[core] Re: Orie Steele's No Objection on draft-ietf-core-oscore-groupcomm-27: (with COMMENT)
Marco Tiloca <marco.tiloca@ri.se> Fri, 12 December 2025 18:10 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: core@mail2.ietf.org
Delivered-To: core@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 8373F99C31C6; Fri, 12 Dec 2025 10:10:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=ri.se
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id imR6i30Reiew; Fri, 12 Dec 2025 10:10:23 -0800 (PST)
Received: from MM0P280CU009.outbound.protection.outlook.com (mail-swedensouthazon11011056.outbound.protection.outlook.com [52.101.76.56]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C322E99C31BC; Fri, 12 Dec 2025 10:10:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=F/zMyG8fpuYlUanR6c5sX19eh/MVYA+Qe0gbYkYaQcaVUNe19mvKyzWJkNe84OxOz4bXdEVSF2DFnF2PCo9X/nHF5oIAwyLWshvvFkd3G2+D6MBtis8ytdvFBHJ3PAYd85ls6o3CReEqrCrKP8ox3mfWOuKlpNldAFl9wWr4IUmGCoEec+D6hi3n7iVJV7OUoSB9BIMq9lAq/oIamwBFVE6opzsS7D091k08dL9+vu5bjumyoOf37kzna7RayhXy/3SXfhBczAjunbtsYEo3GpDyMFISl5cCd/idqzSqWI706I3x0Caw7jHtny40fh7nh4rVQKD3n5j3kbY6vdR4Og==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qmccYinI4VlBGMpDH3VMJq0C2+vSGhJ0/Q9gfSctuzc=; b=fcZp1b0eDPokD+Yga8mbbshwmUtLrp6JqC+La5X7JFnkBFnMM7yh6ii0R4wqTV3ghHFlOeChY/j5ALLmfOsxo7mKQqlraWyxo9GkViPd07bqBS7yIBMY8dh/hGSUXVegLB/e4QSFoY6Om8WqSxn/tk2BycL83z8Jp8YW0abFMfvn6eEDFNZtwtYGer0pdFI1kqRqqKHf7ZFNoKIXR/+gR5aEnfYe1+znDkg2EY8CVsA7VLtcRErf3OwmFwWETrdCNIlqxsYK5gqgSfBCf0jsxgo2yaCUG5+8IdQEuh2X42FTbWicOG08RsSzlpUt+3VFgBP2q5uSixd9Jag7aqo0Kg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qmccYinI4VlBGMpDH3VMJq0C2+vSGhJ0/Q9gfSctuzc=; b=orsGDET4KUdUvnzH/FjASXK4hFK8BWrpmmyAiZajdfeQCeH2uLcNT5bEdgQxaaY0l4IqJ274Dr2Wml/sQ00W03p1xV99jnXU0U9DlRfwmaaHg1ey3tSY5PfWi36oCLFsAKe+KMxMBRMcVfpo238ByJKnB5mRkUnLUc8IOSyaDKhBVnDMglI33CMAob+5AWW9WHPeQCGFuVQBs/pP36wrTOwwycfsh6M1/XYow/F6slZeEXFAilstqbwCrvF0zOSndJfq3Ycb9D+cph7KCvyhoyfTN2d/6ROOxgbBkFtyIaoA7HjGeQx6LRu8TLfAlmWpjIYKky6xZ17NIii+ISlgBA==
Received: from GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:11::7) by GV3P280MB0516.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:13::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9412.11; Fri, 12 Dec 2025 18:10:13 +0000
Received: from GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM ([fe80::660a:b243:998d:77df]) by GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM ([fe80::660a:b243:998d:77df%6]) with mapi id 15.20.9412.011; Fri, 12 Dec 2025 18:10:13 +0000
From: Marco Tiloca <marco.tiloca@ri.se>
To: The IESG <iesg@ietf.org>, Orie Steele <orie@or13.io>
Thread-Topic: Orie Steele's No Objection on draft-ietf-core-oscore-groupcomm-27: (with COMMENT)
Thread-Index: AQHcMw2wgzaA9dC2/EKwUijQWz0G0rUevhrm
Date: Fri, 12 Dec 2025 18:10:13 +0000
Message-ID: <GV3P280MB0450F2B29E434D047C748D8499AEA@GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM>
References: <175934867647.2754121.17712784948811532923@dt-datatracker-6c6cdf7f94-h6rnn>
In-Reply-To: <175934867647.2754121.17712784948811532923@dt-datatracker-6c6cdf7f94-h6rnn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_Enabled=True;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_SiteId=5a9809cf-0bcb-413a-838a-09ecc40cc9e8;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_SetDate=2025-12-12T18:10:13.312Z;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_Name=K2 Intern;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_ContentBits=1;MSIP_Label_680afd86-dcf7-4483-b9eb-5af1dcd104e1_Method=Standard;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GV3P280MB0450:EE_|GV3P280MB0516:EE_
x-ms-office365-filtering-correlation-id: 43989c46-4ff5-4eff-7aeb-08de39a9b258
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|19092799006|366016|1800799024|8096899003|38070700021|7053199007|13003099007;
x-microsoft-antispam-message-info: 7XdkZLdRRm5L95Qc9YPMUHLa36w6yoCih0yttqbPqIbkZ1T3drY9LmqnKMBLrUEeVpZaThO45y9U5qsgFxzQzuPa5HXuRWeiwekRppULfA+cZ4bYJzxSBE2ekVk+hdvp739nxIzuo9tx8KZj3xqOaG7JskeRIiZ7NBdDrA0n4HBt5Tl4U7yOCnBo4RIVuS9wDJRZTcOkkEa+DOnVGB94Qd4dfy8xLQvPNqr5H60cyNt3Cg8+2IEAghTcDyjeVNw30b1FNimkBFjW8URxflel3My/g1YPZFhlMWql4jQuUTlMhIhFKCVQOqsAvhQVxkv01IEJLGl9SYrg0zNQfgh4BFZizHTGYVUNCWTMB52UeET5bT73gPMiLnm+iwK5ggA2j2ciZf6otJVOk/qrCrHvK0EU8XNrTXxR+FxaNz+Zp2HoirNm6bcs+F7NX5Lyugrqz8hvx55CCMyWIe4MXcjzXmQRk17xEGjktVo6lsiREtWwtcOzRUqjbAfNm2G/hoJ1bolS1REOKU01+JhiDq4/MDyu0Q4TFt4kGfNzdmoQ2zhrjW1MqfomMegTJ+Z1boRS44qPZzgACi1w/cbYtZIOe//MCeAk+gUDlNILj4+/VXtxdEXqTlBPQr/fi4HUk2p/3JsO1/0tsSbcs0LYfu7EP5Jk9ubwt64pLHs4Q7o/iFZkVBTZQzb4KLHefKXVkLJx8u4wX5v1I9jWQFu+IF2MFTElL80g4M4KHL/gvG/wjI34xD0Ai5B+M9Z6gZfqaGAGbzXFUWQ4/zryXW27cqAwYRkc7177UTfUACNbTYyNJ7D237/9shHLOqkQWtt6aTtmwShZDz27GRkgGgohhGTD2C6aIpf9uwF8uh2KdGtoi7BNz9HT7bn8sN4ng3kEbLDyRFPnePwCQBA/ej1Bwx97EOFj4xc9fLT/UpYvq8w5FCwjIxxk445u+7CBtT5kdI/3K3f8L/iqeV2TAqgZtgVQzxyBGAMF4so3yCjYWbplHRP/aUNJc8BS0bLOUzRIuLgrb9p6NfBgs2UYfgrhYSwi/hLN1kSJ3ydJGBgfXSQ7gVlqRLRvdYp/fGlkZgvizCI4l0ueVqkGYVfebroRdOdVmq1cXY+MAgMojsOVdHhJ+lL0dFBdvM6pVpbJsNCGJOp1eJKY9awS+KAyce+6VYIShc5UtKNFwLAqXdmjTjsedSo/qjrsaljjO2Ldp6SEoZaPQS+hvaNDR01wqgZRJPZK5TalMvuwj6jDXCKUbORoZnxxvZEoenDKmJMH8p3Dmcsw6VsOp/yhgNyjPzkU4kpfjMaBmtTfCoDEOy5coUd8wT0yUpkbeJVAag69lGcKSMxhrgK8qL0HU/XCQuONqmzZv0mghbY1DjUKfEYnFozcgAwCf4kF7t0PSlgXWnGjqXDdEXGoXv2CFGxwGaiQW/PCf7eaJhsZVPh8Vf1UOtjPzUsUfY71iidmxfPdC6iHhbdudRCf6W3dRR45jRXDk3jMtg==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(19092799006)(366016)(1800799024)(8096899003)(38070700021)(7053199007)(13003099007);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: L46DSbjPUU0caq/P8uQPUfAwa4oVf6eggw0KeHVB5n4kL0j7J+R2rLq02m5gAD72rf0M0oAkU4zfBkLbRVUho8p5VD0ZIIfrA9D7OcJAk5IWzwb+HoIpf2GapAjQyrnyy0xLt0VOgiM2Rr45eLuaFxSrfxqUVn2v2X/e3CX/I7dB68HN05t5IAPtHnLCIu8HDQy5MNis/lG60m5k6MdDE6zHOqF7v6XfEVDoj0UQgJCADcCKN+ssh8LT/K6+ZuAs3cx2hiFLujWs6+jMYAW41rWXFT0/T6JXcFSlVhh7X2LNTBVUzAal7Ou7gNcUr9U18jgdRGClHv32ZoNANjWteWLaUbWCT2GZW2QNM4Jn97tPppG0w5+5hKbYFxqpxaKAqheIf3wSedkqmT0r+86qsCj8qHPlJxaYnjg45brTZ596yU95DZ8/hS3DUNwdTuQTPjdrrKBJnxMrjKvlUlSbjBu/v3NTcVWNlvUSsVBIk2GAbj15KYQVz2PC/Z6hy/Wy0nd7ac97pszYZx8gwCbFpV6MBORUHSh4JElvgq+N7ivQOh5nZNW3uUtwtT83tLnksEW4AeYaYBulToUyZxDCEEJhZmfVTiBfJmujiuiZokQW5vGX2J1p3rrSgsGOMJLdn+fayDu+JqEwTvuEjYRGPfV+rLQyoFcbXrQu42tsXsJRaQ/edggjEMjSn+10bMzkZzQHgdSLjGQhSRK/onzknyEhaX+iw1XQpNU8meXdbm88ixhqjr8iv5VIjfXCUDLEdZ1B5q9YGHSgET/sHwhhFf9h5WxhsBCdtBB6Nm0ygIANa/nua6EfPxgeAI4wKiXIa9zjpnlwdvdS93dNhKl0jIoFVe+5K5VN9tOVP8JmJYLddDaoMFJrh5SqMoT135kEo9zNP9mpzwxPHI75pCfuDYTKWhlK2GLBbWpyPeBKyI2SSSn5rJGyIPozF0jy3uwB5qapt52McTeTHav9RDOqE6pAV7jHa5puJObchtWgfBB2DWGhBmsKKMyW3+fYCJIwV+pMZhQk6SxC+82Nl51g53/xkBjB4hPvYYQoYfsnLGEc9juMSr001TFixtmPyMNTibK11OR3Drcr8/AohYKfWzHBao5bU1ZI5FTXe8039joZdz1+ag+EN/cpKr90C/7HUBoLMoL/jAsbwaMWxCBbep2qK5zv3ASpNP/8lFJVqCoCKvf9DCAyb3L2aKJCu6xCpeRu4In4IE1ivo+BIuSqLRLwUGkGt1AaHPEewcF1lBMKBW8JFVHd+rtgxfYznDbIeaWY+Hpd24ZVa4jDvsg/ULw0yMUCKvLU13sTkygx5csUwRKFXakQuXxV0LokMtXB3bzcnmrr/pVHezE15Uq+NduH9gvvWXyn7fIjkW34XvsYYjOxeK4XCoqpdZfqlz37NMbeqvJNWzS7BxlU0fDdEByYRo2TzJ+fpZf/0xapCVHVG/Cw73jYToIkt0z7elFAGMu7fUVrz1iOHnjakfjMH9C0i/i2m8Hw53N7MkwEBxs9vFl+C4nVKRq31T0t52i+ozEKwZ+oR1DF/qg92GpYKFXywiD1JxprGyF263pbMSs=
Content-Type: multipart/alternative; boundary="_000_GV3P280MB0450F2B29E434D047C748D8499AEAGV3P280MB0450SWEP_"
MIME-Version: 1.0
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GV3P280MB0450.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 43989c46-4ff5-4eff-7aeb-08de39a9b258
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Dec 2025 18:10:13.7035 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: f9t0x2KC2xROSWdwqkA214cgObkEJSvnUhgGZKctZ155RY9shg5LSdelvArXhWbULhn+ocIdP+0Xnna9iXt5vw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV3P280MB0516
Message-ID-Hash: LX63EBL7244XF5F3Q43J3BMKTR2Z53NV
X-Message-ID-Hash: LX63EBL7244XF5F3Q43J3BMKTR2Z53NV
X-MailFrom: marco.tiloca@ri.se
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-core.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-core-oscore-groupcomm@ietf.org" <draft-ietf-core-oscore-groupcomm@ietf.org>, "core-chairs@ietf.org" <core-chairs@ietf.org>, "core@ietf.org" <core@ietf.org>, "christian@amsuess.com" <christian@amsuess.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [core] Re: Orie Steele's No Objection on draft-ietf-core-oscore-groupcomm-27: (with COMMENT)
List-Id: "Constrained RESTful Environments (CoRE) Working Group list" <core.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/NZ225WmEM_nJ8YkFbyd-m94LpNI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Owner: <mailto:core-owner@ietf.org>
List-Post: <mailto:core@ietf.org>
List-Subscribe: <mailto:core-join@ietf.org>
List-Unsubscribe: <mailto:core-leave@ietf.org>
Hello Orie, Thanks a lot for your review! Please find in line below our detailed replies to your comments. A GitHub PR where we have addressed your comments is available at [PR]. Unless any concern is raised, we plan to soon merge this PR (and the other ones related to other received reviews) and to submit the result as version -28 of the document. Thanks, /Marco [PR] https://github.com/core-wg/oscore-groupcomm/pull/120 ________________________________ From: Orie Steele via Datatracker <noreply@ietf.org> Sent: Wednesday, October 1, 2025 9:57 PM To: The IESG <iesg@ietf.org> Cc: draft-ietf-core-oscore-groupcomm@ietf.org <draft-ietf-core-oscore-groupcomm@ietf.org>; core-chairs@ietf.org <core-chairs@ietf.org>; core@ietf.org <core@ietf.org>; christian@amsuess.com <christian@amsuess.com>; christian@amsuess.com <christian@amsuess.com> Subject: Orie Steele's No Objection on draft-ietf-core-oscore-groupcomm-27: (with COMMENT) Orie Steele has entered the following ballot position for draft-ietf-core-oscore-groupcomm-27: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807041367%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Xl%2FKWx0RPIX85mNA6ACa8JSOq4KfQtqJhOjAkT8lePc%3D&reserved=0<https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/> for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-core-oscore-groupcomm%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807061224%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fUqCG8h5LyBs4mnn%2FlPFPi7xlNAtkV3sRUqoXNlEKy8%3D&reserved=0<https://datatracker.ietf.org/doc/draft-ietf-core-oscore-groupcomm/> ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # Orie Steele, ART AD, comments for draft-ietf-core-oscore-groupcomm-27 CC @OR13 * line numbers: - https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fapi%2Fidnits%3Furl%3Dhttps%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-core-oscore-groupcomm-27.txt%26submitcheck%3DTrue&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807074685%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=%2BK4finErYttOLJrMRnxB59opl9X1rBTVDwbW1F8v6gM%3D&reserved=0<https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-core-oscore-groupcomm-27.txt&submitcheck=True> * comment syntax: - https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmnot%2Fietf-comments%2Fblob%2Fmain%2Fformat.md&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807087425%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=WvHuIEwbVJCo1B7k%2BnbusNA1tMlXdt3Q5APx9JeG3lA%3D&reserved=0<https://github.com/mnot/ietf-comments/blob/main/format.md> * "Handling Ballot Positions": - https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807100644%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=jC%2BONDsawIxXgJBM%2FZFS4zs0wMz%2BAGlGKdHKqgRu2cc%3D&reserved=0<https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/> ## Comments Thanks to Patrik Fältström for the ARTART review. The review contains security related comments which I am not in a position to comment on. ### public key algorithm is fully described? ``` 776 If authentication credentials are CBOR Web Tokens (CWTs) or CWT 777 Claims Sets (CCSs), the public key algorithm is fully described by a 778 COSE key type and its "kty" and "crv" parameters. ``` https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.iana.org%2Fassignments%2Fcose%2Fcose.xhtml%23elliptic-curves&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807113810%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=DhUUhbT41FmUpfshsZTVlwZJDzMSmPwuDD7vzLFQsHU%3D&reserved=0<https://www.iana.org/assignments/cose/cose.xhtml#elliptic-curves> Later: ``` 897 In case the other endpoint's public key has COSE Key Type "EC2" 898 [RFC9053] (e.g., for the curves P-256, P-384, and P-521), then the 899 public key is used as is. In case the other endpoint's public key 900 has COSE Key Type "OKP" [RFC9053], the procedure is described in 901 Section 5 of [RFC7748]. In particular, if the public key is for 902 X25519 or X448, it is used as is. Otherwise, if the public key is 903 for the curve Ed25519 or Ed448, it is first mapped to Montgomery 904 coordinates (see Section 2.5.2). ``` X25519 is curve value 4, but Ed25519 is curve value 6, both are OKP (good). However, P-256 is curve value 1, and supports many algorithms and is of key type EC2. > This document defines these algorithms to be used with the curves P-256, P-384, P-521, X25519, and X448. Implementations MUST verify that the key type and curve are correct. https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Frfc%2Frfc9053.html%23section-6.3.1-8&data=05%7C02%7Cmarco.tiloca%40ri.se%7Cdb3eb402e80242e7f7ad08de0124d16c%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638949454807129313%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=FetqLu46ka%2BKUigoHpDoPeDKS49IrbVxeg1xmsAcQ9I%3D&reserved=0<https://www.rfc-editor.org/rfc/rfc9053.html#section-6.3.1-8> I don't understand what "fully described" means in this context. A key type and curve do not fully describe a key agreement or signature algorithm in absence of additional information. ==>MT We have rephrased the quoted paragraph in Section 2.4 as below, also fixing s/COSE key type/COSE Key structure. OLD > If authentication credentials are CBOR Web Tokens (CWTs) or CWT Claims Sets (CCSs), the public key algorithm is fully described by a COSE key type and its "kty" and "crv" parameters. NEW > If authentication credentials are CBOR Web Tokens (CWTs) or CWT Claims Sets (CCSs), then a COSE Key structure and its "kty" and "crv" parameters identify the types of pertinent public key algorithms. For example: the pair ("crv" = X25519, "kty" = OKP) indicates that the public key is meant to be used with X25519 ECDH key agreement; the pair ("crv" = Ed25519, "kty" = OKP) indicates that the public key is meant to be used with the signature algorithm EdDSA; the pair ("crv" = P-256, "kty" = EC2) indicates that the public key is meant to be used with the signature algorithm ECDSA and/or with P-256 ECDH key agreement. For consistency, we have also made a minor fix in the previous paragraph of the same section. In that case, we are referring to a parameter that explicitly points to a precise algorithm by its identifier. OLD > If the authentication credentials are X.509 certificates or C509 certificates, the public key algorithm is fully described by the "algorithm" field of the "SubjectPublicKeyInfo" structure, and by the "subjectPublicKeyAlgorithm" element, respectively. NEW (emphasis mine) > If the authentication credentials are X.509 certificates or C509 certificates, the public key algorithm is **identified** by the "algorithm" field of the "SubjectPublicKeyInfo" structure, and by the "subjectPublicKeyAlgorithm" element, respectively. <==
- [core] Orie Steele's No Objection on draft-ietf-c… Orie Steele via Datatracker
- [core] Re: Orie Steele's No Objection on draft-ie… Marco Tiloca