Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)

Olaf Bergmann <bergmann@tzi.org> Sat, 10 July 2021 12:49 UTC

From: Olaf Bergmann <bergmann@tzi.org>
To: Carsten Bormann <cabo@tzi.org>
Cc: Ludwig Seitz <ludwig_seitz@gmx.de>, ace-chairs@ietf.org, Ludwig Seitz <ludwig.seitz@combitech.com>, Cigdem Sengul <cigdem.sengul@gmail.com>, Daniel Migault <mglt.ietf@gmail.com>, ace@ietf.org, "Apple Inc." <goran.selander@ericsson.com>, Francesca Palombini <francesca.palombini@ericsson.com>
References: <161659738410.3239.3955409176349739508@ietfa.amsl.com> <5634f824f7b14878b5d7d1fdd3b2ed33@combitech.se> <EE1CBB56-8951-473C-A006-875D49BEE350@ericsson.com> <AM0PR0302MB3363E4EB817969E6B34FBBCF9E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <F44C49D2-C08E-4C04-A751-05ECBBB1DBA9@tzi.org> <AM0PR0302MB3363C4C6DBD796E67986BD079E369@AM0PR0302MB3363.eurprd03.prod.outlook.com> <43222AD5-BA56-423F-98C7-65128A6C35B6@tzi.org> <CADZyTknQEYbv=3vo_MfjGeWmJOcU-QfkFua-ZGnFHfXhni=omQ@mail.gmail.com> <3AF922BD-D6D7-4D20-AA39-5E0D5BEC8A29@tzi.org> <a040239b-fc8c-b2a3-c055-481246f4397c@tzi.de> <AM0PR0302MB3363B7DBB026447BE536D61D9E1C9@AM0PR0302MB3363.eurprd03.prod.outlook.com> <A15462D1-DD0F-4B3C-8C59-7652C6A5F471@ericsson.com> <78BAB6EA-0DDE-4C6C-A923-815E73F1B197@tzi.org> <F329D30F-EF2A-4BE3-B29A-8425CE44A6D2@tzi.org> <15769C3B-A3B5-46E6-AD3A-9FBA63783EAD@ericsson.com> <AM0PR0302MB33635AEFE7CE8642EDEE3B039E1B9@AM0PR0302MB3363.eurprd03.prod.outlook.com> <5C41B62D-C4BD-469A-B370-99DFA0BC1873@tzi.org> <pie1vmtegr4pcaoch9pi0pih.1625911605608@email.android.com> <41DB83EF-28D7-4601-8685-30E2DE33EA75@tzi.org>
Date: Sat, 10 Jul 2021 14:49:32 +0200
In-Reply-To: <41DB83EF-28D7-4601-8685-30E2DE33EA75@tzi.org> (Carsten Bormann's message of "Sat, 10 Jul 2021 13:13:08 +0200")
Message-ID: <87czrqjpur.fsf@wangari>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/pQ8A_k9xzby1dVwH5IuzaUdJlD4>
Subject: Re: [Ace] [EXTERNAL] Francesca Palombini's Discuss on draft-ietf-ace-oauth-authz-38: (with DISCUSS and COMMENT)
Precedence: list

Hi Carsten, Ludwig,

I think removing the discussed is not an option as the whole discussion
was about "something needs to be said" but not being clear about what
this is.

On 2021-07-10, Carsten Bormann <cabo@tzi.org> wrote:

> Maybe we can combine these two into one sentence that covers a common requirement?

The result would be text that makes a profile document its security
requirements and a new profile that combines existing profiles to
document how the combination meets these requirements.

>From Francesca's previous proposal and your previous proposals this
could be:

NEW^n+1:

   There may be use cases where different transport and security
   protocols are allowed for the different interactions, and, if that is
   not explicitly covered by an existing profile, it corresponds to
   combining profiles into a new one.  For example, a new profile could
   specify that a previously-defined MQTT-TLS profile is used between
   the client and the RS in combination with a previously-defined
   CoAP-DTLS profile for interactions between the client and the AS. The
   new profile that combines existing profiles MUST specify how the
   existing profiles' security properties are achieved. Any profile
   therefore MUST clearly specify its security requirements and MUST
   document if its security depends on the combination of various
   protocol interactions.

Grüße
Olaf

[Ace] Francesca Palombini's Discuss on draft-ietf… Francesca Palombini via Datatracker
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Seitz Ludwig
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Francesca Palombini
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Cigdem Sengul
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Hannes Tschofenig
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Francesca Palombini
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Hannes Tschofenig
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Francesca Palombini
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Seitz Ludwig
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Francesca Palombini
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Ludwig Seitz
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Ludwig Seitz
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Daniel Migault
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Francesca Palombini
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Francesca Palombini
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Ludwig Seitz
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Ludwig Seitz
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Carsten Bormann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Olaf Bergmann
Re: [Ace] [EXTERNAL] Francesca Palombini's Discus… Ludwig Seitz