Thanks for this amazing analysis. It languished in my inbox because it was not bikeshed material, and I had to think about things :-)
Stefanie Gerdes <[email protected]> wrote: > The minimal security requirements for the communication between two > communication partners should be listed (C-AS, RS-AS, C-RS, > respectively). Which pieces of information do they require prior to the > communication? How must the communication be secured? Which keying > material do they need to use? The framework should point out that all > claims that influence the security must stem from claimants that were > approved by the respective human being that is responsible for the > device, i.e., the requesting party for the client and the resource > owner for the AS and RS. Otherwise the solution is not secure. It seems that the answers should start with "which keying material do they need to use" and then move upwards. > Management of the authz-info resource: * The authz-info resource is > vulnerable to DoS attacks: clients may (with or without intention) send > large numbers of access tokens to RS. A constrained RS may soon run out > of memory/storage space if it needs to store large numbers of This seems like a really serious issue, and it seems that we need an additional RTT to really fix it. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] [email protected] http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
