[GNAP] Re: Murray Kucherawy's No Objection on draft-ietf-gnap-resource-servers-09: (with COMMENT)
Justin Richer <jricher@mit.edu> Thu, 03 October 2024 10:55 UTC
Return-Path: <jricher@mit.edu>
X-Original-To: txauth@ietfa.amsl.com
Delivered-To: txauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B5C6C151992; Thu, 3 Oct 2024 03:55:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zor8Ft1kYyDd; Thu, 3 Oct 2024 03:55:50 -0700 (PDT)
Received: from CY4PR05CU001.outbound.protection.outlook.com (mail-westcentralusazon11020089.outbound.protection.outlook.com [40.93.198.89]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 156AEC14F6EE; Thu, 3 Oct 2024 03:55:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=he9tFFe9WIdisHRngEmslKnzUM3vwgDGRiUeJ5qwYku5YXd/9sa6HVNvytLmEHiyfv3oiwktG2lP/5watZCGsSfL1aui9DIwzyfQVVUF3arD+sERkdxmxsPvqVbX2Nwaz5bxmKJYZOwruq9YMqt1QEmSMhPwbdOdVM5Th9sPXW3XfZ5s1bknKO1hamBPiQP/JvIAjEP9qNdFj6E5gWNbFtlzOs4szRpDqLN1adG/4SDhAfSJ86SqdGoPbQ68MkgPs/XSP3xy/t4t4dyLRB1frAKM3oSxZSWqc3/svgQLyhstDQLOAuWalr1KIL44Ixj9q+JHZQbyHKm9vXf13IEOaA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OHFp1l12AlvB8Gv7w78pWJF5TzAtC480JN48JOEdk3s=; b=WU8gbCo8LP27AdAtPJreNmgBYFbQ3KkcuFdcBycyzk8GufHMP4zyY5R8BZriyTmxAuVvsadU7O/eLTOvhj+W3XCcHlF+y51Ogge5gkPvM8T7wnoMnJeBTbUE0y6Wm0veVChzxjLPaZauEKe167Tc/URh7Nbwo1NXYRHryv1w1U+Vk/xzidQPHLIcC1CtqVmQ70ikWI6EFcNclTFZUuTLZyO5EVgLSM+G84SurQaMG4IhITxQTNI/HhkBmGWsicqtLw9/bPHFxEZ2aPnaawbuVitwZdKaAjr+YHiRusmPOcIkXmsWs4FOKN5zqBWeQUC0SrzFkqqRtTBgOrNVQUXL/A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OHFp1l12AlvB8Gv7w78pWJF5TzAtC480JN48JOEdk3s=; b=q9cqm1OvjZ5CKH8yxf5zbhgPb91m8c9mp9XchgA4RFJ2nJS1OMwUe2nC1e7XJXg7qogAgejKWe01iLsMvj0z7YEK/w3maw4QpojXwfY3xtJdKOqc1KgaFUamOuHtwBCSIUo8YsY7/ZYW9HmvVJxzP/1fActIrsHIsDWt3pZty78=
Received: from LV8PR01MB8677.prod.exchangelabs.com (2603:10b6:408:1e8::20) by PH0PR01MB7254.prod.exchangelabs.com (2603:10b6:510:102::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7982.28; Thu, 3 Oct 2024 10:55:48 +0000
Received: from LV8PR01MB8677.prod.exchangelabs.com ([fe80::e7d6:999:270f:a820]) by LV8PR01MB8677.prod.exchangelabs.com ([fe80::e7d6:999:270f:a820%6]) with mapi id 15.20.7982.022; Thu, 3 Oct 2024 10:55:47 +0000
From: Justin Richer <jricher@mit.edu>
To: Murray Kucherawy via Datatracker <noreply@ietf.org>, The IESG <iesg@ietf.org>, Murray Kucherawy <superuser@gmail.com>
Thread-Topic: [GNAP] Murray Kucherawy's No Objection on draft-ietf-gnap-resource-servers-09: (with COMMENT)
Thread-Index: AQHbFU7tpXYBKS4GdUWkN4s5q8t+krJ02pAh
Date: Thu, 03 Oct 2024 10:55:47 +0000
Message-ID: <LV8PR01MB867786C52E2A3311E30E4482BD712@LV8PR01MB8677.prod.exchangelabs.com>
References: <172793062149.1107581.5816855187699932558@dt-datatracker-7bbd96684-zjf54>
In-Reply-To: <172793062149.1107581.5816855187699932558@dt-datatracker-7bbd96684-zjf54>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8PR01MB8677:EE_|PH0PR01MB7254:EE_
x-ms-office365-filtering-correlation-id: 37352f56-74a4-4774-8f39-08dce399f02b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|4022899009|376014|1800799024|38070700018;
x-microsoft-antispam-message-info: fKc5O/KpLQ2LbltkWDWXo4Rb+Os91gJ3Cm4C0K59rhgihjl9sew+N1AlJHKgFyClMBpET4ACmLkLaCTnNNMx5X1O6wueIrIBoGcPQEjyiIIT90+MfV9MFsiIyqNVtS1oaykR6Ap14uh/Ta9DfVvnB4ld7O6gPaNytRKvYnzq7vjWsIkI1xWp1R1sXkyEKq2FF0tJ/42bXqrivOQt5ucij09f0+zK//k0uA/gQwbrTPIt60UpKqjcAZaTnqWJWqe6uQSRR3toQlqLHkOnRHTrKezmsgFVqwuws0dYHlJ5gw3OYiCeC8dPevf2O4MLHGQqWlLck5qbUrEYcTe292BvaTXFUfeNbz3nPxnXYtHOxH86vt0m2222EzYbEjR5eF/e5+OhHd4ZtyrpiHseC580VOJAh6qKsSMW5UM8Hymfqr5b7gPCwTtHH6/LneKWxYC2spRw50hN8yUNmOwr1lmJlrn53a0g4T2HpnBJJread7/gRgyuImR5SdpOAQ4jfO06oAAMhlACaoOaI8Glc0NOJexDMcFqCTN/NgBj5LsqaE1fC7sSCl5UdEoyjp7yhP/q0STmn1SPV076gJDjeRvMcl7kbvb7vaOTQ6XWUuTtw8jHb2q4J8RDot1+IevMjUOa/C+Qj92VAu9mKtkLIZXfA9ecQ/HxbuukoOGABufNoSb7XeFTDTaAJjb1C11j3fb2MhTlOzoGF6HO1DJGv4S4Jxshl8wYj9OhEWWaMyvMfdlzq1awI4MC3Cn3XUvVc4/S/g4wKaiKTWJG6CWYaRvIeUMVutY9rPrRSdqG3d5sMwSEp+8WOqUAH8WOgQzEcaolCu+p/zYPP3V+VVBol81fCF6gJyIBzNDKO6CdxqF27DQVQDUaDO7smUSk86EW5RKwN883mVKJigP1lzPV4Q8r8Md+6jKTyClz7t0qpUxqOk/plaPuvwdHIEOrd8nkXQOuDOB3OFOZP5FqMbVkUTKVH5K52C6Fs/p40I3HdoGlvu8N0mn8ON4E+g2+7/nsqwJ+60bx1U+vUmuNfaym3AGm2ex2UnyBmzytuO1cVVZG8uUiUhuMCwdA0LfxtbZtVPgjvxgx5QWZzgUA2hDDGKX4pC/6HvLtRMNAGcOZ0UoY9QSMUkcddJnAztT7DpdPT+S9OecXBKBdNz+wnKyX/rx9kifVAuJUW4qjONcjilvAUR4KGQO3iotrUX4UNKvpbWQryQeHSvgXO1UW/dP+tjK0BSwTK/z1gExSuikux+bsu9lY+Y7hSH8kD/UTmtGO0EUi+pY1Rr3/DRPIohLC8QQfNvtcnlxHxig7Xhk1d3qq27OCFbEOM1LEBVy2eHIJAD6q5jLDSnFAcNpeqDDoHIR5ng==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV8PR01MB8677.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(4022899009)(376014)(1800799024)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qa82inSCWo9q00QrQJ4TsyCMOnVtu/JowDEqm4FcUcHQ4SJ/sY0A9E4rk3ndUJxR0CGrREQg/tFTBzfRDzBQX3+oHAMDJCJxw2MQqZa+PyynQs62hI9j8iFtQD5ojTz+1Wvhx62lnW8zKxCX2Lv1kIWfApTlWFfeTwnm+aaf/9AbUBQb9r3KKm0xbH93SqsHd3fJ3zsmKYGUf7fuZfJuOg+ISnTe+RKl41WjRVCyZ9l2cvCEa9LYdEvtgrC41MhPKt95RAutaP2JYDZRanxp17VyOQZdH4nBvgQsjOq1wiwtYEHJXgbJlxIxI3abYm3V0y//DgKDhfERCEdwFZ7Hl3XSkS/3gs+lQUnkZD49V05aL8XuHnh81XjpqabUxmAQLbDR5bDf/mY20r0mfJ4d/t1zZ5vv0QtrK1mnDD8pfUGiHz+xPaV2crCQSptWkHIAizG05g0nHPGWjohdV4GcY8JxkF+jO61YhGMOQeNyCDNrZlRaaOPXGSSgfQUNE9D4nHp4AKgNohEpYCK3I8gyMAy7RoHluQBfDIeTScyTWOfZXBy+t+TPYmErUj8f+3D1jBe6Sw5XYBCe7nd395bKt2x4cvkt+QdMOHDLC/fKeU8y79qIM3TnGmV02mSx9mj+big93u1r1fInZhlWz/jlh8Th/VGMBsEQ6p8OV7NDcIAa/g5tB+8OQjS0mOA7xQMeSfPSlFrdjdaE/RFz6/ZpEMc3mtkOb2sD+nx8Wyj2SBvVRKoYwATNepiAveQvBRMzl4NGNAoJEsw5U+6X97IFy9AYfO/f9h3V3tQoK0M7kUQqYevj5tAjeQ8rXumrnnE8/NwTQgJaNJebczS8X9fTUcc2wp+6l2HEK27rsReLJr2mvuTvtX9ANYAuCciyL28gUcNxvy04Gg1paqQHwbwlTGj22+whdrYy8rE28/RxUtpRGqtk7Aa61I64Lpf6rplqfP8gN0T76l3XgplAZytEeZLFmw3Ct9RKuGJOSGBHR/GIpEzNNlShUVN9K2T5wg8jPt0iTYacEHVRPh0IXOkNrvGUiZoymRLISvUulAj1KVdjJkF+7eZkAHwdSbxJuKiETSrHvU0JdUNH4WKXwjQjSjgKUs23UL+hrF7r9YsxorFm6ZlWEDPuMv8gmWEOEQC3p1IE8B5P0wItHaXijogT5xAlJBauo5lSfxatUqJX9XmW2khwzF4GyBRIKE5iX30K83i2lsE4gqkANjr6dDn06VvexrFgKdnnRXwwwE348hFTtoHzkZ16oxs1P7FFdUZLkgybpSZ0sSBlsivX57xdheJK6LYVVdskOD9Nhmd4b39XYiCehSOorv6TadZCAVBnwnTNkvA80ipEvT9ujqY1VwTMV3vj4nqCNz+UPp4N9dnrkk8aqHeXpIIqnndP/3EpeSBaUNkOC1X4mR+lYqzW3/8lQfAD2v3R0KBVxa0TjHVtwqSyb/OGgHGVEa0Az96ZsSOQRcG7lzfHcCGxvhO5iN1ovikSXzeVlL4/jEY3wcsufqHQAPE1xxtISQPWJRZbMqkEAFJ4XN07iL51BeAM7P94fr2/Dyaza7TxgSZa/eg=
Content-Type: multipart/alternative; boundary="_000_LV8PR01MB867786C52E2A3311E30E4482BD712LV8PR01MB8677prod_"
MIME-Version: 1.0
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8PR01MB8677.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 37352f56-74a4-4774-8f39-08dce399f02b
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Oct 2024 10:55:47.8340 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3KBdKyODihHVWJSYvKc+b4NBSuf8MddMzP4vW9l4AvA5hzVU1BHeVWt4KBeH/HAC
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR01MB7254
Message-ID-Hash: HNNFZ5MQDVALCTYUXVWG3BNSDVW2OXXZ
X-Message-ID-Hash: HNNFZ5MQDVALCTYUXVWG3BNSDVW2OXXZ
X-MailFrom: jricher@mit.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-gnap-resource-servers@ietf.org" <draft-ietf-gnap-resource-servers@ietf.org>, "gnap-chairs@ietf.org" <gnap-chairs@ietf.org>, "txauth@ietf.org" <txauth@ietf.org>, "leifj@mnt.se" <leifj@mnt.se>
X-Mailman-Version: 3.3.9rc5
Precedence: list
Subject: [GNAP] Re: Murray Kucherawy's No Objection on draft-ietf-gnap-resource-servers-09: (with COMMENT)
List-Id: GNAP <txauth.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/txauth/yUGQTlx1_ZQjJEPEYvrAWO8AdFc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/txauth>
List-Help: <mailto:txauth-request@ietf.org?subject=help>
List-Owner: <mailto:txauth-owner@ietf.org>
List-Post: <mailto:txauth@ietf.org>
List-Subscribe: <mailto:txauth-join@ietf.org>
List-Unsubscribe: <mailto:txauth-leave@ietf.org>
The entire body is always included in the signature, so this recommendation is whether the field is included in the body itself. I feel that this is clear given the wider context of gnap but I might be making too many assumptions - do you have a recommendation for re wording this to avoid ambiguity? Thank you, - Justin ________________________________ From: Murray Kucherawy via Datatracker <noreply@ietf.org> Sent: Thursday, October 3, 2024 12:43 AM To: The IESG <iesg@ietf.org> Cc: draft-ietf-gnap-resource-servers@ietf.org <draft-ietf-gnap-resource-servers@ietf.org>; gnap-chairs@ietf.org <gnap-chairs@ietf.org>; txauth@ietf.org <txauth@ietf.org>; leifj@mnt.se <leifj@mnt.se> Subject: [GNAP] Murray Kucherawy's No Objection on draft-ietf-gnap-resource-servers-09: (with COMMENT) Murray Kucherawy has entered the following ballot position for draft-ietf-gnap-resource-servers-09: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-gnap-resource-servers/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- The document status question in the shepherd writeup was not completed. Thanks to Rich Salz for his ARTART review. Possibly an odd question, which you can blame on my DKIM background, but in Section 3.3: (BEGIN) The RS signs the request with its own key and sends the value of the access token as the body of the request as a JSON object with the following members: [...] proof (string): RECOMMENDED. The proofing method used by the client instance to bind the token to the RS request. The value MUST be in the GNAP Key Proofing Methods registry. [...] { "access_token": "OS9M2PMHKUR64TB8N6BW7OZB8CDFONP219RP1LT0", "proof": "httpsig", "resource_server": "7C7C4AZ9KHRS6X63AJAO" } (END) Is the RECOMMENDED referring to the presence of "proof", or its inclusion in what gets hashed for the signature? -- TXAuth mailing list -- txauth@ietf.org To unsubscribe send an email to txauth-leave@ietf.org
- [GNAP] Murray Kucherawy's No Objection on draft-i… Murray Kucherawy via Datatracker
- [GNAP] Re: Murray Kucherawy's No Objection on dra… Justin Richer
- [GNAP] Re: Murray Kucherawy's No Objection on dra… Murray S. Kucherawy