ4xTqaR/SMPEUGHJ9ZFCBImy6rc1TwA
Date: Mon, 10 May 2021 13:22:07 +0000
Message-ID: <8AA2CEA8-06C1-4791-8510-FDCF3BFDA33F@cisco.com>
References: <161650830324.15265.2804003972105799285@ietfa.amsl.com> <87czty4trr.fsf@wangari>
In-Reply-To: <87czty4trr.fsf@wangari>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.48.21041102
authentication-results: tzi.org; dkim=none (message not signed) header.d=none;tzi.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:1546:d3a8:746d:e1d2]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6af6087d-6d84-4d0e-f565-08d913b69c19
x-ms-traffictypediagnostic: PH0PR11MB4887:
x-microsoft-antispam-prvs: <PH0PR11MB4887987F235C24B85267B5E5A9549@PH0PR11MB4887.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: WZ11WJvjTkhiB3GP8fnHVXAJrU6rDtvLgBPW58QjwaxfKrwkZMeJEdtxCPaXqYMn8YohW9asP0Bk74g6KJfs0av5caMjutocv5AeXQhmhruXuboMHwTgxwuZ5opnmwwyEzs9qsSZV04CrsWUAcEjWo1bYcHXtPJq6lGxxwJWKNcNZkaSyA46x0PGNLevjX2SPOPtDvs8FXClvPqZawMmQAzGPN2wIbRShkzgWIaHnjn5TCWnp/huR0L7JcGnhYG0MdZpo5cBiEaUKKoky8n6HCpygth0uhK5q3jtgP+L+0ziGeJSIOnVOwH8KQHZCzFTBCulcX578K/5bms+FR2AHc0jOkCmUnilPGbiEGwDAzDnA9MiWogHeuO66wfUgGRqUNw7QgwWNIgS1y/6DqoOaBQfy1xzVYj+OJG718xs//UupyBoAOUMdS5eK4icyvnvddWuUuvbZBVo0+Avt65r1AfA2Z8ibS+uFR9749QJpxTLgVUmNeAeIo7fMgUsl/iWNXgFFxW5YGUPAA4rkEkTAJanQW9DeKviRB54ZfYhrJNVs76vZ6gelMP/xb6/KOd8LC2VwpSxHVvCi9yoxm8x0e1AFY7GqMbazwv0dcSaciPlQDPj5oqVT2PKjJmThiQdsPP5ZLIPNyi2NsUhYB/SowdgGk/vpl1bE8zKDY5CdpMKHuHmtAaDeXoEPsjAk0jg1tkpRIywweRwA63HxlnjJ6o+uh2PxkyU1Wx3+cvGsP2/jWFjoSpb34SPsg8UyvPSjfYjTHmoWL2y0nc0jga29Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(39860400002)(346002)(396003)(366004)(376002)(136003)(224303003)(53546011)(54906003)(110136005)(33656002)(6506007)(478600001)(4326008)(83380400001)(186003)(122000001)(966005)(2906002)(6486002)(2616005)(71200400001)(66446008)(5660300002)(66946007)(66574015)(64756008)(76116006)(91956017)(6512007)(66556008)(38100700002)(86362001)(8936002)(66476007)(316002)(36756003)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?ZDJmVXU3a3ZUY1JvQUZBQVBTQ1hTeG0xRXFmamZFNWM2Z3BvK1FFQThCZFdZ?= =?utf-8?B?UU83L2owK3IyaTRTY3RrcWlJdXNhOEEyQUF5dDg2QVQyd2VWNUlocUxmOHly?= =?utf-8?B?ZjNpMUNEcUx1cnV6eGN1eHJJeno2SDNkTkRwRUlJSTZZU3VaRzNsdDJ1aE9Y?= =?utf-8?B?S2N2V1B2d0NjeWwxa0lGY1FDdkd3ckM2TFBPRHRQdXFhSmNFU0hhV1MyUTRU?= =?utf-8?B?QS9MQW44RXRFT2hLZWZ4cE9WbXRQeVl3NzV6WFFCN3plcDZkWU9DdkNPNnlB?= =?utf-8?B?QU1DRm1ITDltSzhLRXNUY0hWeGgxZXBFK1VRVm15NlozYVY2cnZxVHhDNmd4?= =?utf-8?B?QTg4dU1RSzczdG95c2lyMFRkbjI2VEJ2bHlURFVHWnp0N3lPWjA4QXl6Q3Nv?= =?utf-8?B?Mk1EL2lxa0pnazdob0lFK241QXFOZHFJUnlQMFV4TFpaL3k1VkY5NlV6Z2dN?= =?utf-8?B?UDB6Mm9OU0NkY2lSa214REtiRmhWT3RmK0wwWG55NlhNYlBkeVAzOHhici9j?= =?utf-8?B?NHJ6VHFZWVdYRkptL3ZlTmJ0Um00TTA2dlc4bm1jNDkvUkRnN3NMZXNWWVA1?= =?utf-8?B?ZnlidXB0eFNVU1FucHV2ZDVBcGVWNnRSemF0VGhCNkhsTDVUSnJSMG12ZCs1?= =?utf-8?B?VUxHTmRPaVA5bkd3OWc2TC9CWC9Yb25WTEt4a3F6TjRycEJFZndxTVRWZlkv?= =?utf-8?B?am02THBOZ0IyUUhRNHlsK05jM3ZPWnlrcUxlaHliRGlyRzdLMDRXMXBZc3dW?= =?utf-8?B?SXZEZTh0amNDSHJTSllsUml6cHAyKy9idVZDVThUUFJkbUN1cy9ZYk1MWVhI?= =?utf-8?B?R0dRd0kxcmlnbUZOdjhSMzF0NXJCTjJEdXlRR3NuZGEydVJvdng5YnFrQlJ1?= =?utf-8?B?dzgydWZubndlL01YK2xZT3RLR1lxV1gybHExOHdWcjJQU2R6SW9tYStQei9J?= =?utf-8?B?SU5NRzB0SjZHOVJlRks2NFIrUHhSZitTZHpsRXd1WmkzYzBqcFpNUDNxUll2?= =?utf-8?B?R2pmcEY5Qkg4UnVSd05Wanl5SlRveCs4V21TZDllWFc0SVNsWDRTSUNKSHMw?= =?utf-8?B?WHBQZEdQZUx4WU91K3p6ZHZNZmRJWDYrSGRzVk9yQ28rT1JNeGtWSFM3bXVM?= =?utf-8?B?T2oxTThSR0dacms4RENkUWhOQ2JDK0ZuLzh3Nkx1aVAyc1lDMFozVXpESEpI?= =?utf-8?B?NkJTLzZLc1EzdlpYMXdaY3RjYVd4dUxqWFB3cWpQQnBQb3FqbWZ0cVBMZ0dY?= =?utf-8?B?aS92VzI3UUtWQW9NM2xZN2F4anR2N3BpVkZDWDFhdW84YTJ3Yy9CcTJJWU1O?= =?utf-8?B?U0NYNVdPeDdhckY2ZjR2VUxySDVPeVNaWnFYaCtrTU5iVHJYLzFCaFZMUXZi?= =?utf-8?B?a0xBSXl1K24rQzdxRGZ3WkRjRVFJaEFBd2F6SzREUUZwOERmY2lhdkgvLzE5?= =?utf-8?B?dFlDTUxDSU9ERDN2V250SkhzdU53TEFqOHZUU1U0d0szd3hSRDY5NTRLMHNB?= =?utf-8?B?aGw1LzJQOEV2cWY3Q3NWZmNNdzh1Mm1SaGdEc1hBTGRuc2pFbUg5VUlrZ2Zu?= =?utf-8?B?K1luSXlFcVlDeVg2Z240NExoUndUcGpsNERwTnJ4VC9wWFpkN2tIVEtoN0Yz?= =?utf-8?B?Znl0M1VMYUk5MkZrYnRTUXZxdkRMaFo4SVExK2srT1dmZElZSmxGRjMyT05a?= =?utf-8?B?MEh5Wi8vODMxcE1QUDVQaTNjbE1wOURGWGdiSUc3TExmL0hvTGJYcTl6dkww?= =?utf-8?B?aW5aN2RFb25oNFVvVjEvdFh4bkw4UXoyRHJZb0JQYU1neXlLNVFtSmlRUlNK?= =?utf-8?B?MVpxblJVRTRBUHRPdUI5UnBQYnd1d01CV3NJSFN1Q2d5L1p0cDdNQk5UditG?= =?utf-8?Q?rAYyzsbCZ8nSY?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <B626E491770B584CA4321726D57A478E@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6af6087d-6d84-4d0e-f565-08d913b69c19
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 May 2021 13:22:07.2164 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: a/dhRadbG/mRwdbp3Ho5K4dEQv5BO4zsuPJwVRwbzrH/9hMtgC1eyhV7O60Rl30TeqXBJYsaVsgA9vJNV936lw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4887
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.20, xbe-aln-005.cisco.com
X-Outbound-Node: alln-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/XHT2JX3QHMqTxmuLGBbkmZyo1P4>
Subject: Re: [Ace] =?utf-8?q?=C3=89ric_Vyncke=27s_No_Objection_on_draft-ietf-?= =?utf-8?q?ace-dtls-authorize-16=3A_=28with_COMMENT=29?=
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 May 2021 13:22:34 -0000

Thank you Olaf for your replies and the suggested text changes. I really appreciate it :)

Regards

-éric

-----Original Message-----
From: Olaf Bergmann <bergmann@tzi.org>
Date: Monday, 10 May 2021 at 15:12
To: Éric Vyncke via Datatracker <noreply@ietf.org>
Cc: The IESG <iesg@ietf.org>rg>, Eric Vyncke <evyncke@cisco.com>om>, "draft-ietf-ace-dtls-authorize@ietf.org" <draft-ietf-ace-dtls-authorize@ietf.org>rg>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>rg>, "ace@ietf.org" <ace@ietf.org>
Subject: Re: Éric Vyncke's No Objection on draft-ietf-ace-dtls-authorize-16: (with COMMENT)

    Hi Éric,

    sorry for the delayed reply. Please find our comments inline.

    Grüße
    Olaf


    On 2021-03-23, Éric Vyncke via Datatracker <noreply@ietf.org> wrote:

    > Éric Vyncke has entered the following ballot position for
    > draft-ietf-ace-dtls-authorize-16: No Objection
    >
    > When responding, please keep the subject line intact and reply to all
    > email addresses included in the To and CC lines. (Feel free to cut this
    > introductory paragraph, however.)
    >
    >
    > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
    > for more information about IESG DISCUSS and COMMENT positions.
    >
    >
    > The document, along with other ballot positions, can be found here:
    > https://datatracker.ietf.org/doc/draft-ietf-ace-dtls-authorize/
    >
    >
    >
    > ----------------------------------------------------------------------
    > COMMENT:
    > ----------------------------------------------------------------------
    >
    > Thank you for the work put into this document.
    >
    > Please find below some non-blocking COMMENT points (but replies would be
    > appreciated), and some nits.
    >
    > I hope that this helps to improve the document,
    >
    > Regards,
    >
    > -éric
    >
    > == COMMENTS ==
    >
    > Is there any reason to use DTLS 1.2 while the document DTLS 1.3 is on
    > the same
    > IESG telechat ? I understand that they are from different WG but this
    > may not
    > be the most efficient to specify a protocol using DTLS.

    At some point, the WG has decided to pursue standardization for DTLS 1.2
    first and specify the use over DTLS 1.3 later in a separate
    document. The reason is that DTLS 1.2 has been widely deployed in
    current lightweight DTLS libraries that are available in current IoT
    platforms. In general, this specification would also apply to DTLS
    1.3. Do you think that we should clarify this in the introduction? For
    example:

    OLD:

      In this profile, a client and a resource server use CoAP {{RFC7252}}
      over DTLS version 1.2 {{RFC6347}} to communicate.

    NEW:

      In this profile, a client and a resource server use CoAP {{RFC7252}}
      over DTLS version 1.2 {{RFC6347}} to communicate. This specification
      uses DTLS 1.2 terminology but later versions such as DTLS 1.3 can
      be used instead.

    > -- Section 3.1 --
    > Has the "resource owner (RO)" been defined earlier ?

    The ACE framework uses terminology from OAuth 2.0, including the
    resource owner. The DTLS profile uses ACE framework terminology (see
    section 2). Does that suffice?

    > -- Section 3.2.2 --
    > The wrong selection of RPK recovery is unclear to me. What happens if the
    > client does not have the right public key ?

    The client may try to re-request the access token. If this fails, the
    client should re-register with the AS. We added text to section 3.2.2 to
    clarify this situation.

    > == NITS ==
    >
    > Sometimes it is "Raw Public Keys", or "RPK" or "RawPublicKey"... Is it on
    > purpose to use 3 different writings for possibly the same concept?

    fixed: replaced rawpublickey with Raw Public Key