Re: [Last-Call] Artart last call review of draft-ietf-ace-key-groupcomm-17
Marco Tiloca <marco.tiloca@ri.se> Fri, 15 December 2023 16:32 UTC
Return-Path: <marco.tiloca@ri.se>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DFB5C14CEFF; Fri, 15 Dec 2023 08:32:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gzLUmAMR70Zl; Fri, 15 Dec 2023 08:32:19 -0800 (PST)
Received: from GVZP280CU001.outbound.protection.outlook.com (mail-swedencentralazon11011004.outbound.protection.outlook.com [52.101.75.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12428C14F61F; Fri, 15 Dec 2023 08:32:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cq6PKpb4BRKQe1hWNv/HSyNBZo4iyH3FaTjpITbgwW8HJLxcQpoZZUwYwJJtU3GnutsG9sUzW1Tih+N0MN1VY09hvE0jumB+TkErNRfMob/elyu43lTpRbw+6lzDmhVgccUtM/l0SqN03SfQeSJWnMkfEFHyut3bi21dT4C8hVMuO0Wc2fwE4PZvHIby512tf+sNy+aiQoDghBv09upnVGpui0DBSW41KSXVbICjWu5BewbLsrXz5va7rId/1kjME9VmC8QuyGuyteP2gHQm/E38YRUpCZ5T1PgBvOF9Xjl4vU93u/4Vzvq2YmYIVux1+LIJL0DkJ6HhCO+j9vHEjA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mXy9zED+2PCAronKcNDrlOG/TX+sdG0Rf0nrBdcsq/k=; b=daXacW4azcbKwvuF5JUaXWm6UySMSojgoPaQdU/grT2qPlNEGmZS8wPlnRtqPku+gs3Fi4y137rXOKT4xmVdBdKS0wnbAdyJYvx3wt3kqwyj/9npvTFTGkqKWWr6TeDoMXbmRp/2NTS7uwFK6o1z7iNcsu46DURitgvMlF+u3bwAXIzHNxWDQ1SVClyIyyO8Cd52T88GWCaFwz/jgGvyWoqdXqlyG+Tj/75VeNGXUlZSGwxogIUmmdb6GTNZvtLWkIdVBjVTM8z+gZIge2e54purKy1tSwMz2mhb37TRiT5nVzXsKE0sgEe6czqiUmO2l8lDmkdL0nDz6DjF0OSIeA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mXy9zED+2PCAronKcNDrlOG/TX+sdG0Rf0nrBdcsq/k=; b=LlhoiWRIytA4J3BJXl2Yl3WiXTDvP6efe1os1YDfzeTRlSXKFWp45ypAzPLxnCpmAdcGfR4IDHSmpDTe1vCF3GsY/2E754M8GGfeJTEHRvKxbaZW2B9E8kliGJS/66iOPoNaye7XoH0roZcyaZxwUQuVNfQzvrFu8fvN+h6bHmQ=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17) by GVZP280MB1088.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f4::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7091.31; Fri, 15 Dec 2023 16:32:09 +0000
Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::49f4:9d27:4b68:cdab]) by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::49f4:9d27:4b68:cdab%4]) with mapi id 15.20.7091.030; Fri, 15 Dec 2023 16:32:09 +0000
Message-ID: <67acf44f-957d-44c6-94a7-e1c8547ac895@ri.se>
Date: Fri, 15 Dec 2023 17:32:06 +0100
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Henry Thompson <ht@inf.ed.ac.uk>, art@ietf.org
Cc: ace@ietf.org, draft-ietf-ace-key-groupcomm.all@ietf.org, last-call@ietf.org, Francesca Palombini <francesca.palombini@ericsson.com>
References: <169877066166.56352.11874088366876033165@ietfa.amsl.com>
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; keydata= xsBNBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAHNNk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPsLAdwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzzsBNBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAHCwF8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
In-Reply-To: <169877066166.56352.11874088366876033165@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------av2FBbjbZHOWh0gwcecGpze2"
X-ClientProxiedBy: FRYP281CA0017.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10::27) To GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: GVYP280MB0464:EE_|GVZP280MB1088:EE_
X-MS-Office365-Filtering-Correlation-Id: b88c2b8b-cc06-4556-7a23-08dbfd8b624a
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: XeP3X2UEcbTpDrsYR0/G3MYKp3sCoxMccg54TZ18B74CBatFK8prEhzwuUImt42dFvX/I7lsGGTtsIr860a+bK+MOpXZ8Nkq46ztxORRToXRuC6Z5ij2/4lbrPGAvA/ooGNGqMz032ycgpL07J988IRh30l26ydw3WCxwjWmpGnfRVPf2smVg+ZW7YQWq5iTAgvXKrt4Ma+MMxgCvSe8euoADh+ev1KIbyjUxndCjIxNy9dI2NfLjYhoOe4c0XzF5GetX/tTqgCeOFTmFWJxAEaPCAyPCcJZAZFKj6j3GD+kWlZY0UxaZY8beTU6hatC69NjcN5dPGEVfliHsaOQPGjzCcel4D1oN9P5yvila5wkPsC9bNjQiLOqC8CaeXekZbfkWOOD0Lsn1wfQBtz/TMKuR0VtcEfdwV2mCCdEwvyaQSpBp/Kj2S8CXQ9Y+rGAh/TicOzHSveautafDMcKtF7MRsY/MMkumf/2xSnza1Z32mnqRrm5LDaXYlOr5xkidn6VkNc/xySAbIK3ouQYCnTysk6Oy5l/VnJzQyD3OfSRsju83DRDBtBaYLosBuAm5ueiyg6O+rZPsiJaHRfomiCNHCF0MiZYMLJAhyqJnvfpNABMRh61LyQgdaPfPFYQ4laLYS3m4g0i+CkJWjgCfQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(396003)(366004)(376002)(346002)(39860400002)(136003)(230922051799003)(186009)(451199024)(1800799012)(64100799003)(166002)(38100700002)(21480400003)(2616005)(83380400001)(26005)(36756003)(31696002)(86362001)(31686004)(53546011)(6506007)(33964004)(6666004)(6512007)(478600001)(316002)(296002)(66946007)(66556008)(66476007)(4001150100001)(30864003)(2906002)(8936002)(4326008)(44832011)(8676002)(235185007)(5660300002)(41300700001)(966005)(6486002)(45980500001)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: RAm7mqiXEvPTl6i2t4PJssZtuNVM67UlruP8HrrKW4GDuQh86AnqojPRrGS3Oszjal5jL7QFJIikUlCsanZA8G3cQe/+hRjnzgr+g21WJ/OO2fuP/uv/6o0Wr6uX3Rn5kfTZ+uqJMIZbeH7ZhM/HeASbrqWafhylqgcU/na/s7GSbdWKna6WPoapzvHIRd2VQMY2nApmX64X6couImCIp+GfTiVEIPYxndm6r8K0dp/bfa//oBTDeSl64kWw0l23o1n2duxy0RSAeTBb/vBKtdgAiwFsSjN5vcltajLne831+bl7v6mUChGLBAeCRgA3o5HQcodfKTGpzwUGc+4ah5TFw9hsK3g/NGW1N9aVye1IjHbhswKEUQrNbxOWlnPRDiGLI0RFPqMPsZEpegAyMY+yu7MU6eh22H2n+BvWCiOD072sYTqVcdMmsriMqMitfpCdMNumkwiqZyDJIO6mEpPlDzZ5bhzYV3TyZz4ZnnAn6CjuVlgkzMxto39YgK5A9bnpLOcnYvay9aWDeypX81IdM3y23jWT/qY4Zf9GqFI/lzQQeSS8eIh0hP1xxX2aFP3w5ARKwdKwTBukX9ZmpH+5ej8+lzt1AzjlKRK6YVeOTjtUiDllAZ5QQtlrtWav0KormQh4kdV1Cv3u03zgldMRSyJG5hWjp14q3uykhFvOxdHActGt/FSiUfr612XXlYXnnBTw8rJV8RUZIdq6iBKlO13gH+EnMMkcZ84kI1/VW7uofV1anJaIc3bUin6ZSOxl+z2gfvj//TQNy2Rjq18OtTBqk22Jz2iYQqXb70WSZbPvwOlYB8h8g+j6CqKC1zw2+/5kBSBTK2Hs5VxYTcmIKojCAGBY0YYWBdCY5Y0yOPg/Q2JScyODAHTpj1o9GI8nN4/5BHpCOsWxFJxHdBZ84jb/vypacJj4TDfDAQNDrfU7UxXg77NiPGnFGlw4zQA2Z6brhmaRt8PPTNsZENmFZNJW4EXJLLIMom9lhCWM/EIWUqatMIZX3zMxBLvP96sIHJRzDVbWDFVqw5UVlMEv/FweqxJoEWJTHf6uNl5QK95JV3U3vMuEKsn0aUiO1cwqEx4brteF0b4V1ItWEyd2CO46EaWBZmxDvDpP+eyNo+IoqVHYtnoI4JCOXO0B5yU3DdypcGdTiJHKoIGywr0lo5JqJXMceKx6HfIhlK+UHvAaaI8KWse0I8u6p33/2Srrx0G1cJ+FWzw8pscrUza+fPYAKLt43Tb0/WYvyc+9aBeSePGSob1IbIAg1YdsMeo0zs8uoAbY6JYHDtWkXE/S/zHISqw+x+8YxKotv9ho15VjFmdxQftOJ7FEjbDRGtUeJClBXhGDkjf52IZDnGP7O9AeUptDYZ+SRfySS6AoPO/FO+XeA/tCDGFmLuIjdw8CebEEhW1Um5M/a/CbHhNlB6B8rXE5twMz5o7vNbFsRG6TGr4XMhwElzDVF5RJUgbFC6NDbYi2MOgOgE46e8A6ba5wqXRy4fS1TCKp5VNqQYVNkLxKFTvoTlPq6lG8f57pKd0XQnVDnf+xsKTC48zDlvC5Bahos3+Cggdg6SYgvsPLGtVpx97zyZ+7f0UP
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: b88c2b8b-cc06-4556-7a23-08dbfd8b624a
X-MS-Exchange-CrossTenant-AuthSource: GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2023 16:32:09.6114 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: HkfozkfmxN8ZbBJLT/9tFyUr9bqZ5vrIwz3RlCORHZYR5M9BsYyM5x1/uepAe3I11/PH0lt4B6wH3nYPQJV2tA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVZP280MB1088
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/6r0lyoeuSC2vqKgl7Nf-9N1aOlE>
Subject: Re: [Last-Call] Artart last call review of draft-ietf-ace-key-groupcomm-17
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Dec 2023 16:32:23 -0000
Hello Henry, Thanks a lot for your review! Please find in line below our detailed replies to your comments. A Github PR where we have addressed your comments is available at [PR]. Unless any concern is raised, we plan to soon merge this PR (and the other ones related to other received reviews), and to submit the result as version -18 of the document. Thanks, /Marco [PR] https://github.com/ace-wg/ace-key-groupcomm/pull/160 On 2023-10-31 17:44, Henry Thompson via Datatracker wrote: > Reviewer: Henry Thompson > Review result: Ready with Issues > > Document: Key Provisioning for Group Communication using ACE [1] > Intended RFC status: Proposed Standard > Review type: artart - Last Call review > Reviewer: Henry S. Thompson > Review Date: 2023-10-@@ > Result: Ready with Issues > > *Summary* > > Caveat: I'm not familiar with the group comms family of RFCs or the > applications they support, so this review is from an outsider's > perspective. > > As such, I am not able to comment on the adequacy of section 4. This > is where the details of the Client and KDC interactions are spelled > out, and it needs a potential user of this spec. to judge whether they > provide the necessary functionality. ==>MT We have collaborated with current users of this specification (for example draft-ietf-ace-key-groupcomm-oscore and draft-ietf-ace-pubsub-profile), so we think that we have provided necessary functionalities there. <== > > *Substantive points* > > Section 2. I'm seeing an inconsistency in the way the Dispatcher is > discussed. When introduced in the bullet points the last bullet says > > "If it consists of an explicit entity such as a pub-sub Broker or a > message relayer, the Dispatcher is comparable to an _untrusted_ > on-path intermediary, and as such it is _able to read_ the messages > sent by Clients in the group." [emphasis added] > > But at the end of section 2 we find > > "5. The joining node can communicate _securely_ with the other group > members, using the keying material provided in step 3." > [emphasis added] > > If the Dispatcher is untrusted, how can communication be secure? > There is no discussion of the Dispatcher in the Security section. ==>MT The Dispatcher is untrusted, and as such it does not have the group keying material required to decrypt and tamper with the messages that it dispatches. To clarify, we have extended the definition of "Dispatched" in Section 2 as follows, per the commit at: https://github.com/ace-wg/ace-key-groupcomm/commit/cf96f68fd10fe5a51423df07a88656c085d1b659 OLD > Dispatcher: entity through which the Clients communicate with the group, when sending a message intended to multiple group members. That is, the Dispatcher distributes such a one-to-many message to the group members as intended recipients. A single-recipient message intended to only one group member may be delivered by alternative means, with no assistance from the Dispatcher. NEW (emphasis mine) > Dispatcher: entity through which the Clients communicate with the group when sending a message intended to multiple group members. That is, the Dispatcher distributes such a one-to-many message to the group members as intended recipients. **The Dispatcher does not have access to the group keying material**. A single-recipient message intended to only one group member may be delivered by alternative means, with no assistance from the Dispatcher. <== > > Section 5: I don't see how authority to institute forced deletion is > established. Indeed the means for forced deletion don't appear to be > defined at all. Section 4.8 (and 4.8.3) explicitly requires that only > the Client can send a Delete request, and only for themselves. ==>MT A node can only trigger its own eviction from the group, by sending a DELETE request to its dedicated resource /ace-group/GROUPNAME/nodes/NODENAME (i.e., "leave the group"). Then it is up to the KDC to rekey to whole group, in such a way that the leaving node does not have access to further communications in the group. In addition to that: * No group member is allowed to trigger the eviction of other group members. * The KDC has full authority, at any time, to evict current group members, with the consequent deletion of the corresponding member-specific resource at /ace-group/GROUPNAME/nodes/NODENAME. Possible reasons and follow-up actions taken by the KDC are discussed in Section 5 "Removal of a Group Member". * The KDC is expected to determine that a group member has to be evicted either through its own means, or based on information that it obtains from a trusted source (e.g., an Intrusion Detection System, or an issuer of authentication credentials). Additional mechanics, protocols, and interfaces at the KDC that can support this are out of the scope of this document. <== > > *Minor points* > > Section 1. I note that one of the two referenced examples of candidate > application profiles, "A publish-subscribe architecture for the > Constrained Application Protocol (CoAP)" [2], has expired. I'm not > sure how much it matters to have reasonably mature examples, but > without _some_ good reasons to suppose that there's a community out > there waiting to implement this framework, its future does seem a bit > shaky... There is of course a chicken-and-egg problem here which may > explain the lack of progress. ==>MT draft-ietf-core-coap-pubsub-12 indeed expired. However, a new version -13 was submitted before the cut-off for IETF 118. The work on that document is progressing. We believe that there is interest for implementing this framework (not only for pubsub, but also for other applications). This has been discussed within the Working Group. <== > > Section 2. This is the first point where the actual connection between > ACE and this document is made clear, that is, that the KDC is the > Resource Server _per ACE_. Simply adding ", per ACE," to "Resource > Server" in para 2 of Section 1 would fix this for me. ==>MT To clarify, we have extended the second paragraph of Section 1 as follows, by mentioning "ACE" for both the Clients and Resource Server. OLD > Candidate group members acting as Clients and authorized to join a group can interact with the Key Distribution Center (KDC) acting as Resource Server and responsible for that group, in order to obtain the necessary keying material and parameters to communicate with other group members. NEW (emphasis mine) > Candidate group members acting as **ACE** Clients and authorized to join a group can interact with the Key Distribution Center (KDC) acting as **ACE** Resource Server and responsible for that group, in order to obtain the necessary keying material and parameters to communicate with other group members. <== > > Section 6: It might be helpful to include ASCII-art diagrams of the > different communication pathways described for accomplishing rekeying. ==>MT In Sections 6.1 and 6.2.0, we have added an example each, consisting of an ASCII-art diagram and accompanying text, per the commit at: https://github.com/ace-wg/ace-key-groupcomm/commit/12463deac7c6359340fe3f5263936a2615892a3e <== > > Sections 3.1 & 7: The example scopes include Verifier and Monitor > roles. Although there is a parenthetical reference to the [Vv]erifier > role in Section 3.3.1, no other mention of Monitor is given, and in > general the role of roles is not explained anywhere. There is a > "Request inconsistent with the current roles" error code defined in > section 9, but no tabulation of roles allowed/required for particular > requests, which one might expect. Nor are any REQ or OPT obligations > provided to cover this. > > If all this is something defined in one of the many referenced specs, > and so familiar to likely readers, that's OK, otherwise perhaps > something should be added. ==>MT Right, the roles are defined in the application profiles of this specification. Those that you mention are only examples. Appendix A.1 of the present document defines two requirements on profiles that cover this point: * REQ1 expects application profiles to fully define the format of scope, including the possible roles in the group. * REQ11 covers the requirement for the set of roles, their meanings, and aspects such as their pertinence with messages sent to the KDC. <== > > Sections 11.6--11.16: _Seven_ new IANA registries! At a quick count, > that's a 50% increase in the number of related (CBOR + COAP) > registries. Is there a plan for populating the expert reviewer slots > this entails? ==>MT We are sure that our wonderful AD will find people willing to serve as Designated Experts :) On a serious note, we believe that the registries are needed and that we are not overextending IANA by creating them. <== > > *Nits* > > Section 1 / Appendix A: The use of REQ[n] and OPT[n] in conjunction > with REQUIRED and MAY is not explained, nor are they linked to the > relevant text in Appendix A. There is an oblique reference to this > practice in para. 4 of Section 1, which could stand to be expanded to > explain your conventions. ==>MT In Section 1, we have extended the text of the fourth paragraph as follows. OLD > In order to ensure consistency and aid the development of such application profiles, this document defines a number of related compliance requirements (see Appendix A). NEW (emphasis mine) > In order to ensure consistency and aid the development of such application profiles, **Appendix A of** this document defines a number of related compliance requirements. **In particular, Appendix A.1 compiles the requirements that application profiles are REQUIRED to fulfill; these are referred to by an identifier that starts with "REQ". Instead, Appendix A.2 compiles the requirements that application profiles MAY fulfill; these are referred to by an identifier that starts with "OPT".** <== > > Passim: Please do a thorough spell-check. The following were found in the > first 4 sections: > recommeded -> recommended > memebrs -> members > specificaton -> specification > acces -> access > trasferring -> transferring ==>MT Right, these will be fixed in the next version -18. <== > > ht -- Marco Tiloca Ph.D., Senior Researcher Phone: +46 (0)70 60 46 501 RISE Research Institutes of Sweden AB Box 1263 164 29 Kista (Sweden) Division: Digital Systems Department: Computer Science Unit: Cybersecurity https://www.ri.se
- [Last-Call] Artart last call review of draft-ietf… Henry Thompson via Datatracker
- Re: [Last-Call] Artart last call review of draft-… Marco Tiloca
- Re: [Last-Call] Artart last call review of draft-… Henry S. Thompson