Re: [core] [CoRE] Working Group Last Call (WGLC) of draft-ietf-core-target-attr-01

Esko Dijk <esko.dijk@iotconsultancy.nl> Mon, 20 February 2023 09:25 UTC

Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44236C1524DB for <core@ietfa.amsl.com>; Mon, 20 Feb 2023 01:25:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancy.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gf9KYHjVoS-0 for <core@ietfa.amsl.com>; Mon, 20 Feb 2023 01:25:21 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2131.outbound.protection.outlook.com [40.107.21.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7C48C1524AC for <core@ietf.org>; Mon, 20 Feb 2023 01:25:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GSYPVkEzayVmZ8jsN0dCGGg2c+N8nOav+RmVtf+wQdM50fhvyRIYtXyf5+jLjRq0onDE4CsP54cBFVLn12FNx5JOUDXvBIKxIPEOHfq96c3FvXn1S8q6RBaA05r1ZCkV/y6iqgMpopsvCdsLB0bJjFaqfZ2i01TUQK77mHLM1JQuY0SWePnDWT+zBwajX9XSdzjzcaLWXF5M6743FLlJefYn2uFCGkjrIG8voja8x7/rAnq0br13ek/gRPV1D5OzeOO1eczXP2O1BcYMp5FXTjb1FSaTpnWHIYPxbCnsY5044Y8mpwsI/Z1hrEglQ0Y78L1bnh4F3pVcbCXKalgAwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=n+Vpmi+22V+KApKObPFQgm6TNmAlwBPyYijzIl8dtYk=; b=XQDN8qt3gSjHZVwxVHEi/ouykPzinhlHNkU0j8hppCsZjAr/qcIlqxneo1QJFRwpuPlSejvEl29CMwN3NT386s3cIIst4AqZNCImRmWbBOiuRO5Tz+3FDmM94OpATxG29kNw8PcNnz/jUQZHuVjq0FUsepVrnSr61cHgLHM6+tXLB60kLAFXKt0lqoKFaLIhdw0BZ26e9kECorN2X4PXXvOHDMY363vWOWnbywsMFpcY60Hej2sAKeQlw4sYv6VQb118GOMt1vrC9SnE+Dp2r/oGPTYSkG77/YhTiQ3NWT17Hy9kdFsV229t6OUXi+f9c1rhvLb3j7b0QK/K6E0Ajw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=iotconsultancy.nl; dmarc=pass action=none header.from=iotconsultancy.nl; dkim=pass header.d=iotconsultancy.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancy.nl; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=n+Vpmi+22V+KApKObPFQgm6TNmAlwBPyYijzIl8dtYk=; b=BJvBTeATt33RYvvBJD0J7kv5qUJ/Z6vjpu1tASWZoPSBRmXdhCeqNKNZqgYmcDausEoaaTJln3LWl6bmt6LlKfJR0guHq0uA4TwYgVFonLl4vVhlrzOqCxQ+lFGXpQ/Vm8Sg/cyC9m1VuKiuxDXPK9HtWgHvn6nWmp+9ZH1rH+g=
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:3b9::20) by DB9P190MB1770.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:324::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.18; Mon, 20 Feb 2023 09:25:14 +0000
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::491a:6a13:eba4:e991]) by DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::491a:6a13:eba4:e991%8]) with mapi id 15.20.6111.019; Mon, 20 Feb 2023 09:25:13 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: Thomas Fossati <Thomas.Fossati@arm.com>, Marco Tiloca <marco.tiloca=40ri.se@dmarc.ietf.org>, "core@ietf.org" <core@ietf.org>
Thread-Topic: [core] [CoRE] Working Group Last Call (WGLC) of draft-ietf-core-target-attr-01
Thread-Index: AQHZQGaXg25hgFDuWkWijIhRJYBR6a7OZ+uAgAkscwA=
Date: Mon, 20 Feb 2023 09:25:13 +0000
Message-ID: <DU0P190MB1978C4F3E4D2F3EECA6BBEEBFDA49@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
References: <a1d15c56-c447-ac5a-6c6c-40a1780f748c@ri.se> <DB9PR08MB65241EE57923384B5B5B646C9CA29@DB9PR08MB6524.eurprd08.prod.outlook.com>
In-Reply-To: <DB9PR08MB65241EE57923384B5B5B646C9CA29@DB9PR08MB6524.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=iotconsultancy.nl;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU0P190MB1978:EE_|DB9P190MB1770:EE_
x-ms-office365-filtering-correlation-id: 3122b42d-9b5e-46bf-30af-08db13245f24
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: zkCCdGlCfRVcg4qgSXvq+aVwBXQpXDLKSPj+TYR6FwVor3UVBbRVyib1md4cp3k0tZ474mH9fkHwFbDZTMK9SgmQgMCW83TvDgFluGd/AW8h2KxQ+8kCj4ssSiVtyzyg9psKSTKo1JG+B2KPSQW59yaBoeTMHJ2lG79jL5GkXCY83xZcKaIF5H8coui4mx8Te9UyA8eqoE+pnKkgJ9miX6oyoZgBFnVAeW+kXc3SxT4a2iNCZJhHFOWtTa+72Et2bBZWUmnstkmqcrwLTMcj7pzobz3vzwhzA5N5WFJdzaTZ3O73XFYlM3igT2BcaeGyX2cd+poxHVG6bdQwUh9ZVhOA5t2XhRBJWjuulWoJnhK6aYxJHbcvJSg44zdHLgy/k0J1WtxSpvicsLuAbK4WIF7lUclQxoHiQaj6IXa/9kwXOBHNyqLD4PcSlmV/kNaz4n1ZoYKReBW2TBcNZ9i7EifW1H38zIFKjStypGIX4Zu4t6Rsx/BJM+aPcED1xXw4zrO/P3Et5exF6+yUBCOeCcTxdknqIhze0kwpLmaqV4eLUmlm7wib5xi8sszic5FXM9ll1Jix2I8uAhJV1yLZ2ZdL3rP9KzXSv16RrO0c/AzOsaV2e6MONfVZWF6U4Bp4uVphvuamwvWT2q/ytJCNdw6mYWJTHnVdKnnOze0ZNSyz5ckoOO/aoUQYSNHoRMUz
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0P190MB1978.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230025)(136003)(376002)(366004)(396003)(39830400003)(346002)(451199018)(9686003)(26005)(186003)(53546011)(966005)(110136005)(478600001)(83380400001)(71200400001)(6506007)(7696005)(316002)(66556008)(66476007)(8676002)(41300700001)(2906002)(8936002)(66446008)(64756008)(38100700002)(52536014)(76116006)(21615005)(122000001)(5660300002)(44832011)(66946007)(166002)(86362001)(55016003)(38070700005)(33656002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 18HJyWS3jWQwG69W/Ne2p5pv8C6d46P/+UWYJKVNFN9Cpi5ST2jd7MZyeLtpvxzuAt/5sZa+KeeRe65D9TJoTTvgEX7q+28J3f6gyIkkR/+xmxXiZtiUHWweBdTPOq0PzeO3ci3/xmqvY/ISQAKHn68brcd2A6FJKyTrDlbTBqxSNwBwh3Ln4qpxmzFFe15di5RaDLgW0X6twC+58RZKTgxICnVtAM0NzKET39ijgVswMhw7+yJ81AeDSRqAY/8FmGub8B02bi82g1QSbf0ikPYVQbOf8i5W/POfvyTwr8J5ckuBWRSni/9ZhwAUafyPIh5vPdwHs7t8K/lfagTxy1sJ1UHmXONTojHfBLjFop2LxpIHb6hlWa0ZBp13PTHyXHOv6RNai+NBWXztYraSaOYIuPF95PI5nsBMVvuhG+WDGvxfOSVuYWGAJhPz4ybJ5p1C/azgg8C3Rc6ORqHohp85qZadtUDiUWSNquEh/NB5X7dCw2yijU2dvj2Wu5Q+XbumOxLPqZzx9dOCTfEoiqVCwx3BOKmsArDUGh1NmUsB7++i67u84bHYie183Iz5ls1mVSv0BgGhLF9VUe+g9hz91s1GxAYvRZleiN6J2bEVlcMrQWSJYEdxaXBzoi26R4Lh12fDLZvoUWCpnL6TicDph8Yhfsj3APaliy9zFV7isKX5DtdVBFHKj2Fdu7frmDfSNhxOxEU7NcbVw8teggk8zP+hBWdqHpqfLebiYpQ+Yjr7Js+TiqOyZwr0ZHStGzg0+ft52IcURzp0hemNq8aDGLSAD0owYWIKO0Bc/ve0/ONs9qTocKPg3T+/EeUUm/IGtDUMhF9S72KPjOD3R6N4nVb4uFVXDxaJ5b/EHxw9Lxc4lVo8rQQQcoJ07YRYHUxgf1XF75npBMLMn1oErf1CcwRwFVXeRn1Rf5ihS/tVWMY10L9ReTuXs/ERU2UMbKh8l/hSQwxVnXqKHImAdPL5+3uW5LylisiJhU4GKS6GnzjjPHiNgvHB4OLnccumYuCl8jtKnP2frkhFuit1+Q9L+IRa60duCpBY9+uouJPLoF8jAFAAyfeP+y3PxsEeGqgQLqVQIn2sN/QfZqtJUruH3TkkZqto2Dke/URywD05XqG3iZ4EV0pkDEebkNDWBRwfxXHG/iqXyphotdH5D37g8ImMC+AP1/K8nugHD1J8mBaTa77YkueRA6zwhlZ2LGLjEMEA5XhOk0wsO10wk+Pdcay09/jQcN+fr3bbBUvy5V/S48ajukxJqS5kblHsthOAChVYX0V6VlTFY4TC1Dl8AB2982Y/7Xv28vQg4EPyo2aJcYu46j+BIf592RiPPIk5BmQO3ggyIe/71QZpM8I/1EHekLlotSSWd51zV0yjNON3s0or97Yj7vyw0QEqjHbOxa4MzTueL8tArwJs43p4n/eTFhziVdclI0dnvNeD8DIn2I34KoySw2PmLBUTqD3Y1+bdrg53gs6tsvSpajRP47zBiUPhmDLM04f0Oo9eNOKV4oyu4CEQ0+6zmNxrBFB+NQCbrVlIT4JplFCwjyhIKfwIWirzmS3ol/5wcOT/yrfg1OgJTwfmM6axKk5ohJmzHfbCJCCQguiECQ5syA==
Content-Type: multipart/alternative; boundary="_000_DU0P190MB1978C4F3E4D2F3EECA6BBEEBFDA49DU0P190MB1978EURP_"
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0P190MB1978.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 3122b42d-9b5e-46bf-30af-08db13245f24
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2023 09:25:13.8858 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GhcWrYezjT9x8G6XZQ4P/pY9GxUEsIc0wP5VdA72H2a1yp44AWRMeg17c0NQCvp6kmTtgghRBdSTnqyjBhEzwL47WjHl2I/R5QGSj+vE1oE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9P190MB1770
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/4swN_qLoj5Bl0rmEV3YJOwh-gMI>
Subject: Re: [core] [CoRE] Working Group Last Call (WGLC) of draft-ietf-core-target-attr-01
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Feb 2023 09:25:26 -0000

Hi all,

I also reviewed and the document looks almost complete.

Two suggested fixes:

Section 5 of [RFC8075]
-->  Section 5.5 of [RFC8075]

"-- Carsten"
-->  this was probably meant to be removed ;)

And one question on "security considerations": should the designated expert perform any security-related review task? If yes, we should describe it. If not, we may clarify that's up to the requester to consider.
As an extreme example if someone wants to register an attribute "password" that stores a plain-text password for access to certain resources.  It may be ok if the link format is accessed over (D)TLS.
If the targeted use is in plain unsecured discovery, it may not be a good idea. Should the expert consider this and maybe other security aspects?

Regards
Esko


From: core <core-bounces@ietf.org> On Behalf Of Thomas Fossati
Sent: Tuesday, February 14, 2023 14:01
To: Marco Tiloca <marco.tiloca=40ri.se@dmarc.ietf.org>; core@ietf.org
Subject: Re: [core] [CoRE] Working Group Last Call (WGLC) of draft-ietf-core-target-attr-01

Hi Marco, all,

The document is in great shape (*), all seems very reasonable and well thought out.
I support moving it forward - and adjusting the registrations depending on the relative speed of the OSCORE drafts.

Cheers, thanks!

(*) Apart from a couple of editorial nits in the Introduction:
- The redundant "(Please see abstract.)"
- A not very well anchored parenthetical "(See also Section 2, Paragraph 2.)" that's not clear about what the reader is expected to find in the referenced text.



On 14/02/2023, 11:22, "core" <core-bounces@ietf.org<mailto:core-bounces@ietf.org>> wrote:

Dear all,

This email starts a Working Group Last Call for the document:

https://www.ietf.org/archive/id/draft-ietf-core-target-attr-01.html
(CoRE Target Attribute Registry)

The document status can be found at:
https://datatracker.ietf.org/doc/draft-ietf-core-target-attr/

Please provide your comments and feedback by Tuesday, 2023-02-28 to core@ietf.org<mailto:core@ietf.org> or, exceptionally, to core-chairs@ietf.org<mailto:core-chairs@ietf.org>.
Having the feedback on the mailing list will allow us to discuss the results at the CoRE interim meeting on 2023-03-01.

Note that it may be the easiest way to submit editorial nits etc. as pull requests at the working group repository https://github.com/core-wg/core-target-attr

Best,
/Marco

--

Marco Tiloca

Ph.D., Senior Researcher



Phone: +46 (0)70 60 46 501



RISE Research Institutes of Sweden AB

Box 1263

164 29 Kista (Sweden)



Division: Digital Systems

Department: Computer Science

Unit: Cybersecurity



https://www.ri.se
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.