I was trying to get some work done in terms of getting this profile implemented and came up with the following questions:
1. In section 3.1, it references the kid that was assigned in section 3.2. I was not able to find a kid field in Table 1. How is this value to be obtained? 2. In section 3.2, the following requirements are imposed: * The AS MAY assign an identifier to the client * The AS MUST assign an identifier to the RS * The client identifiers MUST be unique in the set of all clients on a single RS * The RS identifiers MUST be unique in the set of all RS for any given client. If it is not required to assign an identifier for the client, how can it be unique? If there are multiple AS, each with a set of unique RS, are the AS servers expected to coordinate in order to make the RS identifiers unique? 3. The example in figure 5 is incorrect. It should be single not double quotes for clientId and serverId. 4. Please review the update CWT example with the most recent profile text on having only a single CWT on the RS. I don't know that this needs an update but it probably does. 5. If the AS creates a new, from scratch, CWT with the same clientId in the case of a change in permissions, what happens with regards to the RS matching to an existing context as oppose to treating it as a conflict. This is going to be potentially even more of a problem in the case that the RS changed the client ID and did not keep the full CWT around. Jim _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
