Hi Stefanie, Thanks, for the suggestion. I would like to propose a slight update to one sentence, but I see this moving in the right direction.
Please find my comments, in line. Yours, Daniel -----Original Message----- From: Ace <[email protected]> On Behalf Of Stefanie Gerdes Sent: Tuesday, February 16, 2021 10:16 AM To: Daniel Migault <[email protected]>; Francesca Palombini <[email protected]> Cc: Göran Selander <[email protected]>; Russ Mundy <[email protected]>; Olaf Bergmann <[email protected]>; [email protected] Subject: Re: [Ace] secdir review of draft-ietf-ace-dtls-authorize-14 Hi, I propose that we use the following text for the ACE framework (as originally proposed by Göran): Section 6.2: OLD "Profiles MUST specify how communication security according to the requirements in Section 5 is provided." NEW "The requirements for communication security of profiles are specified in Section 5." Section 5: OLD "Profiles MUST specify a communication security protocol that provides the features required above." NEW "Profiles MUST specify at least one communication security protocol that provides the features required above." <mglt> I have the impression that with MUST specify one expects a mandatory protocol to be provided. Would the following text be acceptable ? NEW2: "Profiles RECOMMENDs at least one communication security protocol that provides the features required above." </mglt> For the DTLS profile, I propose the following text: OLD "The use of CoAP and DTLS for this communication is REQUIRED in this profile. Other protocols (such as HTTP and TLS, or CoAP and OSCORE [RFC8613]) will require specification of additional profile(s)." NEW "The use of CoAP and and DTLS for this communication is RECOMMENDED in this profile. Other protocols fulfilling the security requirements defined in Section 5 of [I-D.ietf-ace-oauth-authz] MAY be used instead." additional explanation: one proposal was to state as the reason for recommending DTLS that it reduces the number of libraries the client has to support. But the reason why the ACE framework requires that the profiles specify a security protocol for the communication between C and AS is to provide security for the data that is transmitted between these two parties. Without a protocol that fulfills the requirements listed in the ACE framework, the solution would not be secure. Requiring that the profiles must specify at least one protocol ensures that implementers have an idea how to implement the profile securely (instead of leaving them in the dark about that). It is also nice if the number of libraries on the client can be reduced, but I am not that comfortable with stating that as the main the reason for recommending DTLS. <mglt> I agree that security was the main driver but it seems also to me that limiting the number of libraries was the reason of choosing that one - as opposed to another one. That said, I think the reason is rather obvious and may not need to be specified so I am fine with that text. </mglt> Viele Grüße Steffi _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
