IETF Logo Mail Archive

Re: [Ace] CBOR Web Token (CWT) draft addressing IETF last call comments

Benjamin Kaduk <kaduk@mit.edu> Tue, 06 March 2018 00:09 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75098120227 for <ace@ietfa.amsl.com>; Mon, 5 Mar 2018 16:09:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L5aAq3jGBMpZ for <ace@ietfa.amsl.com>; Mon, 5 Mar 2018 16:09:04 -0800 (PST)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD0FA1200C5 for <ace@ietf.org>; Mon, 5 Mar 2018 16:09:03 -0800 (PST)
X-AuditID: 12074422-707ff700000039f3-16-5a9ddc1a9966
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id B9.96.14835.B1CDD9A5; Mon, 5 Mar 2018 19:09:00 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id w2608s11001368; Mon, 5 Mar 2018 19:08:56 -0500
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w2608prd023961 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 5 Mar 2018 19:08:54 -0500
Date: Mon, 05 Mar 2018 18:08:51 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: "ace@ietf.org" <ace@ietf.org>
Message-ID: <20180306000851.GQ50954@kduck.kaduk.org>
References: <SN6PR2101MB0943D068F03621252BBAFBB6F5DA0@SN6PR2101MB0943.namprd21.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <SN6PR2101MB0943D068F03621252BBAFBB6F5DA0@SN6PR2101MB0943.namprd21.prod.outlook.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrCIsWRmVeSWpSXmKPExsUixG6noitzZ26Uwbtsi+/fepgt9k77xOLA 5LFkyU8mj9Ydf9kDmKK4bFJSczLLUov07RK4Mp7ePclesJuz4vnGn4wNjHPYuxg5OSQETCTO Lr3G1MXIxSEksJhJYl3nShaQhJDABkaJm80VEIkrTBLPe/8xgyRYBFQkDvzuYwSx2YDshu7L YHERAR2Jxxe/sXUxcnAwCyhK/L2kChIWFvCSeNncALaMF2jZlT+nmCHmJ0is+X8GKi4ocXLm E7C9zAJaEjf+vWSCGCMtsfwfB0iYUyBR4vv+H2DlogLKEnv7DrFPYBSYhaR7FpLuWQjdCxiZ VzHKpuRW6eYmZuYUpybrFicn5uWlFuma6uVmluilppRuYgQHqIvSDsaJ/7wOMQpwMCrx8G7w mBslxJpYVlyZe4hRkoNJSZTXMhEoxJeUn1KZkVicEV9UmpNafIhRgoNZSYT3egNQjjclsbIq tSgfJiXNwaIkzuthoh0lJJCeWJKanZpakFoEk5Xh4FCS4L18C6hRsCg1PbUiLTOnBCHNxMEJ MpwHaLgeSA1vcUFibnFmOkT+FKMux40Xr9uYhVjy8vNSpcR5P9wEKhIAKcoozYObA0osEtn7 a14xigO9Jcz7BWQUDzApwU16BbSECWjJ+btzQJaUJCKkpBoYO4Tlpf9Iu8wudeqwPPX2F0Pm 6srGZU6Xzhv2cBvFTjlx0vpQ0RPecj0uydsq/995rBT0Ll6VcqhU7b+SxSrR01duRIfUTmu8 v+aBp7rxke82a7PXXb5hOkdx4hq2BwwvQj6mdV1jdfvq+fNi51TbbtHubg4rsTm5Vz3mH335 9tHPJzLTJKYcUGIpzkg01GIuKk4EAM8yg7wHAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/rjNh0k3NN6Q1gCOud-dR5oSyiMU>
Subject: Re: [Ace] CBOR Web Token (CWT) draft addressing IETF last call comments
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2018 00:09:05 -0000

Hi Mike,

Thanks for these updates!

-Ben

On Mon, Mar 05, 2018 at 09:33:51PM +0000, Mike Jones wrote:
> The CBOR Web Token (CWT) specification has been updated to address IETF last call comments received to date, including GenArt, SecDir, Area Director, and additional shepherd comments.  Changes were:
> 
>   *   Clarified the registration criteria applied to different ranges of Claim Key values, as suggested by Kathleen Moriarty and Dan Romascanu.
>   *   No longer describe the syntax of CWT claims as being the same as that of the corresponding JWT claims, as suggested by Kyle Rose.
>   *   Added guidance about the selection of the Designated Experts, as suggested by Benjamin Kaduk.
>   *   Acknowledged additional reviewers.
> 
> The specification is available at:
> 
>   *   https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-13
> 
> An HTML-formatted version is also available at:
> 
>   *   http://self-issued.info/docs/draft-ietf-ace-cbor-web-token-13.html
> 
>                                                                 -- Mike
> 
> P.S.  This notice was also posted at http://self-issued.info/?p=1789 and as @selfissued<https://twitter.com/selfissued>.
>

v2.23.0 | Report a Bug | By Email