[Ace] Constrained Node/Network Cluster @ IETF107: DRAFT AGENDA

2020-02-21 Thread Carsten Bormann 
Here is my usual eclectic condensed agenda based on the DRAFT AGENDA
for IETF107.  Remember that there is still quite some potential for
changes.

Conflicts that meet the eye:  ROLL vs. COSE/TEEP, LPWAN vs. RATS, and
LAKE vs. RATS, WPACK vs. ACE.  The latter two might be a bigger
problem, while the first two are displaying the inevitable split
between security vs. other IoT issues, as is MODEL-T vs. CORE and
TXAUTH vs. T2TRG.

All times are in PDT == UTC - 7 hours.  Note that North America is on
DST already during the IETF, while Europe will only go there on March
29, so we are in the three-week period of DST confusion (where the US
is one hour closer to the EU than the rest of the year).
(Pure UTC times at https://datatracker.ietf.org/meeting/agenda-utc are
useful for those who want to listen from remote.)

Grüße, Carsten

FRIDAY, March 20, 2020
0900-1800 T2TRG/W3C WoT Workshop https://github.com/t2trg/2020-03-vancouver

SATURDAY, March 21, 2020
0830-2200  IETF Hackathon - Plaza Ballroom

SUNDAY, March 22, 2020
0830-1600  IETF Hackathon - Plaza Ballroom
1700-1900  Welcome Reception - Regency A/B/C/D
1800-2000  Hot RFC Lightning Talks -- Plaza B/C

MONDAY, March 23, 2020

1000-1200  Morning Session I
Regency D   ART dispatchDispatch WG - Joint with ARTAREA
Regency C   INT 6manIPv6 Maintenance WG
Plaza B/C   IRTFpearg   Privacy Enhancements and Assessments Research 
Group
Regency E   SEC *** suitSoftware Updates for Internet of Things WG

1330-1530  Afternoon Session I
Regency C   INT *** lpwan   IPv6 over Low Power Wide-Area Networks WG
Regency D   IRTFirtfopenIRTF Open Meeting
Georgia A   SEC mls Messaging Layer Security WG
Georgia B   SEC oauth   Web Authorization Protocol WG
Plaza A SEC *** ratsRemote ATtestation ProcedureS WG

1550-1750  Afternoon Session II
Regency F   ART webtransWebTransport WG
Regency C   IRTFmaprg   Measurement and Analysis for Protocols
Regency E   OPS anima   Autonomic Networking Integrated Model and 
Approach WG
Plaza A RTG raw Reliable and Available Wireless WG
Plaza B/C   SEC secdispatch Security Dispatch WG

1810-1910  Afternoon Session III
Georgia A   RTG *** rollRouting Over Low power and Lossy networks WG
Georgia B   SEC *** coseCBOR Object Signing and Encryption WG
Plaza B/C   SEC tls Transport Layer Security WG
Regency C   TSV tsvarea Transport Area Open Meeting

TUESDAY, March 24, 2020

1000-1200  Morning Session I
Georgia A   INT add Adaptive DNS Discovery WG
Regency D   IRTF*** dinrg   Decentralized Internet Infrastructure
Regency F   SEC acmeAutomated Certificate Management Environment WG
Regency E   SEC *** teepTrusted Execution Environment Provisioning WG
Plaza B/C   TSV quicQUIC WG

1330-1530  Afternoon Session I
Regency C   INT masque  Multiplexed Application Substrate over QUIC 
Encryption BOF
Regency D   IRTFcoinrg  Computing in the Network Research Group
Georgia B   RTG *** rollRouting Over Low power and Lossy networks WG
Georgia A   SEC emu EAP Method Update WG
Plaza A SEC *** teepTrusted Execution Environment Provisioning WG

1550-1720  Afternoon Session II
Regency F   ART *** coreConstrained RESTful Environments WG
Plaza A IRTFqirgQuantum Internet Proposed Research Group
Georgia B   SEC oauth   Web Authorization Protocol WG
Regency C   TSV tsvwg   Transport Area Working Group WG

1740-1840  Afternoon Session III
Plaza B/C   INT 6manIPv6 Maintenance WG
Georgia A   RTG babel   Babel routing protocol WG
Regency D   RTG detnet  Deterministic Networking WG
Regency E   RTG riftRouting In Fat Trees WG
Regency C   TSV quicQUIC WG

WEDNESDAY, March 25, 2020

0830-0945  Side Meetings / Open Time
Regency C   tdd Technology Deep Dive

1000-1200  Morning Session I
Regency F   IRTF*** t2trg   Thing-to-Thing
Georgia B   RTG bierBit Indexed Explicit Replication WG
Regency D   SEC txauth  Transactional Authorization and Delegation BOF
Regency C   TSV quicQUIC WG

1330-1500  Afternoon Session I
Regency C   ART wpack   Web Packaging BOF
Regency E   IRTFpanrg   Path Aware Networking RG
Georgia A   SEC *** ace Authentication and Authorization for 
Constrained Environments WG

1520-1650  Afternoon Session II
Georgia A   model-t Internet Threat Model
Plaza A ART *** coreConstrained RESTful Environments WG
Plaza B/C   RTG rtgarea Routing Area Open Meeting

1710-1940  IETF Plenary - Regency C/D/E/F

THURSDAY, March 26, 2020

1000-1200  Morning Session I
Georgia A   ART *** cborConcise Binary Object Representation 
Maintenance and Extensions WG
Georgia B   INT dnssd   Extensions for

Re: [Ace] [EXTERNAL] RE: Access token question

2020-02-21 Thread Mike Jones 
And https://tools.ietf.org/html/rfc8693#section-7.4, which registers “scope” at 
https://www.iana.org/assignments/jwt/jwt.xhtml.

-- Mike

From: Jim Schaad 
Sent: Friday, February 21, 2020 9:15 AM
To: 'Francesca Palombini' ; 'Seitz Ludwig' 
; Mike Jones 
Cc: 'Ace Wg' 
Subject: [EXTERNAL] RE: Access token question

You are missing something

https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-33#section-8.13

defined here

From: Francesca Palombini 
mailto:francesca.palomb...@ericsson.com>>
Sent: Friday, February 21, 2020 4:37 AM
To: Seitz Ludwig mailto:ludwig.se...@combitech.se>>; 
Mike Jones mailto:michael.jo...@microsoft.com>>; 
Jim Schaad mailto:i...@augustcellars.com>>
Cc: Ace Wg mailto:ace@ietf.org>>
Subject: Access token question

Hi,

Quick question regarding access token and scope.
I know that “scope” semantics is left to the application to define, but in 
general I would expect to include there some information about resource and 
method/operations allowed on that resource. Please correct me if any of this is 
not exact.

It was my understanding that “scope” (or more precisely the “scope” value) 
defined for the Client-AS request and response should be included in the access 
token as well. Checking in CWT, there is no such “scope” claim defined. “aud” 
claim is indeed defined for the CWT, but that should correspond to “aud” 
parameter in the ACE request/response. So where do I put the exact resource and 
operations in the access token?

What am I missing?

Francesca
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] Access token question

2020-02-21 Thread Jim Schaad 
You are missing something

 

https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-33#section-8.13

 

defined here

 

From: Francesca Palombini  
Sent: Friday, February 21, 2020 4:37 AM
To: Seitz Ludwig ; Mike Jones 
; Jim Schaad 
Cc: Ace Wg 
Subject: Access token question

 

Hi,

 

Quick question regarding access token and scope. 

I know that “scope” semantics is left to the application to define, but in 
general I would expect to include there some information about resource and 
method/operations allowed on that resource. Please correct me if any of this is 
not exact.

 

It was my understanding that “scope” (or more precisely the “scope” value) 
defined for the Client-AS request and response should be included in the access 
token as well. Checking in CWT, there is no such “scope” claim defined. “aud” 
claim is indeed defined for the CWT, but that should correspond to “aud” 
parameter in the ACE request/response. So where do I put the exact resource and 
operations in the access token?

 

What am I missing?


Francesca

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace