Hi Hannes, This is how I think it should be done.
There are two keys that needs to be identified, the key to verify the CWT and the key to use for the DTLS handshake. When it comes to verifying the CWT, it is the AS key that should be used. I don´t think it is unreasonable to assume that the AS uses the key that it agreed on with the RS on during device configuration, i.e. the RS only have one key for verifying that the token was issued by the trusted AS. If RS has multiple keys associated with an AS or trusts multiple ASs then it would be recommendable to use the COSE kid ( https://tools.ietf.org/html/rfc8152#section-3.1). It is unfortunate that we don´t have such example in the CWT draft. I can add it if others agree. The second key is the one bound to the token to be used in the DTLS handshake. This is what draft-ietf-ace-cwt-proof-of-possession is all about. There are three different options to bind a key to the CWT, the COSE_key, the encrypted COSE key and the raw kid. In the cases where COSE key is used I expect the kid field in that object to be used. Regarding the examples they are still in an early stage, and this is good input. Hope this gave some clarity. //Samuel On Sun, Oct 1, 2017 at 11:39 AM, Hannes Tschofenig < [email protected]> wrote: > [Chair hat off] > > Hi all, > > after reading draft-ietf-ace-dtls-authorize I was wondering how the RS > determines what key to use to decrypt noticed that none of the examples > in draft-ietf-ace-cbor-web-token-08 and in > draft-ietf-ace-cwt-proof-of-possession use some form of key id to allow > finding the appropriate key. > > Maybe I overlooked it or was this intentional? > > Ciao > Hannes > > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace >
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
