Hello ACE, Here I elaborate more on the open point #3 that I raised during the interim meeting on Friday, 31st of January --- see slide 5 at [1].
According to the API defined in ace-key-groupcomm , a group member can issue the following two requests to the Group Manager: (A) GET to /group-oscore/GROUPNAME This is intended to retrieve the latest group key material, i.e. what is pertinent to all group members as related to the group [2]. (B) GET to /group-oscore/GROUPNAME/NODENAME This is intended to retrieve the latest group key material - as in (A) - , plus the latest individual key material for the requesting node. In this profile, the individual key material is the Sender ID that that node uses in the group [3]. As I mentioned at the interim, now both (A) and (B) practically return the same thing. In fact: 1) Both (A) and (B) return the parameters 'gkty', 'key' and 'num'. 2) Both in (A) and (B), the 'key' parameter includes 'clientId', which specifies the Sender ID of the requesting node, just implicitly reusing the detailed description of the 'key' content in [4]. That is, (A) currently goes beyond what is actually intended by the general interface of ace-key-groupcomm , i.e. it returns more information than intended. A fix can simply be clarifying the specific content of 'key' in [2], i.e. explicitly saying to not include 'clientId' in the 'key' parameter for responses from the GET in (A). Thoughts? Thanks, /Marco [1] https://datatracker.ietf.org/meeting/interim-2020-ace-02/materials/slides-interim-2020-ace-02-sessa-draft-ietf-ace-key-groupcomm-oscore [2] https://tools.ietf.org/html/draft-ietf-ace-key-groupcomm-oscore-04#section-6.1 [3] https://tools.ietf.org/html/draft-ietf-ace-key-groupcomm-oscore-04#section-6.2 [4] https://tools.ietf.org/html/draft-ietf-ace-key-groupcomm-oscore-04#section-4.4 -- Marco Tiloca Ph.D., Senior Researcher RISE Research Institutes of Sweden Division ICT Isafjordsgatan 22 / Kistagången 16 SE-164 40 Kista (Sweden) Phone: +46 (0)70 60 46 501 https://www.ri.se
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
