Hi Ben, ace, These 2 updates (09 and 10) address almost all the AD review comments of v-08.
V-09 covers the majority of them, as we discussed in this thread: https://mailarchive.ietf.org/arch/msg/ace/rgVfs3dzcWQnNlXn331DdpQfwwQ/ and listed in this issue: https://github.com/ace-wg/ace-oscore-profile/issues/26 v-10 covers the remaining: * The mechanism of letting the RS pick the identifier of the client is not worth the additional complexity. 6, 7, 32, 61, 65, * Define and register 2 new ACE parameters to transport the nonces used in the exchange, instead of using "cnonce". 3, 53, 60 The following issue is still open (during the interim meeting Jim volunteered to give a try to draft some text, and we really appreciate his help) and we should pinpoint what we need to include in the document about: * Recommendation about length of nonces N1 and N2 to use. 5, 52 Thanks, Francesca On 09/03/2020, 17:44, "Ace on behalf of internet-dra...@ietf.org" <ace-boun...@ietf.org on behalf of internet-dra...@ietf.org> wrote: A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Authentication and Authorization for Constrained Environments WG of the IETF. Title : OSCORE profile of the Authentication and Authorization for Constrained Environments Framework Authors : Francesca Palombini Ludwig Seitz Göran Selander Martin Gunnarsson Filename : draft-ietf-ace-oscore-profile-10.txt Pages : 30 Date : 2020-03-09 Abstract: This memo specifies a profile for the Authentication and Authorization for Constrained Environments (ACE) framework. It utilizes Object Security for Constrained RESTful Environments (OSCORE) to provide communication security, server authentication, and proof-of-possession for a key owned by the client and bound to an OAuth 2.0 access token. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ace-oscore-profile/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-ace-oscore-profile-10 https://datatracker.ietf.org/doc/html/draft-ietf-ace-oscore-profile-10 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ace-oscore-profile-10 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
