IETF Logo Mail Archive

[Ace] Questions for the IETF#90 Meeting

Hannes Tschofenig <hannes.tschofenig@gmx.net> Wed, 09 July 2014 07:58 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57F2B1A038A for <ace@ietfa.amsl.com>; Wed, 9 Jul 2014 00:58:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j4Da3L_XrBSO for <ace@ietfa.amsl.com>; Wed, 9 Jul 2014 00:58:04 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86A9C1A0339 for <ace@ietf.org>; Wed, 9 Jul 2014 00:58:04 -0700 (PDT)
Received: from [192.168.131.128] ([80.92.116.212]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0Lh7sF-1WHv6D2XY7-00oVd1 for <ace@ietf.org>; Wed, 09 Jul 2014 09:58:02 +0200
Message-ID: <53BCF608.5010606@gmx.net>
Date: Wed, 09 Jul 2014 09:58:00 +0200
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: "ace@ietf.org" <ace@ietf.org>
X-Enigmail-Version: 1.5.2
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="v3o0Cl21sk07MmivDLvv2jIGDGT6DfL00"
X-Provags-ID: V03:K0:DLvo/OIL03ybuOmP7OC/Son+ioPcGSbZp9hlw/5UClsWZqxLQZn iKvu6F+bRwbmkc6itEhf1HDjFw+39SDv1rhm9LVbMA7bNvBBkbt1K4bL8SDHxB14x5jaEHr +HdKLAPYr3WqybkzuXge8ER7JoAMFrXt8gXs7P7nymodBUoQ2hXQ/j9hekuGnJc/hWmZNAc 4c+nJqyNJayjtuu8hNzvw==
Archived-At: http://mailarchive.ietf.org/arch/msg/ace/biWY1uNrWCR_0DdAYYy77AqgID0
Subject: [Ace] Questions for the IETF#90 Meeting
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jul 2014 07:58:06 -0000

To me there appear to be four questions for the group:

1) Are there requirements/use cases that allow anything other than the
OAuth/Kerberos design pattern?

Partially the answer should come from the use case document.

2) Should the design re-use existing work or should the design start
from scratch?

This is more a question of taste / preference but will obviously have a
huge impact on the subsequent work in the group.

3) Should the design be based on symmetric or asymmetric crypto?
  (or both?)

We have various documents that talk about this issue, for example
draft-seitz-ace-design-considerations-00 and
draft-seitz-ace-problem-description-01

4) How to address cross-domain support in the initial protocol design?
Is it a feature that can be added later easily?

draft-gerdes-ace-actors-01 talks about this aspect.

If we could get an answer to these questions during the meeting that
would be good step forward.

Ciao
Hannes

PS: One question that has been answered by all document in the same way
at the moment is about the use of DTLS. Currently, everyone seems to be
focused on using DTLS everywhere. There would be alternative approaches
as well.

v2.23.0 | Report a Bug | By Email