IETF Logo Mail Archive

Re: [Ace] Artart last call review of draft-ietf-ace-aif-05

Marco Tiloca <marco.tiloca@ri.se> Thu, 03 March 2022 13:18 UTC

Return-Path: <marco.tiloca@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3A903A0877; Thu, 3 Mar 2022 05:18:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.111
X-Spam-Level:
X-Spam-Status: No, score=-2.111 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PMhHt-45LjjL; Thu, 3 Mar 2022 05:18:05 -0800 (PST)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03on062d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe08::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6B753A0965; Thu, 3 Mar 2022 05:18:03 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E8+ZpjkGN+0W/Rh4Pj2mCYJChr9gzAyb+6CEG/emKDziDvbhzqMvUNz8tEMNUx8MZsWaUd+LY/MTnzvOj1gXkNs/kiKdEKmld5VQiePmyKqBCWvwzvosVRjpGyIiLR2dLCKe+NsQGYzD2Asj4mhgm99offXRAS6496+0+LUupM4WFeLonD9zg9kIUHmKeI5XjIIvQzA94/v6v9Kl9bamjvG5pBXxXG4U/OEYWNCl/CjktAprbzPhOYBqB9b1akZQAoMzuRCoCQcH2EawPjFvMGs9w5pn9Ib3syT4ASGHjmXD+IqSx4RswUKpbzJfFFp272bJO+sFNwGPi3piL27l0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ULfiLguXF39oK78JTTYkRuJOrwP6r7j7tegpzo6rvqE=; b=hzd8nTsGVyPvOP/NYdxFJNGvhk4EzET7/uBtFp3KzcF5Xu/YXVQmVdLWuqr/gqJHi3Myti0/3wKtb1BjvxqEOHQxbgHvZh8z0KiKypA3Ci9sOHygb9yhLamYf8P9XPY5njV+Jd/lWxDOMFUe3Ze2RPpI+1e79LyijJWi9wnF71+wxED5UQ0df9Z3jtWrm0b2VId8wDvNQOSStao4xVGfVTsAS5bPHy1e93+wzbDocakND3Z4GxQ57otuM6nWW5paZ3cFKQSFEynXffyiO1ZFUNtSHmpao2yc7bGy/oqTdsdu0PE+V66Uuu1ujzGw5b1Pg6l/vDl0ZZ4lfuOpE+U75g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ULfiLguXF39oK78JTTYkRuJOrwP6r7j7tegpzo6rvqE=; b=ewvwIvrg9pPje2n5+YoXvuSq4kIdbZebWZ5ua0AEo6cpJFPwe/1ywPUB1M63XTd2iBeCqr+IP17GzlMCaI0np5EVdJgMi3ktr1CHLG8FE6QSns53d63jkljI3WEaYNixMRXppiKazBlnUKF5UkufAjZfHo9v7SJgJYMyrfVeiNQ=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14) by AM7P189MB1075.EURP189.PROD.OUTLOOK.COM (2603:10a6:20b:174::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.14; Thu, 3 Mar 2022 13:17:59 +0000
Received: from DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::b0ea:12ff:4a7e:a24c]) by DB8P189MB1032.EURP189.PROD.OUTLOOK.COM ([fe80::b0ea:12ff:4a7e:a24c%6]) with mapi id 15.20.5038.014; Thu, 3 Mar 2022 13:17:59 +0000
Message-ID: <e61203b9-34de-d40c-1aec-783acef8f0b0@ri.se>
Date: Thu, 3 Mar 2022 14:17:56 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0
Content-Language: en-US
To: Carsten Bormann <cabo@tzi.org>
Cc: art@ietf.org, ace@ietf.org, draft-ietf-ace-aif.all@ietf.org, last-call@ietf.org
References: <164555618912.17476.10903961003636458894@ietfa.amsl.com> <1CE3BCD4-DD4B-4ECB-86F0-23CCBF6B72E6@tzi.org>
From: Marco Tiloca <marco.tiloca@ri.se>
In-Reply-To: <1CE3BCD4-DD4B-4ECB-86F0-23CCBF6B72E6@tzi.org>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------MvE4WJywrxZpzvE6LlTdq3uU"
X-ClientProxiedBy: GV3P280CA0095.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:8::6) To DB8P189MB1032.EURP189.PROD.OUTLOOK.COM (2603:10a6:10:16e::14)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 8a5334de-8c17-4abb-f81f-08d9fd183c3a
X-MS-TrafficTypeDiagnostic: AM7P189MB1075:EE_
X-Microsoft-Antispam-PRVS: <AM7P189MB1075559AE50CC354B4BA2F8E99049@AM7P189MB1075.EURP189.PROD.OUTLOOK.COM>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: XTPgZfkZ5TsjfPE0Uzl3NIhNDHNzbOm9So76VC+WRHmEoMQunnSgf785SjCv3ieYRHyE2XF2UmEzVCSq14A9veJKPgrCy8C4Y00phE1oAFh5LzUkbjtJ02HZboC+NfDU1Sl8NE3A1Ob6okkZPPVK15HYeMIpho9pq7c4Gf0nsxmQnKYLm8ueXIUp+VlXFdzLZpnQEFHEdofDff+B5Uhg2crOX61zm6VhfGxf5cWgRTVoOWyJCoK8zc7iGWVy/ViBuSGJtgf+SJxPQ0FyJeRJLUbNawJfWjUOHoTzZPbxXbbnfEOY7d3cj3KKpRfaWOyTbJFevIDteH778CtBWQCKLFy6kpyHqFEzpaAVZJLnUK8N9kH6J+cKAd8qLEJFEgdRhK+QabkVoWYx7GJ8kLPGsLK1bfWChZq1N5gMf/fkwixJqdco3/lz+yB9Axczq6YMg/rjgJr7KFqk4m1vp+pRdQ3Vr/5Z5uTZ8Vcw80zIZx3b7DDAIT/1p4okXV3qeim9LymhgPKQ3LW2yfxAuxa5rZAfjHncfOBL0bpjKItpfpB0eIda+85FXAfn809ZX1sfUHzf1aaV0/eqEmMsyo8EA8MaZmuFcuNM66yHhC/lemWLT8UJ9hwOXKA+YzK8gH3k8bwWkk9hJE43kFv1OhKfmBSeZTYxeMgDqA2REFRJI/UvNDg5FJB/oaUO/hzx3MsUJsbJ3aoIsZCJJlXZ6EEREgiUGlpYpLimH5mQaWGJ7rJaSdLjA9ovrWG9NZOp0Eol8su8UwO83IvhvGo9Jrd+G6i1Ae/x1dG1yLbdc9ML24+V6wS+LABFJe81utg3a/wt
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB8P189MB1032.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(38100700002)(6512007)(6506007)(53546011)(83380400001)(2616005)(21480400003)(186003)(66574015)(26005)(33964004)(2906002)(966005)(31686004)(6486002)(36756003)(508600001)(45080400002)(4326008)(6916009)(316002)(31696002)(8936002)(86362001)(8676002)(66556008)(66476007)(66946007)(6666004)(5660300002)(235185007)(44832011)(45980500001)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?QThCZFh6NTZNSjJoVXA4ZnJyVkhkblhPYWJLcUpCR1NYSzVoNTByUzBlNmMz?= =?utf-8?B?SWxva1NybmRaVytmOHBheUxoQkkyVjdwVlBQYjhRa2xJU1llR21Za25HQUEz?= =?utf-8?B?c1J4UDViZVNrMHVpekNZWjhzdU9lTFlMN3lyYlY2REhBSXZkWWw1MnR1M1E3?= =?utf-8?B?eEE1NGRXMElheE5uMkVKaHRKRDFwcGFtYlZobU81bnVyc1BMVlBlaEJTYXJo?= =?utf-8?B?UlBHcW80VFkzcThLUHlEWUJFSHdURjlyUkt5YUlmdS9BbjYraFJRYU9OUTBK?= =?utf-8?B?L3BOSnpnTlltUmFTQ0JzbzRVVnRENDlOMmpHTHpkcXp2ZEFETUNkckxEUXZz?= =?utf-8?B?UUNaRVlRbk9INU50MTlXMUtubU1rUWVyVmZXTHFhVC94eW1BNlJIRGNvYkEv?= =?utf-8?B?aWJCNmp1YUJnVVUyWmNzNSt5ZHZTQU1GVGVoZjdhVUJYUDdUZkN1RTZJL0ZW?= =?utf-8?B?Y1BYWkpraER4QTFxUXBsc2hTYzlCMU9jbEROQVZILzUrVUVKTmE3RmNvMGJL?= =?utf-8?B?ZHhSb1ZkdGFiMnd4V3lJYzZZRjF1eFpYbXM4Y2Z3SHY1NUk4NWczVFBIVTRs?= =?utf-8?B?bDU4YVo3SSt0Qjc0K0YxYUVzTzR6VmFGV0lWb0pLSVRHcFZmckRrTDZ2Q1Y1?= =?utf-8?B?eEs2TWU5NUdmUVdXODk4OG9zRGxhT296Sk1wZHlFY2NpandVdXNtUnFjWHlT?= =?utf-8?B?T1FIL1ZpcjFoN0VYZFh6WVo1QmlidkpUUGUvenFPakhqYmtNNStFaXBYTG9N?= =?utf-8?B?bkxjSU96cHhPN3luQlp2YVJGSVVVUU95ZHFGejlqU3lNcXlvcEV3WjJnMGdk?= =?utf-8?B?RWZKdWtVN1Z1UTFXYTdaTnBiV1ZZRzRLaEN6ZlVxcEh3c0x2YVROZHZiUmMy?= =?utf-8?B?Yy9HM0JXTjBZTEZHWTR5RmhFeERuWG9oMDVuamVZOGM4TzlvWEVURUEwbWk5?= =?utf-8?B?SGp1dkJ5cy9XQmhkY01CV1RhbVFiRkhRUDYvWGRJWXo5dXlRSld3eGM0K0l2?= =?utf-8?B?L2dad25LMEsycDQzR2hZQTVSc1d1TWwyWVEzNmVWR3EzRzRXZ2J3NWIrL0tM?= =?utf-8?B?a3Z4RlhwalF5aDc5ellpYlFVQXd4cEt6OEJYVWNBNysyeEhadFpXSmhFaTA2?= =?utf-8?B?dy9mSlhvak01azYrWnlReFBMZGw5bjNJdXZKcEZhUDM3Q0lSRGljZGNOWW9q?= =?utf-8?B?d3p3NTlJSkxIa05lUGpCTlVjTGttcjY4RVIxanVYV25KZjVSK2dDNzFOandG?= =?utf-8?B?ckNzS0xmSUVHQXZ6anhjNW9RTzJ2YjlJdm0yaWIrWEI0T3pFdCtYTmN3Q3BH?= =?utf-8?B?b1JQVDdnQUpKQ01XUm9mbm9Gb0hoNEdadTB1d0lzMitjdDN2aE4xS0FzMHZj?= =?utf-8?B?bFhnNjJJbHZoNVpFejRRemdFN1h5aWxDV3B5Q1RiZE9ucmE3RWF5SHkrUEI2?= =?utf-8?B?SDhmU29PSHY0djVtN3RMYkpCU0pwT2VycTVQS2JQeVRpNGp2US9LRmE0czdv?= =?utf-8?B?dTA4VjE3Z3RPWCtjbmhBUUp0MlNvdTJ6RTJhTVluNUtQOElrRTlEVWhCcXcx?= =?utf-8?B?WklCd2xEOW9KbFdSU0JPWElWMGsxdVR1ZXNmb01ZMHp6T013ZnExQWxUV1ND?= =?utf-8?B?VDY3R1JCTCtwa2NzQ0IraGEvSWdrMEZHQnBlZlpHU3lLVEtibU9tVUFGNmZL?= =?utf-8?B?RklFQURJVUFidTg2M0UwMFpXRjJNcGd2TUdFUTJFemp6NDBZTjVwUUREbDBr?= =?utf-8?B?UUdrYlJFV1E2ZU9YYVY0QXpWU2JxT2JiZkdmRDNyTzdzNVFUdFVDdnVHL0JP?= =?utf-8?B?ZG1GNVZYb2hQMXVzckFOZW5yM1FURnNjc3E2RysxWWxLcDdkazJNVXJwd1Fw?= =?utf-8?B?dDRLT0NZcVNyTTJleEtpcVdFdlZZTVdMd0JCSkdlT2tkbmE0VGNWditnWmFE?= =?utf-8?B?WVJBcE9kWXcyS3pTZ3Q5d1RCaHJ5amJUOFJuN2o4b3l3WEpkQk1wUUJmL1Zz?= =?utf-8?B?Zm1wR3BxMklHUDJLbGRqaUVPRVB3VUhjajY2SE1sczFKb1VDZ2xlajg2ZTBU?= =?utf-8?B?bEUrc00wWHhFeDhPR1A2dURiNm11UTN5RHgxcXFWNTlnTTdIVDAwYlVCTGdz?= =?utf-8?B?WkVjWTQwNVRzTWRJRzVXZHVxRXBRZ3oyeWFIeTdYRC8vb3ZLWHhocmdnUDdv?= =?utf-8?Q?icdxTNnQktdmo9gNEZyXGXo=3D?=
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 8a5334de-8c17-4abb-f81f-08d9fd183c3a
X-MS-Exchange-CrossTenant-AuthSource: DB8P189MB1032.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Mar 2022 13:17:58.9780 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 2InU8a4HMOOE0YsWrjhjC9vyixnxYN0Q+CaGHX/BpW37iH39x7gMxKjwtRIUWt9UqtsDvG6AbA09/3MBv/aVDg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7P189MB1075
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/vQVbBYnsYdYxzZArSRNhgywuhHE>
Subject: Re: [Ace] Artart last call review of draft-ietf-ace-aif-05
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Mar 2022 13:18:10 -0000

Hi Carsten,

All updates look good to me. Thanks for addressing my comments.

Best,
/Marco

On 2022-03-03 13:02, Carsten Bormann wrote:
> Hi Marco,
>
> thank you for this very actionable review!
>
> Changes are in https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabo%2Face-aif%2Fpull%2F7&amp;data=04%7C01%7Cmarco.tiloca%40ri.se%7C044602d05e2b4b81f7d308d9fd0dafed%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637819057505343778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=tJEKNK5am2qXhVCqZLy5yzVAbcYNRqpCx0gyGNny9N8%3D&amp;reserved=0
> (and in https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabo%2Face-aif%2Fpull%2F5&amp;data=04%7C01%7Cmarco.tiloca%40ri.se%7C044602d05e2b4b81f7d308d9fd0dafed%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C637819057505343778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&amp;sdata=hX26UY66r3j2Kb7H%2FERkUTrATFPGj8PXtIoakxv8v8g%3D&amp;reserved=0p;reserved=0, see below).
> I plan to wait for comments on these PRs and then to submit an updated I-D.
>
> On 2022-02-22, at 19:56, Marco Tiloca via Datatracker <noreply@ietf.org> wrote:
>> Reviewer: Marco Tiloca
>> Review result: Ready with Nits
>>
>> Thanks for this good document! Please, find below a few minor comments.
>>
>> Best,
>> /Marco
>>
>> [Section 2.2]
>>
>> * The first paragraph has the only occurrence of "AIF object". I suppose that's
>> what you call "list of pairs" in Section 2, right before Figure 1.
>>
>>    If so, it may help to define "AIF object" there in Section 2, or to rather
>>    replace it with something like "list of (Toid, Tperm) pairs" here in Section
>>    2.2.
> Indeed, the term “AIF Object” may be confusing to people used to the JSON terminology, where “Object” refers to a map.  Replaced it with “AIF data item”, as already used in two other places.
>
>> * In the second paragraph, an access is possibly subject to conditions, not
>> dictating them. Thus, shouldn't the right word be "conditionalized" rather than
>> "conditionalizing" ?
>>
>> [Section 3]
> Well, it is the information model that further conditionalizes here.  Simplified this to
>
>>> This simple information model also does not allow expressing
>>> conditionalized access based on state outside the identification of
>>> objects (e.g., "opening a door is allowed if that is not locked").
>
>> * s/e.g., 35 for Dynamic-DELETE/e.g., 35 would be the number for Dynamic-DELETE
> Well, 35 actually *is* the number for Dynamic-DELETE.  Now:
>
>    been for X, plus a Dynamic-Offset chosen as 32 (e.g., 35 is the
>    number for Dynamic-DELETE as the number for DELETE is 3).
>
>
>> [Sections 4, 5.1 and 5.2]
>>
>> * In Section 4 and later on when registering the two media-types in Section
>> 5.1, "local-uri" is used as default value for the Toid parameter.
>>
>>    However, the new sub-registry defined in Section 5.2 (and where Toid values
>>    have to be taken from) is populated with an entry with value "local-part".
>>    Shouldn't they all indicate the same value?
> Yes, Klaus Hartke noticed this, too, PR #5.
>
>>    Also, perhaps it is better to name it "URI-local-part".
> Good idea, added to PR #5.
>
>> [Section 5.2]
>>
>> * Suggested rephrasing:
>>
>>    For both media-types application/aif+cbor and application/aif+json, IANA is
>>    requested to create a sub-registry within [IANA.media-type-sub-parameters]
>>    for the two media-type parameters Toid and Tperm, populated with:
> s/both/the/, otherwise changed as proposed
>
>> [Section 6]
>>
>> * The first bullet point has the only occurrence of "AIF information". Perhaps
>> this is another name for what you called "AIF object" in Section 2.2? (see
>> previous comment for similar considerations)
> Went to “AIF data item” again.
>
>> * The second bullet point says: "and that all parties understand Toid/Tperm
>> pairs to signify the same operations."
>>
>>    Suggested rephrasing: "and that all parties have the same understanding of
>>    each Toid/Tperm pair in terms of specified resources and operations on those"
> Nice!  Changed.
> I changed “resources” to “objects (resources)”, because the objects of the access control matrix don’t actually need to be resources.
>
>> [Nits]
>>
>> * Section 1.1
>> --- s/This memo uses terms from [RFC7252]/This specification uses terms from
>> CoAP [RFC7252]
> Good idea.
> I also expanded the Internet Security Glossary.
>
>> * Section 2.2
>> --- s/, however,/. However,
>>
>> * Section 6
>> --- s/and provides (2) any/and (2) provides any
>>
> Thank you!
>
> Grüße, Carsten
>

-- 
Marco Tiloca
Ph.D., Senior Researcher

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

RISE Research Institutes of Sweden
https://www.ri.se

Phone: +46 (0)70 60 46 501
Isafjordsgatan 22 / Kistagången 16
SE-164 40 Kista (Sweden)

v2.8.7 | Report a Bug | By Email