Re: [Ace] Francesca Palombini's Discuss on draft-ietf-ace-mqtt-tls-profile-15: (with DISCUSS and COMMENT)
Francesca Palombini <francesca.palombini@ericsson.com> Thu, 10 March 2022 12:35 UTC
Return-Path: <francesca.palombini@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AABF53A0831; Thu, 10 Mar 2022 04:35:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.11
X-Spam-Level:
X-Spam-Status: No, score=-7.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MukchMvEGolB; Thu, 10 Mar 2022 04:35:22 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04on0624.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0c::624]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A13E3A080B; Thu, 10 Mar 2022 04:35:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e1c7gXmQqocq2cQLC4REYCjlzWVBtJndWjRvifRxW043EQnUs1CkMO1QFoibbhP7Z42hwMKM5It7WvMdkE7BLNr9scHXhuH6Ri2b0kIqdZ3d+57OpxjA5OuHaBrUaBp2Rm5a4tUxiQMhAUsWT6rhXhbONkGoUWkIq9lIyl9V6jAxjTxqEp5STJwGGy+JdK4+PjU+9tT8r1CMyFfb9V+hiYkFyOvcOsO1b9IP9wgz2v046ojhLWw/DWlP/EmA4edhY4cPFJlx2jjxkS/8O8x4owuUkUthCtTgdTaCHB8CzOLl4qaGY8RdudotHHI/sw6luMKwSFOpz6LRlSNd6JnslQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=o/85DBLWoLVUd0rwhvd8NnipKfW1TM3/46VyeOXYJKk=; b=SksA6vWBWMhDLOFiP8RW4JhbgyBf2NLEtepbPp0AdqRdaN1DSf8xoTQleDVP9emDHDxS7dNbIwlVdUPSqdkoxPH4hmbfVkLmmOO9JCKXKlwBBqkWZK/1dFpa1i/rBCI9ESVpzPo6FsDbSdRQkZmDsZ4+LVz2s6nPIsneqJvYKlHH6DvFgGvZX01oE+fK+l4uTxL7VBlrZMP+WPHlXSQJoFhvsO51n+DWFnP2YdQdvU7h+l8rlu854c6UodHD2ZQpBbeBLWSAVyoeBMe8184F4PwtXTZnE8vaVfFQU7xmv3xEPA5yd1ad6tu9zrSp3a76VKNaGQTFha+oSf2gUUadcQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o/85DBLWoLVUd0rwhvd8NnipKfW1TM3/46VyeOXYJKk=; b=E2PkZRVG/uNmPXk7HSw4USlCgiCx12bMASFfEnGMaGkSPRjhZNkseimggCM+Vona2DRL5H5f4RLQujnRvFLcX+2rnaS8VD8ji0GgVFz7Jgtm6xLVmfmgc8ZMbo5t+GxDc0lYADuGnbN7Kep+cu8BCYFDATZ1GlggpZUcQW1LbPs=
Received: from HE1PR07MB4217.eurprd07.prod.outlook.com (2603:10a6:7:96::33) by AM8PR07MB7492.eurprd07.prod.outlook.com (2603:10a6:20b:234::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5061.13; Thu, 10 Mar 2022 12:35:14 +0000
Received: from HE1PR07MB4217.eurprd07.prod.outlook.com ([fe80::a10e:4f8d:2a7f:ffac]) by HE1PR07MB4217.eurprd07.prod.outlook.com ([fe80::a10e:4f8d:2a7f:ffac%5]) with mapi id 15.20.5061.018; Thu, 10 Mar 2022 12:35:14 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: Cigdem Sengul <cigdem.sengul@gmail.com>, Carsten Bormann <cabo@tzi.org>
CC: The IESG <iesg@ietf.org>, "draft-ietf-ace-mqtt-tls-profile@ietf.org" <draft-ietf-ace-mqtt-tls-profile@ietf.org>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, Ace Wg <ace@ietf.org>, Daniel Migault <daniel.migault@ericsson.com>
Thread-Topic: Francesca Palombini's Discuss on draft-ietf-ace-mqtt-tls-profile-15: (with DISCUSS and COMMENT)
Thread-Index: AQHYNHX6oYaSFL2ClUa3um4CaUzm6ay4imhp
Date: Thu, 10 Mar 2022 12:35:13 +0000
Message-ID: <HE1PR07MB42173DD6F1B0E82C9858F5E8980B9@HE1PR07MB4217.eurprd07.prod.outlook.com>
References: <164690659840.27636.15001188747177217888@ietfa.amsl.com> <CAA7SwCM53EBH8+ko2knFKKHQdumeT=FuG5uiE9L-gkyyCKvwLQ@mail.gmail.com>
In-Reply-To: <CAA7SwCM53EBH8+ko2knFKKHQdumeT=FuG5uiE9L-gkyyCKvwLQ@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4af3b99f-61eb-41ea-038b-08da02926d41
x-ms-traffictypediagnostic: AM8PR07MB7492:EE_
x-microsoft-antispam-prvs: <AM8PR07MB749221520B298B058A4F9F4A980B9@AM8PR07MB7492.eurprd07.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ignwLcV3MH38tSxpcETPPJFk4FOnyJsRrxWXpx/AZjoIfkvlbWWsjkdhwgrvky7gHM6JdRf9QKmu4ZDZ+ORYApR6obqYPZnhR0ljwrUsCSlS6fRkoQpau5cNg98oaahOxWhAjQCcU3Uy15tkbDzAuB8y7STaHCglIPE49sOrVCI+lwLidlvwPlEHsQ8Sv1YgbwW5jzs4l94xja2nxgaA6BOI8ow2mkf28IqJ3Io+jpZF12OrYnV3KRI6tHV1S5VOvymsl6xMb5PcmlObfINY/pgHLD5UaIlYlIGwmBZChTsFg/fufG5CXpBBLxCfagGPmxoay9BJh1HGn6eur5I55FhzJYJRcST/NFfeCYW/k7nIOvKJFP/EsZVtbBtCieKme4e6RR4CidWO9f7miV7g/PL4Tpx4YONaULK/kzm+Ls94QStW+/H0KM7e8LdR2gc7RS1qayPgHEPaZ6bcICY9LE1vFvJ6QBlrgTtkPdyfvp+ugMrPXYdwz8dzGvL99H0XKoEw6zBEXlZzXlyrGCsrd/w0K237JLNm4mWUzeX3v6f1haIQGFtOUooj2AHM+SYE74ncbLs7y8xp1HBiSRGQE1jEK3WtrdXVJUs5kf8hRt7XqEs5OzlNb32i5ttUOJzqeTu6vqNRP2dFPJDr0Lk/yZIxnpQEbkKTWuKqs1uuAxF0BcKn7LciGbSYJTwbPYnY8bjXHVHi/1uo3qFVzWrBT9HUrb9k9vYQeCcf9mpUbgvS8nXxhmgHwXQZjNenS0CFfql6HTC8dM6HD7zAuzGto1x3T+hzonBI11c+Bi2O9MfCt1Coi/MTPSD4GngQDEjDCNdMeKH3T5D1ti8Bes/V6u2b4LEsdYiaxOAA3X0l6UjqrLTM37fs48ua2XrSE33g
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4217.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(66476007)(71200400001)(44832011)(33656002)(64756008)(66556008)(66446008)(2906002)(55016003)(76116006)(53546011)(86362001)(38070700005)(122000001)(38100700002)(82960400001)(166002)(8936002)(186003)(6506007)(83380400001)(107886003)(9686003)(7696005)(966005)(316002)(508600001)(9326002)(66946007)(52536014)(5660300002)(110136005)(54906003)(4326008)(91956017)(8676002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ZmWAbEkPAIzh+qcTIrBKJv6sFk/ohSPn4t+GYQ+OUzHvQvAMVdMAI5pk1mrBAIjjmiUE5vr5LK/VIUNkXqpNA+Di6e09dD9m3tyKveJmDUtKHe4NQAdfIBoO/EFbL91vz8SxhSGEC4uzgl6IpUsZHtlCthf9cWzeY9XaM9t70plf5HvYsJ/wEaWHZbU9v4hBqvk+aU0Ke+m9quSgMXgCPuiixsRPLpTTpn3+PEY7wDKBDSa2irzH2QWXHTQ/ZvWG6qMbbpmyILfSPcB9VSikRfziKlVrKbmxIgPfLO+3hVq7Pxx4o5ZAahkKy3I55hT034RsEXVoiEQ0BZgp+qHnSxCoYqTn7bTUuxI9Gz9Aq+xQyrOtXWK74XjEwTXtRvtuUdOLU5wK+ajxqwg7Y8qUlEqMtxsxQlc7de6TV0GZkIcarZDuz+iV/ayCErlqmhuJ3oXCVutKbg4STXPNOiOHDi1MwHzngmj8v6uGwKdemdAchHmdTFUpWnO5cToPhscw3czYd7lXIQ3uF9mrqm+YFbZ2NXPTcc2Fie4CCVz+dVqwbO+Fx69acIN0fh4oMREmMVRFKxAHX0EGjXfnP1TIkJzHOKeFIHYMcnlRXSg7KbYrS64DQfQ700YO+hqfgXNybSGUz4+kaQLzodaTWnDEXhfvJz3CiTN7UtdiMdn/NxX5LGcetvf+0K/zx9oR9/2O6D7OZ8bNr6khJFni9AcLOFHMJYUIXz0KuD1fphzaLJWVz5OdFm2PuYA/IYjvtSiVt9zpdLQAYyCw7/4MzYrwugqokdOl5SHh4VbIaigh0LyZkJz1NRKb0CeB/ClnnewKmDXbSFbRYie/p3ODSXWx+wdbTfD2sgfm5vEoMoC9k3f7FZljglVUkiDmb+ZVKIJoAH12XK1RMfc8oSW7xKZBj4xO+ZEsPV5NLtly0v+Iedu/Qlgsa6OT+kD5neCuL+iS5Isp1TR/khBnOPODOi664QJc/mgwR2wXqMnhkVT95nWYtQX1kyB4N75L2u1muwy19vMwmju0pP7X6Fq+1VjzYw7bpXptkHcboWwCo18LIr3X4RXJf4LPrhqH1x0xc0DekulZqNpgKuTpyHnIQZ7x20nHZJm/pIFoZiCZ0/u2P1Oa/nJqLVnfSV/TPMO2CS+tshtDP7GHgmZ6q237xAHEpsHUqA771mrdFRc4KPul9cmTYS128kK2SZ/lEvwAZ8ZTjaDGy/3Buq3niapu8QLcsLTR5R5A4PzyLmdEag+Px5/obLqU0yDfrjOCXxRlBMWfght/Kd1/e/OMTCO+WJH2EBEQte2Jg0VOReEs10WAzE0TZptHdhIUd7lpLpoM/rsaxjUqNxYSnYzmRJLLfCC6n6ixWKWIyV5Ve+Qdl/OoO/10DoH3U26QVgMRa1GHZ/BPZ/HyLcAcPRXqc096UFEk5zdlXjeVVDoW/1lXz0gcRbVnncyZlQLhvBd4Txdp30FYtUPcj7+zxYfGKegNlfWkAxv2qwql+SL5dMa/FJR4pNmPytdIQDg8uJmMD4sZJeBgme12rQ7vMjIiaVWP/ViVP3rXVlmHwxsPn8tYewUaMQ+R/allSAZWXlXlCf4a6Nqf
Content-Type: multipart/alternative; boundary="_000_HE1PR07MB42173DD6F1B0E82C9858F5E8980B9HE1PR07MB4217eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4217.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4af3b99f-61eb-41ea-038b-08da02926d41
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2022 12:35:13.2180 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: J9JlX6VWp+NNYh26fRUt2vcmLw/u/V0MlLkXBWaoZE7sZsI2n0kPo4if05QJjjpoHow2av2sPBeWR+fOTdVIk8j4PfKbodhzegrPpqDHrY+VvWsfUakvh+iW86c8a82K
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR07MB7492
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/j5RllUtMMsMVzNtA-erUr6ZA7CE>
Subject: Re: [Ace] Francesca Palombini's Discuss on draft-ietf-ace-mqtt-tls-profile-15: (with DISCUSS and COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Mar 2022 12:35:28 -0000
Hi Cigdem, Thank you for the quick reply! The two additional registrations for the parameters Toid and Tperm look good, although I have a couple of suggestions: 1. For Toid I would add a reference to Section 1.3 (and maybe capitalize Topic Filter, just to be nitpicking). I would also mention that this is ancoded ass a text string (or point to section 2.3). 2. For Tperm, I don’t think it is needed to create an additional registry, unless you foresee that there might be need to add new methods other than “pub” and “sub” in the future, in which case I agree with you that the IANA registry is the best choice. If you don’t, I would remove the new registry and just mention that the Tperm is a text string with value either “pub” or “sub”, and reference section 2.3. I think that should cover it. Again, Carsten’s opinion is welcome as the creator of the registry (lacking the Designated expert that is not yet assigned). Francesca From: Cigdem Sengul <cigdem.sengul@gmail.com> Date: Thursday, 10 March 2022 at 12:57 To: Francesca Palombini <francesca.palombini@ericsson.com> Cc: The IESG <iesg@ietf.org>, draft-ietf-ace-mqtt-tls-profile@ietf.org <draft-ietf-ace-mqtt-tls-profile@ietf.org>, ace-chairs@ietf.org <ace-chairs@ietf.org>, Ace Wg <ace@ietf.org>, Daniel Migault <daniel.migault@ericsson.com>, Carsten Bormann <cabo@tzi.org> Subject: Re: Francesca Palombini's Discuss on draft-ietf-ace-mqtt-tls-profile-15: (with DISCUSS and COMMENT) Hello Francesca, Thank you for your feedback. My response is below. On Thu, 10 Mar 2022 at 10:03, Francesca Palombini via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote: Francesca Palombini has entered the following ballot position for draft-ietf-ace-mqtt-tls-profile-15: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-mqtt-tls-profile/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Updating my ballot after reviewing draft-ietf-ace-aif-06. Just want to make sure we don't miss anything, please feel free to correct me if I missed the mark here. FP: https://datatracker.ietf.org/doc/html/draft-ietf-ace-aif-06#section-4 states: default values are the values "URI-local- part" for Toid and "REST-method-set" for Tperm, as per Section 3 of the present specification. A specification that wants to use Generic AIF with different Toid and/or Tperm is expected to request these as media type parameters (Section 5.2) and register a corresponding Content-Format (Section 5.3). FP: I wonder if this document should define a new media type parameter for Tperm (as REST-method-set is not appropriate for "pub"/"sub" value) and register a corresponding Content-Format as indicated in the paragraph above. CC'ing Carsten for his opinion. CS: Since we considered this for the Broker's consumption using MQTT, registration of a new media type looks like it was overlooked. I assume you are raising this issue as the client may use the scope for token requests using application/ace+json(cbor) application/aif+json(cbor) If that is the case, I suggest the following text for AIF and MQTT Permissions registry (with Expert Review registration procedure) similar to https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm-oscore/ - AIF For the media-types application/aif+cbor and application/aif+json defined in Section 5.1 of [I-D.ietf-ace-aif], IANA is requested to register the following entries for the two media-type parameters Toid and Tperm, in the respective sub-registry defined in Section 5.2 of [I-D.ietf-ace-aif] within the "MIME Media Type Sub-Parameter" registry group. * Name: mqtt-topic-filter * Description/Specification: topic filter used in MQTT * Reference: [[This document]] * Name: mqtt-permissions * Description/Specification: permissions for MQTT client. * Reference: [[This document]] MQTT Permissions This document establishes the IANA "MQTT Permissions" registry. The registry has been created to use the "Expert Review" registration procedure [RFC8126]. This registry includes the possible permissions of MQTT clients when communicating with an MQTT broker. The columns of this registry are: * Name: A value that can be used in documents for easier comprehension, to identify a possible permissions of MQTT clients. * Description: This field contains a brief description of the permission. * Reference: This contains a pointer to the public specification for the permission. This registry will be initially populated by the names "pub", "sub". The Reference column for all of these entries will be [[This document]]. Are there any other registries involved? Thanks, ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for the work on this document Many thanks to Jean Mahoney for her ART ART review: https://mailarchive.ietf.org/arch/msg/art/REdbeKR0FBJ1CnVtKOUaJnaeONk/, and to the authors for addressing it. Only two minor comments easy to fix, see below. Francesca 1. ----- FP: Please replace references to RFC7230 with draft-ietf-httpbis-semantics-19 which will obsolete it once published. Note that draft-ietf-httpbis-semantics-19 is already with the RFC Editor so will not delay publication of your document. 2. ----- Section 7.3 FP: I believe this profile should be registered in the Standards track portion of the registry - please add a note about it so that IANA is aware, changing for example: OLD: * CBOR Value: To be assigned by IANA NEW: * CBOR Value: To be assigned by IANA in the (-256, 255) range
- [Ace] Francesca Palombini's Discuss on draft-ietf… Francesca Palombini via Datatracker
- Re: [Ace] Francesca Palombini's Discuss on draft-… Cigdem Sengul
- Re: [Ace] Francesca Palombini's Discuss on draft-… Francesca Palombini
- Re: [Ace] Francesca Palombini's Discuss on draft-… Cigdem Sengul