Hi, Ludwig.Having had another look at section 3.1 of
draft-ietf-ace-cwt-proof-of-possession, technically the rules about which keys
have to be present are not part of the syntax of the cnf claim. The point can
be covered by changing '"syntax of the 'cnf' claim"to "syntax and semantics of
the 'cnf' claim"in each case.However, the second look threw up another point:
Figure 2 in s3.2 gives a Symetric key example - I think this should use an
Encrypted_COSE_Key (or Encrypted_COSE_Key0) as described in section 3.3 of
draft-ietf-ace-cwt-proof-of-possession.Otherwise I think we are done.Eventually
we will get to Christmas! Cheers,ElwynSent from Samsung tablet.
-------- Original message --------From: Ludwig Seitz <ludwig_se...@gmx.de>
Date: 22/12/2019 12:36 (GMT+00:00) To: Elwyn Davies <elw...@dial.pipex.com>,
gen-art@ietf.org Cc: last-c...@ietf.org,
draft-ietf-ace-oauth-params....@ietf.org, a...@ietf.org Subject: Re: [Gen-art]
[Ace] Genart last call review of
draft-ietf-ace-oauth-params-06 Hello Elwyn,I have now submitted -09 to fix
the minor issues and nits, which Iforgot in my -08.Comments
inline.Regards,LudwigOn 2019-12-14 23:46, Elwyn Davies via Datatracker
wrote:<deleted>> s3.1: The text in s3.2 of
draft-ietf-ace-cwt-proof-of-possession-03 contans> the following>> The
COSE_Key MUST contain the required key members for a COSE_Key of that> key
type and MAY contain other COSE_Key members, including the "kid" (Key> ID)
member.>> The "COSE_Key" member MAY also be used for a COSE_Key
representing a> symmetric key, provided that the CWT is encrypted so that
the key is not> revealed to unintended parties. The means of encrypting a
CWT is explained> in [RFC8392]. If the CWT is not encrypted, the symmetric
key MUST be> encrypted as described in Section 3.3.>> These riders probably
apply to all the subsectons of s3 and to s4.1 and could> be included in the
currently empty main section text.>Here I disagree. The text explicitly refers
todraft-ietf-ace-cwt-proof-of-possession, saying that the contents of the'cnf',
'req_cnf' and 'rs_cnf' parameters use the syntax of the 'cnf'claim from section
3.1 of draft-ietf-ace-cwt-proof-of-possession.The requirements in section 3.2
draft-ietf-ace-cwt-proof-of-possessionfollow from the use of the definitions in
3.1.I don't see the value of reiterating such a long text from that
documenthere, when an explicit reference is already
given._______________________________________________Gen-art mailing
listGen-art@ietf.orghttps://www.ietf.org/mailman/listinfo/gen-art
_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www.ietf.org/mailman/listinfo/gen-art