I've replied on the OAuth mailing list. You can join it at
https://www.ietf.org/mailman/listinfo/oauth to participate in the discussion.
From: Ace On Behalf Of Hannes Tschofenig
Sent: Tuesday, July 3, 2018 12:47 PM
To: ace@ietf.org
Subject: [Ace] FW: PoP Key Distribution
Note that I posted a
Note that I posted a mail to the OAuth list about the PoP key distribution,
which also relates to the work on ACE-OAuth.
If you are interested in this topic please feel free to join the discussion on
the OAuth mailing list.
From: Hannes Tschofenig
Sent: 03 July 2018 21:46
To: oa...@ietf.org
Thanks, Ludwig. Note that last paragraph of the new Operational Considerations
section at
https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-03#section-6
addresses this issue. In particular, the last sentence of the section talks
about the need to keep keys used in different
Dear Roman Danyliw,
The session(s) that you have requested have been scheduled.
Below is the scheduled session information followed by
the original request.
ace Session 1 (2:00 requested)
Monday, 16 July 2018, Morning Session I 0930-1200
Room Name: Viger size: 200
On 2018-07-03 11:31, Ludwig Seitz wrote:
6. Client B gets 2 from AS bound via the cnf claim to KID="A"
This should of course read:
Client B gets T2 from AS ...
/Ludwig
--
Ludwig Seitz, PhD
Security Lab, RISE SICS
Phone +46(0)70-349 92 51
___
I've finally had the time to think about that Key ID issue for ACE.
Here is what I got:
The case Jim is worried about is the following:
* Client A has key K1 with KID = "A"
* RS also has key K1 with KID = "A"
* Client A has the right to token T1 on RS
* Client B has the right to token T2 on