Re: [Ace] Security of the Communication Between C and RS
Ludwig Seitz <ludwig.seitz@ri.se> Tue, 18 December 2018 08:27 UTC
Return-Path: <ludwig.seitz@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5EF1128CF2 for <ace@ietfa.amsl.com>; Tue, 18 Dec 2018 00:27:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.36
X-Spam-Level:
X-Spam-Status: No, score=-3.36 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JEJDES5R1FAy for <ace@ietfa.amsl.com>; Tue, 18 Dec 2018 00:27:32 -0800 (PST)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30088.outbound.protection.outlook.com [40.107.3.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03F59127598 for <ace@ietf.org>; Tue, 18 Dec 2018 00:27:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector1-ri-se; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p8RVOlEV5ERekO9Zpk4Kg0Ua6WAhcF3lSBOqVWedCBU=; b=X5dg5zO8v25EiSEUpZ7WIp6oToKBRQkN8w4Deia5MSFBrT02JQNye5I5TZZcjnLW3PMNgQAuOgvwL36mbaemAPUQ5AB0GRWFd5bxCE4bfYJ+sghx07+mCfT2kju4RegW5ReRWo8jA7A3enJFkJwyCuich0ydDSRql+IbQmIjCog=
Received: from DB6P189CA0002.EURP189.PROD.OUTLOOK.COM (2603:10a6:6:2e::15) by HE1P189MB0329.EURP189.PROD.OUTLOOK.COM (2603:10a6:7:58::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1425.22; Tue, 18 Dec 2018 08:27:29 +0000
Received: from VE1EUR02FT055.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e06::202) by DB6P189CA0002.outlook.office365.com (2603:10a6:6:2e::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1425.22 via Frontend Transport; Tue, 18 Dec 2018 08:27:29 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by VE1EUR02FT055.mail.protection.outlook.com (10.152.13.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.1446.11 via Frontend Transport; Tue, 18 Dec 2018 08:27:28 +0000
Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1531.3; Tue, 18 Dec 2018 09:27:28 +0100
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Stefanie Gerdes <gerdes@tzi.de>, Jim Schaad <ietf@augustcellars.com>, "ace@ietf.org" <ace@ietf.org>
References: <154322421294.8323.8505315870685563404.idtracker@ietfa.amsl.com> <cbd083d1-cb95-0732-aa8b-7c7de3f480d1@ri.se> <a0cdd836-7fe3-339e-0c48-961503857447@tzi.de> <03b601d49191$7d1bb400$77531c00$@augustcellars.com> <945fbebe-659f-ac72-3ab6-8e05447e7c92@ri.se> <1c5b81f3-50ce-be68-bec3-68ce2ff15b43@tzi.de> <4ae4eccd-68bf-18ef-f909-142f8172eca1@ri.se> <81ba3ab4-a9ce-a6fd-fbe6-c36a6fbbd9a5@tzi.de> <VI1PR0801MB2112E04F9FD7412350995417FAA20@VI1PR0801MB2112.eurprd08.prod.outlook.com>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <b994af16-9bb8-4386-e7d2-321e453417fc@ri.se>
Date: Tue, 18 Dec 2018 09:27:27 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <VI1PR0801MB2112E04F9FD7412350995417FAA20@VI1PR0801MB2112.eurprd08.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.116.0.226]
X-ClientProxiedBy: sp-mail-2.sp.se (10.100.0.162) To sp-mail-2.sp.se (10.100.0.162)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(346002)(376002)(136003)(396003)(39860400002)(2980300002)(189003)(199004)(51444003)(40036005)(81156014)(81166006)(97736004)(74482002)(230700001)(117156002)(68736007)(47776003)(229853002)(44832011)(5660300001)(65956001)(356004)(50466002)(508600001)(65826007)(86362001)(31696002)(486006)(53936002)(2501003)(65806001)(14444005)(126002)(476003)(6246003)(305945005)(446003)(77096007)(69596002)(16526019)(3846002)(186003)(64126003)(76176011)(36756003)(67846002)(11346002)(53546011)(386003)(7736002)(8676002)(336012)(22756006)(104016004)(2616005)(2906002)(316002)(31686004)(15650500001)(106002)(93886005)(16576012)(106466001)(33896004)(6116002)(23676004)(2486003)(22746007)(26005)(58126008)(8936002)(110136005); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1P189MB0329; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-Microsoft-Exchange-Diagnostics: 1; VE1EUR02FT055; 1:hYofHqNLrn7VNjF9KHaqNLj93RoFlm3y1WHduyssmCuSusMhhwNJ90wpE0hWpt3v5paKoJFqqfVkHkxAe5SX9rnzTHa+QT5qvdgjr123HdYsDq40JhoakNQYRh8QxMEr
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7ee047bd-bc51-4b37-f09e-08d664c2a603
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600074)(711020)(4608076)(2017052603328)(7153060)(7193020); SRVR:HE1P189MB0329;
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0329; 3:4WgPSQU7lbsYEY0mCb+jOLwYR0+Uu0g6ic9WlB5IyL9wW9ke61KNGlvuLtsehwRJYknLyu502iW6c16VpjsEXNk9XE5N2eHhF8kpiAT74DoftDckaKTOZC2mmqu/4PzpxY1Mn6mhpEkjK5fB8NY4cD0l88NtN89Bj+ILiuXUelA967t/ppPMLHEwBzZrEgRkR9KU6TLpy727tF2zQ4BOWfP5M6971Gf/ekIeL1GDExlnHFBkNC8Bykf1RtaaoeIrTKqc5oS43uKjwH8l88v5N3XqY5sKLfc/t9qI6Pkt4QeKaB+C5rB+nOghOq1Kg0Ae8i+z/mIrLyXXQQW6d876QkbydYbJCFITehM0X6ls2Us=; 25:zV6uHG8uFcHz0YSccHLekc60iUSlh55nV4kvTG9qfO9UNqkXid7WEMPlyFAWVCa/LWPflQIqtQNvziBmneGbYpewqtRwigufufkXggHqFeDLNAp8u752vVGpApqKayPd2OVrCZbItjpYrJCv4v4+lNtzPpOF+yZuxNyW0kwh0enq+E+1ZYuygyenxFKLw2aQBRW07gGPPhQ3kPmdB4W6GR+ST7YE6OH41Yu6lpl60iPS3Ob3iNLxX9nZVRRCCxJ7Mll4oUjo48vD/B7We+0TlhqCvNseRYSdHNqiQgsBaJmfU4jeyUvrqkFyZgWdy38hXkdAQnFRLVRS0kvlOoji8g==
X-MS-TrafficTypeDiagnostic: HE1P189MB0329:
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0329; 31:GAy0jzJ3u7z/T25dhwXzVndqoWJV4uOqU1qjDfur/vV/pYBA5HwhJc6tGwntpBFZ5Y6vi6zThw32SADRH0TFcJ8wjT7U+VcOmnx8qSrbxdX8pCrG3gZWp+GU+lFTdqDNbaOOiyjR5Y+mKn9+WJ2PhEAqCra/nLQeCCj2bk0S9W1tdmKpHe71NBxBHg6S6eLAaJnNZvbj3iYMvr1jJabUTnJ4R/iTQWaF4nrIG052iqA=; 20:wnG66bY/7at7wkH97J8HMayxMeQZIJHlKha7hh/pDtQyHct2A/LgDgDcQxnhQyIdNqkAFrjPOuWJ4anY+C75sJQuAUwqP1CA/RvyWt6mNBl8hDA62Qg0OMVPe77N2Znhn5C7g/bjl8kFQIWnEWFKTls47mxY7FM1QQP45SFlLI5bmGSSPdaIS94zaUPXCdUyTC6rJiUuMVYa6yKrTRoiE3iMNakpFubT0c2SjMhmWsOiTyaWEL++PGDuoa3OxDpG; 4:rmf0qP/g+byM4iEvhcUgcFR+qI3ArLhJgOROmWU+77ytAMRbN2CrZRmHUt9LI9XOFD40gAPhu00+jWvcqVR0qh9ilGmtnbm9z0SG1a+2om7mIvqVlQwIhwhyCjB1rnt+aBovskr46L0CIXBXaOesww1wcqSjNEEAf/aJ29S1jTzh1RmlpcG1mOi2j48HUxrq72L0MniitYEd8ft+4KmjGmAmplkm2m0P/4Cht8Z6QV0dlO+ZnFxQ1py2atu7/9H9DvlgtzmtJMHxM6llliU10g==
X-Microsoft-Antispam-PRVS: <HE1P189MB03293874D2A173F06D4568FB82BD0@HE1P189MB0329.EURP189.PROD.OUTLOOK.COM>
X-MS-Exchange-SenderADCheck: 1
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(3230021)(999002)(6040522)(2401047)(5005006)(8121501046)(93006095)(93004095)(3231475)(944501520)(52105112)(10201501046)(3002001)(148016)(149066)(150057)(6041310)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(2016111802025)(6043046)(201708071742011)(7699051)(76991095); SRVR:HE1P189MB0329; BCL:0; PCL:0; RULEID:; SRVR:HE1P189MB0329;
X-Forefront-PRVS: 08902E536D
X-Microsoft-Exchange-Diagnostics: 1;HE1P189MB0329;23:K1iKYndeDuTbLNPznQaiJtI0gAgMfCCfAQc6ny1WbOn+9eoGVluVmfxk2Eu5d2/qx3K8YqXMC+VGMTVgy1x2JXW5oeQUEqZhB2yAZUF1bZ81uYdKGYAhHosqLeSFGf5yos8+0PucLJiJKREuxSRbL7eaa+v3Efevz/GgNEbHE54R8ab4rwH2zCer5hG5VpV6fogXE2UPw6PbEfYOOQHIvVwVvcT+QQDXPq9EpbsYDwy06T8gKMHRt8cdFq405YWP9uGnJNxCxDZGu4RTnCUX0lhzJYmkb/b6jBgXPntvpOQ4XZD4DZCgzsWAJwqFhqDoklVoI4Gc85ijryfZImmi+0lvYlPyBk7EBM3Yv9CGFUsVXbJDT7f5O6wzyS2B2WcOh7zMxatsnqNHQ0Y10RtogGLK4tcNUDOt1CHDoPe3O6aFV/2WGo8K+Obwh6WBUjgKuPjNy91S8fft0bGL1ntKsMNgBUZXNdcWGA0rpgUBg19coYN03dfkHUvbCi9zSJZJMjy1u9EIeJf0Vmd3ckYOtsPHebolVXD1UCut1gTUJhujNdT+sRszv0oGQZ1z6QNyAs4guY+oaqTnthGg/ndf2xFCqE6yG5fxkxF2EkvYNur1NOM7/waaNAGSW+9Vp5FFeExUNnDTtZ3kK9SPvWcM+UoWAJM51mg++AE35kZGvywZXoew0yf3OwO0ydvGcF2kUFyMknD9NnGQUwzIpXU52tFlhW/lbhFl6wL34JNasWmwgrsEIYyEKV6cUWA+3xYAieJKdMiassHLAb4PB1A9h/H+kz/GYkmpc+SpTnW8dxwsHBt4uMr3DJTFTaoF/j5oCdo7tdsR9ZEifGNCt+C9VhHHfcqEc1/KFikMTMwwaHVR2B+9AV5949IdBobWdPtAi4Cq/oIN8WBQ2bZfTRs13DN7YBxGQEJKnH2PLCQ/ti73xiXMRKCt95g3tcLG9EmhZ0QqsQwQsIA+x6u/0rltZOPyrmG8Dat9j7yim8cqzCWxkcivaXuXE1klj7mFcRoA0ZoM9WcHhq1w7bF3MPYZNPUtg1OU+97DO4D6bMIx9TOKsYv2gCO30PbFBeMbW1LEOGL/fDjvWWUbnSW8bJEh45GWA035t409EzeXR3JeL3Nt30BOGzKHNzXbSd1YI9cRsIkfB5c+EqAK9fFfvEWrrA2W3LV3TSa/qJgci60Gr0VBCu0addSxak8zUVaNas34ZvV2N+Wc5Jhn8Agj62PF1hv8oDwtVUJkV2uIZDwcAvQS4m62fcYDqZLgTzmwnsyviLup92cVw02UHWHIoJbYG3aHAUVKyJWJ7sPE32E6KxOMqJa6aEt94YSeFDrFNEUG9/DklG0aqgeIZUfMWo9RaBcY+hBvGcCaLyre52WW7EBtLZv7zLG4KKkjE0xqymlCweoJvvvCX5m/P0kBFsG7h54AuKZghSTLaGFuRA1K+KgQaeZFgw9cgrFJAXsCZBYq4mJeOyp5vRFctloyReZoGA0/uGfmmepa2mIE6r34wMXicwkSyo3LRj+0Disw/HaGNrOxhwiDmX9i6ZwKcraI8XZAgUNKVDGEDRGTsGEGVF7uWVVCX2RZxPMiqah1yfVO
X-Microsoft-Antispam-Message-Info: fDyGbzegjMpssOD6uLGVNIOBVx05nRUx85ShKobUBlxDSim6irdwe+S4hpxu/KYe0yd9jj1KG2L4EiMqTbKg/N9TydwQPwQXBlz6HR+6hpnvGa/14/RaBFdR8ruc0uNtSp0PKxF+ADU6/IbYttMU2z19Nj/l3blheyLQgUz5Bzdl1osC47jHwX8Tu8ClqZIzQ4juodMkAzzEHNrUL1xzJs6M3pbaoJJk6gTMgCYxiT9mEqoolDviVMy9697hfszbmF74GX9pdqlDrgLwZ86PIMqSwAUPrHXN9sOO0NuSti1gEPCh0PU0QjluZTvdTkYm
X-Microsoft-Exchange-Diagnostics: 1; HE1P189MB0329; 6:2w8GVv8XlyThP0g43FicbqzVsYB35X6Gd4AD7AcVx0x4WrLKMgfUHOMUViiNyYvngCmxMW92+8rn8TZdKQeycVY6UVqBwgVmDo2mTx75nab6jESKa8LD8eMidZgqUEneFvhCp2e89HZvZIhLDxI6B6YF/Z7EHhevqXNTy0Zm4dj/O1m285k7pcFneK74i7HXGBDmUI8+hIr5QrlmyHHgjtxEZwPj9j/5hiQhVU7lD4glF/Z74sylNq7WmXhkPj3QUWjy8kQ60gomPcwEYUN4au6LqNMYjqDmnSj3L3tjrvnFqSDeq3wgpvw3yZ9BT8PUA3Fn0SNNkvgapdguuPDnVZe+aBvKGjX5dPUn9CNp6fXofQo78cSIHVR6g2fb5xI9dxlwruVjUDlJHIJrZf46NQemARoE6etZzGHNt2eR2IYm1YlWgXrasNJkMEu5wl+k5bhQrmWSyJuw8I9tzaPXxw==; 5:W/xf4hNm0uQ2u4ZSe7o4352lnyXai6g6sELa4KQXnomfQR1CWu9Gzk3Nh6xIg4519QLPcAsP64dhaDSYfbJ/pg/YePob6eyUGv6tVhsa5cdygI8/76/yncTkLZsCtn1oqEnvvDBM8LA2NkRleeMyurv7aeZD2kpE5jwJDg+Bnp8=; 7:+Ol9cNEij8rZn1cY0UDBDAkExpbYoveEAOhpp3mLdXV8va85LdjVOUddveGYkNBwj8BL7lKr+cEkrDeCdMDR7L/S44rNM9fWnsjAC7yBeeyXgsHtMiT45Re6C5GAztfTNOBvpTWw77uyIHbs91nPRQ==
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Dec 2018 08:27:28.9650 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 7ee047bd-bc51-4b37-f09e-08d664c2a603
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P189MB0329
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/YzNxUUG8i-VZPSV6rLRCd7pmWm0>
Subject: Re: [Ace] Security of the Communication Between C and RS
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Dec 2018 08:27:35 -0000
On 15/12/2018 16:04, Hannes Tschofenig wrote: > Hi Steffi, > > ~snip~ > >> I really think you should point out that symmetric keying material >> that the AS provides to the client is valid as long as the token. > > I think that's a useful recommendation. I do, however, believe that > we are not making the same assumption for an asymmetric key bound to > the token. > Ok, I'll add text to the draft that says this. Note that this can be trouble if a client asks the AS to bind an existing symmetric pop-key to another (new) token it is requesting. Which one of the two tokens bound to that key is now steering the expiration of the key? >> I also think that the client must be able to assume that RS' RPK >> that C receives from AS is also valid as long as the token, unless >> C has additional information. > > I would think that it is rather unlikely that the RS will change its > public/private key pair so quickly. Right? > Agree with Hannes here. RPKs wouldn't typically be changed that fast. >> The access information optionally can contain an expires_in field. >> It would help to prevent security breaches under the following >> conditions: > 1. the keying material is valid as long as the ticket, 2. the > expires_in field is present in the access information that AS sends > to C, 3. the client checks the expires_in field when it gets the > access information from the AS, and 4. the client checks if the > keying material is still valid each time before it sends a request to > RS. > > These checks make sense to me. > Are you proposing we make the expires_in field mandatory? If so, why isn't it mandatory already in OAuth (currently only RECOMMENDED)? /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE Phone +46(0)70-349 92 51
- [Ace] Fwd: New Version Notification for draft-iet… Ludwig Seitz
- Re: [Ace] Fwd: New Version Notification for draft… Jim Schaad
- Re: [Ace] Fwd: New Version Notification for draft… Stefanie Gerdes
- Re: [Ace] Fwd: New Version Notification for draft… Jim Schaad
- Re: [Ace] Fwd: New Version Notification for draft… Ludwig Seitz
- Re: [Ace] Fwd: New Version Notification for draft… Stefanie Gerdes
- [Ace] Overwriting Tokens Stefanie Gerdes
- Re: [Ace] Fwd: New Version Notification for draft… Ludwig Seitz
- Re: [Ace] Fwd: New Version Notification for draft… Ludwig Seitz
- Re: [Ace] Overwriting Tokens Ludwig Seitz
- Re: [Ace] Overwriting Tokens Stefanie Gerdes
- Re: [Ace] Overwriting Tokens Jim Schaad
- Re: [Ace] Fwd: New Version Notification for draft… Stefanie Gerdes
- Re: [Ace] Fwd: New Version Notification for draft… Ludwig Seitz
- [Ace] Token (In)Security Stefanie Gerdes
- [Ace] Security of the Communication Between C and… Stefanie Gerdes
- Re: [Ace] Token (In)Security Hannes Tschofenig
- Re: [Ace] Token (In)Security Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Token (In)Security Ludwig Seitz
- Re: [Ace] Security of the Communication Between C… Ludwig Seitz
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Ludwig Seitz
- Re: [Ace] Security of the Communication Between C… Stefanie Gerdes
- Re: [Ace] Security of the Communication Between C… Stefanie Gerdes
- Re: [Ace] Token (In)Security Stefanie Gerdes
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Stefanie Gerdes
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Stefanie Gerdes
- Re: [Ace] Security of the Communication Between C… Ludwig Seitz
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Ludwig Seitz
- Re: [Ace] Security of the Communication Between C… Jim Schaad
- Re: [Ace] Security of the Communication Between C… Ludwig Seitz
- Re: [Ace] Security of the Communication Between C… Hannes Tschofenig
- Re: [Ace] Security of the Communication Between C… Sebastian Echeverria
- Re: [Ace] Token (In)Security Ludwig Seitz
- Re: [Ace] Token (In)Security Stefanie Gerdes
- Re: [Ace] Security of the Communication Between C… Benjamin Kaduk