That seems reasonable to me. Ludwig, are you able to raise the topic on the ACE list?
Thanks, Ben On Mon, Aug 03, 2020 at 02:21:12PM +0000, Seitz Ludwig wrote: > I support Steffi's suggestion (i.e. make it pop-only here and allow non-pop > profiles in the framework). > > /Ludwig > > -----Original Message----- > From: Stefanie Gerdes <[email protected]> > Sent: den 3 augusti 2020 16:18 > To: Seitz Ludwig <[email protected]>; Benjamin Kaduk <[email protected]>; > Paul Kyzivat <[email protected]> > Cc: [email protected]; General Area Review Team > <[email protected]>; [email protected] > Subject: Re: Gen-ART Last Call review of draft-ietf-ace-dtls-authorize-12 > > Hi all, > > On 08/03/2020 08:21 AM, Seitz Ludwig wrote: > >>>> * Also in section 3.3.1: > >>>> > >>>> ... This > >>>> specification assumes that the access token is a PoP token as > >>>> described in [I-D.ietf-ace-oauth-authz] unless specifically stated > >>>> otherwise. > > <snip> > > Since no alternatives to PoP tokens are mentioned in the DTLS profile, I > would change this to: "This specification implements access tokens as > proof-of-possession tokens". > > Maybe the framework may add that a profile that uses a different token type > must specify how this would work. > > Viele Grüße > Steffi _______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
