On 2020-05-05, at 17:39, Jim Schaad <i...@augustcellars.com> wrote: > > I don't see how the four-corner model solves the issue that I highlighted. > If the client does not have a key for any local AS, then nothing helps. The > four-corner model deals with the issue of the client and the RS not trusting > the same AS, but the different AS entities trust each other on the back side. > > Getting trust in a local AS seems to be a bootstrapping problem.
If you only have one security domain, there is no benefit. But in general is it much easier to bootstrap a device once into its own security domain, instead of having to do the bootstrapping again and again for each server that device needs to access. Grüße, Carsten > > Jim > > > -----Original Message----- > From: Carsten Bormann <c...@tzi.org> > Sent: Monday, May 4, 2020 10:38 PM > To: Jim Schaad <i...@augustcellars.com> > Cc: Benjamin Kaduk <ka...@mit.edu>; Olaf Bergmann <bergm...@tzi.org>; Peter > van der Stok <stokc...@bbhmail.nl>; peter van der Stok > <consulta...@vanderstok.org>; Ace <ace@ietf.org> > Subject: Re: [Ace] draft-ietf-ace-oauth-authz > > On 2020-05-05, at 06:54, Jim Schaad <i...@augustcellars.com> wrote: >> >> I have much the same problem. While a client could find an AS which >> would authenticate the client, I don't know how the client would >> establish any degree of trust in the AS which is going to give it tokens. > > Hence the four-corner model [1]. > > Grüße, Carsten > > [1]: https://tools.ietf.org/html/draft-ietf-ace-actors > _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace