Re: [Ace] I-D Action: draft-ietf-ace-pubsub-profile-06.txt
Cigdem Sengul <cigdem.sengul@gmail.com> Mon, 13 March 2023 09:06 UTC
Return-Path: <cigdem.sengul@gmail.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E039C1522CD for <ace@ietfa.amsl.com>; Mon, 13 Mar 2023 02:06:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rMoEUT9HVM2u for <ace@ietfa.amsl.com>; Mon, 13 Mar 2023 02:06:20 -0700 (PDT)
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82B9AC1522C8 for <ace@ietf.org>; Mon, 13 Mar 2023 02:05:48 -0700 (PDT)
Received: by mail-pf1-x42e.google.com with SMTP id cp12so7142247pfb.5 for <ace@ietf.org>; Mon, 13 Mar 2023 02:05:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678698347; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=9TgK14tlsgSVDoQWGs5/yTd/KrPqg7gHgGoW8NDHri8=; b=Ku2gkfEikKsl7KOx37MR/DodRjZAJ0KsQLTwQkiMVALVTZvFdUtLdssrILIJOQ46aL QfbNOacw5hvigBkBBCVSmCMFvDNzL/5EuaX0N8EdF2Mx58vR4EohNKafOCyDDPb7bmRm 51Is0kj/I12+dK4NimfsoQWfCY9QYwFCPJwP9a8s6U4DoF8iCSZSuIaIpa7iNVSXY4ag Ne6BGtKfzbmzqr+3FA/8XcLlT5o+5JG3dcyNo2HysyQPvNn/qTfbVnWYHnmurEkKd1Bb Na4Qr0lyybZKjIjB1yS6V2vsfNAi6dRd6xidLWMWt/QU5A5gB5bxAQpRqjtm3jO7Ec9m +JEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678698347; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9TgK14tlsgSVDoQWGs5/yTd/KrPqg7gHgGoW8NDHri8=; b=tqlDq6Iz/fi32H9VoufYUaDzbHoVBYQHXzV3h7S+xL78FJMFjPwi39tD+BjrvgeZg+ xQc7GmwMgyTCWxsFldqOiInrXSneM9iyex6tZr3ioeU+gLX7v1PrJH19xeDN0xOni2zF 5j8yPoCrNIbkWzXkU8+qQ9WMoukje/tSlmXP+jvDCO3jSxUZJj9Bls1zTLDPU3Z6I0ac lIW0D694Da3viW/OltXCAZqhBXKxOVdKV7xUiIDVk27V/Leeu6Hk/Yd9jo1CsjqqSq/h 6w79pnCLuP7gqOb4NhvHoCndyCW6+ZCyDaQFLRk3qHlm38mNdzyCrbQUfc97FKo3vUJV GG0Q==
X-Gm-Message-State: AO0yUKWDcZARYG6Nk5jWnaB/W2GWipCek1lBODB0FtrRJ6Ih6PmfU6mR cUdK3gxX6vSxB2aOHtYu0LHryMiGbWi4Spo3FKwmMUmor37oPw==
X-Google-Smtp-Source: AK7set+cKiEGoyGjrVMBLZ3HanZSuSjc0Lp/QjW7qcmqrXrY1PLURj8ipxZBThJjUwNGYnPYewgydJ6aZbV8ZAZurJ8=
X-Received: by 2002:a62:f801:0:b0:5eb:e0e0:d650 with SMTP id d1-20020a62f801000000b005ebe0e0d650mr12926185pfh.6.1678698347411; Mon, 13 Mar 2023 02:05:47 -0700 (PDT)
MIME-Version: 1.0
References: <167869795691.23824.7902413840784769995@ietfa.amsl.com>
In-Reply-To: <167869795691.23824.7902413840784769995@ietfa.amsl.com>
From: Cigdem Sengul <cigdem.sengul@gmail.com>
Date: Mon, 13 Mar 2023 09:05:36 +0000
Message-ID: <CAA7SwCN-2_=3ivG9YLStrvMWNwokcimK=NNgKH3pEF-tqp41ag@mail.gmail.com>
To: ace@ietf.org
Content-Type: multipart/alternative; boundary="000000000000aebd5405f6c46a3d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/_n6jrK0nwvkAX7-gAXddWC84xKQ>
Subject: Re: [Ace] I-D Action: draft-ietf-ace-pubsub-profile-06.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Mar 2023 09:06:21 -0000
Dear ACE, With this update, we have aimed to make progress in the to-do presented in the interim. More specifically: - Clarified Client workflow and describe KDC discovery as close as possible to core pub-sub. - AIF-PUBSUB-GROUPCOMM Scope - added support for admin role for future-proofing; added delete role - Clarified Cose_key returned in Join Response and AEAD nonce construction based on a sender ID provided by the KDC (Partial IV is the message sequence number, Base IV provided by the KDC). - Checked off most Finalise Groupcomm Required and Optional List with the exception of the group rekeying further to be clarified. Kind regards, --Cigdem On Mon, 13 Mar 2023 at 08:59, <internet-drafts@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This Internet-Draft is a work item of the Authentication and > Authorization for Constrained Environments (ACE) WG of the IETF. > > Title : Publish-Subscribe Profile for Authentication and > Authorization for Constrained Environments (ACE) > Authors : Francesca Palombini > Cigdem Sengul > Marco Tiloca > Filename : draft-ietf-ace-pubsub-profile-06.txt > Pages : 37 > Date : 2023-03-13 > > Abstract: > This document defines an application profile for enabling secure > group communication for a constrained Publish-Subscribe (pub/sub) > scenario, where Publishers and Subscribers communicate through a > broker, using the ACE framework. This profile relies on transport > layer or application layer security profiles of ACE to achieve > communication security, server authentication and proof-of-possession > for a key owned by the Client and bound to an OAuth 2.0 Access Token. > The document describes how to request and provision keying material > for group communication, and protect the content of the pub/sub > client message exchange, focusing mainly on the pub/sub scenarios > using the Constrained Application Protocol (CoAP) > [I-D.ietf-core-coap-pubsub]. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-ace-pubsub-profile/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-ace-pubsub-profile-06.html > > A diff from the previous version is available at: > https://author-tools.ietf.org/iddiff?url2=draft-ietf-ace-pubsub-profile-06 > > Internet-Drafts are also available by rsync at rsync.ietf.org: > :internet-drafts > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace >
- [Ace] I-D Action: draft-ietf-ace-pubsub-profile-0… internet-drafts
- Re: [Ace] I-D Action: draft-ietf-ace-pubsub-profi… Cigdem Sengul