[Ace] Fwd: New Version Notification for draft-ietf-ace-mqtt-tls-profile-03.txt
Cigdem Sengul <cigdem.sengul@gmail.com> Fri, 20 December 2019 14:22 UTC
Return-Path: <cigdem.sengul@gmail.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB397120045 for <ace@ietfa.amsl.com>; Fri, 20 Dec 2019 06:22:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NYGqufK7IjcU for <ace@ietfa.amsl.com>; Fri, 20 Dec 2019 06:22:45 -0800 (PST)
Received: from mail-io1-xd2d.google.com (mail-io1-xd2d.google.com [IPv6:2607:f8b0:4864:20::d2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0908912004A for <ace@ietf.org>; Fri, 20 Dec 2019 06:22:45 -0800 (PST)
Received: by mail-io1-xd2d.google.com with SMTP id i11so9515845ioi.12 for <ace@ietf.org>; Fri, 20 Dec 2019 06:22:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=bRarJsesXY79irzUMYBqLb4NxEAdLEXwFbSigDnL4hk=; b=HuvQowFoybSVwHYElgpWs3Wg2PGxakRiCkM/HbSmRJOxhCXYOGvxYtqaNQwhMjiC4q WWNVv9p2HgTUVbhrOFPivlNLWExY6omfoOimV+DMB8YFIjdvZ/7UlcmJpwOrnI9AyHiC +Qm0R6M76zcBpz57wYyA/H06tMUNDKXjgFEhplHIrToo51ACwaZ2FpHBKKGASQ/5l0Od a9hf9OSqupt32QXkVkrUl5UBZAwQv1ZUqERPMYDVovO2e5WS2RazzvynglkZhxwRIOON jhXv+lrWn3n8Z7ay4hSgfBdUE1QE8NPKItyIXbAZXglSdGKAVD00LST6DVM5nkLoAGwB lcsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=bRarJsesXY79irzUMYBqLb4NxEAdLEXwFbSigDnL4hk=; b=a+EPBLWby7xLxTe+ldyxL9iskWNsrUUHg9Xmml3Rhd7jZCaIZrqE0R+WLN9t2/RhG5 znwCJ2ImVztxZTtLqSnQ/ennsyiucFkp53nakPQ7aBrwYk8kaqAIV/HwdVGgqcZON08r ognJ7YZIgUqFpcECgfPFv/L+cNh42lp570Dk62R8HH3jQUik3avOU6WTTGt8AXP2Nr0n C0YgKTa59ZDIt+YXmTKUQhT5crfxaOP/MLcitGPKEm6CLSQiO22gFolDo2ZluaX4gYTO S7M57RkC1Rw4cGkcVf1VyYtdoddvGtq85LNvueOClvOhWiMZMBDx8dUxwxtdV6fDvRa3 rfBQ==
X-Gm-Message-State: APjAAAU1Qb/37RXwppP6JpKbk/eXUGgftVrwA0TI/uDdWFuRK3wdrRVV M8AKI/T17To4l/40PAq8yeweV++VGcd04EiHV6BW6AGx1i0=
X-Google-Smtp-Source: APXvYqzKcPkKzgbrdN/Y5a8RJAGomWLd5LogYCM2B8bxEYRYwjKA8hkpfHWmNIuKLF+8P59E3JvRPZ99g1Nk8vRTJfU=
X-Received: by 2002:ae9:f442:: with SMTP id z2mr13691395qkl.130.1576849829608; Fri, 20 Dec 2019 05:50:29 -0800 (PST)
MIME-Version: 1.0
References: <157684963590.27425.18418389491676219942.idtracker@ietfa.amsl.com>
In-Reply-To: <157684963590.27425.18418389491676219942.idtracker@ietfa.amsl.com>
From: Cigdem Sengul <cigdem.sengul@gmail.com>
Date: Fri, 20 Dec 2019 13:50:18 +0000
Message-ID: <CAA7SwCPU6+LaXLPY=CxzNQDRpB08eGq9EfbFEK7gs87b6CW4Kw@mail.gmail.com>
To: Ace Wg <ace@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f541c2059a22f58a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/eT-Q8t_dpDdztZig1f-EIu-X89o>
Subject: [Ace] Fwd: New Version Notification for draft-ietf-ace-mqtt-tls-profile-03.txt
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Dec 2019 14:22:47 -0000
Hello, I've submitted a new version to update my e-mail address, as my affiliation is going to change in the next year. The v03 does have other changes, as I outlined in my previous email, which still needs to be discussed. The main changes are: Version 02 to 03: 1) Added the option of Broker certificate thumbprint in the 'rs_cnf' sent to the Client. 2) Clarified the use of a random nonce from the TLS Exporter for PoP, added to the IANA requirements that the label should be registered. 3) Added a client nonce, when Challenge/Response Authentication is used between Client and Broker. 4) Clarified the use of the "authz-info" topic and the error response if token validation fails. 5) Added clarification on wildcard use in scopes for publish/subscribe permissions 6) Reorganised sections so that token authorisation for publish/subscribe messages are better placed. 7) Clarified protection of Application Message payload as out of scope, and cited draft-palombini-ace-coap-pubsub-profile for a potential solution Thanks, --Cigdem ---------- Forwarded message --------- From: <internet-drafts@ietf.org> Date: Fri, Dec 20, 2019 at 1:47 PM Subject: New Version Notification for draft-ietf-ace-mqtt-tls-profile-03.txt To: Paul Fremantle <paul.fremantle@port.ac.uk>, Cigdem Sengul < csengul@acm.org>, Anthony Kirby <anthony@anthony.org> A new version of I-D, draft-ietf-ace-mqtt-tls-profile-03.txt has been successfully submitted by Cigdem Sengul and posted to the IETF repository. Name: draft-ietf-ace-mqtt-tls-profile Revision: 03 Title: MQTT-TLS profile of ACE Document date: 2019-12-20 Group: ace Pages: 27 URL: https://www.ietf.org/internet-drafts/draft-ietf-ace-mqtt-tls-profile-03.txt Status: https://datatracker.ietf.org/doc/draft-ietf-ace-mqtt-tls-profile/ Htmlized: https://tools.ietf.org/html/draft-ietf-ace-mqtt-tls-profile-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-ace-mqtt-tls-profile Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-mqtt-tls-profile-03 Abstract: This document specifies a profile for the ACE (Authentication and Authorization for Constrained Environments) framework to enable authorization in an MQTT-based publish-subscribe messaging system. Proof-of-possession keys, bound to OAuth2.0 access tokens, are used to authenticate and authorize MQTT Clients. The protocol relies on TLS for confidentiality and server authentication. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Ace] Fwd: New Version Notification for draft-iet… Cigdem Sengul