Re: [Ace] Progressing the HTTP parameter encoding for OAuth PoP Key Distribution
Samuel Erdtman <samuel@erdtman.se> Wed, 15 August 2018 04:58 UTC
Return-Path: <samuel@erdtman.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1ECE9130E66 for <ace@ietfa.amsl.com>; Tue, 14 Aug 2018 21:58:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=erdtman-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MOzMSxzuzD04 for <ace@ietfa.amsl.com>; Tue, 14 Aug 2018 21:58:56 -0700 (PDT)
Received: from mail-pl0-x231.google.com (mail-pl0-x231.google.com [IPv6:2607:f8b0:400e:c01::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4745B1271FF for <ace@ietf.org>; Tue, 14 Aug 2018 21:58:55 -0700 (PDT)
Received: by mail-pl0-x231.google.com with SMTP id j8-v6so33887pll.12 for <ace@ietf.org>; Tue, 14 Aug 2018 21:58:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erdtman-se.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TpIovC9GU5UxPS7QEvzSRSu0kGIICavM/k+OWPfhC5A=; b=mnHP0gRm5gwMfO19LmdzG7m5CeuTO/0HCWk6zN2Sah9S249fa0ESxS+OhPEX/iXa03 bLDw4HAhqmmZpFLMXRZPGNJUeozbWWqJH8G5fLAvqv8YUIxMwSQgBN9rpRXuPWSnjW9q Q26cbg6DQVvyu4Sw4GU+6k6xWhanvRYLT+R/9rLh8auCut8gzhC7bs6TuxXJ2E/e1jWJ ry4qQZE3d3mdEE6f2Sdp8s52O2FnFqXuLuFFpb9v6sF1YzkMyKBN5pMXstrJ7Ydh8wfu pJ5Zl2if1M5c5ocOmXJocgHQRH+1gio1ZuN6iSkZYuD4VOJuxDAFN7gtG1U0wxwqllga uRQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TpIovC9GU5UxPS7QEvzSRSu0kGIICavM/k+OWPfhC5A=; b=Bh8qHKmEkgUJWzeC24vuvji7TtpUY3L3DxzncV/wV3v3U+T5KihLKR333nsoTMJ7Lh R8AtQAM0RbbVM80U+k4rE8zDtGPP5Ccv5ZVLvISUmzgpcEyMdA1khNwUtuG4NSLbXW4u OQPjmoCT5MmrKDqeZ2CDtTTAz7cbawKtkPDyWXMZDwSljjjHQMoVle01Zl/Y6ReATHJs 1IBl8MgmmyVSFhMd0IU1jLZntr4Fe8SgD9zng2kXR6ZuM2FauVIJ9O1e6jcDwh6mxida oJ9YtBHV1HpR2AtzDoq9lhHzcglwmmikAaBMSaOrVc73bjnj0g7xtg8h3NEFL9wXRpGt vIQA==
X-Gm-Message-State: AOUpUlEPxUDTJs2ikK4pTK4BC7lNR/rtP/gp464PF8i03DgI4yky7X5z d0j+M4sA5Un4rgUk8RhK+RBTK9nXE80iAzFy5Wb+UOLJXElI8g==
X-Google-Smtp-Source: AA+uWPzzBMiYEn2mtBeAROjxNWvSKOXZWaQF7KKVH54Rvy3V1Kq6SOQn0aPOLfqi6/Bs5P3vig1JEV3Fi717uNh6btQ=
X-Received: by 2002:a17:902:7845:: with SMTP id e5-v6mr22449306pln.197.1534309135399; Tue, 14 Aug 2018 21:58:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a17:90a:a109:0:0:0:0 with HTTP; Tue, 14 Aug 2018 21:58:54 -0700 (PDT)
In-Reply-To: <VI1PR0801MB21120EA478D0783F9FCDDC0DFA510@VI1PR0801MB2112.eurprd08.prod.outlook.com>
References: <VI1PR0801MB21120EA478D0783F9FCDDC0DFA510@VI1PR0801MB2112.eurprd08.prod.outlook.com>
From: Samuel Erdtman <samuel@erdtman.se>
Date: Wed, 15 Aug 2018 06:58:54 +0200
Message-ID: <CAF2hCbZfrev4eY2DciPo7O1jHQJjB3x5+KByQSupFePSgn+JzA@mail.gmail.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: oauth <oauth@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fdd4570573722e4f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/z3dJMFNkffbMQ5gf68hBiiInM14>
Subject: Re: [Ace] Progressing the HTTP parameter encoding for OAuth PoP Key Distribution
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Aug 2018 04:58:59 -0000
Hi Hannes, Has there been any updates to draft-ietf-oauth-pop-key-distribution? I could not find any updated document. Best regards //Samuel On Fri, Jul 20, 2018 at 7:46 PM, Hannes Tschofenig < Hannes.Tschofenig@arm.com> wrote: > Hi all, > > > > after several discussions we believe that we now have a proposal for > moving forward on this topic. > > We plan to update the expired draft <draft-ietf-oauth-pop-key-distribution-03> > and > > (1) remove the audience parameter and replace it with a > separately-specified resource parameter, > > (2) remove the alg parameter, > > (3) update the procedures for requesting and obtaining keying material, > > (4) Synchronize with the ACE and WebRTC work to make sure that their use > cases are appropriately covered. > > > > Regarding (1): The meeting participants have decided to standardize an > audience-alike parameter (in the form of a requested resource identifier) > at this weeks IETF OAuth meeting. For that purpose, working group adoption > of draft-campbell-oauth-resource-indicators is under way. Only a > reference to that document will be needed. > > > > Regarding (2): Removal of the alg parameter will simplify the document and > does not appear to be necessary for the currently investigated use cases. > This assumption will have to be verified. > > > > Regarding (3): Currently, the ACE-OAuth document and the > <draft-ietf-oauth-pop-key-distribution-03> use different parameter names. > Furthermore, those parameter names may be in conflict with other, already > standardized parameter names. Hence, some parameters may need to be > renamed. The plan is to focus on the following, minimal functionality only: > server-side symmetric key generation and client-side public key > registration to the AS. Furthermore, the encoding of the key transport will > have to take the different token formats and protocols into account. > > > > This approach will allow the ACE and WebRTC work to reference the generic > PoP key distribution document without having to specify their own duplicate > functionality. > > > > We are planning to update <draft-ietf-oauth-pop-key-distribution-03> next > week to have something to review. > > > > Ciao > > Hannes & Rifaat > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace > >
- [Ace] Progressing the HTTP parameter encoding for… Hannes Tschofenig
- Re: [Ace] Progressing the HTTP parameter encoding… Samuel Erdtman