Re: [Ace] Call for adoption of draft-palombini-ace-key-groupcomm

Jim Schaad <> Thu, 06 December 2018 23:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E376F131213 for <>; Thu, 6 Dec 2018 15:12:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LemyVX58_0s7 for <>; Thu, 6 Dec 2018 15:12:17 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 31A68131201 for <>; Thu, 6 Dec 2018 15:12:16 -0800 (PST)
Received: from Jude ( by ( with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 6 Dec 2018 15:07:10 -0800
From: Jim Schaad <>
To: "'Panos Kampanakis (pkampana)'" <>
CC: <>
References: <359EC4B99E040048A7131E0F4E113AFC0184C52E29@marathon> <> <>
In-Reply-To: <>
Date: Thu, 6 Dec 2018 15:12:04 -0800
Message-ID: <000501d48db9$1c268660$54739320$>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01D48D76.0E0430C0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQIuqUJzav8esOPl4D/aDtd6BDGTaAIKoOswARXeGpmkpRldAA==
Content-Language: en-us
X-Originating-IP: []
Archived-At: <>
Subject: Re: [Ace] Call for adoption of draft-palombini-ace-key-groupcomm
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 06 Dec 2018 23:12:20 -0000

I have not looked in detail at the mls protocol documents, but from what I remember they have more or less skipped the entire AAA question of having a central authorizer and made it so that any entity which is currently active has the ability to add or remove anybody else.


That is not currently an authorization model that I think is currently in scope for ACE.  If I am wrong about my assumptions it would be interesting to know.





From: Ace <> On Behalf Of Panos Kampanakis (pkampana)
Sent: Thursday, December 6, 2018 1:19 PM
To: Roman Danyliw <>
Subject: Re: [Ace] Call for adoption of draft-palombini-ace-key-groupcomm


+1. I think this is a problem that needs to be solved. 


But I do think that the OAuth or PubSub requirement is a strong one. I would like to see if the MLS work could be used in these environments too Using the OAuth draft or the PubSub one for authorization and group join is fine, but there will be environments where that will not be possible, so I was wondering if could be leveraged. 





From: Ace < <> > On Behalf Of Peter van der Stok
Sent: Thursday, December 06, 2018 4:39 AM
To: Roman Danyliw < <> >
Cc: <> 
Subject: Re: [Ace] Call for adoption of draft-palombini-ace-key-groupcomm


I support the adoption of this draft.
It is the right solution to our secure group communication wishes.


Roman Danyliw schreef op 2018-11-30 22:58:


This is the start of a two week call for input on the WG adoption of the document:


The document has been presented and discussed at the last few meetings; and revisions have been made based on WG feedback.  At the IETF 103 meeting, there was support for adoption; and volunteers to review and implement the draft. 

Please provide feedback to the list/chairs if you believe that this document should be adopted as a WG document.    The adoption call will end on December 14 2018.

Roman and Jim

Ace mailing list <>