[Ace] Scope question
Jim Schaad <ietf@augustcellars.com> Mon, 24 February 2020 18:02 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E3393A1040; Mon, 24 Feb 2020 10:02:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ldam6sK2sTO1; Mon, 24 Feb 2020 10:02:38 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF5403A1034; Mon, 24 Feb 2020 10:02:35 -0800 (PST)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 24 Feb 2020 10:02:19 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-ace-key-groupcomm-oscore@ietf.org
CC: 'Ace Wg' <ace@ietf.org>
Date: Mon, 24 Feb 2020 10:02:17 -0800
Message-ID: <01b501d5eb3c$8e7d9e60$ab78db20$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdXrOKpmWNataaOcRlGMfJexQnZTiA==
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/qhUgVKroeG_6Un01xbF9K46qNmA>
Subject: [Ace] Scope question
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 18:02:40 -0000
I was starting to code up the encoding of scope and wanted to clarify what the encoding is. The text appears to say that the encoding is: scope = [ groupId: tstr, ?[* role : any ]] I was expecting this to be more along the lines of scope = [ + scope_item ] scopeItem = [ groupId: tstr, ?[* role : any ]] This would allow for more than one group to be identified in a single token which I think is important given some of the statements about only having a single token for a client. This does not solve the resource server having multiple audiences but that is fine. I am unsure if it makes sense to allow for the array to be removed for scope in the second example in the event that only one group is specified. One byte saved at the expense of more code. Jim
- [Ace] Scope question Jim Schaad
- Re: [Ace] Scope question Marco Tiloca
- Re: [Ace] Scope question Jim Schaad
- Re: [Ace] Scope question Marco Tiloca