Re: [Ace] Fwd: review of palombini-ace-key-groupcomm

Francesca Palombini <francesca.palombini@ericsson.com> Mon, 29 October 2018 10:33 UTC

Return-Path: <francesca.palombini@ericsson.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8C0F130E44 for <ace@ietfa.amsl.com>; Mon, 29 Oct 2018 03:33:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.769
X-Spam-Level:
X-Spam-Status: No, score=-4.769 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=Wb0U3QEI; dkim=pass (1024-bit key) header.d=ericsson.com header.b=ho0sDOsB
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e_9u4AjoWR2B for <ace@ietfa.amsl.com>; Mon, 29 Oct 2018 03:33:04 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A064412D4EE for <ace@ietf.org>; Mon, 29 Oct 2018 03:33:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1540809180; x=1543401180; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=nIQgj/llbKKiDHUlFRMxx2cP3bNUqKkNrdmsh60TFgw=; b=Wb0U3QEIWbk02HV0If5ejqu1ruIOFz1tkPqqIBUTKOBBz4W3KQRUfxYxdPterP3p 7ywT7WamynLurphC3kFWxV6m07pHJoXeM2nig1qjRIXq2Rbn5j0Ez5ZlVjRViYFy CFHTJpcHx7x+ViV4j5O9k//yz0k6AjAahJ9JWCDnG8w=;
X-AuditID: c1b4fb2d-887c49e00000434d-fb-5bd6e1dc44ad
Received: from ESESBMB503.ericsson.se (Unknown_Domain [153.88.183.116]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id A7.8E.17229.CD1E6DB5; Mon, 29 Oct 2018 11:33:00 +0100 (CET)
Received: from ESESBMB503.ericsson.se (153.88.183.170) by ESESBMB503.ericsson.se (153.88.183.170) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 29 Oct 2018 11:32:57 +0100
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB503.ericsson.se (153.88.183.170) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Mon, 29 Oct 2018 11:32:57 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eKReAUG4NrHH/yoHFjvLhGgluxVuwDul3FjRZUgY2KU=; b=ho0sDOsBYDfLIhO5C3bPk7LiHRdsDWfjWiDZsTVZ08HNleJ/I3Et0bLNz7TMmqLhKi6yEix9G4GHsKTBdsvScbjyBdSjk81Or7ULqHr5T0HL28RVKYFU+ihPPh9vGi6+PunOJOI5KcwZKR212Xz/SWMmnRHKVV/rzLH/1TP73Sc=
Received: from HE1PR0701MB2746.eurprd07.prod.outlook.com (10.168.188.140) by HE1PR0701MB1819.eurprd07.prod.outlook.com (10.167.247.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.9; Mon, 29 Oct 2018 10:32:56 +0000
Received: from HE1PR0701MB2746.eurprd07.prod.outlook.com ([fe80::5d31:ff09:b9ba:29c3]) by HE1PR0701MB2746.eurprd07.prod.outlook.com ([fe80::5d31:ff09:b9ba:29c3%9]) with mapi id 15.20.1294.015; Mon, 29 Oct 2018 10:32:56 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: "consultancy@vanderstok.org" <consultancy@vanderstok.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] Fwd: review of palombini-ace-key-groupcomm
Thread-Index: AQHUKKvCA6RzdvdPhEiSI6h3vJK40KU2pO2A
Date: Mon, 29 Oct 2018 10:32:55 +0000
Message-ID: <1AE4350A-DF53-49AE-A209-A04CB488215C@ericsson.com>
References: <23af2ffc9ec791bec0653d4a5baab467@bbhmail.nl> <d0dbb3565a7408e2ccbadf5b0511c0d1@bbhmail.nl>
In-Reply-To: <d0dbb3565a7408e2ccbadf5b0511c0d1@bbhmail.nl>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.176.1.80]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR0701MB1819; 6:B38b4Iek8/1O7jtbQFTJrWVq9jOpwUGaxGa/YXihrkIzILXFzbEK2pBiYxXZsy7oCtlSgx+pbdPisJBJVYUa0wXBdIWqm3dKp4hzakbXKDl5g66IPy8quzfPgwasatPbnObU1upLV7gz0CtyUH+5eIQlfVjGm/+uPrgfNgDQizSU0iKyaT3POdCMAPBtyK0EPQo8Tbnu1BPJMAEKGLjZUWZZGmBqlFPeP1iTbI1UueOVl/r2D3NiCJHTgunG63I+qocH7YUz6honYEjs8IsovYOHmx8LZwd40FBBXKZMwIOvweScY8dA+BJCTTJNxzmgWfAnWBV2kjR17YO4JkNomW4wuPliiKPGNJFYwsUoQpdMLUPfyAoffjbgGP4aHqxASQlIQScVJ0rrIrf2O3lA4TwNo0GKH8jozi90zxQ+Bk8BULhWOa2SrZk52xXgpwE6GgZx4N0gt7ltp8IjUaR3hg==; 5:Va0skRIvKVSl3O4DCd/LJCtIFInWJossIG1E+rGHK1ROmJ1EGgcZCIU9RfkfWMF7N6gtBAXeNCgKmrO8GHpoFqw6R28kzEPF/qbS6xpVLTtOestsiZBqDsKfG4b7LkEvucZ9LKTjFM2C7SM37qTgwoJwEQ9yTN6qmnb18fKYk00=; 7:BnZImexOlBS2Vx5qmkPNpg8yC7t3TYr/EKtPFZaifeHII52IuArgkc38HetMg70aaOxkA/Baexk3pj+h76RcxoDqHtHkl+SwwtgosZviyXewI5tJlpTb1F6dBgp6Qaj5ZFfAmKUy5qbIPjQI319yOw==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 60e7c6a4-23e1-4e55-9fa0-08d63d89e3d1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(49563074)(7193020); SRVR:HE1PR0701MB1819;
x-ms-traffictypediagnostic: HE1PR0701MB1819:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=francesca.palombini@ericsson.com;
x-microsoft-antispam-prvs: <HE1PR0701MB18193772D0E1C7D5940CD82A98F30@HE1PR0701MB1819.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(102415395)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(3231382)(944501410)(4983020)(52105095)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123564045)(20161123560045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:HE1PR0701MB1819; BCL:0; PCL:0; RULEID:; SRVR:HE1PR0701MB1819;
x-forefront-prvs: 084080FC15
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(136003)(376002)(39860400002)(396003)(346002)(199004)(189003)(129404003)(76176011)(476003)(2616005)(11346002)(33656002)(446003)(36756003)(229853002)(790700001)(6116002)(486006)(82746002)(3846002)(26005)(110136005)(99936001)(7736002)(478600001)(66066001)(53386004)(99286004)(83716004)(2900100001)(71190400001)(71200400001)(68736007)(4744004)(316002)(186003)(6506007)(9326002)(25786009)(6306002)(54896002)(97736004)(6436002)(8936002)(14454004)(8676002)(733005)(256004)(54556002)(606006)(14444005)(105586002)(53936002)(2906002)(6486002)(6246003)(5250100002)(44832011)(81166006)(81156014)(102836004)(2501003)(53946003)(86362001)(5660300001)(6512007)(236005)(106356001); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB1819; H:HE1PR0701MB2746.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: D3/szpb4PbqFoMFU0TYpIAn9AkkVa9WpBvVhSf6rSCB8uptlehhusmTRLHahlN6U1jQYRs2JEhgT3I+flDjlsFIY7Ku5tTPQ9IyHlF/+rvkN5RWDfp2Qt8DbJoN4aZKxRPSpF9Uf6DbHv9QXrsn5N0wA+Qv2kBY0o0dMYAV3REMyzY9KyxpoM9XYNGYluymjeK2t944d7bmftcDL/XOIakArfKgIpgK1QP9/RxGfwbsMPKPvTbRc7A4Fh4ce0jfOKXAUqqNgkVG44v0JDb/UVkJgNddajUru/TRVTWf8Nme2gNyUfFQfv4IKTya+lqkzXggIA6fmSd+C2XXOdX/1H2SYipgTNj93BpTzR2dQRbU=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/related; boundary="_005_1AE4350ADF5349AEA209A04CB488215Cericssoncom_"; type="multipart/alternative"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 60e7c6a4-23e1-4e55-9fa0-08d63d89e3d1
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Oct 2018 10:32:56.0233 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB1819
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA22Se0hTYRjG+845OzuuFl/L4ZtR1NDualnZ3S70hyFFUERot5GHtNyUHQst KiOtTC1brnAaJm0Wjky7YEZWrstSUSydmoo2s8gJWeKtpOhs34yg/vu97/O87/e8h8PRChvr y8VoE3idVh2rYmVMzs6yhIB2R1PkwvbU+cuHhzLo5V1Pi9h1VJjJ9J0Ke51cJt1KRchWR/Gx MUd4XVDoPll0mnVQGn/7C5vY3/WESUYZzex55MUBXgIV33pElnEK/ALB7c9GmhRDCNpe5UpJ YaKgujjNrTA4iwZzdipDlCsU9OcWI1J8QmDuqJS4NrN4NdQ7+tzsjfdA+acyysWT8RoYSRlF pB8KjdVWsc+JHAz95jmuNoP9wX4zk3axHK+Fmqd69xoFjoGKMykSl90Lr4QLZ1e42ghPg4FT Fredxj7Q2p1Pkdu8wfGmxnOnEno+/JIQngGmgUtSwtPgbX66Oz7gFhaqzJ00EQLgq8Hg4c1w ubDWY2pAcMVWj4iwAEb7TrMkxX5obLvg2RoHF7P0DOHjUHHV5kk0HYoyHQxZ1EmDqd3BZqEg 41/JCZ+E0w162uj+AJOgKqebMYpH0+Ib5hvxBOfCnUeeyZmQne6QEp4DqXnXPBwG9zKymX89 Yuqh8+xYv81ukBjFRDQuRFCRl8+OmR7YnJL/DeeUt/xZantpp/4MG+72Skg40TQy9+/Z62hy EVIKvCBoDgQvDuR1MfsFIU4bqOUT7iLxl668PxrwEFl611sR5pBqgryksylSIVEfEZI0VuQn 7ukqsdQjX0Ybp+VV3nJnrSjLo9RJR3ld3F7d4VhesKKpHKPykQcWPY5Q4APqBP4Qz8fzujGV 4rx8k1FSznDpibSOM85thmMletnsuvGJE3rb/DTKoR7LrnNblOX59p9rbSW3sF0fUtrcvf1g ZUTk1IlLUz5utBbMShynqX6bsaNh05Rz77m6zlanMn1J+Fl1fNT2Z0Eq27IaS+kh/5GlBeGD PzQv/Jp/hU5MathQk1n8LtZp3e0VcnXVc32zihGi1Yvm0TpB/RsqJcfo2gMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/tyCunlHBo_ddt9-M5caR_YMqHTA>
Subject: Re: [Ace] Fwd: review of palombini-ace-key-groupcomm
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2018 10:33:07 -0000

Hi Peter,

Thanks a lot for this detailed review! We have uploaded a new version that includes (most of) your comments:https://tools.ietf.org/html/draft-palombini-ace-key-groupcomm-02

Detailed replies and some questions inline (see FP in red below).

Thanks,
Francesca

From: Ace <ace-bounces@ietf.org<mailto:ace-bounces@ietf.org>> on behalf of Peter van der Stok <stokcons@bbhmail.nl<mailto:stokcons@bbhmail.nl>>
Organization: vanderstok consultancy
Reply-To: "consultancy@vanderstok.org<mailto:consultancy@vanderstok.org>" <consultancy@vanderstok.org<mailto:consultancy@vanderstok.org>>
Date: Tuesday, 31 July 2018 at 10:52
To: Ace Wg <ace@ietf.org<mailto:ace@ietf.org>>
Subject: [Ace] Fwd: review of palombini-ace-key-groupcomm

Hi key-groupcomm authors,

To start the review I have looked at the dependencies between the different involved drafts and came up with the figure below.

[cid:15330271085b60232491128797824427@bbhmail.nl]
The arrows indicate that a draft references another draft. The dots reference arrow means Informative reference. According to me, this means that the work on CORE can proceed independently of the work in ACE. The oscoap-join and key-groupcomm can proceed together to their conclusion without other dependencies. That guarantees that we can develop the group communication drafts in ACE without unwanted dependencies on pubsub. The pubsub-profile depends on core-pusub and key-groupcomm, which does not bother me too much.


FP: That is absolutely correct, the group communication drafts do not depend on the pubsub work, and can be move forward without dependencies.

Keeping this in mind, I have reviewed the key-groupcomm draft.

BTW, it might be helpful to include a similar overview in the oscoap-join draft.

________________________________________________________________

Abstract
OLD:This document defines a message format for distributing keying
material in group communication scenarios (such as based on multicast
or publisher-subscriber model) using the ACE framework.

NEW:This document defines a message format for distributing keying
material to groups to protect the communication between group members using the ACE framework.


FP: we started with your input and reformulated to:
   This document defines message formats and procedures for requesting
   and distributing group keying material using the ACE framework, to
   protect communications between group members.

Introduction
OLD: Profiles that use group communication can build on this document to specify exactly which of the message parameters defined in this documents are used, and what are their values.

NEW: Profiles that use group communication can build on this document to specify a selection of the message parameters defined in this document and their values.


FP: we included this with the smallest difference:
   Profiles that use group communication can build on this document to
   specify the selection of the message parameters defined in this
   document to use and their values.


At the end of section 1: .... [RFC8152], like Authorization Server (AS) and Resource Server (RS).
FP: Ok, added.


[cid:15330271085b602324913fd396336200@bbhmail.nl]
Figure 1 is not referenced in the text. I suggest a slightly different figure where dispatcher and KDC are endpoints of the RS, and for multicast the communication is directly between Client and group members without passing through the RS.


FP: We have now referenced the figure in the text. We have not modified the pictures, since we are not sure the change simplifies it. Reading the proposed figure, it seems like KDC and Dispatcher are logical entities in the same physical entity (the RS), which is not correct.
Key Distribution Center (KDC): Maintains the keying material to protect group communications, and provides keys to clients authorized to join the group. It corresponds to an endpoint of the RS in the ACE Framework.
FP: We have now rephrased based on your and Jims inputs:
o  Key Distribution Center (KDC): maintains the keying material to
      protect group communications, and provides it to Clients
      authorized to join the group.  During the first part of the
      exchange (Section 3<https://tools.ietf.org/html/draft-palombini-ace-key-groupcomm-02#section-3>;), it takes the role of the RS in the ACE
      Framework.
Also, it is worth noting that in this document we use the term “endpoint” as defined in ACE (equivalent to “resource” in CoAP), which is different from the “endpoint” term in CoRE/CoAP.

Dispatcher: this is the entity the Client wants to securely
communicate with and is responsible for distribution of group
messages. Example dispatchers are the Broker in a pub-sub setting or the generator of unicast messages to all group members for group communication.
Alternatively, Group communication is done by transmitting to a multicast IP address, and entrusting message delivery to the transport channels between Client and Group members.


FP: We don’t think “generator” is the best word, the true generator would still be the group member, so we replaced that with relayer. Including the comments from Jim, this gives:
   o  Dispatcher: entity through which the Clients communicate with the
      group and which distributes messages to the group members.
      Examples of dispatchers are: the Broker node in a pub-sub setting;
      a relayer node for group communication that delivers group
      messages as multiple unicast messages to all group members; an
      implicit entity as in a multicast communication setting, where
      messages are transmitted to a multicast IP address and delivered
      on the transport channel.


What is the difference between "adding node to group" and "distribution of keying material". I find the phrase difficult to understand.


FP: Assuming this was about the title of section 4, we rephrased that to “Authorization to Join a Group”.

Figure 2 : I suggest to add Group Member (GM) as communication entity.
FP: Good idea, it is now included.


At the end of section 2, I suggest some text on group identifier and role identifier, such that these terms can be used independent of the application profiles specified in other documents.


FP: I am not sure why do you think these terms (which appear first in section 3.1) are not independent of the application profiles specified in other documents. Could you please expand on that?

Section 3.

Remove: "where the RDC takes the role of RS".
FP: Ok, done.

Suggest to add the message exchange before section 3.1

POST --- Authorization Request (application/CBOR) ---->
<-- Authorization Response (???? ) -----


FP: We have now added message exchanges as suggested, although for lack of space we only include name of the message, CoAP Code or Method and the uri if applicable.

It would be nice if here the use of DTLS (or not) and the content format is specified: application/cbor or application/Cose+cbor
FP: that would really be profile specific, so we have not specified it here.


section 3.1
scope: with as values the group identifier and optionally the role ....
FP: added optionally.


"The encoding of the group identifier and the role(s) is application specific."
FP: thanks, rephrased to match your suggestion:
      The encoding of the group or topic identifier and of the role
      identifiers is application specific.


cnf: Optionally, the public key or the certificate of the client
FP: Right, thanks


Question: is this a certificate identifier, or the public key extracted from the certificate, or a hash?????
FP: This is defined in other documents of ACE, see draft-ietf-ace-cwt-proof-of-possession-03 sections 3.2 and 3.4


section 3.2:
0 access token containing all the parameters defined below; This is very confusing. I understood that access token parameter is at same level as cnf, rs_cnf, and exp. And here you write that they are contained in access token. If that is true, I suggest to make the other three parameter sub-bullets of access-token bullet.
FP: We have tried to improve this the following way: The access_token bullet only says that it contains the access token. After the bullet list (and all the parameters are listed), we specify:
   The access token MUST contain all the parameters defined above
   (including the same 'scope' as in this message, if present, or the
   'scope' of the Authorization Request otherwise), and additionally
   other optional parameters the profile requires.


For topic and role see section 3.1
FP: Ok, same fix applied.

section 3.3:
same request response figure as suggested in section 3 before section 3.1
FP: This is part of the figure 3, in section 3.

"a different endpoint" is very vague. Please explain.
FP: Rephrased to: “the Client MAY use a different endpoint than /authz-info”
Again, this derives from the use of “endpoint” as ACE defines it.

section 4:

/The same types of messages can also be/the same set of messages is/


FP: Partly included. We keep the “can also be”, since we leave it to the application to decide to use or not use these mechanisms. We want to allow for flexibility.

just before section 4.1 same figure and information as requested in section 3 before section 3.1
FP: Done now in section 4, see figure 4.


section 4.1
"....request to the endpoint in the KDC associated..." Not clear what is meant:
- one endpoint for all groups?
- one endpoint per group?
- one endpoint per subset of groups?


FP: We meant one endpoint (or resource) pre group, which the Client knows via the Scope (it is “associated” to it). We do not say that the endpoint has the same value as the group identifier, it might be something derived from it. We have now tried to clarify by rephrasing:  This
   corresponds to a CoAP POST request to the endpoint in the KDC
   associated to the group to join.  The endpoint in the KDC is
   associated to the 'scope' value of the Authorization Request/
   Response.

scope: remove topic; what resource is referred to?


FP: rephrased to:
   o  'scope', with value the specific resource that the Client is
      authorized to access (i.e. group or topic identifier) and role(s),
      encoded as in Section 3.1<https://tools.ietf.org/html/draft-palombini-ace-key-groupcomm-02#section-3.1>;.


get_pub_keys: Instead of empty CBOR array, an empty payload is also possible?
FP: Probably payload is wrong. If you meant empty byte string, yes that was also possible, but we tried to be consistent with the format of get_pub_keys used afterward.


client_cred: same question on certificate as for section 3.1
FP: see previous answer


below figure 3
/additionally/Optionally/
FP: Ok, done.


The parameters group_policies and mgt_key_material are not specified in pubsub-profile draft. Do you ever use them?
FP: We do use them in the joining draft. They are relevant for the pubsub draft, but I haven’t gotten them in yet.


Section 5.2
"NOte that .... leaving node" It is not clear if the client has left the group in this case, and what that means. The actions look quite contradictory to me.
FP: We have now rephrased:
   Note that, after having left the group, a node may wish to join it
   again.  Then, as long as the node is still authorized to join the
   group, i.e. it has a still valid access token, it can re-request to
   join the group directly to the KDC without needing to retrieve a new
   access token from the AS.  This means that the KDC needs to keep
   track of nodes with valid access tokens, before deleting all
   information about the leaving node.



section 6
/not able to participate to/not able to receive or decrypt/
FP: Ok, done

section 6.1
scope: same remarks about topic and group identifier.
FP: Same question as above


"In some cases ... same KDC". Suggest to remove. In a fast changing environment, this may lead to many error messages if not wrong behavior; Imagine group GA is the only group. C is member of GA. GA is removed and GB is entered as the only group. C wants to leave/join GA, and accesses GB.
FP: Thanks for this input, this makes sense. We have now removed this text and made the “scope” parameter mandatory.


Section 7
Again suggest to add figure with request before section 7.1


FP: Ok, added in section 7 (figure 6)

scope: same comment on group identifier and topic.
FP: same question


_____________________________________________________

Hope this helps,
FP: It helps a lot, thanks! :)


greetings,

Peter


--
Peter van der Stok
vanderstok consultancy
mailto: consultancy@vanderstok.org<mailto:consultancy@vanderstok.org>,stokcons@bbhmail.nl<mailto:stokcons@bbhmail.nl>
www: www.vanderstok.org<http://www.vanderstok.org>
tel NL: +31(0)492474673     F: +33(0)966015248