Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-ace-mqtt-tls-profile-17> for your review
Cigdem Sengul <cigdem.sengul@gmail.com> Mon, 03 July 2023 10:16 UTC
Return-Path: <cigdem.sengul@gmail.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B28D5C14E513; Mon, 3 Jul 2023 03:16:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mWE9vlXxwjT0; Mon, 3 Jul 2023 03:16:21 -0700 (PDT)
Received: from mail-ot1-x332.google.com (mail-ot1-x332.google.com [IPv6:2607:f8b0:4864:20::332]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44EDBC151064; Mon, 3 Jul 2023 03:16:21 -0700 (PDT)
Received: by mail-ot1-x332.google.com with SMTP id 46e09a7af769-6b74791c948so3680458a34.3; Mon, 03 Jul 2023 03:16:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1688379380; x=1690971380; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=VG1yH/dHNg0xUGcrRhoYmTnSf4z/EUZJAACL6GwlIKk=; b=VSgwblZu7px152I+wQiKCHwWDSXtv9F/+nIdBQrsS/FSPBU+Lf6svo0nsEKIeBsyuv grrT5r3NsWIrbgjNz8iQj1y+dQhR2dqqfQ/xxSorZG/NMxRa8zX3lUzklZpawA4dJECI ryz8Tlb4Q4wCUaW/iBAbV4r+S7l1YAwfQeBeOQkUeOsoIppl+oupDZUYTSymO23Ptu4e INh2EfdgZcV6l7QLzWVA3c7s8Do2vIO1VrqboyYUfae6OUr6BHh4GpmQObO+htJWVag8 0I4y02qP3IigfB1KI2MRJctNOu3x3DuPiOeDaoOaLQ/CWQH2ejmWZXsTI/ctGvRoxZh2 h2Yg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688379380; x=1690971380; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VG1yH/dHNg0xUGcrRhoYmTnSf4z/EUZJAACL6GwlIKk=; b=dMjsGgcmimzJWGeS1kEFlK5nybIW1sdOj20LiKgXq54DiS6ScIVHEsl8jLJ7BKnedu FXQqrIwsKGp2SnbSrIZ+MfwLTMtm4iJ3tyRrKPYu8FBlY7Wvs4ZJVzA6pDzYLHNavJB5 NJgyP2XeppKqO0yKUz25Y4YlHmgJpZYLqMy6LwjxZBje93RLXcQwzvhQEzfprQY8ayYr d/FTKdL48rPk7hL9i4kD7TAaxCXQLwWNRFAXgGCmdZWmjKlte4saIdFvxFNVflgXQ6bE CTz6IH+tEe+AeCLA/ju6VVoIaURqK8piIx4OLcfUpOL6CYarOgGSQMKvstCACzxtdcdW GKFw==
X-Gm-Message-State: AC+VfDwarjfVP6gnauqjg6V9sEqSAH7FAui6MUh5G6Ua4ZfoOOXo2Yow LQaKcgoBcDdI8iA+3OzeFxxEnZP+89HKGKGa6o0=
X-Google-Smtp-Source: ACHHUZ7S2qy1BI9/D5SZFkDomC10+6YKduOzoyvk3SFhhqbAXYR2jTCTMZwf4AiCcapjIkZHBIQ1Qthn8kEgAlVzunk=
X-Received: by 2002:a05:6830:44a:b0:6b8:7e53:e7c3 with SMTP id d10-20020a056830044a00b006b87e53e7c3mr10068785otc.31.1688379379953; Mon, 03 Jul 2023 03:16:19 -0700 (PDT)
MIME-Version: 1.0
References: <20230619230040.632B2119F1@rfcpa.amsl.com> <CAA7SwCMEByOisYe+XddRvcfgwu7UFt7GmhMyLhHP876ijYxmdQ@mail.gmail.com> <5B78DE5C-E12E-459C-B469-26590439F200@amsl.com>
In-Reply-To: <5B78DE5C-E12E-459C-B469-26590439F200@amsl.com>
From: Cigdem Sengul <cigdem.sengul@gmail.com>
Date: Mon, 03 Jul 2023 11:16:07 +0100
Message-ID: <CAA7SwCN3sULswFQQ7-H+4tkneMRW5cGZX=H-XOFrzv78QBLv0w@mail.gmail.com>
To: Alanna Paloma <apaloma@amsl.com>
Cc: rfc-editor@rfc-editor.org, csengul@acm.org, anthony@anthony.org, ace-ads@ietf.org, ace-chairs@ietf.org, daniel.migault@ericsson.com, auth48archive@rfc-editor.org
Content-Type: multipart/alternative; boundary="0000000000003034e205ff92756c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/AN8XWcO2DRtLWXMHu2H8Hb5ayas>
Subject: Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-ace-mqtt-tls-profile-17> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jul 2023 10:16:25 -0000
Hello, Thank you for the revisions. I only have the following change: 2.2.5. Broker Token Validation OLD: i.e., a CWT token uses COSE, while a JWT token uses JOSE. NEW: i.e., a CWT uses COSE, while a JWT uses JOSE. The rest looks great, and after this minor edit, I approve this RFC for publication. Thank you very much for all your work. Kind regards, --Cigdem On Tue, 20 Jun 2023 at 22:56, Alanna Paloma <apaloma@amsl.com> wrote: > Hi Cigdem, > > Thank you for your reply. We have updated as requested. > > The files have been posted here (please refresh): > https://www.rfc-editor.org/authors/rfc9431.xml > https://www.rfc-editor.org/authors/rfc9431.txt > https://www.rfc-editor.org/authors/rfc9431.html > https://www.rfc-editor.org/authors/rfc9431.pdf > > The relevant diff files have been posted here: > https://www.rfc-editor.org/authors/rfc9431-diff.html (comprehensive diff) > https://www.rfc-editor.org/authors/rfc9431-auth48diff.html (AUTH48 > changes) > > Please review the document carefully and contact us with any further > updates you may have. Note that we do not make changes once a document is > published as an RFC. > > We will await approvals from each party listed on the AUTH48 status page > below prior to moving this document forward in the publication process. > > For the AUTH48 status of this document, please see: > https://www.rfc-editor.org/auth48/rfc9431 > > Thank you, > RFC Editor/ap > > > > On Jun 20, 2023, at 8:34 AM, Cigdem Sengul <cigdem.sengul@gmail.com> > wrote: > > > > Thank you for your email. Please see my responses below. > > --Cigdem > > > > On Tue, 20 Jun 2023 at 00:00, <rfc-editor@rfc-editor.org> wrote: > > Authors, > > > > While reviewing this document during AUTH48, please resolve (as > necessary) the following > > questions, which are also in the XML file. > > > > 1) <!--[rfced] To avoid awkward hyphenation, may we update the title as > follows? > > > > Original: > > Message Queuing Telemetry Transport (MQTT)-TLS profile of Authentication > > and Authorization for Constrained Environments (ACE) Framework > > > > Perhaps: > > Message Queuing Telemetry Transport (MQTT) and TLS Profile for the > > Authentication and Authorization for Constrained Environments (ACE) > > Framework > > --> > > > > I suggest: > > > > Message Queuing Telemetry Transport (MQTT) and Transport Layer Security > (TLS) profile of Authentication > > and Authorization for Constrained Environments (ACE) Framework > > > > > > > > 2) <!-- [rfced] Please insert any keywords (beyond those that appear in > the > > title) for use on https://www.rfc-editor.org/search. --> > > > > publish-subscribe, authorization information format > > > > > > > > 3) <!--[rfced] Please clarify; how does "and setting up the keying > material" > > relate to the rest of the sentence? Is it a second topic for which > > assumptions are made? Or, should "and" be "while"? > > > > Original: > > This document makes the same assumptions as Section 4 of the ACE > > framework [I-D.ietf-ace-oauth-authz] regarding Client and RS > > registration with the AS and setting up the keying material. > > > > Perhaps: > > This document makes the same assumptions as Section 4 of the ACE > > framework [RFC9200] regarding Client and RS registration with the AS > > and regarding the setup of the keying material. > > --> > > > > > > Suggested: > > This document makes the same assumptions as Section 4 of the ACE > > framework [RFC9200] regarding Client and RS registration with the AS > > for setting up the keying material. > > > > > > 4) <!--[rfced] Should this instance of "JWT token" be updated to read > simply as "JWT" to > > avoid redundancy (if expanded, "JWT token" would read "JSON Web Token > token")? > > > > Original: > > A JWT token uses JOSE, while a CWT token uses COSE > > [RFC8152] for security protection. > > > > Perhaps: > > A JWT uses JOSE, while a CWT token uses COSE > > [RFC8152] for security protection. > > > > Suggested (as the same argument applies to CWT): > > A JWT uses JOSE, while a CWT uses COSE > > [RFC8152] for security protection. > > > > > > > > Similarly, should "PSK key be updated to "PSK" (if expanded, "PSK key" > would read > > Pre-Shared Key key")? > > > > Original: > > To use TLS 1.3 with pre-shared keys, the Client utilizes the PSK key > > extension specified in [RFC8446] using the key conveyed in the "cnf" > > parameter of the AS response. > > > > Perhaps: > > To use TLS 1.3 with pre-shared keys, the Client utilizes the PSK > > extension specified in [RFC8446] using the key conveyed in the "cnf" > > parameter of the AS response. > > --> > > > > Yes, accepting the suggestion. > > > > > > > > 5) <!--[rfced] As "confidentiality" is not a term listed in RFC 4949 but > "data > > confidentiality" is listed, we have updated the list below accordingly. > > Please let us know if further updates are needed. > > > > Original: > > Certain security-related terms such as "authentication", > > "authorization", "confidentiality", "(data) integrity", "message > > > authentication code", and "verify" are taken from [RFC4949]. > > > > Perhaps: > > Certain security-related terms such as "authentication", > > "authorization", "data confidentiality", "(data) integrity", > "message > > authentication code", and "verify" are taken from [RFC4949]. > > --> > > > > Yes, accepting the suggestion. > > > > > > > > 6) <!--[rfced] Please clarify; what does "labeled with their topics" > > refer to? > > > > Original: > > The Clients are MQTT Clients, which connect to the > > Broker to publish and subscribe to Application Messages, labelled > > with their topics. > > > > Perhaps (if the Clients are labeled): > > The Clients are MQTT Clients, which connect to the > > Broker to publish and subscribe to Application Messages, and are > labeled > > with their topics. > > > > Or (if the Application Messages are labeled): > > The Clients are MQTT Clients, which connect to the > > Broker to publish and subscribe to Application Messages (which are > > labeled with their topics). > > --> > > > > The Or version is correct version and accepted: the Application Messages > are labeled. > > (This was written like this because MQTT v5 standard defines Topic Name > as > > The label attached to an Application Message which is matched against > the Subscriptions known to the Server.) > > > > > > 7) <!--[rfced] Should "Connection" be "Network Connection"? > > > > Original: > > If the Network > > Connection is closed without the Client first sending a > > DISCONNECT packet with Reason Code 0x00 (Normal > > disconnection) and the Connection has a Will Message, the > > Will Message is published. > > > > Perhaps: > > If the Network > > Connection is closed without the Client first sending a > > DISCONNECT packet with reason code 0x00 (Normal > > disconnection) and the Network Connection has a Will Message, the > > Will Message is published. > > --> > > > > It should remain as original. > > This was taken from MQTT v5 document: "If the Network Connection is > closed without the Client first sending a DISCONNECT packet with Reason > Code 0x00 (Normal disconnection) and the Connection has a Will Message, the > Will Message is published". > > The second "Connection" refers to MQTT Connection. > > > > Perhaps if unclear: > > If the Network Connection is closed without the Client first sending a > > DISCONNECT packet with reason code 0x00 (Normal > > disconnection) and the MQTT Connection has a Will Message, the > > Will Message is published. > > > > > > > > 8) <!--[rfced] Figure 1 has been widened slightly for readability; > > please review. Specifically, a single space was added after > > (C), (D), (E), and (F), which matches how (A) and (B) appear, > > and the second lines of labels were indented. The side-by-side diff > > file is here: https://www.rfc-editor.org/authors/rfc9431-rfcdiff.html > > --> > > > > This is all good. > > > > > > > > 9) <!--[rfced] Regarding Figure 2, may "Len." be changed to "Len" to > match > > other instances within this figure, or is this difference intentional? > > Also, will it be clear to readers how to read this diagram? Specifically, > > the "Authentication Method" and "Authentication Data" portions seem > unclear. > > --> > > > > > > Please change "Len." to "Len". > > The figure is explained in 2.2.4.2. > > Old: > > To use AUTH, the Client MUST set the Authentication Method as a property > of a CONNECT packet by using the property identifier 21 (0x15). This is > followed by a UTF-8-encoded string containing the name of the > Authentication Method, which MUST be set to "ace". If the Broker does not > support this profile, it sends a CONNACK packet with reason code 0x8C (Bad > authentication method). > > > > New: > > Figure 2 shows the Authentication Method and Authentication Data fields > when the client authenticates using AUTH property. The Client MUST set the > Authentication Method as a property of a CONNECT packet by using the > property identifier 21 (0x15). This is followed by a UTF-8-encoded string > containing the name of the Authentication Method, which MUST be set to > "ace". If the Broker does not support this profile, it sends a CONNACK > packet with reason code 0x8C (Bad authentication method). > > > > > > > > 10) <!-- [rfced] Please review the "type" attribute of each sourcecode > element > > in the XML file to ensure correctness. If the current list of preferred > > values for "type" ( > https://www.rfc-editor.org/materials/sourcecode-types.txt) > > does not contain an applicable type, then feel free to let us > > know. Also, it is acceptable to leave the "type" attribute not > > set. > > > > In addition, review each artwork element. Specifically, > > should any artwork element be tagged as sourcecode or another > > element? > > --> > > > > "cddl" type is correct for the artwork in Figure 8. > > > > Fig 9 should be tagged with "sourcecode", with type "json". > > > > There is no other artwork to be tagged as source code. > > > > > > > > 11) <!--[rfced] As "PINGREQ" is defined in Section 1.3, we have updated > > "PINGREQUEST" to "PINGREQ". Please let us know if further updates are > needed. > > > > Original: > > The Broker SHOULD check > > for token expiration on receiving a PINGREQUEST. > > > > Current: > > The Broker SHOULD check > > for token expiration on receiving a PINGREQ packet. > > --> > > > > Thank you. > > > > > > > > 12) <!--[rfced] Do you agree with these changes (added 'the', > capitalized 'Client' > > to match usage within the document)? If so, we will ask IANA to update > the > > description in the registry ( > https://www.iana.org/assignments/media-type-sub-parameters/) > > accordingly. > > > > Original: Permissions for MQTT client as defined in ... > > > > Current: Permissions for the MQTT Client as defined in ... > > --> > > > > That is OK. > > > > 13) <!--[rfced] Please clarify the last part of this sentence; > specifically, > > what does the "which" clause describe? Is it the transport tokens that > > the Broker may need to store until they expire? > > > > Original: > > If the Broker supports the public > > "authz-info" topic, described in Section 2.2.2, then this may be > > vulnerable to a DDoS attack, where many Clients use the "authz-info" > > public topic to transport tokens that are not meant to be used, and > > which the Broker may need to store until the tokens expire. > > > > Perhaps: > > If the Broker supports the public > > "authz-info" topic, described in Section 2.2.2, then this may be > > vulnerable to a DDoS attack, where many Clients use the "authz-info" > > public topic to to transport tokens that are not meant to be used > > and that the Broker may need to store until they expire. > > --> > > > > Yes, it is the tokens that need to be stored. Accepting the suggestion. > > > > > > 14) <!--[rfced] RFC 7525 has been obsoleted by RFC 9325, and RFC 8152 > has been > > obsoleted by RFC 9052. May these references be updated accordingly? > > > > RFC 7525 is cited once: > > For TLS 1.2, however, a client > > MUST support TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 for PSKs [RFC8442] > > and TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for RPKs [RFC8422], as > > recommended in [RFC7525] (and adjusted to be a PSK cipher suite as > > appropriate). > > > > RFC 8152 is cited once: > > A JWT token uses JOSE, while a CWT token uses COSE > > [RFC8152] for security protection. > > --> > > > > > > Yes, please. > > > > > > 15) <!-- [rfced] FYI, we have added expansions for the following > abbreviations > > per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review each > > expansion in the document carefully to ensure correctness. > > > > Concise Binary Object Representation (CBOR) > > JSON Web Encryption (JWE) > > --> > > > > Correct. > > > > > > 16) <!--[rfced] We have made the following terminology capitalized for > consistency. > > Please review this occurrences carefully and let us know if further > updates > > are necessary. > > > > Will > > Will Delay Interval > > Will Flag > > Will Message > > Will Properties > > Will Retain > > Will Topic > > Will QoS > > --> > > > > All capitalizations are correct. > > > > > > 17) <!--[rfced] Throughout the text, the following terminology appears > to be used inconsistently. > > > > a) We have updated to use the form on the right. Please let us know of > any objections. > > > > Control Packet / control packet > > Fixed Header / fixed header > > password / Password > > Payload / payload > > username / Username > > Variable Header / variable header > > > > "Control Packet", "Fixed Header", and "Variable Header" are capitalized > in the MQTTv5 specification and, therefore, were capitalised here. (Source: > https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html) > > > > Password - capital is correct. > > > > "Username" is "User Name" in MQTTv5, and would be good if we keep the > same field names exactly as the MQTT protocol specifies in their > specification. > > (I acknowledge that the original text did not do a consistent job of > that). > > > > b) Please review the terms below and let us know if/how they may be made > consistent. > > > > Session vs. session > > Subscription vs. subscription > > --> > > > > For session, the following need to be capitalised: > > Section 1.3 > > Old: > > A Subscription comprises a Topic Filter and a maximum QoS. A > Subscription is associated with a single session. > > New: > > A Subscription comprises a Topic Filter and a maximum QoS. A > Subscription is associated with a single Session. > > > > Section 2.2.4.1 > > Old: The Connect flags in the variable header specify the properties of > the MQTT session. > > New: The Connect flags in the variable header specify the properties of > the MQTT Session. > > > > Old: In MQTT v5.0, the Client signals a clean session (i.e., that the > session does not continue an existing session) by setting the Clean Start > flag to 1 in the CONNECT packet. In this profile, the Client SHOULD always > start with a clean session. The Broker MAY also signal that it does not > support session continuation by setting the Session Expiry Interval to 0 in > the CONNACK. If the Broker starts a clean session, the Broker MUST set the > Session Present flag to 0 in the CONNACK packet to signal this to the > Client. > > > > New: In MQTT v5.0, the Client signals a new Session (i.e., that the > Session does not continue an existing Session) by setting the Clean Start > flag to 1 in the CONNECT packet. In this profile, the Client SHOULD always > start with a new Session. The Broker MAY also signal that it does not > support the continuation of an existing Session by setting the Session > Expiry Interval to 0 in the CONNACK. If the Broker starts a new Session, > the Broker MUST set the Session Present flag to 0 in the CONNACK packet to > signal this to the Client. > > -------- > > Old: The Broker MAY support session continuation, e.g., if the Broker > requires it for QoS reasons. In this case, if a CONNECT packet is received > with Clean Start set to 0 and there is a Session associated with the Client > Identifier, the Broker MUST resume communications with the Client based on > the state from the existing Session. In its response, the Broker MUST set > the Session Present flag to 1 in the CONNACK packet to signal session > continuation to the Client. The session state stored by the Client and the > Broker is described in Section 5. > > > > New: The Broker MAY support continuing an existing Session, e.g., if the > Broker requires it for QoS reasons. In this case, if a CONNECT packet is > received with Clean Start set to 0, and there is a Session associated with > the Client Identifier, the Broker MUST resume communications with the > Client based on the state from the existing Session. In its response, the > Broker MUST set the Session Present flag to 1 in the CONNACK packet to > signal the continuation of an existing Session to the Client. The Session > State stored by the Client and the Broker is described in Section 5. > > > > Old: When reconnecting to a Broker that supports session continuation, > the Client MUST still provide a token in addition to using the same Client > Identifier and setting the Clean Start to 0. The Broker MUST still perform > PoP validation on the provided token. If the token matches the stored > state, the Broker MAY skip introspecting a token-by-reference and use the > stored introspection result. The Broker MUST also verify the Client is > authorized to receive or send MQTT packets that are pending transmission. > When a Client connects with a long Session Expiry Interval, the Broker may > need to maintain the Client's MQTT session state after it disconnects for > an extended period. Brokers SHOULD implement administrative policies to > limit misuse. > > > > New: When reconnecting to a Broker that supports continuing existing > Sessions, the Client MUST still provide a token in addition to using the > same Client Identifier and setting the Clean Start to 0. The Broker MUST > still perform PoP validation on the provided token. If the token matches > the stored state, the Broker MAY skip introspecting a token-by-reference > and use the stored introspection result. The Broker MUST also verify the > Client is authorized to receive or send MQTT packets that are pending > transmission. When a Client connects with a long Session Expiry Interval, > the Broker may need to maintain the Client's MQTT Session State after it > disconnects for an extended period. Brokers SHOULD implement administrative > policies to limit misuse. > > ------ > > Old: Note that, according to the MQTT standard, the Broker uses the > Client Identifier to identify the session state. In the case of a Client > Identifier collision, a Client may take over another Client's session. > > > > New: Note that, according to the MQTT standard, the Broker uses the > Client Identifier to identify the Session State. In the case of a Client > Identifier collision, a Client may take over another Client's Session. > > --------- > > Section 2.4.2 > > Old: If the Broker starts a new session, it MUST also set Session > Present to 0 in the CONNACK packet to signal a clean session to the Client. > Otherwise, it MUST set Session Present to 1. > > > > New: If the Broker starts a new Session, it MUST also set Session > Present to 0 in the CONNACK packet to signal a new Session to the Client. > Otherwise, it MUST set Session Present to 1. > > > > Section 5 > > Old: In the case of a Client DISCONNECT, if the Session Expiry Interval > is set to 0, the Broker doesn't maintain session state but MUST keep the > retained messages. If the Broker maintains session state, the state MAY > include the token and its introspection result (for reference tokens) in > addition to the MQTT session state. The MQTT session state is identified by > the Client Identifier and includes the following: > > > > the Client subscription state, > > > > New: > > In the case of a Client DISCONNECT, if the Session Expiry Interval is > set to 0, the Broker doesn't store the Session State but MUST keep the > retained messages. If the Broker stores the Session State, the state MAY > include the token and its introspection result (for reference tokens) in > addition to the MQTT Session State. The MQTT Session State is identified by > the Client Identifier and includes the following: > > > > the Client Subscriptions, > > ---- > > Old: > > * if the Session is currently not connected, the time at which the > Session will end and session state will be discarded. > > The token/introspection state is not part of the MQTT session state, and > PoP validation is required for each new connection, regardless of whether > MQTT session continuation is used. > > > > New: > > * if the Session is currently not connected, the time at which the > Session will end and the Session State will be discarded. > > The token/introspection state is not part of the MQTT Session State, and > PoP validation is required for each new connection, regardless of whether > existing MQTT Sessions are continued. > > > > (Note that Session State is capitalised in MQTT Spec.) > > > > Section 6.1 > > Old: The Client SHOULD set the Clean flag to 1 to always start a new > session. If the Clean flag is set to 0, the Broker MUST resume > communications with the Client based on the state from the current Session > (as identified by the Client Identifier). If there is no Session associated > with the Client Identifier, the Broker MUST create a new session. The > Broker MUST set the Session Present flag in the CONNACK packet accordingly, > i.e., 0 to indicate a clean session to the Client and 1 to indicate session > continuation. The Broker MUST still perform PoP validation on the provided > Client token. MQTT v3.1.1 does not use a Session Expiry Interval, and the > Client expects that the Broker maintains the session state after it > disconnects. However, the stored session state can be discarded as a result > of administrator action or policies (e.g., defining an automated response > based on storage capabilities), and Brokers SHOULD implement administrative > policies to limit misuse. > > > > New: The Client SHOULD set the Clean flag to 1 to always start a new > Session. If the Clean flag is set to 0, the Broker MUST resume > communications with the Client based on the state from the current Session > (as identified by the Client Identifier). If there is no Session associated > with the Client Identifier, the Broker MUST create a new Session. The > Broker MUST set the Session Present flag in the CONNACK packet accordingly, > i.e., 0 to indicate a new Session to the Client and 1 to indicate that the > existing Session is continued. The Broker MUST still perform PoP validation > on the provided Client token. MQTT v3.1.1 does not use a Session Expiry > Interval, and the Client expects that the Broker maintains the Session > State after it disconnects. However, the stored Session State can be > discarded as a result of administrator action or policies (e.g., defining > an automated response based on storage capabilities), and Brokers SHOULD > implement administrative policies to limit misuse. > > > > Section 6.2 > > Old: Therefore, the Broker will disconnect on almost any error and may > not keep the session state, necessitating that clients make a greater > effort to ensure that tokens remain valid and do not attempt to publish to > topics that they do not have permissions for. > > > > New: Therefore, the Broker will disconnect on almost any error and may > not keep the Session State, necessitating that clients make a greater > effort to ensure that tokens remain valid and do not attempt to publish to > topics that they do not have permissions for. > > > > Section 8 > > Old: After the Broker validates an access token and accepts a connection > from a client, it caches the token to authorize a Client's publish and > subscribe requests in an ongoing session. > > > > New: After the Broker validates an access token and accepts a connection > from a client, it caches the token to authorize a Client's publish and > subscribe requests in an ongoing Session. > > > > Old: For MQTT v5.0, when a Client connects with a long Session Expiry > Interval, the Broker may need to maintain the Client's MQTT session state > after it disconnects for an extended period. For MQTT v3.1.1, the session > state may need to be stored indefinitely, as it does not have a Session > Expiry Interval feature. The Broker SHOULD implement administrative > policies to limit misuse of the session continuation by the Client. > > > > New: For MQTT v5.0, when a Client connects with a long Session Expiry > Interval, the Broker may need to maintain the Client's MQTT Session State > after it disconnects for an extended period. For MQTT v3.1.1, the Session > State may need to be stored indefinitely, as it does not have a Session > Expiry Interval feature. The Broker SHOULD implement administrative > policies to limit misuse by the Client resulting from continuing existing > Sessions. > > > > ===================================== > > All "subscription" instances are to be capitalised to "Subscription" > with the following exceptions, which suggest additional changes following > MQTT specification: > > > > Section 3.2 > > Old: To forward PUBLISH packets to the subscribing Clients, the Broker > identifies all the subscribers that have valid matching topic subscriptions > to the Topic Name of the PUBLISH packet (i.e., the tokens are valid, and > token scopes allow a subscription to this particular Topic Name). > > > > New: To forward PUBLISH packets to the subscribing Clients, the Broker > identifies all the subscribers that have valid matching Topic Subscriptions > to the Topic Name of the PUBLISH packet (i.e., the tokens are valid, and > token scopes allow a Subscription to this particular Topic Name). > > --------------------- > > Section 3.3 > > Old: For example, if the Client sends a subscription request for topic > "a/b/*" and has a token that permits "a/*", this is a valid subscription > request, as "a/b/*" is a subset of "a/*". (The process is similar to a > Broker matching the Topic Name in a PUBLISH packet against the > Subscriptions known to the Server.) > > > > New: For example, if the Client sends a SUBSCRIBE request for topic > "a/b/*" and has a token that permits "a/*", this is a valid SUBSCRIBE > request, as "a/b/*" is a subset of "a/*". (The process is similar to a > Broker matching the Topic Name in a PUBLISH packet against the > Subscriptions known to the Server.) > > ------------------------------- > > > > > > > > 18) <!-- [rfced] Please review the "Inclusive Language" portion of the > online > > Style Guide < > https://www.rfc-editor.org/styleguide/part2/#inclusive_language> > > and let us know if any changes are needed. > > > > Note that our script did not flag any words in particular, but this > should still > > be reviewed as a best practice. > > --> > > > > This was reviewed earlier, and no issues are expected. > > > > Please let me know if i need to make further clarifications. > > Kind regards, > > --Cigdem > > > > On Jun 19, 2023, rfc-editor@rfc-editor.org wrote: > > > > *****IMPORTANT***** > > > > Updated 2023/06/19 > > > > RFC Author(s): > > -------------- > > > > Instructions for Completing AUTH48 > > > > Your document has now entered AUTH48. Once it has been reviewed and > > approved by you and all coauthors, it will be published as an RFC. > > If an author is no longer available, there are several remedies > > available as listed in the FAQ (https://www.rfc-editor.org/faq/). > > > > You and you coauthors are responsible for engaging other parties > > (e.g., Contributors or Working Group) as necessary before providing > > your approval. > > > > Planning your review > > --------------------- > > > > Please review the following aspects of your document: > > > > * RFC Editor questions > > > > Please review and resolve any questions raised by the RFC Editor > > that have been included in the XML file as comments marked as > > follows: > > > > <!-- [rfced] ... --> > > > > These questions will also be sent in a subsequent email. > > > > * Changes submitted by coauthors > > > > Please ensure that you review any changes submitted by your > > coauthors. We assume that if you do not speak up that you > > agree to changes submitted by your coauthors. > > > > * Content > > > > Please review the full content of the document, as this cannot > > change once the RFC is published. Please pay particular attention to: > > - IANA considerations updates (if applicable) > > - contact information > > - references > > > > * Copyright notices and legends > > > > Please review the copyright notice and legends as defined in > > RFC 5378 and the Trust Legal Provisions > > (TLP – https://trustee.ietf.org/license-info/). > > > > * Semantic markup > > > > Please review the markup in the XML file to ensure that elements of > > content are correctly tagged. For example, ensure that <sourcecode> > > and <artwork> are set correctly. See details at > > <https://authors.ietf.org/rfcxml-vocabulary>. > > > > * Formatted output > > > > Please review the PDF, HTML, and TXT files to ensure that the > > formatted output, as generated from the markup in the XML file, is > > reasonable. Please note that the TXT will have formatting > > limitations compared to the PDF and HTML. > > > > > > Submitting changes > > ------------------ > > > > To submit changes, please reply to this email using ‘REPLY ALL’ as all > > the parties CCed on this message need to see your changes. The parties > > include: > > > > * your coauthors > > > > * rfc-editor@rfc-editor.org (the RPC team) > > > > * other document participants, depending on the stream (e.g., > > IETF Stream participants are your working group chairs, the > > responsible ADs, and the document shepherd). > > > > * auth48archive@rfc-editor.org, which is a new archival mailing list > > to preserve AUTH48 conversations; it is not an active discussion > > list: > > > > * More info: > > > https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc > > > > * The archive itself: > > https://mailarchive.ietf.org/arch/browse/auth48archive/ > > > > * Note: If only absolutely necessary, you may temporarily opt out > > of the archiving of messages (e.g., to discuss a sensitive > matter). > > If needed, please add a note at the top of the message that you > > have dropped the address. When the discussion is concluded, > > auth48archive@rfc-editor.org will be re-added to the CC list and > > its addition will be noted at the top of the message. > > > > You may submit your changes in one of two ways: > > > > An update to the provided XML file > > — OR — > > An explicit list of changes in this format > > > > Section # (or indicate Global) > > > > OLD: > > old text > > > > NEW: > > new text > > > > You do not need to reply with both an updated XML file and an explicit > > list of changes, as either form is sufficient. > > > > We will ask a stream manager to review and approve any changes that seem > > beyond editorial in nature, e.g., addition of new text, deletion of > text, > > and technical changes. Information about stream managers can be found > in > > the FAQ. Editorial changes do not require approval from a stream > manager. > > > > > > Approving for publication > > -------------------------- > > > > To approve your RFC for publication, please reply to this email stating > > that you approve this RFC for publication. Please use ‘REPLY ALL’, > > as all the parties CCed on this message need to see your approval. > > > > > > Files > > ----- > > > > The files are available here: > > https://www.rfc-editor.org/authors/rfc9431.xml > > https://www.rfc-editor.org/authors/rfc9431.html > > https://www.rfc-editor.org/authors/rfc9431.pdf > > https://www.rfc-editor.org/authors/rfc9431.txt > > > > Diff file of the text: > > https://www.rfc-editor.org/authors/rfc9431-diff.html > > https://www.rfc-editor.org/authors/rfc9431-rfcdiff.html (side by side) > > > > Diff of the XML: > > https://www.rfc-editor.org/authors/rfc9431-xmldiff1.html > > > > The following files are provided to facilitate creation of your own > > diff files of the XML. > > > > Initial XMLv3 created using XMLv2 as input: > > https://www.rfc-editor.org/authors/rfc9431.original.v2v3.xml > > > > XMLv3 file that is a best effort to capture v3-related format updates > > only: > > https://www.rfc-editor.org/authors/rfc9431.form.xml > > > > > > Tracking progress > > ----------------- > > > > The details of the AUTH48 status of your document are here: > > https://www.rfc-editor.org/auth48/rfc9431 > > > > Please let us know if you have any questions. > > > > Thank you for your cooperation, > > > > RFC Editor > > > > -------------------------------------- > > RFC9431 (draft-ietf-ace-mqtt-tls-profile-17) > > > > Title : Message Queuing Telemetry Transport (MQTT)-TLS > profile of Authentication and Authorization for Constrained Environments > (ACE) Framework > > Author(s) : C. Sengul, A. Kirby > > WG Chair(s) : Daniel Migault, Loganaden Velvindron > > Area Director(s) : Roman Danyliw, Paul Wouters > >
- [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-ace-m… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Cigdem Sengul
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Cigdem Sengul
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Anthony Kirby
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Alanna Paloma
- [auth48] [IANA] Re: AUTH48: RFC-to-be 9431 <draft… Alanna Paloma
- [auth48] [IANA #1275931] [IANA] Re: AUTH48: RFC-t… Amanda Baber via RT
- [auth48] [IANA #1275931] [IANA] Re: AUTH48: RFC-t… Amanda Baber via RT
- Re: [auth48] [IANA #1275931] [IANA] Re: AUTH48: R… Alanna Paloma
- Re: [auth48] AUTH48: RFC-to-be 9431 <draft-ietf-a… Alanna Paloma