Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)

Carsten Bormann <cabo@tzi.org> Wed, 16 June 2021 13:18 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2C403A16C3; Wed, 16 Jun 2021 06:18:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_FAIL=0.001, SPF_HELO_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G5_EHz9g0_9s; Wed, 16 Jun 2021 06:18:11 -0700 (PDT)
Received: from gabriel-2.zfn.uni-bremen.de (gabriel-2.zfn.uni-bremen.de [IPv6:2001:638:708:32::19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 827743A16C0; Wed, 16 Jun 2021 06:18:11 -0700 (PDT)
Received: from [192.168.217.118] (p548dcc89.dip0.t-ipconnect.de [84.141.204.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4G4m2l2Fqvz2xJ5; Wed, 16 Jun 2021 15:18:07 +0200 (CEST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <AM0PR0302MB3363C4C6DBD796E67986BD079E369@AM0PR0302MB3363.eurprd03.prod.outlook.com>
Date: Wed, 16 Jun 2021 15:18:06 +0200
Cc: "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "art-ads@ietf.org" <art-ads@ietf.org>, "draft-ietf-ace-oauth-authz@ietf.org" <draft-ietf-ace-oauth-authz@ietf.org>, The IESG <iesg@ietf.org>, Seitz Ludwig <ludwig.seitz@combitech.se>, "ace@ietf.org" <ace@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>
X-Mao-Original-Outgoing-Id: 645542286.936185-5734e12913d035708b5e2d6059c74a8d
Content-Transfer-Encoding: quoted-printable
Message-Id: <43222AD5-BA56-423F-98C7-65128A6C35B6@tzi.org>
References: <161659738410.3239.3955409176349739508@ietfa.amsl.com> <5634f824f7b14878b5d7d1fdd3b2ed33@combitech.se> <EE1CBB56-8951-473C-A006-875D49BEE350@ericsson.com> <AM0PR0302MB3363E4EB817969E6B34FBBCF9E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <F44C49D2-C08E-4C04-A751-05ECBBB1DBA9@tzi.org> <AM0PR0302MB3363C4C6DBD796E67986BD079E369@AM0PR0302MB3363.eurprd03.prod.outlook.com>
To: Ludwig Seitz <ludwig.seitz@combitech.com>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/_Hg_smVGqMNnhhLZrrfXnfe3sjo>
Subject: Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jun 2021 13:18:17 -0000

On 2021-06-09, at 12:45, Ludwig Seitz <ludwig.seitz@combitech.com> wrote:
> 
> Hello Carsten,
> 
> Can you clarify what exactly you consider is broken and why?

What: attaching the representation choice to the protocol choice
Why: Because the protocol may transport data that were generated with another protocol (or no particular protocol) in mind.

So, recommending as a default choice is fine, but saying that the protocol choice dictates the representation choice is too limiting.  Maybe the MQTT people discover CBOR at some point :-)

Grüße, Carsten


> 
> I was indeed trying to attach the 'when' to both arms (token encoding and protocol message payload encoding), but I don't have a strong opinion on this. If the WG can decide how this should be I will implement.
> 
> /Ludwig
> 
> -----Original Message-----
> From: Carsten Bormann <cabo@tzi.org> 
> Sent: den 9 juni 2021 09:15
> To: Ludwig Seitz <ludwig.seitz@combitech.com>
> Cc: Francesca Palombini <francesca.palombini@ericsson.com>om>; Seitz Ludwig <ludwig.seitz@combitech.se>se>; The IESG <iesg@ietf.org>rg>; art-ads@ietf.org; ace-chairs@ietf.org; draft-ietf-ace-oauth-authz@ietf.org; ace@ietf.org
> Subject: Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)
> 
> 
>> In 2021-06-09, at 08:42, Ludwig Seitz <ludwig.seitz@combitech.com> wrote:
>> 
>> " ... size.  Self-contained tokens and protocol message payloads are encoded in CBOR when CoAP is used.”
> 
> This is not what the old NEW text says.
> 
> (The new NEW text attaches the “when” to both arms.)
> 
> The whole idea of attaching the representation choice to the protocol choice is broken, but if we pursue it, we at least need to make the logic clear.
> 
> (1) If you use CoAP, you use CBOR for protocol message payloads.
> (2) Self-contained tokens use CBOR.
> (3) No other hard limitations are implied, but of course CBOR is the format of choice to maximize interoperability, so deviations from that need to be justified.
> 
> Grüße, Carsten
> 
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace