Re: [Gen-art] [Ace] Genart last call review of draft-ietf-ace-oauth-params-06

Ludwig Seitz <ludwig_seitz@gmx.de> Tue, 07 January 2020 19:51 UTC

Return-Path: <ludwig_seitz@gmx.de>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48F3C12010E; Tue, 7 Jan 2020 11:51:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id InMx8zdpYpmg; Tue, 7 Jan 2020 11:51:41 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E2051200B3; Tue, 7 Jan 2020 11:51:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1578426697; bh=u4FWoyL1FokOFKhNw+wkhzKnyo8QG09ICH6sV+8frOc=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=jxh+uWQNrwxbfAi0qgSQmAjaL1aJHRW0jXA7Aa/2kdyVY54IoRQKYYDb0pIQArpEN glK21NjaX1m26L6DxysGwt4k2CRHsTimKiFgxbAgz4OzuFCxAQqPDoJiLP3uOqE3C7 OaKU2Rf0gRtzyvG1wi/yrtMtpr9NMzgw0O9k1alk=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.1.220] ([84.217.44.37]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MD9T7-1ixxJR3iy1-009A5e; Tue, 07 Jan 2020 20:51:36 +0100
To: elwynd <elwynd@folly.org.uk>, gen-art@ietf.org
Cc: last-call@ietf.org, draft-ietf-ace-oauth-params.all@ietf.org, ace@ietf.org
References: <E1ij5wt-0004Yd-1F@b-painless.mh.aa.net.uk>
From: Ludwig Seitz <ludwig_seitz@gmx.de>
Message-ID: <37d7eaf1-b408-f77a-40bc-d3a2a3559db7@gmx.de>
Date: Tue, 07 Jan 2020 20:51:35 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2
MIME-Version: 1.0
In-Reply-To: <E1ij5wt-0004Yd-1F@b-painless.mh.aa.net.uk>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:Ug1ethg04MxXI+y0u5WCetYTcq6PGrgZnNyELDBwZIwj7naXMSq 8MF4prodGDIYVUkjvii7Z7c3AtHbXeZ4s4tPe1BTn/EndrbFZePlk3er4J+tIpVSzOcQ++5 +HZXWvC1S0zBAJmd5sK/mNqHvkeLuym+RUC0SdSo6z3w/mid1UXs6hcoUCOcKU0tv5YexNq ixC0dWU/r2dd75pZ59BEQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:uWlTJtEtqfs=:1B+Pie11Aasyd+HLjxMKaC M/WZs/Vayb5vWPIbk64Lm6pXMeuHaY7Zk++nQKQJdDqA8rG3n3EE4yG3dqxD/QLHUlOUZdIcc cCfJaL1obUycFDyOw91c5VGEbtUYEuQNFtiztsNC+vZIPygAM8+Jz42CruGmZOa82hS1v/yZw W6l280JwhEY6e7xAsuyggv5UupXcD6tFK+Ezw4xGkj3BCAJu1bgk6wHleKQvrHRhMPj9ViqyU N1tF8r+UiA7i1L6sMXXNdZmU2mr2tQgnYkJSPSyBrSkLshaOD7liJ+8k435hajmFoxfS6I4W7 mbFIW7GKKfbu23CO+mHDuIZBXux7sw2qUSdeA5Bt9i2jaG35lm9NluWqTyjl6iBGfjki/Ft7g v+d9qxGfkAz/JDWH+wjpaU5MOJXoC0U5SpvAIq0NgjvwWmDXW6HULOZRnj5M5/I6CzrhgOYm2 PCmaotL2+tOuOIz16pUWxuuJhS/IM5sj93rJh+MdEeDhCS42B/wY66uzxoqWnmdMmvZuSwQM1 SgsuLt/tjVMqnsHKqBJg0Kb0bQ93PNZD7JWrMRihHaTGaadWfT2Wh/l/cQuPN1FTrr2kLoqld s6ZDAs9umbMH6/uPyBaFpZFDA3bV8od1SNcf2kNGAqgpDWWTZwl9o33z+irQR+Bkr9oPdXPzT pP147HX6ryDV0Cldtul1W89xUA8LCcbyzUHo1ysCH3U6bHNuWdG6UqWzv+QTNSetLZlt9vinV T/0+OapPflZUueCIzCR3RLFaC+ejxXEXYU1kBFTFaGHntQKSUr7EOvY0mDZbZSUfxKPumtrk/ /ML0porupset4QaysLUR3jD4LyERY6F8ZgKMpxj8vBzqgwGoTS/g5/PJ2kcnwMDdu/FkWlwqK bSyOqbi7fiSGbGI9Vb67FtxYZ/5779WwA3OJ/1Uler/HvbQUdRB5zaz2xleT+RUpTQXuGvXrF HCgaegTF3jxfO6lxEazKQe/u9T4O/F8xam19AmUFj67l7DQRco9mVYPw+JIp9RVZ36IjFgdeL qivHLadS2SKd+gOf5MzRaV1BZzPGNj1W6TKM39yfZBuV5dS4nrFsoPjQYI6wEEi/GFjQPT1sd /i/lPQKBzKF3GBOFr8fW1lNThvxjyHS+xnDPgcbW9BEuJcmRNdg5VgMJAj7sIwDLsn7wzl3oG gOBwY5wqfihy06EzwCaicJjW/XFcu81GgBC5m0XCo8y3uerjhCLRyRxiUQb337Mk1YC8sHr4q NGbyGsdCVj/tUt3ImcTK6MTgsd1Yv0eoAXkxpArFPNWVzWl//Pb89p6MIRV0=
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/UfuvyTlfnw2NvoNnASYLvR1rXbs>
Subject: Re: [Gen-art] [Ace] Genart last call review of draft-ietf-ace-oauth-params-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jan 2020 19:51:43 -0000

On 2019-12-22 19:27, elwynd wrote:
> Hi, Ludwig.
>
> Having had another look at section 3.1 of
> draft-ietf-ace-cwt-proof-of-possession, technically the rules about
> which keys have to be present are not part of the syntax of the cnf
> claim.  The point can be covered by changing '"syntax of the 'cnf' claim"
> to "syntax and semantics of the 'cnf' claim"
> in each case.
>
> However, the second look threw up another point:  Figure 2 in s3.2 gives
> a Symetric key example  - I think this should use an Encrypted_COSE_Key
> (or Encrypted_COSE_Key0) as described in section 3.3 of
> draft-ietf-ace-cwt-proof-of-possession.
>
> Otherwise I think we are done.
>
> Eventually we will get to Christmas!
>
> Cheers,
> Elwyn
>
>

Hello Elwyn,

I hope you had a merry Christmas and a happy new year's eve.

I have updated the draft to -10, fixing the phrasing to your suggestion
from the first paragraph above in various places (and an issue that came
up during IANA review).

Given my argument for not having the encrypted COSE_Key in figure 2 I
left that part as it was. Please indicate whether this is acceptable
with the given explanation.

Regards,

Ludwig