[Ace] Deb Cooley's No Objection on draft-ietf-ace-revoked-token-notification-08: (with COMMENT)
Deb Cooley via Datatracker <noreply@ietf.org> Sat, 06 July 2024 13:32 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from [10.244.2.22] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 89EC0C14F6A0; Sat, 6 Jul 2024 06:32:07 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Deb Cooley via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.17.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172027272722.187.13479071893671944281@dt-datatracker-5f88556585-j5r2h>
Date: Sat, 06 Jul 2024 06:32:07 -0700
Message-ID-Hash: I2OPJEB3UOURVREBMTFOC6MZFRO26MNN
X-Message-ID-Hash: I2OPJEB3UOURVREBMTFOC6MZFRO26MNN
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ace.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-ace-revoked-token-notification@ietf.org, ace-chairs@ietf.org, ace@ietf.org, goran.selander@ericsson.com
X-Mailman-Version: 3.3.9rc4
Reply-To: Deb Cooley <debcooley1@gmail.com>
Subject: [Ace] Deb Cooley's No Objection on draft-ietf-ace-revoked-token-notification-08: (with COMMENT)
List-Id: "Authentication and Authorization for Constrained Environments (ace)" <ace.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/r-vRzqWGbOIrq4q4IfVZEicqlOU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Owner: <mailto:ace-owner@ietf.org>
List-Post: <mailto:ace@ietf.org>
List-Subscribe: <mailto:ace-join@ietf.org>
List-Unsubscribe: <mailto:ace-leave@ietf.org>
Deb Cooley has entered the following ballot position for draft-ietf-ace-revoked-token-notification-08: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ace-revoked-token-notification/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Kyle Rose for doing the secdir review of this draft. Also thanks to the authors for the discussions and improvements. I have one last (easy?) question: Section 13: I expected to see some discussion on whether it is possible for an attacker to remove a revoked access token from the TRL allowing a registered device with a revoked access token to continue to participate. Conversely, is it possible for an attacker to add an access token to the TRL, which would deny service to the registered device. If these situations are not possible, what feature protects the TRL both at the AS and in transit?
- [Ace] Deb Cooley's No Objection on draft-ietf-ace… Deb Cooley via Datatracker
- [Ace] Re: Deb Cooley's No Objection on draft-ietf… Marco Tiloca
- [Ace] Re: Deb Cooley's No Objection on draft-ietf… Deb Cooley