Re: [Ace] [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

2021-03-26 Thread Zaheduzzaman Sarker 
Sure. Thanks.

BR
Zahed

On 2021-03-26, 15:08, "Seitz Ludwig"  wrote:

Hello Zahed,

If it's ok with you I'll fix that in conjunction with the IETF-editor 
review (they will probably find a few more like this).

/Ludwig

> -Original Message-
> From: Zaheduzzaman Sarker 
> Sent: den 26 mars 2021 15:04
> To: Seitz Ludwig ; The IESG 
> Cc: ace-cha...@ietf.org; ace@ietf.org; 
draft-ietf-ace-oauth-par...@ietf.org
> Subject: Re: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-
> ace-oauth-params-13: (with COMMENT)
> 
> Thanks for the update. My comments are addressed now.
> 
> Found a nit : It is RECOMMENDED that an AS reject a request
>   containing a symmetric key value in the 'req_cnf' field
>   (kty=Symmetric), since the AS is expected to be able to generate
>   better symmetric keys than a constrained client. client (Note: this 
does
>   not apply to key identifiers referencing a symmetric key).
> 
> s/reject/rejects
> 
> BR
> Zahed
> 
> 
> On 2021-03-26, 08:17, "iesg on behalf of Seitz Ludwig"  boun...@ietf.org on behalf of ludwig.se...@combitech.se> wrote:
> 
> Hello Zaheduzzaman,
> 
> Thank you for your review. The issues you found are now fixed in 
version -
> 14.
> 
> Note that there seems to be an problem with xml2rfc, since the 
outdated
> reference to draft-ietf-ace-oauth-authz-33 should have been taken care of
> by the tooling.
> I have notified the maintainer of xml2rfc and fixed the draft 
manually.
> 
> /Ludwig
> 
> > -Original Message-
> > From: Zaheduzzaman Sarker via Datatracker 
> > Sent: den 24 mars 2021 10:31
> > To: The IESG 
> > Cc: draft-ietf-ace-oauth-par...@ietf.org; ace-cha...@ietf.org;
> ace@ietf.org
> > Subject: [EXTERNAL] Zaheduzzaman Sarker's No Objection on 
draft-ietf-
> ace-
> > oauth-params-13: (with COMMENT)
> >
> > Zaheduzzaman Sarker has entered the following ballot position for
> > draft-ietf-ace-oauth-params-13: No Objection
> >
> > When responding, please keep the subject line intact and reply to 
all
> email
> > addresses included in the To and CC lines. (Feel free to cut this
> introductory
> > paragraph, however.)
> >
> >
> > Please refer to https://www.ietf.org/iesg/statement/discuss-
> criteria.html
> > for more information about IESG DISCUSS and COMMENT positions.
> >
> >
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
> >
> >
> >
> > 
--
> > COMMENT:
> > 
--
> >
> > * Section 1:
> >Nit : s/Respresentation/Representation
> >
> > * Section 3.1:
> >   I have similar observation as Martin Duke, and the resolution 
suggested
> by
> >   author looks fine with me as long as the cases are 
distinguishable.
> >
> > * Section 12:
> >Refers to draft-ietf-ace-oauth-authz-33, -38 version is 
available now.
> >
> >
> 


___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

2021-03-26 Thread Seitz Ludwig 
Hello Zahed,

If it's ok with you I'll fix that in conjunction with the IETF-editor review 
(they will probably find a few more like this).

/Ludwig

> -Original Message-
> From: Zaheduzzaman Sarker 
> Sent: den 26 mars 2021 15:04
> To: Seitz Ludwig ; The IESG 
> Cc: ace-cha...@ietf.org; ace@ietf.org; draft-ietf-ace-oauth-par...@ietf.org
> Subject: Re: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-
> ace-oauth-params-13: (with COMMENT)
> 
> Thanks for the update. My comments are addressed now.
> 
> Found a nit : It is RECOMMENDED that an AS reject a request
>   containing a symmetric key value in the 'req_cnf' field
>   (kty=Symmetric), since the AS is expected to be able to generate
>   better symmetric keys than a constrained client. client (Note: this does
>   not apply to key identifiers referencing a symmetric key).
> 
> s/reject/rejects
> 
> BR
> Zahed
> 
> 
> On 2021-03-26, 08:17, "iesg on behalf of Seitz Ludwig"  boun...@ietf.org on behalf of ludwig.se...@combitech.se> wrote:
> 
> Hello Zaheduzzaman,
> 
> Thank you for your review. The issues you found are now fixed in version -
> 14.
> 
> Note that there seems to be an problem with xml2rfc, since the outdated
> reference to draft-ietf-ace-oauth-authz-33 should have been taken care of
> by the tooling.
> I have notified the maintainer of xml2rfc and fixed the draft manually.
> 
> /Ludwig
> 
> > -Original Message-
> > From: Zaheduzzaman Sarker via Datatracker 
> > Sent: den 24 mars 2021 10:31
> > To: The IESG 
> > Cc: draft-ietf-ace-oauth-par...@ietf.org; ace-cha...@ietf.org;
> ace@ietf.org
> > Subject: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-
> ace-
> > oauth-params-13: (with COMMENT)
> >
> > Zaheduzzaman Sarker has entered the following ballot position for
> > draft-ietf-ace-oauth-params-13: No Objection
> >
> > When responding, please keep the subject line intact and reply to all
> email
> > addresses included in the To and CC lines. (Feel free to cut this
> introductory
> > paragraph, however.)
> >
> >
> > Please refer to https://www.ietf.org/iesg/statement/discuss-
> criteria.html
> > for more information about IESG DISCUSS and COMMENT positions.
> >
> >
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
> >
> >
> >
> > --
> > COMMENT:
> > --
> >
> > * Section 1:
> >Nit : s/Respresentation/Representation
> >
> > * Section 3.1:
> >   I have similar observation as Martin Duke, and the resolution 
> suggested
> by
> >   author looks fine with me as long as the cases are distinguishable.
> >
> > * Section 12:
> >Refers to draft-ietf-ace-oauth-authz-33, -38 version is available 
> now.
> >
> >
> 

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

2021-03-26 Thread Zaheduzzaman Sarker 
Thanks for the update. My comments are addressed now.

Found a nit : It is RECOMMENDED that an AS reject a request
  containing a symmetric key value in the 'req_cnf' field
  (kty=Symmetric), since the AS is expected to be able to generate
  better symmetric keys than a constrained client. client (Note: this does
  not apply to key identifiers referencing a symmetric key).

s/reject/rejects

BR
Zahed


On 2021-03-26, 08:17, "iesg on behalf of Seitz Ludwig"  wrote:

Hello Zaheduzzaman,

Thank you for your review. The issues you found are now fixed in version 
-14.

Note that there seems to be an problem with xml2rfc, since the outdated 
reference to draft-ietf-ace-oauth-authz-33 should have been taken care of by 
the tooling.
I have notified the maintainer of xml2rfc and fixed the draft manually.

/Ludwig

> -Original Message-
> From: Zaheduzzaman Sarker via Datatracker 
> Sent: den 24 mars 2021 10:31
> To: The IESG 
> Cc: draft-ietf-ace-oauth-par...@ietf.org; ace-cha...@ietf.org; 
ace@ietf.org
> Subject: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-
> oauth-params-13: (with COMMENT)
> 
> Zaheduzzaman Sarker has entered the following ballot position for
> draft-ietf-ace-oauth-params-13: No Objection
> 
> When responding, please keep the subject line intact and reply to all 
email
> addresses included in the To and CC lines. (Feel free to cut this 
introductory
> paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
> 
> 
> 
> --
> COMMENT:
> --
> 
> * Section 1:
>Nit : s/Respresentation/Representation
> 
> * Section 3.1:
>   I have similar observation as Martin Duke, and the resolution suggested 
by
>   author looks fine with me as long as the cases are distinguishable.
> 
> * Section 12:
>Refers to draft-ietf-ace-oauth-authz-33, -38 version is available now.
> 
> 


___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] [EXTERNAL] Lars Eggert's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

2021-03-26 Thread Seitz Ludwig 
Hello Lars,

Thank you for your review. Your issues have been fixed in -14.


/Ludwig

> -Original Message-
> From: Lars Eggert via Datatracker 
> Sent: den 25 mars 2021 12:11
> To: The IESG 
> Cc: draft-ietf-ace-oauth-par...@ietf.org; ace-cha...@ietf.org; ace@ietf.org
> Subject: [EXTERNAL] Lars Eggert's No Objection on draft-ietf-ace-oauth-
> params-13: (with COMMENT)
> 
> Lars Eggert has entered the following ballot position for
> draft-ietf-ace-oauth-params-13: No Objection
> 
> When responding, please keep the subject line intact and reply to all email
> addresses included in the To and CC lines. (Feel free to cut this introductory
> paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
> 
> 
> 
> --
> COMMENT:
> --
> 
> All comments below are very minor change suggestions that you may choose
> to incorporate in some way (or ignore), as you see fit. There is no need to 
> let
> me know what you did with these suggestions.
> 
> Paragraph 1, nit:
> Elwyn Davies' Gen-ART review
> (https://mailarchive.ietf.org/arch/msg/gen-art/Yauw_b5iNrPx-
> nQ095FyFKmQxlM/)
> contained some nits that I wanted to make sure you were aware of.
> 
> Section 12.1, paragraph 1, nit:
> >[I-D.ietf-ace-cwt-proof-of-possession]
> >   Jones, M., Seitz, L., Selander, G., Erdtman, S., and H.
> >   Tschofenig, "Proof-of-Possession Key Semantics for CBOR
> >   Web Tokens (CWTs)", draft-ietf-ace-cwt-proof-of-
> >   possession-11 (work in progress), October 2019.
> 
> Outdated reference: draft-ietf-ace-cwt-proof-of-possession has been
> published as RFC 8747
> 
> Section 12.1, paragraph 2, nit:
> >[I-D.ietf-oauth-mtls]
> >   Campbell, B., Bradley, J., Sakimura, N., and T.
> >   Lodderstedt, "OAuth 2.0 Mutual-TLS Client Authentication
> >   and Certificate-Bound Access Tokens", draft-ietf-oauth-
> >   mtls-17 (work in progress), August 2019.
> >
> 
> Outdated reference: draft-ietf-oauth-mtls has been published as RFC 8705
> 
> Section 12.1, paragraph 4, nit:
> >[RFC7049]  Bormann, C. and P. Hoffman, "Concise Binary Object
> >   Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049,
> >   October 2013, .
> 
> Obsolete normative reference: RFC 7049 (Obsoleted by RFC 8949)
> 
> Section 1, paragraph 3, nit:
> -Respresentation (CBOR) [RFC7049], JSON [RFC8259] MAY be used as an
> -  -
> +Representation (CBOR) [RFC7049], JSON [RFC8259] MAY be used as an
> 
> 

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] [EXTERNAL] Murray Kucherawy's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

2021-03-26 Thread Seitz Ludwig 
Hello Murray,

Thank you for your review. The issues you pointed out have been fixed in -14.

/Ludwig

> -Original Message-
> From: Murray Kucherawy via Datatracker 
> Sent: den 25 mars 2021 04:57
> To: The IESG 
> Cc: draft-ietf-ace-oauth-par...@ietf.org; ace-cha...@ietf.org; ace@ietf.org
> Subject: [EXTERNAL] Murray Kucherawy's No Objection on draft-ietf-ace-
> oauth-params-13: (with COMMENT)
> 
> Murray Kucherawy has entered the following ballot position for
> draft-ietf-ace-oauth-params-13: No Objection
> 
> When responding, please keep the subject line intact and reply to all email
> addresses included in the To and CC lines. (Feel free to cut this introductory
> paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
> 
> 
> 
> --
> COMMENT:
> --
> 
> Seems pretty straightforward to me, though I reserve the right to change
> that opinion as I make my way through the other ACE documents.
> 
> I realize ACE isn't responsible for CBOR notation, but I have to double-take
> every time I see something that looks like JSON yet has stuff like a mix of
> quotes and apostrophes as string delimiters of some kind.
> 
> Section 3.2: "of from" should be "or from", in the 'cnf" definition block.
> 
> Section 4: I think there's a parenthesis missing on the first line of the
> example.
> 
> 

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-oauth-params-13: (with COMMENT)

2021-03-26 Thread Seitz Ludwig 
Hello Zaheduzzaman,

Thank you for your review. The issues you found are now fixed in version -14.

Note that there seems to be an problem with xml2rfc, since the outdated 
reference to draft-ietf-ace-oauth-authz-33 should have been taken care of by 
the tooling.
I have notified the maintainer of xml2rfc and fixed the draft manually.

/Ludwig

> -Original Message-
> From: Zaheduzzaman Sarker via Datatracker 
> Sent: den 24 mars 2021 10:31
> To: The IESG 
> Cc: draft-ietf-ace-oauth-par...@ietf.org; ace-cha...@ietf.org; ace@ietf.org
> Subject: [EXTERNAL] Zaheduzzaman Sarker's No Objection on draft-ietf-ace-
> oauth-params-13: (with COMMENT)
> 
> Zaheduzzaman Sarker has entered the following ballot position for
> draft-ietf-ace-oauth-params-13: No Objection
> 
> When responding, please keep the subject line intact and reply to all email
> addresses included in the To and CC lines. (Feel free to cut this introductory
> paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ace-oauth-params/
> 
> 
> 
> --
> COMMENT:
> --
> 
> * Section 1:
>Nit : s/Respresentation/Representation
> 
> * Section 3.1:
>   I have similar observation as Martin Duke, and the resolution suggested by
>   author looks fine with me as long as the cases are distinguishable.
> 
> * Section 12:
>Refers to draft-ietf-ace-oauth-authz-33, -38 version is available now.
> 
> 

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

Re: [Ace] [EXTERNAL] Genart telechat review of draft-ietf-ace-oauth-params-13

2021-03-26 Thread Seitz Ludwig 
Hello Elwyn,

Thank you for you review. I have fixed the nit you pointed out in the new 
version of the draft (-14).

/Ludwig

> -Original Message-
> From: Elwyn Davies via Datatracker 
> Sent: den 23 mars 2021 23:53
> To: gen-...@ietf.org
> Cc: ace@ietf.org; draft-ietf-ace-oauth-params@ietf.org; last-c...@ietf.org
> Subject: [EXTERNAL] Genart telechat review of draft-ietf-ace-oauth-params-
> 13
> 
> Reviewer: Elwyn Davies
> Review result: Ready
> 
> I am the assigned Gen-ART reviewer for this draft. The General Area Review
> Team (Gen-ART) reviews all IETF documents being processed by the IESG for
> the IETF Chair. Please wait for direction from your document shepherd or AD
> before posting a new version of the draft.
> 
> For more information, please see the FAQ at
> 
> .
> 
> Document: draft-ietf-ace-oauth-params-13
> Reviewer: Elwyn Davies
> Review Date: 2021-03-23
> IETF LC End Date: 2019-12-13
> IESG Telechat date: 2021-03-25
> 
> Summary:
> Ready for publication with the wxcption of one very minor nit.  Thanks for
> responding to my previous review.
> 
> Major issues:
> None
> 
> Minor issues:
> None
> 
> Nits/editorial comments:
> s5:  This section cover current usage.  s1 anticipates the specifications 
> mught
> find other usages, so... OLD: The confirmation method parameters are used
> as
> follows: NEW: The confirmation method parameters are used in [I-D.ietf-ace-
> oauth-authz] as follows;  it is anticipated that they may be used, potentially
> differently, in other profiles or protocols: END
> 
> 

___
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace