Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)

Carsten Bormann <cabo@tzi.org> Mon, 05 July 2021 14:15 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED9C33A1953; Mon, 5 Jul 2021 07:15:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EAWtakDvOMM4; Mon, 5 Jul 2021 07:15:15 -0700 (PDT)
Received: from gabriel-2.zfn.uni-bremen.de (gabriel-2.zfn.uni-bremen.de [IPv6:2001:638:708:32::19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 910F33A1948; Mon, 5 Jul 2021 07:15:15 -0700 (PDT)
Received: from [192.168.217.118] (p548dcc89.dip0.t-ipconnect.de [84.141.204.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4GJSPl63rNz2xHx; Mon, 5 Jul 2021 16:15:07 +0200 (CEST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <A15462D1-DD0F-4B3C-8C59-7652C6A5F471@ericsson.com>
Date: Mon, 5 Jul 2021 16:15:07 +0200
Cc: Ludwig Seitz <ludwig.seitz@combitech.com>, Daniel Migault <mglt.ietf@gmail.com>, Cigdem Sengul <cigdem.sengul@gmail.com>, "Apple Inc." <goran.selander@ericsson.com>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "ace@ietf.org" <ace@ietf.org>
X-Mao-Original-Outgoing-Id: 647187307.35553-5bb084fb34e2f1c15b6989f9e517e9db
Content-Transfer-Encoding: quoted-printable
Message-Id: <78BAB6EA-0DDE-4C6C-A923-815E73F1B197@tzi.org>
References: <161659738410.3239.3955409176349739508@ietfa.amsl.com> <5634f824f7b14878b5d7d1fdd3b2ed33@combitech.se> <EE1CBB56-8951-473C-A006-875D49BEE350@ericsson.com> <AM0PR0302MB3363E4EB817969E6B34FBBCF9E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <F44C49D2-C08E-4C04-A751-05ECBBB1DBA9@tzi.org> <AM0PR0302MB3363C4C6DBD796E67986BD079E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <43222AD5-BA56-423F-98C7-65128A6C35B6@tzi.org> <CADZyTknQEYbv=3vo_MfjGeWmJOcU-QfkFua-ZGnFHfXhni=omQ@mail.gmail.com> <3AF922BD-D6D7-4D20-AA39-5E0D5BEC8A29@tzi.org> <a040239b-fc8c-b2a3-c055-481246f4397c@tzi.de> <AM0PR0302MB3363B7DBB026447BE536D61D9E1C9@AM0PR0302MB3363.eurprd03.prod.outlook.com> <A15462D1-DD0F-4B3C-8C59-7652C6A5F471@ericsson.com>
To: Francesca Palombini <francesca.palombini@ericsson.com>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/flGwMyN1-8exerEuYEjtFmA_NN0>
Subject: Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jul 2021 14:15:20 -0000

Hi Francesca:

On 2021-07-05, at 15:32, Francesca Palombini <francesca.palombini@ericsson.com> wrote:
> 
> NEW:
>   There may be use cases were different transport and security protocols

Amazingly, this still says “were” where it needs to say “where”, as if the “were” were invisible :-)

>   are allowed for the different interactions, and that corresponds to combining profiles.

“Corresponds to” is weirdly weak, but works here.
But may be we can fully explain that here before the example (which is just an example):

NEWNEW:
>   , and, if that is not explicitly covered by an existing profile, it corresponds to combining profiles into a new one.


And then we can continue with the example.

>   For example, a new profile could define that a previously-defined MQTT-TLS profile is used between the
>   client and the RS in combination with a previously-defined CoAP-DTLS profile for
>   interactions between the client and the AS. It is REQUIRED of the new profile to specify the 
>   combination and to make sure interoperability and security properties are achieved.

The last sentence is kind of obvious (I hope that the same applies to non-combined profiles), but Section 6.7 is short, so a little superfluity does not hurt.

Grüße, Carsten