Re: [Ace] draft-ietf-ace-coap-est-00
On Tue, Mar 13, 2018 at 09:44:37PM -0400, Michael Richardson wrote: > > Jim Schaadwrote: > > In section 2 - There will be a problem in that the port format > extension is > > being eliminated in TLS 1.3 - We may want to divide this into a 1.2 and > 1.3 > > section for clarity. > > I don't understand what you are referring to. > > What is the "port format extension" you are referring to, and where in > section 2 do you think we are depending upon it? [...] DTLS implementations MUST use the Supported Elliptic Curves and Supported Point Formats Extensions [RFC4492]; the uncompressed point format MUST be supported; [RFC6090] can be used as an implementation method. The uncompressed point format only exists in (D)TLS 1.2 and lower. (TLS 1.3 does not separately negotiate point format, rather, the point format is determined by the group/curve to be used.) I think the fix would just be something like "the uncompressed point format MUST be supported for DTLS versions prior to 1.3". -Ben signature.asc Description: PGP signature ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
Re: [Ace] draft-ietf-ace-coap-est-00
Jim Schaadwrote: > In section 2 - There will be a problem in that the port format extension is > being eliminated in TLS 1.3 - We may want to divide this into a 1.2 and 1.3 > section for clarity. I don't understand what you are referring to. What is the "port format extension" you are referring to, and where in section 2 do you think we are depending upon it? I'm thinking that you are jumping to a conclusion based upon some poorly written text on our part :-) But, since I think all the authors are ignorant of that extension, we must be misleading you unintentionally. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
Re: [Ace] draft-ietf-ace-coap-est-00
peter van der Stokwrote: >> * In section 6- All proxies are required by CoAP blocking to re-assemble >> the entire message at the proxy. It can re-block things going to the next >> proxy. While there is no requirement that the proxy get the entire message >> before sending on pieces, this should be common practice and would be >> required for a CoAP/HTTP proxy. > Agree fully, we need to clarify that. If we are talking about CoAP->HTTP proxy, then clearly that's absolutely true. How could it be any other way? We can't do CoAP block mode over HTTP that I know of :-) There are other proxy types that we need to describe. >> * Should probably add a note in section 6 that any proxy that terminates >> the >> DTLS connection is going to be required to act as an RA. RAs are required >> to have the entire request for adding authentication as necessary. > This is visible in the figure of section 6, but needs elaboration in the > text. I don't understand why we have that paragraph. An end point that terminates the Pledge (D)TLS connection and acts as an RA *IS* a Join Registrar, not a Proxy. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
[Ace] Draft agenda for London
Hi all, I just (belatedly) posted a draft agenda to the datatracker (https://datatracker.ietf.org/doc/agenda-101-ace/), also copied below. Please holler if there are obvious bugs, you requested time but didn't get a response, etc. I know it's a little bit of short notice, but to the speakers: please get some form of slides to the chairs this week (before Saturday) so that we can look over them in advance. We should not be scrambling on Monday morning! Thanks, Ben for the chairs %% ACE WG IETF 101, Monday March 19, 2018 0930h-1200h (2.5h) Chairs -- Note Well and agenda bashing, 5min Chairs -- document status update, 5min Mike -- draft-ietf-ace-cwt-proof-of-possession, 10min Peter -- draft-ietf-ace-coap-est, 10min Gőran -- draft-selander-ace-coap-est-oscore, 5min Ludwig -- draft-ietf-ace-oauth-authz, 10min Ludwig -- draft-ietf-ace-dtls-authorize, 5min Ludwig -- draft-ietf-ace-oscore-profile, 5min Marco -- draft-tiloca-ace-oscoap-joining, 10min Francesca -- draft-palombini-ace-key-groupcomm, 10min Gőran -- key exchange for OSCORE (EDHOC vs. TLS-OSCORE), 15min Gőran -- scope of authorization work, 30min ___ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace