Sent from Samsung tablet.
-------- Original message --------From: Ludwig Seitz <ludwig_se...@gmx.de>
Date: 07/01/2020 19:52 (GMT+00:00) To: elwynd <elw...@folly.org.uk>,
gen-art@ietf.org Cc: last-c...@ietf.org,
draft-ietf-ace-oauth-params....@ietf.org, a...@ietf.org Subject: Re: [Gen-art]
[Ace] Genart last call review of
draft-ietf-ace-oauth-params-06 On 2019-12-22 19:27, elwynd wrote:> Hi,
Ludwig.>> Having had another look at section 3.1 of>
draft-ietf-ace-cwt-proof-of-possession, technically the rules about> which keys
have to be present are not part of the syntax of the cnf> claim. The point can
be covered by changing '"syntax of the 'cnf' claim"> to "syntax and semantics
of the 'cnf' claim"> in each case.>> However, the second look threw up another
point: Figure 2 in s3.2 gives> a Symetric key example - I think this should
use an Encrypted_COSE_Key> (or Encrypted_COSE_Key0) as described in section 3.3
of> draft-ietf-ace-cwt-proof-of-possession.>> Otherwise I think we are done.>>
Eventually we will get to Christmas!>> Cheers,> Elwyn>>Hello Elwyn,I hope you
had a merry Christmas and a happy new year's eve.I have updated the draft to
-10, fixing the phrasing to your suggestionfrom the first paragraph above in
various places (and an issue that cameup during IANA review).Given my argument
for not having the encrypted COSE_Key in figure 2 Ileft that part as it was.
Please indicate whether this is acceptablewith the given
explanation.Regards,LudwigHi, Ludwig.Yes, we had a pleasant festive season -
Hope yours was good also.The -10 draft looks good. Regarding the symmetric key
in s3. 2/Figure 2, I think it would be worth adding a sentence to point out
that one might have to use the encrypted form per proof-of-posession draft if
the overall message was not encrypted (as in it is in the oauth
usage).Cheers,Elwyn
_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www.ietf.org/mailman/listinfo/gen-art
