IETF Logo Mail Archive

Re: [Ace] AD review of draft-ietf-ace-aif-04

Benjamin Kaduk <kaduk@mit.edu> Sun, 13 February 2022 00:49 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43CD83A0AA9; Sat, 12 Feb 2022 16:49:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.897
X-Spam-Level:
X-Spam-Status: No, score=-6.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gnaLCmDWmVjz; Sat, 12 Feb 2022 16:49:25 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B4973A0AA8; Sat, 12 Feb 2022 16:49:24 -0800 (PST)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 21D0nEqs007225 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 12 Feb 2022 19:49:20 -0500
Date: Sat, 12 Feb 2022 16:49:13 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: Carsten Bormann <cabo@tzi.org>
Cc: draft-ietf-ace-aif.all@ietf.org, Ace Wg <ace@ietf.org>
Message-ID: <20220213004913.GB58590@kduck.mit.edu>
References: <20220211042000.GL48552@kduck.mit.edu> <E0D61E8A-7CD1-4E4E-98FE-C6DE5C4E9DD7@tzi.org> <20220211193514.GM48552@kduck.mit.edu> <59B9F945-BB7E-4E51-82A2-15468CEF76A3@tzi.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <59B9F945-BB7E-4E51-82A2-15468CEF76A3@tzi.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/XIjM67roF0FBlEuTxnCW0ALSp7k>
Subject: Re: [Ace] AD review of draft-ietf-ace-aif-04
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Feb 2022 00:49:31 -0000

Hi Carsten,

On Sun, Feb 13, 2022 at 01:27:29AM +0100, Carsten Bormann wrote:
> Hi Ben,
> 
> thank you for the additional comments.
> 
> I have prepared another small pull request with resulting changes at 
> 
> https://github.com/cabo/ace-aif/pull/2

Thanks, looks good.

> >>> 
> >>> Abstract, Introduction
> >>> 
> >>> Seeing ~identical abstract and introduction always makes me wonder if
> >>> there's a way to pare down the abstract and/or flesh out the introduction
> >>> further.  (I didn't get very far in my wonderment today, to be clear.)
> >> 
> >> I don’t see immediate opportunities for such changes, so I haven’t tried.
> > 
> > Looking at it again, there may be opportunity to pare down the Abstract.
> > E.g.,
> > 
> > Providing securely protected information about which entities are
> > authorized to perform what operations on which other entities is a crucial
> > component of producing an overall system that is secure.  This exchange of
> > authorization information is especially critical in highly automated
> > systems with large number of entities, such as the "Internet of Things".
> > 
> > This document provides a generic information model and format for
> > representing such authorization information, as well as a specific
> > instantiation of that format for use with REST resources identified by URI
> > path.
> 
> 
> This specification does nothing to “securely protect” the authorization information, so I’m not sure the abstract should lead in with that.

Fair enough.  It does need to be security protected to be part of an
overall system that is secure, but we don't need to emphasize that aspect
here.

> Based on your text, I came up with:
> 
> >> Information about which entities are authorized to perform what
> >> operations on which constituents of other entities is a crucial
> >> component of producing an overall system that is secure.  Conveying
> >> precise authorization information is especially critical in highly
> >> automated systems with large numbers of entities, such as the
> >> "Internet of Things".
> >> 
> >> This specification provides a generic information model and format for
> >> representing such authorization information, as well as two variants
> >> of a specific instantiation of that format for use with REST resources
> >> identified by URI path.
> >> 
> 
> 
> >>> Also, in the first sentence we say "Constrained Devices [...] need
> >>> security."  I see that we go on to focus on the authorization aspect of such
> >>> security functionality, but I think it would be good to have some more
> >>> adjectives qualifying "security", which in isolation can mean very different
> >>> things to different readers.
> >> 
> >> Hmm, the whole point of the rest of the first paragraph is to specify what kind of security is addressed here.
> > 
> > I was thinking to add a few more words, like "need security protections in
> > order to operate correctly and prevent misuse to attack other systems".
> 
> Again, I’m not so sure about focusing on protections here; I shortened this to adding
> 
>  in order to operate correctly and prevent misuse
> 
> >>> 
> >>> Section 5.2
> >>> 
> >>>  IANA is requested to create a registry for AIF with two sub-
> >>>  registries for Toid and Tperm, populated with:
> >>> 
> >>> Should the sub-registries for Toid and Tperm be on the Media Type
> >>> Sub-Parameter Registries page
> >>> (https://www.iana.org/assignments/media-type-sub-parameters/media-type-sub-parameters.xhtml)
> >>> rather than on a dedicated AIF page?
> >> 
> >> I think we are better off not burying the information there.
> > 
> > I am not so sure.
> > 
> > To me, the core question is whether these registries are used for anything
> > other than media-type parameters.  What such other usage do you envision?
> 
> Looking at this again, I now agree that using the existing registry page is appropriate.  It is still somewhat hidden, but the specification will point to it (as it will to the media type registration, which is not less hidden).
> 
> > It's only February! ;)
> 
> I think the authors of lwig-cellular [1] thought that it was only January, too…
> 
> Thank you for all the improvements!

You're welcome!

I look forward to the -05 on Monday :)

-Ben

v2.23.0 | Report a Bug | By Email