Re: [Ace] Shepard review for draft-ietf-ace-oauth-authz
Ludwig Seitz <ludwig.seitz@ri.se> Thu, 31 January 2019 09:20 UTC
Return-Path: <ludwig.seitz@ri.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0A96128D09; Thu, 31 Jan 2019 01:20:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.044
X-Spam-Level:
X-Spam-Status: No, score=-2.044 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=risecloud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJIbyZya0Cjh; Thu, 31 Jan 2019 01:20:28 -0800 (PST)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10065.outbound.protection.outlook.com [40.107.1.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC76B128CF3; Thu, 31 Jan 2019 01:20:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=RISEcloud.onmicrosoft.com; s=selector1-ri-se; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4lZ3Q2jsSi4TfartC6j304U0BpCNnjEe5Z7y5js1is8=; b=YHLxfEtDyWqF0IMsnPcsYkvvreo3Q/+IzkR1SNQtVuBCYLIb1STwNc89YN9/RRk9G8PXw+xj5mqYwAZ2jyjBVfr63oCgvauOMReL9UtIZ+OZdlkE+JTtClKjR/2KvcTEYpKOCFT0hWjkaxMuzMWimBy+TdMoAohj4ygEhXI5BgY=
Received: from AM5P189CA0031.EURP189.PROD.OUTLOOK.COM (2603:10a6:206:15::44) by HE1SPR00MB03.EURP189.PROD.OUTLOOK.COM (2603:10a6:3:6e::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1580.16; Thu, 31 Jan 2019 09:20:24 +0000
Received: from HE1EUR02FT022.eop-EUR02.prod.protection.outlook.com (2a01:111:f400:7e05::201) by AM5P189CA0031.outlook.office365.com (2603:10a6:206:15::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1580.17 via Frontend Transport; Thu, 31 Jan 2019 09:20:24 +0000
Authentication-Results: spf=pass (sender IP is 194.218.146.197) smtp.mailfrom=ri.se; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=ri.se;
Received-SPF: Pass (protection.outlook.com: domain of ri.se designates 194.218.146.197 as permitted sender) receiver=protection.outlook.com; client-ip=194.218.146.197; helo=mail.ri.se;
Received: from mail.ri.se (194.218.146.197) by HE1EUR02FT022.mail.protection.outlook.com (10.152.10.78) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.20.1580.10 via Frontend Transport; Thu, 31 Jan 2019 09:20:23 +0000
Received: from [10.112.134.122] (10.100.0.158) by sp-mail-2.sp.se (10.100.0.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1531.3; Thu, 31 Jan 2019 10:20:23 +0100
To: Jim Schaad <ietf@augustcellars.com>, draft-ietf-ace-oauth-authz@ietf.org
CC: ace@ietf.org
References: <01e801d4b861$4d7d41e0$e877c5a0$@augustcellars.com> <76f048fa-fa03-4e5b-0b60-c5674a2ddad3@ri.se> <021c01d4b8c8$e5ee0ba0$b1ca22e0$@augustcellars.com>
From: Ludwig Seitz <ludwig.seitz@ri.se>
Message-ID: <c0163315-a62d-fe8a-be45-cabbaefc95f3@ri.se>
Date: Thu, 31 Jan 2019 10:20:23 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <021c01d4b8c8$e5ee0ba0$b1ca22e0$@augustcellars.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.100.0.158]
X-ClientProxiedBy: sp-mail-2.sp.se (10.100.0.162) To sp-mail-2.sp.se (10.100.0.162)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:194.218.146.197; IPV:NLI; CTRY:SE; EFV:NLI; SFV:NSPM; SFS:(10009020)(136003)(376002)(396003)(39860400002)(346002)(2980300002)(199004)(189003)(13464003)(77096007)(81166006)(40036005)(11346002)(8936002)(69596002)(230700001)(53546011)(53936002)(6246003)(386003)(229853002)(4326008)(3846002)(65806001)(47776003)(65956001)(6116002)(104016004)(16526019)(26005)(7736002)(486006)(476003)(336012)(126002)(8676002)(65826007)(446003)(22756006)(356004)(81156014)(44832011)(186003)(2616005)(305945005)(22746008)(106002)(86362001)(23676004)(64126003)(97736004)(31686004)(76176011)(33896004)(67846002)(68736007)(110136005)(106466001)(16576012)(58126008)(2486003)(50466002)(31696002)(36756003)(478600001)(74482002)(316002)(2906002)(14444005); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1SPR00MB03; H:mail.ri.se; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; A:1; MX:1;
X-Microsoft-Exchange-Diagnostics: 1; HE1EUR02FT022; 1:SkpTj+mrzjNyq70qaYammLTOeSahwN0s5cKTToSsIxyVs01mmd3sp2OvjPjkMNmWqgXy4hwXUcY5fG1KpdlEAzv4fQK5MP6sDnYJSwFwTYPv/4JvIfWVhKhQeqF6oYNN4abiLOQpY4TubTKJdLz78KP7xjExiPzGgXBY1rYD4MQ=
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 5216ba35-81c3-4295-4895-08d6875d54a1
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4608076)(4709027)(2017052603328)(7153060)(7193020); SRVR:HE1SPR00MB03;
X-Microsoft-Exchange-Diagnostics: 1; HE1SPR00MB03; 3:sjupoc9rHIy0l3P+hyQpO8mt6TYzw6ZU4BwwFHOXi6ltanDwNUEo5iG7ECzRSliUcOva3QS/eoFbtf1kUQYVwfueRhDoIYXnNV2e7GUC7fkKa1YcxxsY5VypfOWK8cbOVksND4ZPdYCKrh6YlBZ/E1vKYjqg1crYaKuAjKUDQrwmxrdlIPmxGOMJDOS0Qm6ef/NuidKDxjS9CoXi/aRYvoC+geeGIi23YKlzXRkbU/jY4uJllWg40y2zh4kbDeTGSDbQC2w8r9bpfKj9cTSNK8fsQWJhl0hJWKioQZXPyQLxwlzB34k/QXPexzkVdxaV9iNxy76iIzhvWLzvU1LVJqpqG2x+V2eV3vde3hIUOiio0eT+m/5TJbYfuSZp/6+C; 25:W8eByzf0UD4VObutDXUgUFMIYugv+zA5fmE/OcZav0+rwqBr09HSHn5b2HmmorAIr9Ow1ObbmNj7nWovfwY91pyJ6zNZhOo6vVqNOkKXvLbE3PVTIuYdbuglh1IJ9vfrvIpD2f1lmbwYBNpPKltbkkhduEWQ4vqa4aiIqBz70nBXaXOo7WkO4+gt+v4GHq/y7cejBjsTrAszcage3r018haVl3tOveNoX+IzFT3AMmXXRkcfSfSuqrAipSAfwVXnMSFlvu9BppqhVxJt/akrmnT8iDwpCPYlIlDlME9t//UAB16+Ij+eT5h/BCEbTNBnKF+ip9jeMfGUicw39AbiHw==
X-MS-TrafficTypeDiagnostic: HE1SPR00MB03:
X-Microsoft-Exchange-Diagnostics: 1; HE1SPR00MB03; 31:tGkdSn9t7Z4TeEPkgavSjdIipij6UQ10F+SGPu6oGLyUfS5W8T/ATtfcIT1PuuyOCskuoZsmdMkouOOw10pf7HHIHx7fBg/iOYbDEm3YQVr2/Vdbk4z0wuSTxFlo/0QM5yheKJzrH6lcd6/W4/APriM2xA/rV3plrcCKTpDRmr4xNYy54IXEqvKu/BmTMgT4UO4qiR3wOI662gQfSMXfWR0HTz9OE10uam0WvAJakSs=; 20:KbqNEwPJj2Tjj5SndnKqrsJWURg2uVyAcUbyoPAsIOv3xCUkuV3riRSIPDAqG2TH204gPNdC6OOGJEw83iUY9D5y19TtbBzqXikAwBejdCMmjAKE/v53QSX/vwNXMTrZjiUcq7E8Pjgq1iKdI948RZY6SF57tSs8M7WS6nBry7FjqJoCUBtjQQVt42AGVoYsPbWr17jkVyRGw2PiPhxx3QWX+94CEuVxXxWw/I+k5SYaRsqsB2j2S6ctH0mT8mfo; 4:dIUfb4G6abH7xb2Adpa176UAt9B3yg3/jHNwArK6YqFqnIPXNhNhVNsbt+hjZPxniTqhfP3IxluVTZJmqmYDVwsfDWupFHygtNj17P3obVi6fDxQNjGWs44LztpBL7lv34IS3BO0dsss3ut7UjMNZPDFQHJGlH9Ug4dr7aUbzYeRBt71ZM0qzp82+6WZslzX1fWzILrK7v0JVw+FzYZRhJa685RcIKUc6xvC40u0JlIDOLtNIi3SLdCQ6prjZbgOFJYO84yDj61DxVftQ/qtK59rmMOinUeJgsoIG1oV1k4sSVLd6Trsh8s8aipcEznH
X-Microsoft-Antispam-PRVS: <HE1SPR00MB03F4E94CCD2AFD4CAE280082910@HE1SPR00MB03.EURP189.PROD.OUTLOOK.COM>
X-Forefront-PRVS: 09347618C4
X-Microsoft-Exchange-Diagnostics: 1;HE1SPR00MB03;23:hBTi+iIBz+FlqvmCGjLWM3HZuFHHCTX4Jp/wukiKaXmEmme0QTu+mHG83ZZ2QR+eHm5JznyJF04q7emDzsO6U9UhaRlcruIGEy+EUFJ/4zlByqbmm2p2coC3EA0AIVLO1pTKGj5tw0wfF/Z2ztCuXxGfoTmYh3TkzX7o/DZq08BNGmCLZJbuB67ro1WdV5+S0KXBYqwlGDcsqCgrbTc2taHWjrte93nJcOjrDWRfBIN1LLI7LIO8PAW+V3YihmOl8fpivP5NTpLyyP6BNWxfwHBvJtFnuTodK5/21f8QDSbB2SUNrbPwMOBmvLMqUvChSBwZ5Dbwf/E7olh/3ectZy6vKESMse2S26JFvSe+WJS0kyTRaSPwHpoSjiU9Um0moPqZtyjPhhVME9Qu/RKANmFl7dMula534iB0sq15zNYLMqdHoHo9hH0oBUlTYWEthXO7X+WU6FmMy9P19MErxo0fnHRxRNI/5rb/iYU9UkD6ShjN1uqE7sd0TUl5IfutctZV6iFWW2NEyLAejYzg5I8FaPF9mrz9YoAVM/bO0HvVaeqkvqRsOC4JStOKkfGZqhhn9Ssu3t25g8lSfCTSLGyjWtQDZgIp0zlaO/BTlz12ngsT1jPVVl++5yEAdz+5QJItIKNksP5d8xQTb6FTtkeg8bFlY7XMrEAZDym0rslboTAMD4azLNRO/gtwn5v30iLia8u788yrdGE6ZkPeKm5JHAGKh4LmZ4aL5ntPwQk06fYgw5xwF4LT/nWak0VDs46VcZ3xdXEDaBT+DypMS8F9L3XK7mz/q0xypkguxqqNWXpvc4EXGBhYlJbL8kl7DPPStLpl1/TrOd5qud7yBsEjEWNfxH8uIQN7GMPpoyLDQuFfnhOkpqx1nEH9a6mVaWtimtKrgjxHDKGW46ChF2v4AyQ9RL1G1QDpVwQ7DjPotHRgrgQrbDXHxD4JNrNGlsNVos2Hb67Mu4msJQoaRJNf48dz6YFeDRPlR96tJlGPb9yh/1qg9wmFZkfe/Mc+FxUack9LETqIq9RV3vdQVmHOdEwfDvBtz1VzDZXzHZEUthEwJZJX2G1WrE9coMP4JFenQ6wTn0gma8UdSxtDBA3hUkqiFUcVOCAeddvjO+zSoUPqHCtQsJIdRqrHwckGVEfjC8AP/u6PqekkAakCaXS7fvk5bt7dLqfWwAHFyZvSEcJQWZilPijnecTWkhZiOjrP86I5FO6PRn0pv8WbboLyS8IvlgS6GQRrQN8H209zYxOtjms0WS5JqIM7K6Nf83+wTlLo98lAnvS4agu6oTYzyf70A1kPHg/iOs9diSj+V0XSw5sIJ6VFg7dtQ1/0d2JyR/qcNCVLD8JAeP6XySAQ6UHaL7YIdHfpluXXBVBGTl7IJnyNM5fT4msBXQ2T0l5OU2SgJvmXn0zMj7JVe/11wvTp4sT49wIoxh9HjBa0c9/PuxmJ/796afHJ0XiHWY95x1uYnA39nU0OS7jJfeIgZ+BLD18yAPqAx2gExWc=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 7RQvN9zvpth2Q7wW3fmuHNZBqhbp1yIZBqwgfPX9z8yywc2Gw58FvKhorOmEFqQdzHAeaXWuzf+5rVSRYAhDtEAmIkmcKghO+i0kX0AzwMeP7cSaTDp+tz02f4l+QkL91cg6u0ivU8Cqjg4xmpA7GMVSkmdDrpKcz8U2QgtjdMO/gapx2ZCvXOFGzJwI7qH7Zp+HmKkSkzRyX3ZgHUncLh8XLVKEIAMMvM9YTiLgdqlxXk1DA/jzUapIRSTUTzaV0muyiUf3zrOII9YrCxP9RBzq1l/DFtFvoxgPcYd0FiVNeT//CzRUod4eE5Q9CRIZsJBJyw9hODgdOTPNHJ0e4/QiaEFarCZNL4xEt20kSOCeqrc29/ydfjh6uh0aDDkVQargvMJ5sGdAo4XCUbCCHEE1/AhbqHGn1GJJH2x0RyA=
X-Microsoft-Exchange-Diagnostics: 1; HE1SPR00MB03; 6:OQvlAVANUcXZJW5qk5DlFx69KfpD4oV0fG+g2GvX3mInRNQQVfUak/AXic2jWFI5QLKnsSssEVoRsguv5XzLWcABamZl1+eF5mlKDTITNfmDk+dbggEGVn3NGCRhbr7xc9c3YIy6YvTGMVOeBRYlL5Vc1aDnYUyLbSvKhNLTBmJyJ6juVFXrtRsl7BhML70HOgir3hiifLrSZM8a1FpZHhEK3heCD/bIYugMVyW/bKzjjQPE99Ksh9guKgcbKJLpfnoKGFplHPNmbMgT6mbg02+Bn9E2yHpcag0g1FeCyKIhWW1IPLz9T5P0wbXYS9/B599+tWv74Ab8jn4CDT06/zPbjsYczW5cc7UK4DukFQQpmY/Vjp+h2uLzG0Bx0QvSIn9TZuVWTs14iP9DoSYO06AH/x6i1GTKO6zanuHt5KrEE5cW7YODt9wn/y0oWHkm7w3LpYP+Fk8EW00BVzAv9Q==; 5:3JPDGfYqBiaoDACjPKg0xEwgpxECTju2ANZ794ehBYvjGd4J4rcXcvy9QlxWB4Lecke9deUDQKy8p0/fj3JeBgkUVLUf0jKX1u81LryNrWrGn6CiOzZXQJcfpgB5qrI3H/Vf7JiuVLeu2hG6FJuy8ib91WzLC80qMCTBbVXAM5HLzQhyH3F4jkqTuT2n2NL0RckSHYznG/qhb3uTfYIcGQ==; 7:dbgk9jQmSB2OT0gyq7U9syXg4g53AVPgUP6/HLajFdJjqFVAXebxQ1aRmwXteAduN+JCI1OOHVyyBfxX0+jm+I/wYc+b6RdTbZnP4DPBvkN5PnFtXc+2vJvdMHeP1YxL/hDr/psx5V7WgCWBiaMCYg==
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jan 2019 09:20:23.9406 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5216ba35-81c3-4295-4895-08d6875d54a1
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8; Ip=[194.218.146.197]; Helo=[mail.ri.se]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1SPR00MB03
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/vUgU-u7J1UGvJgFcqRyXCxR2I84>
Subject: Re: [Ace] Shepard review for draft-ietf-ace-oauth-authz
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jan 2019 09:20:32 -0000
On 30/01/2019 19:23, Jim Schaad wrote: > > >> -----Original Message----- From: Ludwig Seitz <ludwig.seitz@ri.se> >> Sent: Wednesday, January 30, 2019 12:38 AM To: Jim Schaad >> <ietf@augustcellars.com>; draft-ietf-ace-oauth- authz@ietf.org Cc: >> ace@ietf.org Subject: Re: Shepard review for >> draft-ietf-ace-oauth-authz >> >> Thank you Jim, >> >> I'll upload a new version as soon as we have resolved my questions >> below. >> >> /Ludwig >> >> On 30/01/2019 07:01, Jim Schaad wrote: >>> 1. Update the reference from RFC 5246 to RFC 8446 in all >>> locations >>> >>> >>> >>> Items that don't appear to be resolved: >>> >>> * Section 3.1 - Refresh Token - I don't think that refresh tokens >>> are going to be strings because binary is more efficient. Unless >>> you are going to say that this is not OAuth 2.0, then a refresh >>> token is still a text string. >>> >>> * I don't see any text that is addressing this. >> >> That text just describes how it is in OAuth 2.0 (where refresh >> tokens are strings), since we didn't see the need to specify the >> use of refresh tokens in ACE, we didn't mention them further. If we >> had we would certainly have defined them to be binary. > > That would be fine, but you actually do define a CBOR mapping tag for > refresh tokens in the body of the text and define it as binary. > Right, (background: I did define a mapping for all OAuth parameters and re-mapped all that were Strings to binary. That does not necessarily mean the have a use case currently in ACE.) in order to resolve this I will add a sentence in the description of the refresh token, saying that we define them to be binary here. >>> ****** IANA Section Issues >>> >>> 1. None of the new registries appear to have any guidance for >>> the DEs to use when approving items. >> >> Is it acceptable to add a single guidance section for all of the >> new registries, or does it need to be separate for each of them? > > As long as the guidance is comment this is fine. That is what I did > for all of the COSE registries > I'll copy liberally from your example then (and a bit from the CWT RFC). Hope you don't mind. >>> >>> 2. The title of the registry "ACE Authorization Server >>> Information" is not really descriptive of what is in the >>> registry. It makes sense in the text but not as a stand along >>> title. Something along the lines of "ACE Authorization Server >>> Request Creation Hints" seems to be closer to a solid >>> identification. >>> >> Would "ACE Authorization Server Discovery Hints" be better? > > I thought about that, but it does not really cover the idea of having > the nonce value there or the possibility of later adding things like > - ok you should use this audience or this scope or some other similar > thing. > I see. I'll use the somewhat clunky but descriptive "ACE Authorization Server Request Creation Hints". I've also taken the liberty of adding audience (req_aud) and scope as optional parameters in the AS Request Creation Hints message, in order to justify its name. While resolving issues from the DTLS profile the authors have noticed two elements that need to be added to the framework: 1.) A definition of "Authorization Information" "The information an RS uses to determine wether a request is authorized, including the claims of applicable access tokens." 2.) Adding the "kid" parameter to the AS Request Creation Hints, so that a client can request a token with the same pop key when it has an existing security association, but the token has expired. The procedure is currently defined in the DTLS profile, but it applies to any other profile as well and should therefore be in the framework. /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE Phone +46(0)70-349 92 51
- [Ace] Shepard review for draft-ietf-ace-oauth-aut… Jim Schaad
- Re: [Ace] Shepard review for draft-ietf-ace-oauth… Ludwig Seitz
- Re: [Ace] Shepard review for draft-ietf-ace-oauth… Benjamin Kaduk
- Re: [Ace] Shepard review for draft-ietf-ace-oauth… Jim Schaad
- Re: [Ace] Shepard review for draft-ietf-ace-oauth… Ludwig Seitz
- Re: [Ace] Shepard review for draft-ietf-ace-oauth… Ludwig Seitz
- Re: [Ace] Shepard review for draft-ietf-ace-oauth… Jim Schaad
- [Ace] Unresolved issue blocking progress for draf… Ludwig Seitz
- Re: [Ace] Unresolved issue blocking progress for … Jim Schaad
- Re: [Ace] Unresolved issue blocking progress for … Göran Selander