Re: [Gen-art] [Ace] Genart last call review of draft-ietf-ace-oauth-params-06

elwynd <elwynd@folly.org.uk> Wed, 08 January 2020 13:47 UTC

Return-Path: <elwynd@folly.org.uk>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3D2B1200F6; Wed, 8 Jan 2020 05:47:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OWdvF26EgJ40; Wed, 8 Jan 2020 05:47:26 -0800 (PST)
Received: from a-painless.mh.aa.net.uk (a-painless.mh.aa.net.uk [IPv6:2001:8b0:0:30::51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94F8C1200C5; Wed, 8 Jan 2020 05:47:26 -0800 (PST)
Received: from 7.5.e.9.2.3.d.7.0.b.e.4.1.1.4.7.1.0.0.0.f.b.0.0.0.b.8.0.1.0.0.2.ip6.arpa ([2001:8b0:bf:1:7411:4eb0:7d32:9e57]) by a-painless.mh.aa.net.uk with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <elwynd@folly.org.uk>) id 1ipBJe-0005o0-Al; Wed, 08 Jan 2020 13:24:06 +0000
SavedFromEmail: elwynd@folly.org.uk
Date: Wed, 08 Jan 2020 13:23:59 +0000
In-Reply-To: <37d7eaf1-b408-f77a-40bc-d3a2a3559db7@gmx.de>
Importance: normal
From: elwynd <elwynd@folly.org.uk>
To: Ludwig Seitz <ludwig_seitz@gmx.de>, gen-art@ietf.org
Cc: last-call@ietf.org, draft-ietf-ace-oauth-params.all@ietf.org, ace@ietf.org
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--_com.samsung.android.email_15289106259012960"
Message-ID: <E1ipBJe-0005o0-Al@a-painless.mh.aa.net.uk>
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/lbi1NSksbpQrSYHcg55uXcZqv6g>
Subject: Re: [Gen-art] [Ace] Genart last call review of draft-ietf-ace-oauth-params-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2020 13:47:29 -0000

Sent from Samsung tablet.
-------- Original message --------From: Ludwig Seitz <ludwig_seitz@gmx.de> Date: 07/01/2020  19:52  (GMT+00:00) To: elwynd <elwynd@folly.org.uk>uk>, gen-art@ietf.org Cc: last-call@ietf.org, draft-ietf-ace-oauth-params.all@ietf.org, ace@ietf.org Subject: Re: [Gen-art] [Ace] Genart last call review of
  draft-ietf-ace-oauth-params-06 On 2019-12-22 19:27, elwynd wrote:> Hi, Ludwig.>> Having had another look at section 3.1 of> draft-ietf-ace-cwt-proof-of-possession, technically the rules about> which keys have to be present are not part of the syntax of the cnf> claim.  The point can be covered by changing '"syntax of the 'cnf' claim"> to "syntax and semantics of the 'cnf' claim"> in each case.>> However, the second look threw up another point:  Figure 2 in s3.2 gives> a Symetric key example  - I think this should use an Encrypted_COSE_Key> (or Encrypted_COSE_Key0) as described in section 3.3 of> draft-ietf-ace-cwt-proof-of-possession.>> Otherwise I think we are done.>> Eventually we will get to Christmas!>> Cheers,> Elwyn>>Hello Elwyn,I hope you had a merry Christmas and a happy new year's eve.I have updated the draft to -10, fixing the phrasing to your suggestionfrom the first paragraph above in various places (and an issue that cameup during IANA review).Given my argument for not having the encrypted COSE_Key in figure 2 Ileft that part as it was. Please indicate whether this is acceptablewith the given explanation.Regards,LudwigHi, Ludwig.Yes, we had a pleasant festive season - Hope yours was good also.The -10 draft looks good.  Regarding the symmetric key in s3. 2/Figure 2, I think it would be worth adding a sentence to point out that one might have to use the encrypted form per proof-of-posession draft if the overall message was not encrypted (as in it is in the oauth usage).Cheers,Elwyn