Hello Deb,Thanks a lot for your review! Please find in line below our detailed replies to your comments.
A Github PR where we have addressed your comments is available at [PR].Unless any concern is raised, we plan to soon merge this PR (and the other ones related to other received reviews), and to submit the result as version -09 of the document.
Thanks, /Marco [PR] https://github.com/ace-wg/ace-revoked-token-notification/pull/17 On 2024-07-06 15:32, Deb Cooley via Datatracker wrote:
Deb Cooley has entered the following ballot position for draft-ietf-ace-revoked-token-notification-08: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)Please refer tohttps://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7C970c5fc6a6de4b05ba7308dc9dc00998%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638558695329472322%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=AV32d%2FHdDlzyyMg2xyB67jrY3Seopa2jHLtsso28F%2F4%3D&reserved=0 for more information about how to handle DISCUSS and COMMENT positions.The document, along with other ballot positions, can be found here: https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-revoked-token-notification%2F&data=05%7C02%7Cmarco.tiloca%40ri.se%7C970c5fc6a6de4b05ba7308dc9dc00998%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638558695329482887%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=28GU%2F3gyDtFwfsJ6jbpFXXsEJeLdFUW1KszKlicjH%2BY%3D&reserved=0 ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Kyle Rose for doing the secdir review of this draft. Also thanks to the authors for the discussions and improvements. I have one last (easy?) question: Section 13: I expected to see some discussion on whether it is possible for an attacker to remove a revoked access token from the TRL allowing a registered device with a revoked access token to continue to participate. Conversely, is it possible for an attacker to add an access token to the TRL, which would deny service to the registered device. If these situations are not possible, what feature protects the TRL both at the AS and in transit?
==>MTJust to clarify and be sure: the AS indeed stores active **access tokens** that it has issued (e.g., in order to serve requests of token introspection from Resource Servers). However, the TRL specifically includes **token hashes** corresponding to issued access tokens, i.e., those that have been revoked and are not expired yet.
If we consider an external adversary that is not in control of the AS, then the attacks suggested in the comment are not possible.
First of all, a registered device or an administrator always relies on secure communications when interacting with the AS, as per Section 5 "The TRL Endpoint" and Section 9 "Registration at the Authorization Server". This is also aligned with Section 5 of RFC 9200 and with the security considerations of RFC 9200 that are simply inherited by this document as stated in its Section 13.0.
Furthermore, as per the interface at the AS defined in Section 5, registered devices and administrators can access the TRL endpoint at the AS exclusively in read-only mode. That is, the TRL endpoint at the AS supports only the GET method (see the fourth paragraph of Section 5).
It follows that accesses to the TRL are performed exclusively by sending protected and authenticated GET requests to the TRL endpoint, which by definition are safe in the REST sense and do not alter the content of the TRL.
In fact, the content of the TRL can be updated only internally by the AS, in the two circumstances described in Section 4.1 "Update of the TRL".
An adversary that has compromised and taken control of the AS is indeed able to update the content of the TRL, just like the AS would normally do. In particular, by appropriately updating the TRL content to become not aligned with the current set of access tokens that have been revoked but are not expired yet, such an adversary can practically perform the attacks suggested in the comment above.
However, an adversary in control of the AS would be able to perform actions with considerably more severe and harmful consequences, such as revoking access tokens for no good reasons, issuing access token inconsistently with the installed access control policies, or providing wrong information to Resource Servers that ask the AS to perform token introspection.
In the document, we have extended Section 13.1 "Content Retrieval from the TRL" by adding the following new text at its end.
NEW:> Note that the TRL endpoint supports only the GET method (see Section 5). Therefore, as detailed in Section 6 and Section 7, accesses to the TRL endpoint are performed only by means of protected and authenticated GET requests, which by definition are safe in the REST sense and do not alter the content of the TRL. That is, registered devices and administrators can perform exclusively read-only operations when accessing the TRL endpoint.
>> In fact, the content of the TRL can be updated only internally by the AS, in the two circumstances described in Section 4.1. Therefore, an adversary that is not in control of the AS cannot manipulate the content of the TRL, e.g., by removing a token hash and thereby fraudulently allowing a Client to access protected resources in spite of a revoked access token, or by adding a token hash and thereby fraudulently stopping a Client from accessing protected resources in spite of an access token being still valid.
<==
Received: from GVZP280MB0975.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f7::17)
by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM with HTTPS; Sun, 7 Jul 2024
07:00:37 +0000
Received: from DU2PR04CA0026.eurprd04.prod.outlook.com (2603:10a6:10:3b::31)
by GVZP280MB0975.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f7::17) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35; Sun, 7 Jul
2024 07:00:35 +0000
Received: from DU6PEPF0000B622.eurprd02.prod.outlook.com
(2603:10a6:10:3b:cafe::b8) by DU2PR04CA0026.outlook.office365.com
(2603:10a6:10:3b::31) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35 via Frontend
Transport; Sun, 7 Jul 2024 07:00:35 +0000
Authentication-Results: spf=pass (sender IP is 50.223.129.194)
smtp.mailfrom=ietf.org; dkim=none (message not signed)
header.d=none;dmarc=pass action=none header.from=ietf.org;compauth=pass
reason=100
Received-SPF: Pass (protection.outlook.com: domain of ietf.org designates
50.223.129.194 as permitted sender) receiver=protection.outlook.com;
client-ip=50.223.129.194; helo=mail.ietf.org; pr=C
Received: from mail.ietf.org (50.223.129.194) by
DU6PEPF0000B622.mail.protection.outlook.com (10.167.8.139) with Microsoft
SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7762.17
via Frontend Transport; Sun, 7 Jul 2024 07:00:34 +0000
Received: by ietfa.amsl.com (Postfix, from userid 65534)
id 82C92C151991; Sun, 7 Jul 2024 00:00:32 -0700 (PDT)
X-Original-To:draft-tiloca-ace-authcred-dtls-prof...@ietf.org
Delivered-To:xfilter-draft-tiloca-ace-authcred-dtls-prof...@ietfa.amsl.com
Received: from [10.244.2.27] (unknown [104.131.183.230])
by ietfa.amsl.com (Postfix) with ESMTP id 42B9CC1516E1
for<draft-tiloca-ace-authcred-dtls-prof...@ietf.org>; Sun, 7 Jul 2024
00:00:32 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
To:<draft-tiloca-ace-authcred-dtls-prof...@ietf.org>
Subject: Expiration impending: <draft-tiloca-ace-authcred-dtls-profile-01.txt>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.17.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172033563194.274.5459272935872629627@dt-celery-86db7666db-4xkn5>
Date: Sun, 07 Jul 2024 00:00:31 -0700
From: IETF Secretariat<ietf-secretariat-re...@ietf.org>
Resent-From:<alias-boun...@ietf.org>
Resent-To:john.matts...@ericsson.com,marco.til...@ri.se
Resent-Message-Id:<20240707070032.82c92c151...@ietfa.amsl.com>
Resent-Date: Sun, 7 Jul 2024 00:00:32 -0700 (PDT)
Return-Path:forwardingalgori...@ietf.org
X-MS-Exchange-Organization-ExpirationStartTime: 07 Jul 2024 07:00:34.5120
(UTC)
X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
X-MS-Exchange-Organization-Network-Message-Id:
5abb92d8-e10c-4736-b7f3-08dc9e527f9a
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic:
DU6PEPF0000B622:EE_|GVZP280MB0975:EE_|GVYP280MB0464:EE_
X-MS-Exchange-Organization-AuthSource:
DU6PEPF0000B622.eurprd02.prod.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Office365-Filtering-Correlation-Id: 5abb92d8-e10c-4736-b7f3-08dc9e527f9a
X-MS-Exchange-AtpMessageProperties: SA|SL
X-MS-Exchange-Organization-SCL: 1
X-Microsoft-Antispam:BCL:0;ARA:13230040|12012899012|2092899012;
X-Forefront-Antispam-Report:
CIP:50.223.129.194;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.ietf.org;PTR:mail.ietf.org;CAT:NONE;SFS:(13230040)(12012899012)(2092899012);DIR:INB;
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2024 07:00:34.1995
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id:
5abb92d8-e10c-4736-b7f3-08dc9e527f9a
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-AuthSource:
DU6PEPF0000B622.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVZP280MB0975
X-MS-Exchange-Transport-EndToEndLatency: 00:00:03.0584539
X-MS-Exchange-Processed-By-BccFoldering: 15.20.7741.016
X-Microsoft-Antispam-Mailbox-Delivery:
dwl:1;ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(831239)(255002)(410001)(930097)(140003)(1420198);
X-Microsoft-Antispam-Message-Info:
=?utf-8?B?NnNUdHBLRDFrWlY3U3FBZFQ4QkhXaHFieDdxdUN4NnpjaS9HNXFPbGNoNzFV?=
=?utf-8?B?SHFCTTl0WnZMODNmV3pLK2NWVEFMYmxtSEIxNWhQdWpXWDJMTDVwNm11M21p?=
=?utf-8?B?dzRwVklva29nR1VSbkI0ZDJVdGpHVjU2OTVpYWxHWUoyUG02UE9pVlltNys3?=
=?utf-8?B?TUE5bkZIWllrTUNPZW05aE4zeXhZOE1Qdm9KM0J4ZDVzdUFFVGlxWHhKTFNE?=
=?utf-8?B?THMzNTd1djg3MEdPbCtiNXlZeFJJajJsRU5PazRTb25iM1VGWS9mYnZzVEFu?=
=?utf-8?B?bmQyQ3FjcStSQ1RJdGdnTmZ6TUJPYThOSjZpUkdsN1o1TWdaSlB4QnVnVGQ3?=
=?utf-8?B?U09QSkdDaXFCVld0S0pwMEhlNlJJem1LWFRlLy9wcTVtZmpNcnBWVTRYby9p?=
=?utf-8?B?eW5EOHM2NHpCNGlTa0h1ZGhLR2VVY1ZFa3cyTHN6cnhvd0VBYmc1UW9BZEpQ?=
=?utf-8?B?ME9id240UGJlUS9qU1p4N0JNMHhNWmpwOTZMMmU5bVFjUVI5ZXJ2YWhPQkhZ?=
=?utf-8?B?Y1dFQ2d5WUdIb2RIMmtab29Qb0RJRlVNaXBnWkIva0l4a3ZKSHNDMXkxRjhq?=
=?utf-8?B?NVFWR214ZUdEaEpTQnRoWUhIbFFCOHhsQjMzdFJXWVU3bXc5UVAreTc4Vlpn?=
=?utf-8?B?LzA1UUFFdEY4eHI4QTdLbFhpN2hnMyt0RVZYZk5iMDhkM3hMMndPZUdzTUds?=
=?utf-8?B?ajBoOXNSUW1QaWY1bWZlcm8rT3lId29iMWxHWGQ3RkpsYW5abUFrc2tCdm1a?=
=?utf-8?B?Zkg2WXJTaU8zWHlPZUZKTFhqMEtMdVUxeXhHK0pud3ZGU0IwNUlHNlNaV2xz?=
=?utf-8?B?SkR2MnVPWjNCQVVxa2lIS3ZsMms2VmhNcklFOVNwUzBCQ21COTFJaHNQdG5N?=
=?utf-8?B?OWl1MWxtdW9HcUJlUGZ0TkxoUzI3b2tDa21ndUZaTHpQQ0lZUW9nd3o3YVkx?=
=?utf-8?B?VzBCdWVyV3ljOEExRVMyTy96a0tSS082SXFOdXRIQm8xQ3oxdCtIQXJKTE15?=
=?utf-8?B?S2xCNllLT25FbmhlMDUrbC9NMElYMXM3S2ZaS1Rnck9TVUp6TzlrVXJEUlQ3?=
=?utf-8?B?ZnNXY3VDWnZxZzVCQWRMQ01tdE5Nakg4RnNaMUFyU2dvSE9MMjZCK3BLOFBj?=
=?utf-8?B?YTd6b3MzM3UyVTF2a0s2WTdrRnJMMkFuU3BsTUhScWhiUkppdjNaQXFENjBE?=
=?utf-8?B?by9EVEdKYjBJeFlPd0p0cTRTZHgwbFlaOEtGeVFaUlI2SDdOa1FXeTRJYzU3?=
=?utf-8?B?S2dqU3lSbzVvM3lqdFdLMmFwdzNyNlVkbDJHRXA2ZmJkZFFwQVZEVllTWTcy?=
=?utf-8?B?cTRhSkFMeThhZSswb0FCNHVoWWRucW1WN3E3VnV6MDlaSDBtYWl1WkJuRnJH?=
=?utf-8?B?T1NUamhGb1dya1c3dTdrR3NxZGFNSUlkczN2SXd5OFEwVHdOcS9JSjRzeG5i?=
=?utf-8?B?eHNjWGUzdWU4MXBiaDlpTGloZnFoRVdHZVphZ3dKQWVnanJEbGtLWjh5NWJ5?=
=?utf-8?B?MUNLUW1UV0VXS1oxNko2czNVQVRvZmRVMG1lR2FPUSs5Mnk4eloycHZ6SEh2?=
=?utf-8?B?c3N5WTNwL2Y1OFdBa1JidSs2ZTMvb3l0SDFZMnlKUkNLZVozdkNaQ2RRREtL?=
=?utf-8?B?WldCUkl6SXlWamY5T0pVVFI0SXc1S3RsYmJtT1pMb0V2dDl1T0NldXFERTVz?=
=?utf-8?B?NHRKQUFxVUxJQWdSUmgxVlg2WjNMeVluQzNSV2d6aWZ3a05OVjZtYW56M1d1?=
=?utf-8?B?UCtvZkpGbG9HOU5rclVzUWdpQ2ROSk41L3U0aitUL2pYNTNreFB2VDh1YUdE?=
=?utf-8?B?d2ZQY2dscDNZSXFMczBYSkswYWpnak5RaG5HSlhQOTNCZGR3dGU5YWlpbjRK?=
=?utf-8?B?ZDZKTDNhWldSdHN2YTMvOU95RUFtRG5Dd09XdHFId3dUUEJ6dURHdEsyMit6?=
=?utf-8?B?THV0N1dsYzVVcDVxZTh5Y0VvTVRIcHJhQk9MdzdFOVdpcnAxbGpxRFBZQ3dY?=
=?utf-8?B?KzFaUDJIaGozSXpqQkZCNUczRk9MMllrZCtNcGs0RjNyRFl6VlphV0dITUNi?=
=?utf-8?B?MVl5eG5LdUZXdkVMWWt6NzgyTHBtM2Ixcnp4RWJXd21mTXBNRTRBYzZHRU1y?=
=?utf-8?B?RHM4ZEpWNnowRzRKSWM0d2FIWjlqQ1oxK2R3VzZTUm11cER0QWR5Slh0Y09D?=
=?utf-8?B?WnpWWlQrRC85RzJkUjVZYjBkUkFNOEJ0cCtucStmQWNGV0VrRGV1RVFHdXZE?=
=?utf-8?B?bWtpNks2MVhtcmdnSkdNRWtzdEFueHNBWmdhcW5scWlrWGx5eVdQQ3YwQW44?=
=?utf-8?B?YW5jWVlCeDJkV2U3aEJjekVFd0tTZWt5QVdPVlplQkVWanNHRkRZcG5lNmFN?=
=?utf-8?B?UlZNTldWQ0hIWkxVUWpSOElGb1V6TFcxekNzVUFvQzYyaDE2MDFvbkI5N0ZW?=
=?utf-8?B?VTV0T3VtUkFPWnRYL3pWK25kdmlZWkN5M01tOWxZMlBvL0dQVlkrRXYyZmk5?=
=?utf-8?B?TmVWN01LcHVDbCttSWVGckN3Tm5jSXUxR3FEQ3F4ZFM4V2xVLzFrYXlPOU9Z?=
=?utf-8?B?d3ZvSmJUcDI4Y1dpbFNleVlaZjY5NmRhOTZ0eUpEc2FtNTZ3cFMyY3ZkOGZw?=
=?utf-8?B?TVpTUWFIZEFjL1BLUnY1YVVINzRoNWNVV29keWIxK1Vsc0JvNTkwTjZGRFE1?=
=?utf-8?B?bnBaUTRITTM5WDJSL3ZCL0VnK01nVUVBSGpJZ0xIaktnL3FKY21Ga1pwQ1Fj?=
=?utf-8?B?dTVPZFM1OUhaMGVJVFBORFJpL0p0S0tCZDRFUG4wODRJV21VR0tGTytBRDBn?=
=?utf-8?B?PT0=?=
MIME-Version: 1.0
The following Internet-Draft will expire soon:
Name: draft-tiloca-ace-authcred-dtls-profile
Title: Additional Formats of Authentication Credentials for the Datagram
Transport Layer Security (DTLS) Profile for Authentication and Authorization
for Constrained Environments (ACE)
State: I-D Exists
Expires: 2024-07-13 (in 5 days, 23 hours)
Received: from GV3P280MB0827.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f2::5) by
GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM with HTTPS; Sun, 7 Jul 2024 07:00:37
+0000
Received: from AS9P251CA0015.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:50f::29)
by GV3P280MB0827.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f2::5) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.35; Sun, 7 Jul
2024 07:00:35 +0000
Received: from AMS1EPF00000041.eurprd04.prod.outlook.com
(2603:10a6:20b:50f:cafe::a7) by AS9P251CA0015.outlook.office365.com
(2603:10a6:20b:50f::29) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.34 via Frontend
Transport; Sun, 7 Jul 2024 07:00:35 +0000
Authentication-Results: spf=pass (sender IP is 50.223.129.194)
smtp.mailfrom=ietf.org; dkim=none (message not signed)
header.d=none;dmarc=pass action=none header.from=ietf.org;compauth=pass
reason=100
Received-SPF: Pass (protection.outlook.com: domain of ietf.org designates
50.223.129.194 as permitted sender) receiver=protection.outlook.com;
client-ip=50.223.129.194; helo=mail.ietf.org; pr=C
Received: from mail.ietf.org (50.223.129.194) by
AMS1EPF00000041.mail.protection.outlook.com (10.167.16.38) with Microsoft
SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7762.17
via Frontend Transport; Sun, 7 Jul 2024 07:00:34 +0000
Received: by ietfa.amsl.com (Postfix, from userid 65534)
id 4C4B8C16940C; Sun, 7 Jul 2024 00:00:33 -0700 (PDT)
X-Original-To:draft-ietf-ace-oscore-gm-admin-co...@ietf.org
Delivered-To:xfilter-draft-ietf-ace-oscore-gm-admin-co...@ietfa.amsl.com
Received: from [10.244.2.27] (unknown [104.131.183.230])
by ietfa.amsl.com (Postfix) with ESMTP id DB046C1522B9;
Sun, 7 Jul 2024 00:00:32 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
To:<draft-ietf-ace-oscore-gm-admin-co...@ietf.org>
Cc:ace-cha...@ietf.org,paul.wout...@aiven.io
Subject: Expiration impending: <draft-ietf-ace-oscore-gm-admin-coral-01.txt>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.17.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172033563255.274.9265451665620885998@dt-celery-86db7666db-4xkn5>
Date: Sun, 07 Jul 2024 00:00:32 -0700
From: IETF Secretariat<ietf-secretariat-re...@ietf.org>
Resent-From:<alias-boun...@ietf.org>
Resent-To:marco.til...@ri.se,rikard.hogl...@ri.se
Resent-Message-Id:<20240707070033.4c4b8c169...@ietfa.amsl.com>
Resent-Date: Sun, 7 Jul 2024 00:00:33 -0700 (PDT)
Return-Path:forwardingalgori...@ietf.org
X-MS-Exchange-Organization-ExpirationStartTime: 07 Jul 2024 07:00:35.2287
(UTC)
X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
X-MS-Exchange-Organization-Network-Message-Id:
26f577d6-a8a7-41bc-125e-08dc9e528008
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic:
AMS1EPF00000041:EE_|GV3P280MB0827:EE_|GVYP280MB0464:EE_
X-MS-Exchange-Organization-AuthSource:
AMS1EPF00000041.eurprd04.prod.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Office365-Filtering-Correlation-Id: 26f577d6-a8a7-41bc-125e-08dc9e528008
X-MS-Exchange-AtpMessageProperties: SA|SL
X-MS-Exchange-Organization-SCL: 1
X-Microsoft-Antispam:BCL:0;ARA:13230040|12012899012|2092899012;
X-Forefront-Antispam-Report:
CIP:50.223.129.194;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.ietf.org;PTR:mail.ietf.org;CAT:NONE;SFS:(13230040)(12012899012)(2092899012);DIR:INB;
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2024 07:00:34.9006
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id:
26f577d6-a8a7-41bc-125e-08dc9e528008
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-AuthSource:
AMS1EPF00000041.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV3P280MB0827
X-MS-Exchange-Transport-EndToEndLatency: 00:00:02.7249057
X-MS-Exchange-Processed-By-BccFoldering: 15.20.7741.016
X-Microsoft-Antispam-Mailbox-Delivery:
dwl:1;ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(831239)(255002)(410001)(930097)(140003)(1420198);
X-Microsoft-Antispam-Message-Info:
=?utf-8?B?cXE1V3V2a252cTlwYWR2SlpTaGdJL1VRMk9CaGNxekJuUC9hL3FxdEhqZk5q?=
=?utf-8?B?L0FDa0hPOGJtQjZkZitxMVBocVY3R05mTTJkbXIyekFEQXAvOHU2Z043aWVo?=
=?utf-8?B?VjkxbnIrUGdVTEFjeFlKemlDNUJoL0pGOHI4V3BvWnpkb1ZhVlJQOGJnV2ZR?=
=?utf-8?B?Z0ttRHUzS0ozRGlockMxaFdFQk5ZdTZjSkpYL2R3bDhXdEh0VGRNSVpWb045?=
=?utf-8?B?akx5RC9LOHpWQ2kzTEQyeXgvQnBaZWF5QS9iNHZjQmNCMmR1bS9jWmZ4SURJ?=
=?utf-8?B?SlVrbEMyNFZWclBkN28xQkNaaklZdkRRdG91TXFNRTB6MDRUaVVHUnVSeUM3?=
=?utf-8?B?MnBDbFArWTlLSzhIR29RWXRNSnROVm4wYnZpRkNuRW9RMWFFYjZSdFl4VWt2?=
=?utf-8?B?ejdJKzZDQldEcXI5UlRnUW1Rb3RBWU15YXlyTmRYemRzcDRobm4rdTUwYTVy?=
=?utf-8?B?dm54MTVKNHJsbzNBVkNsMEEyTmREOHFjelNKRk1XaTc5Mi9RdEs3blBCTXZU?=
=?utf-8?B?dFo1M2c5U3V4bUVWb2h3bG84Q0Nkalh5eEoyYjk1SXl2RjY4TFBLbS9OZkdK?=
=?utf-8?B?UFZPcGNRV0RxZ29KNXRDaWVNNkJuL0JRZDl5cVN0WjRQeUJVVmVhY05xUkdT?=
=?utf-8?B?ejZpbmpWWHJaaFZXb0ZZM1hXTTdzRHlPdmZ1TGpKcjJPT0FMNUU4R2k2c2Zt?=
=?utf-8?B?NzRlZGpXRThyTmJ1VldPVkpJdWt1OGpBbGtjZElxQTcxWU00ZmdWS09YbTNJ?=
=?utf-8?B?U1NIS1pkSnBvS1o5Q0FSRkRIeDI5dGVBNU1ZenQyZ2hnWHp4OVB1cG5aRzlI?=
=?utf-8?B?VnArSHFPbVVjbDJoUXlidG1zMVRKNTYxOGF5TzUwWEIzTUNTejdlanNiVjhS?=
=?utf-8?B?Z2pGYkpDck90Q2twNzY4dlJ4SFBuUjFMWjliN08rR3l1NEJqczAzUnJKeVl4?=
=?utf-8?B?WEdldTF5VjBXWkswdjI3cjYvSVE0T1hxSzE2NlZjTExUT0djR3M4MWVIblpD?=
=?utf-8?B?QVo1ZWl0bUp0R1BpakRGYkdQUmxGMHY0RXp5S0Z3VjhJOWxFTkpQSXRuNnFY?=
=?utf-8?B?L2duWmZaR0hPRUNtN2s3VDZKWDM3bVJ1ZjNVbGFpMEl5NmxVR084RC9LMmtX?=
=?utf-8?B?Qk5BdUZkUmMrUzhXenF4eUhkck1uWThMWHh6L2ROUVZCUE0zY2M2WmZOdWIz?=
=?utf-8?B?eFZWMnE3aFR2SXc4eFlZaHVWdkJ5YWE2WXVvazBMVWdISldiOE42UU15L3pk?=
=?utf-8?B?dU8vWmprOEwyclBRQ3FtMkVsOGNzaG5FNjl3VzNlbEp6L05DKytFRG56azlw?=
=?utf-8?B?S2NZUGphbS82OEtVL2dTb25Sa0pzYWU3aVo0SHY4UFhWOXNYMHc0T1BDNWh6?=
=?utf-8?B?UjNUb0dvbTFNNWZHckhpMkRsUkFQNHZpdUJkV0pyL01vVGhLTno5b2J3cTAy?=
=?utf-8?B?S2U3dFJvZWtDa25kR2JSZzBpL2pqb0FYZ0I3RytzNXZhUGZOMEJiYTMreHFV?=
=?utf-8?B?b2xrczVmSnpNYWZ2TDduWndjZkMvdnNYZ3NzeVVyWVZDMXlSUk9iM3N4Zmp4?=
=?utf-8?B?V3dnMi9STFhTZDMrb3Rta0JpVHZCbmUyTnN3bGcvK2RYWTE3VGdzdmdBMUdB?=
=?utf-8?B?cGFnVWR0YjF5MnBsdTBwSko0RHRJdnpld1NIT1YwcGwvc09KNjB5Qm8yd3VK?=
=?utf-8?B?YlhPOVJWbDNnUUp3THRPcjR0eXh0RTlaWWVBQnpCOC9nUlJRbGIyL3VPZGoz?=
=?utf-8?B?UGJ5N1ozTlZsaTZpMXhZRDRZd2QvSWh6M25Nd1VuNzNpVEplcVZUMGxsRWRN?=
=?utf-8?B?R2J1NzVoUzdNSUdqTkN2T0lzak5YNXRUQVFXQmhUb3RXUFMwVmsrR1JlczVv?=
=?utf-8?B?N3RSZk9QZjRVWUhBTVNGT3plY3BqWEFCbklNYWtLa3JLMitQYVdJd2ttTlEy?=
=?utf-8?B?WXZ3d0tLZk5hYmdicTRGUmlNM3g2MzNMVXh0aDdRSm9UTXhZVExuTFVpNkZW?=
=?utf-8?B?TVJpNEhpdElxb3pxSDVqZXNBU21vb3ZuaDlZV1gxTThQY2RnbS9Sd1R5R1Ev?=
=?utf-8?B?MlJNZGNnYTgxamhyemEyZjRERU9IZS9DRVEya1JlaW9YQzAxRk8rQTNSZXlP?=
=?utf-8?B?bENWKy8wOG1qTVFGUzNOR0l4R21PR1FNcVhXejgyWk5LdDRweXU5Wlc3ZFZH?=
=?utf-8?B?UVAxcEdOQ3puKzJuVGFMVGI3LzVodjJXVzU0cVMxRFNISkV3eE1lVzlBYWJ0?=
=?utf-8?B?TmUyamNqamVlSHJvdmdENlFiNWNYOExGWFBqV1Irdmk2VjFpRDBKS3FWOXk3?=
=?utf-8?B?S2tKM2N4RG1HaVQyQVpmcnEzYVpLWUlsWFR4cG5mYk1oSFAydXZObEJweEFE?=
=?utf-8?B?cXQ1L081dUc4Ukl6SmY3c3hJMTNsL1I1NXZyeTlRNkw5OEpCbWJqSjA5Qmp0?=
=?utf-8?B?OHVBS2MxSzdSZnYrUStoU3dSL0xIa21KajJTdGFqL3RFN1BVNXgraE5pc3Ni?=
=?utf-8?B?alR1VG1rK1RTRFZ1L2RoK1R1cUg4N3JpUlZmcE5QSGs2aXJCbDdFSjNjdUJM?=
=?utf-8?B?OWhYVjFPL05zakxmaEFHWmd4cEVOOWMyVmxlR0dORlJxM05aRmY3aGZURit3?=
=?utf-8?B?dy9CaVZFU3Zad212T1RYRC9jSGlxNG9lMld5LzdlMEtOOUN1Vzg5dVlYTVU0?=
=?utf-8?B?c3BpL1VhSmpaTXpyN0tXaXhNdFduSFN0SmJFbHlxeHVlMFFySW9yY3JRSFgz?=
=?utf-8?B?bHZnYjhEb1VwY2lpSEdpVUp3bGpTSTdHQkF2K2RoNDMwTDFsVFdTNlpEZStB?=
=?utf-8?B?PT0=?=
MIME-Version: 1.0
The following Internet-Draft will expire soon:
Name: draft-ietf-ace-oscore-gm-admin-coral
Title: Using the Constrained RESTful Application Language (CoRAL) with the
Admin Interface for the OSCORE Group Manager
State: I-D Exists
Expires: 2024-07-17 (in 1 week, 2 days)
-- Marco Tiloca Ph.D., Senior Researcher Phone: +46 (0)70 60 46 501 RISE Research Institutes of Sweden AB Box 1263 164 29 Kista (Sweden) Division: Digital Systems Department: Computer Science Unit: Cybersecurity https://www.ri.se
OpenPGP_0xEE2664B40E58DA43.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ace mailing list -- ace@ietf.org To unsubscribe send an email to ace-le...@ietf.org
