> -Original Message-
> From: Carsten Bormann
> Sent: Monday, October 22, 2018 12:09 PM
> To: Jim Schaad
> Cc: ace@ietf.org
> Subject: Re: [Ace] FW: New Version Notification for draft-schaad-cnf-cwt-id-
> 00.txt
>
> On Oct 22, 2018, at 20:49, Jim Schaad wrote:
> >
> > I did not like
> -Original Message-
> From: Ace On Behalf Of Ludwig Seitz
> Sent: Monday, October 22, 2018 6:08 AM
> To: ace@ietf.org
> Subject: Re: [Ace] ACE Framework Review
>
> On 10/10/2018 16:24, Stefanie Gerdes wrote:
> > Hi,
> >
> > I looked through the ACE framework document. I think there
Here are my WGLC comments:
* I am not sure that I understand what the protocol flow is when JAR is
being used. Is there a potential case where a JWT would be used as the
structure of an OAuth response? If so then is there a problem with defining
cnf in section 4.1?
* We need to have a OAuth
On Oct 22, 2018, at 20:49, Jim Schaad wrote:
>
> I did not like the idea of using key identifiers when linking together CWTs
> for authorization purposes.
Right, they are not very useful as they don’t say anything about the
authorization information that is attached to that key in a
* Section 3.1 - Refresh Token - I don't think that refresh tokens are going
to be strings because binary is more efficient.
* Section 3.2 - we need to reference TLS 1.3 even if DTLS 1.3 is not yet
available.
* Description for Figure 6 - Should the example somehow indicate in the
message that it
* Section 1 - I understand the reasoning behind having the server send back
a nonce, although it would be good to have a description someplace about why
this is being done. (I would also make it optional as not all RS need to do
this.) I do not understand the reasoning behind having the client
I did not like the idea of using key identifiers when linking together CWTs for
authorization purposes. As part of that discussion I came up with the idea of
using the CWT identifier instead since that is going to be specific to an AS.
This draft is a brief description of the idea and I would
Done:
Htmlized: https://tools.ietf.org/html/draft-ietf-ace-actors-07
Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-actors-07
Grüße, Carsten
___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
Hi all,
We have just submitted v -05 of the ace-oscoap-joining draft.
This version also expands on the rekeying of current group members, and
is aligned with the latest ace-key-groupcomm draft submitted earlier today.
Best,
/Marco
Forwarded Message
Subject:New
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Authentication and Authorization for
Constrained Environments WG of the IETF.
Title : An architecture for authorization in constrained
environments
On 10/10/2018 16:24, Stefanie Gerdes wrote:
Hi,
I looked through the ACE framework document. I think there are some open
issues that need to be addressed. I will try to summarize the main
issues below. We provided a rough analysis of the DTLS profile in [1],
which may also be interesting (many
Hi all,
We have just submitted v-02 of the ace-key-groupcomm draft.
This version expands on the re-keying of group members, after nodes join or
leave the group. It also tries to clarify the message exchange, giving an high
level introduction before every subsection.
With this update, we hope
12 matches
Mail list logo