Re: [Ace] WGLC for draft-ietf-ace-authz
Ludwig Seitz <ludwig.seitz@ri.se> Tue, 30 October 2018 12:27 UTC
Return-Path: <ludwig.seitz@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4720D129385 for <ace@ietfa.amsl.com>; Tue, 30 Oct 2018 05:27:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7QX0DEBFyLxp for <ace@ietfa.amsl.com>; Tue, 30 Oct 2018 05:27:39 -0700 (PDT)
Received: from smtp-out10.electric.net (smtp-out10.electric.net [185.38.180.39]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 594DA128D68 for <ace@ietf.org>; Tue, 30 Oct 2018 05:27:39 -0700 (PDT)
Received: from 1gHT7P-00040e-Vi by out10c.electric.net with emc1-ok (Exim 4.90_1) (envelope-from <ludwig.seitz@ri.se>) id 1gHT7Q-00046W-TU for ace@ietf.org; Tue, 30 Oct 2018 05:27:36 -0700
Received: by emcmailer; Tue, 30 Oct 2018 05:27:36 -0700
Received: from [194.218.146.197] (helo=sp-mail-2.sp.se) by out10c.electric.net with esmtps (TLSv1.2:ECDHE-RSA-AES128-SHA256:128) (Exim 4.90_1) (envelope-from <ludwig.seitz@ri.se>) id 1gHT7P-00040e-Vi for ace@ietf.org; Tue, 30 Oct 2018 05:27:35 -0700
Received: from [192.168.0.166] (10.116.0.226) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1531.3; Tue, 30 Oct 2018 13:27:35 +0100
To: ace@ietf.org
References: <065b01d45f4e$b8d372a0$2a7a57e0$@augustcellars.com> <SN6PR00MB0301580A2D802AB0F559A170F5F70@SN6PR00MB0301.namprd00.prod.outlook.com> <3B32C31E-11C3-4808-82DC-3C75C949A0E9@tzi.org>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <416e9dd0-cddf-c64c-9563-d8c99c46e849@ri.se>
Date: Tue, 30 Oct 2018 13:27:35 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <3B32C31E-11C3-4808-82DC-3C75C949A0E9@tzi.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.116.0.226]
X-ClientProxiedBy: sp-mail-2.sp.se (10.100.0.162) To sp-mail-2.sp.se (10.100.0.162)
X-Outbound-IP: 194.218.146.197
X-Env-From: ludwig.seitz@ri.se
X-Proto: esmtps
X-Revdns:
X-HELO: sp-mail-2.sp.se
X-TLS: TLSv1.2:ECDHE-RSA-AES128-SHA256:128
X-Authenticated_ID:
X-Virus-Status: Scanned by VirusSMART (c)
X-Virus-Status: Scanned by VirusSMART (s)
X-PolicySMART: 14510320
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/tu4g8L-3A6pIMpsNCkzCWpzR_4M>
Subject: Re: [Ace] WGLC for draft-ietf-ace-authz
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Oct 2018 12:27:41 -0000
On 25/10/2018 07:33, Carsten Bormann wrote: > +1 for making all the CWT-like structures into real CWTs. > A discussion of what we consider to be CWT-like structures and what not would be helpful as a follow-up here. If draft-ietf-oauth-jwsreq is any indication the OAuth WG seems to consider that all requests to the AS can be passed as JWTs. I'm unsure what their position on the AS responses is. FYI my current reasoning and use of terms: If a key/value pair is part of a CWT I call it a "claim". If it is part of a request/response to the AS or RS I call it a "parameter". I've been registering (or at least trying to) claims separately from parameters, leading to several double-registrations, when certain key/value definitions are used both as claims and parameters (such as scope, cnf etc). /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE Phone +46(0)70-349 92 51
- [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Benjamin Kaduk
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Mike Jones
- Re: [Ace] WGLC for draft-ietf-ace-authz Carsten Bormann
- Re: [Ace] WGLC for draft-ietf-ace-authz Olaf Bergmann
- Re: [Ace] WGLC for draft-ietf-ace-authz Carsten Bormann
- Re: [Ace] WGLC for draft-ietf-ace-authz Michael Richardson
- Re: [Ace] WGLC for draft-ietf-ace-authz Carsten Bormann
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Michael Richardson
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Mike Jones
- Re: [Ace] WGLC for draft-ietf-ace-authz Ludwig Seitz
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Jim Schaad
- Re: [Ace] WGLC for draft-ietf-ace-authz Mike Jones