Re: [Ace] Removal of the Client Token from ACE-OAuth draft

Benjamin Kaduk <kaduk@mit.edu> Fri, 09 February 2018 19:27 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E64FF12708C for <ace@ietfa.amsl.com>; Fri, 9 Feb 2018 11:27:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bOFRnxKtNam8 for <ace@ietfa.amsl.com>; Fri, 9 Feb 2018 11:27:45 -0800 (PST)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49DA91242F7 for <ace@ietf.org>; Fri, 9 Feb 2018 11:27:45 -0800 (PST)
X-AuditID: 1209190c-56dff700000059ce-68-5a7df62edde7
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 16.4E.22990.F26FD7A5; Fri, 9 Feb 2018 14:27:43 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id w19JRdNU020701; Fri, 9 Feb 2018 14:27:40 -0500
Received: from mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w19JRZjp025364 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 9 Feb 2018 14:27:38 -0500
Date: Fri, 09 Feb 2018 13:27:35 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Ludwig Seitz <ludwig.seitz@ri.se>
Cc: ace@ietf.org
Message-ID: <20180209192735.GS12363@mit.edu>
References: <D6A1C6A4.9EE0B%goran.selander@ericsson.com> <AM4PR0801MB2706A362392B8BD71B9A41D0FAF30@AM4PR0801MB2706.eurprd08.prod.outlook.com> <D6A1E576.9EE30%goran.selander@ericsson.com> <AM4PR0801MB2706D787BC1ED8432CB95243FAF30@AM4PR0801MB2706.eurprd08.prod.outlook.com> <20180208200836.GF12363@mit.edu> <6e973a27-35af-ce0a-d443-1800a8a86ec7@ri.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <6e973a27-35af-ce0a-d443-1800a8a86ec7@ri.se>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrDIsWRmVeSWpSXmKPExsUixG6noqv/rTbK4PIUeYvv33qYLV59ns7q wOSxZMlPJo+lTZuZApiiuGxSUnMyy1KL9O0SuDK+LdjGWvCOtWLxxCamBsaTLF2MnBwSAiYS j4+8Zexi5OIQEljMJDG9dRUzSEJIYAOjxMftRRCJM0wSTRvmsYIkWARUJI4em8oIYrMB2Q3d l8EaRARUJU4+/QJkc3AwCwhIfLieBBIWFnCWWH91AtgyXgEdiQl7+9ggZj5nkphxuIsVIiEo cXLmE7AiZgEtiRv/XjJBzJGWWP6PAyTMKWApMf3/InYQW1RAWWJv3yH2CYwCs5B0z0LSPQuh ewEj8ypG2ZTcKt3cxMyc4tRk3eLkxLy81CJdQ73czBK91JTSTYygIOWU5NnBeOaN1yFGAQ5G JR7ehJW1UUKsiWXFlbmHGCU5mJREedfPAgrxJeWnVGYkFmfEF5XmpBYfYpTgYFYS4b28AijH m5JYWZValA+TkuZgURLndTfRjhISSE8sSc1OTS1ILYLJynBwKEnwVn0FahQsSk1PrUjLzClB SDNxcIIM5wEangpSw1tckJhbnJkOkT/FaMzRtvJJGzPHjRev25iFWPLy81KlxHn3g5QKgJRm lObBTQMlGons/TWvGMWBnhPmZQWp4gEmKbh5r4BWMQGtuusAtqokESEl1cDoMbvw//qJlxK+ 6V3vyO7+Z7164eVP0eaS637K5E2wjz3WoRwZVBe5TvzHp8/arRXf3rKLb1Fcomv/6XLIiXqH /MORac7Ldy1776oYy79Uyn0jN7eaQMzjvOLkX97KMuJPtDavWvT7cJqCk//xSSn5S1NUE519 a87LmzO843nKcCff/PetFW5KLMUZiYZazEXFiQA219bbDwMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/fqL55yzeQXpfQCdq1JLRiiv_-kA>
Subject: Re: [Ace] Removal of the Client Token from ACE-OAuth draft
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Feb 2018 19:27:47 -0000

On Fri, Feb 09, 2018 at 09:04:45AM +0100, Ludwig Seitz wrote:
> On 2018-02-08 21:08, Benjamin Kaduk wrote:
> > 
> > Right, this seems to be the key point.  If there's not any running 
> > code and not going to be any, it's pretty likely that the spec (for 
> > this portion) will not actually be usable.
> > 
> 
> 
> Note that there is running code for client token, if you look here:
> 
> https://bitbucket.org/lseitz/ace-java/src/beb13e6eeec8eace3539c934b0edc64043327d67/?at=clientToken

Thanks for the link; I was unaware.

> 
> Also note that I'm not saying we shouldn't move this to a separate 
> draft, but let's keep our facts straight. I'm really curious to see 
> Hannes' paper once he can release it.

Me, too!

-Ben