-----Original Message-----
From: Michael Richardson <mcr+i...@sandelman.ca>
Sent: Tuesday, May 5, 2020 11:07 AM
To: Jim Schaad <i...@augustcellars.com>; 'Ace' <ace@ietf.org>
Subject: Re: [Ace] draft-ietf-ace-oauth-authz
Jim Schaad <i...@augustcellars.com> wrote:
> I have much the same problem. While a client could find an AS which
> would authenticate the client, I don't know how the client would
> establish any degree of trust in the AS which is going to give it
> tokens.
Is your question that you don't know how to trust that the AS is the correct
AS for RS-foo?
[JLS] No, my question is how do I know to trust the AS period. I don't have
a key to establish a secure session with the AS. I guess doing full X.509
certificate processing would be an answer, but that could be difficult in
the event of a key compromise.
> If you have already put a local public key for the AS into the
> client, then you might as well put in a name for the AS as well. I
> suppose you could get by with a shared secret but that does not seem
to
> be a good way to build up the system.
Maybe there are redundant instances of the AS, or maybe there are multiple
ways (thus different IP addresses) by which to reach the AS.
[JLS] It could be that there are redundant instances of the AS, but then you
have the problem of either doing key sharing between all of them or needing
the ability to validate the key assigned to each of them. If you have
different addresses, that might be interesting, but you are going to need to
do trial connections to each possible AS found until you get one that works.
Jim
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -=
IPv6 IoT consulting =-
_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace
