[auth48] [AD] AUTH48: RFC-to-be 9679 for your review

Mon, 09 Dec 2024 11:35:21 -0800 

Dear Mike, Orie, and *Paul (AD),

Thank you for your replies. We have updated the sourcecode as requested. Please 
review and let us know if any further changes are needed.

*Paul, please review the updates to the sourcecode in Section 6 and let us know 
if you approve; see https://www.rfc-editor.org/authors/rfc9679-auth48diff.html.

Note from Orie:
> The example of EDN was changed during auth48 but the encoded hex was not 
> updated. I confirmed the source code blocks are processed correctly using 
> cbor.me, this was the only issue I encountered.


Section 6
OLD:
  A50102200121582065EDA5A12577C2BAE829437FE338701A10AAA375E1BB5B5DE108D
  E439C08551D2258201E52ED75701163F7F9E40DDF9F341B3DC9BA860AF7E0CA7CA7E9
  EECD0084D19C0258246D65726961646F632E6272616E64796275636B406275636B6C6
  16E642E6578616D706C65

NEW:  
  A50102200121582065EDA5A12577C2BAE829437FE338701A10AAA375E1BB5B5DE108D
  E439C08551D2258201E52ED75701163F7F9E40DDF9F341B3DC9BA860AF7E0CA7CA7E9
  EECD0084D19C025820496BD8AFADF307E5B08C64B0421BF9DC01528A344A43BDA88FA
  DD1669DA253EC


—FILES (please refresh)— 

The updated XML file is here:
https://www.rfc-editor.org/authors/rfc9679.xml

The updated output files are here:
https://www.rfc-editor.org/authors/rfc9679.txt
https://www.rfc-editor.org/authors/rfc9679.pdf
https://www.rfc-editor.org/authors/rfc9679.html

This diff file shows all changes made during AUTH48:
https://www.rfc-editor.org/authors/rfc9679-auth48diff.html

These diff files show only changes made during the last edit round:
https://www.rfc-editor.org/authors/rfc9679-lastdiff.html
https://www.rfc-editor.org/authors/rfc9679-lastrfcdiff.html

This diff file shows all changes made to date:
https://www.rfc-editor.org/authors/rfc9679-diff.html

For the AUTH48 status of this document, please see:
https://www.rfc-editor.org/auth48/rfc9679

Thank you,
RFC Editor/kc


> On Dec 9, 2024, at 10:25 AM, Orie Steele <orie@transmute.industries> wrote:
> 
> Hi, the text here:
> 
> OLD:
> 
> A50102200121582065EDA5A12577C2BAE829437FE338701A10AAA375E1BB5B5DE108D
> E439C08551D2258201E52ED75701163F7F9E40DDF9F341B3DC9BA860AF7E0CA7CA7E9
> EECD0084D19C0258246D65726961646F632E6272616E64796275636B406275636B6C6
> 16E642E6578616D706C65
> 
> NEW:
> 
> A50102200121582065EDA5A12577C2BAE829437FE338701A10AAA375E1BB5B5DE108DE439C08551D2258201E52ED75701163F7F9E40DDF9F341B3DC9BA860AF7E0CA7CA7E9EECD0084D19C025820496BD8AFADF307E5B08C64B0421BF9DC01528A344A43BDA88FADD1669DA253EC
> 
> The example of EDN was changed during auth48 but the encoded hex was not 
> updated.
> 
> I confirmed the source code blocks are processed correctly using cbor.me, 
> this was the only issue I encountered.
> 
> OS
> 
> On Fri, Dec 6, 2024 at 4:35 PM Michael Jones <michael_b_jo...@hotmail.com> 
> wrote:
> I looked at all the sourcecode blocks.  Their types look fine to me.
> 
>                                 Best wishes,
>                                 -- Mike
> 
> -----Original Message-----
> From: Karen Moore <kmo...@amsl.com>
> Sent: Friday, December 6, 2024 12:34 PM
> To: Hannes Tschofenig <hannes.tschofe...@gmx.net>; Orie Steele 
> <orie@transmute.industries>; Isobe Kohei <isobeko...@gmail.com>; Hannes 
> Tschofenig <hannes.tschofe...@gmail.com>
> Cc: Michael Jones <michael_b_jo...@hotmail.com>; RFC Editor 
> <rfc-edi...@rfc-editor.org>; cose-...@ietf.org; Cose Chairs Wg 
> <cose-cha...@ietf.org>; auth48archive <auth48archive@rfc-editor.org>; Paul 
> Wouters <paul.wout...@aiven.io>
> Subject: AUTH48: RFC-to-be 9679 <draft-ietf-cose-key-thumbprint-06> for your 
> review
> 
> Authors,
> 
> The IANA actions are complete for this document. Prior to moving forward with 
> publication, please confirm if you want to perform any further checks on the 
> sourcecode per this note:
> 
> > The sourcecode type should be set to cbor-diag. We should validate these 
> > source code blocks once more at the very end, using CBOR.me or similar.
> 
> 
> Best regards,
> RFC Editor/kc
> 
> > On Dec 5, 2024, at 10:25 AM, Karen Moore <kmo...@amsl.com> wrote:
> >
> > Hi Paul and *Authors,
> >
> > Thank you for your quick reply. We have noted your approval on the AUTH48 
> > status page (https://www.rfc-editor.org/auth48/rfc9679).
> >
> > *Authors, please confirm if any final checks need to be performed prior to 
> > publication per this comment:
> >
> >> The sourcecode type should be set to cbor-diag. We should validate these 
> >> source code blocks once more at the very end, using CBOR.me or similar.
> >
> > Note that we will ask IANA to update their registry per the recent update; 
> > we will inform you when complete.
> >
> > Best regards,
> > RFC Editor/kc
> >
> >> On Dec 5, 2024, at 9:54 AM, Paul Wouters <paul.wout...@aiven.io> wrote:
> >>
> >> I approve,
> >>
> >> Thanks everyone for working this out and catching it before the RFC went 
> >> out.
> >>
> >> Paul
> >>
> >> On Thu, Dec 5, 2024 at 12:45 PM Karen Moore <kmo...@amsl.com> wrote:
> >> Hi Mike and *Paul (AD),
> >>
> >> Thanks for providing the updated XML file. The changes are now reflected 
> >> in our files. Hannes and Orie, we will assume your assent to these changes 
> >> unless we hear otherwise.
> >>
> >> *Paul, please review the following changes and let us know if you approve 
> >> (we updated item 3 and added item 4; see Mike’s explanation for the new 
> >> changes in the thread below). The updates can also be viewed here: 
> >> https://www.rfc-editor.org/authors/rfc9679-auth48diff.html.
> >>
> >> 1) Section 5.1
> >>
> >> OLD:
> >>  The COSE Key Thumbprint is a digest of the essential parameters
> >> required  to represent the key as a COSE Key, rather than any
> >> additional data that  might accompany the key.
> >>
> >> NEW:
> >>  The COSE Key Thumbprint is a digest of the ordered essential
> >> parameters needed to represent a COSE Key, with all other  parameters
> >> excluded.
> >>
> >> ...
> >> 2) Section 5.3
> >>
> >> OLD:
> >>  Any party in possession of a key that is represented as a COSE Key
> >> can  use the COSE Key Thumbprint.
> >>
> >> NEW:
> >>  The only prerequisites are that the COSE_Key representation  of the
> >> key be defined and the party creating the COSE Key Thumbprint  be in
> >> possession of the necessary key material.
> >>
> >> …
> >> 3) Addition of Section 5.5
> >>
> >> NEW:
> >>  5.5 Relationship to JSON Web Key Thumbprints
> >>
> >>   The ckt of a COSE Key, as described in Section 7 of [RFC9052], and
> >>   the jkt of a JSON Web Key, as described in Section 4 of [RFC7517],
> >>   are different even when the underlying cryptographic key material is
> >>   the same.
> >>
> >>   This document does not register a JWT confirmation method [RFC7800]
> >>   for using "ckt" as a confirmation method for a JWT or a CWT
> >>   confirmation method [RFC8747] for using "jkt" as a confirmation
> >>   method for a CWT.
> >>
> >> ...
> >> 4) Section 5.6 - please review the file for the changes to this section.
> >>
> >> …
> >> 5) Section 8
> >>
> >> OLD:
> >>  Confirmation Method Name:  ckt
> >>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint  JWT
> >> Confirmation Method Name:  jkt
> >>
> >> NEW:
> >>  Confirmation Method Name:  ckt
> >>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint  JWT
> >> Confirmation Method Name: (none)
> >>
> >>
> >> —FILES (please refresh)—
> >>
> >> The updated XML file is here:
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679.xml&data=05%7C02%7C%7C9544d46df66b
> >> 4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638
> >> 691140464939559%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiO
> >> iIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7
> >> C%7C%7C&sdata=9Me94X%2Br0n99MgWJeiVNBDMWu2H%2F%2FBUtZ7%2BnWTndVZo%3D&
> >> reserved=0
> >>
> >> The updated output files are here:
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679.txt&data=05%7C02%7C%7C9544d46df66b
> >> 4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638
> >> 691140464950611%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiO
> >> iIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7
> >> C%7C%7C&sdata=Fsl%2Fg9ZG13NgmZitOgbx2s7RwnOztrJpau1g6xqly%2Bg%3D&rese
> >> rved=0
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679.pdf&data=05%7C02%7C%7C9544d46df66b
> >> 4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638
> >> 691140464961460%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiO
> >> iIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7
> >> C%7C%7C&sdata=xR7GOgpVjsV0EFW8%2F1LKHXNdvJrGUZYn1fgVLxgBvjE%3D&reserv
> >> ed=0
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679.html&data=05%7C02%7C%7C9544d46df66
> >> b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C63
> >> 8691140464972095%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYi
> >> OiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%
> >> 7C%7C%7C&sdata=mhyzYzCDinFXQDNyv5Mnba%2FtlPRNawV6okAEWJWaVFo%3D&reser
> >> ved=0
> >>
> >> This diff file shows all changes made during AUTH48:
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679-auth48diff.html&data=05%7C02%7C%7C
> >> 9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7
> >> C1%7C0%7C638691140464982812%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiO
> >> nRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ
> >> %3D%3D%7C0%7C%7C%7C&sdata=4Q2EXvpbtg6pj2Bd9kxDnv3MvRTIdbSA3guNFGp2wi4
> >> %3D&reserved=0
> >>
> >> These diff files show only changes made during the last edit round:
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679-lastdiff.html&data=05%7C02%7C%7C95
> >> 44d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1
> >> %7C0%7C638691140464993688%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnR
> >> ydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
> >> D%3D%7C0%7C%7C%7C&sdata=8MfXLLAQsYchBiSoaSXpANGtv2aymEWMD9kz5GpsKHY%3
> >> D&reserved=0
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679-lastrfcdiff.html&data=05%7C02%7C%7
> >> C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%
> >> 7C1%7C0%7C638691140465004216%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGki
> >> OnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyf
> >> Q%3D%3D%7C0%7C%7C%7C&sdata=7Tu7WeAoLyKMdDOnRiCnh%2FmpQr%2BYTX0EHfIqoF
> >> hboDE%3D&reserved=0
> >>
> >> This diff file shows all changes made to date:
> >> https://www/.
> >> rfc-editor.org%2Fauthors%2Frfc9679-diff.html&data=05%7C02%7C%7C9544d4
> >> 6df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0
> >> %7C638691140465014730%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWU
> >> sIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D
> >> %7C0%7C%7C%7C&sdata=qp0u2ZndV9%2Bkz4%2BHbRA5b92WU0IhgtUluWPuhwNcrhc%3
> >> D&reserved=0
> >>
> >> For the AUTH48 status of this document, please see:
> >> https://www/.
> >> rfc-editor.org%2Fauth48%2Frfc9679&data=05%7C02%7C%7C9544d46df66b4fad8
> >> 33008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C63869114
> >> 0465025294%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLj
> >> AuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%
> >> 7C&sdata=mgDSViKT0Hyl7I%2B60i0CrYfwyKX5lZG%2BrPmVRDYquKg%3D&reserved=
> >> 0
> >>
> >> Thank you,
> >> RFC Editor/kc
> >>
> >>
> >>> On Dec 4, 2024, at 3:08 PM, Michael Jones <michael_b_jo...@hotmail.com> 
> >>> wrote:
> >>>
> >>> Folks, I hate to do this, but in reviewing the newly added section, I 
> >>> realized that it was incorrectly using the term "claim".  In both RFC 
> >>> 7800 and RFC 8747, "cnf" is a claim, whereas the JWT and CWT confirmation 
> >>> members are referred to as "members" - not "claims".  Then I realized 
> >>> there other places in the draft this the term "claim" was incorrectly 
> >>> used.
> >>>
> >>> The attached updated source file makes the needed corrections.  For 
> >>> easier reviewing, a diff from the RFC Editor's source also follows.
> >>>
> >>> RFC Editor, please apply these edits and send out a new draft for review.
> >>>
> >>>                               Thanks,
> >>>                       -- Mike (writing as a COSE chair)
> >>>
> >>> diff rfc9679.xml rfc9679_mbj.xml
> >>> 46c46
> >>> <     <date year="2024" month="October"/>
> >>> ---
> >>>>   <date year="2024" month="December"/>
> >>> 284,285c284,288
> >>> <    This document does not register a JWT claim for using ckt as a 
> >>> confirmation
> >>> <    method for a JWT or a CWT claim for using jkt as a confirmation 
> >>> method for a CWT.
> >>> ---
> >>>>  This document does not register
> >>>>  a JWT confirmation method <xref target="RFC7800"/>  for using
> >>>> "ckt" as a confirmation method for a JWT  or a CWT confirmation
> >>>> method <xref target="RFC8747"/>  for using "jkt" as a confirmation
> >>>> method for a CWT.
> >>> 293,294c296,297
> >>> <         <t>The proof-of-possession key is identified using the "ckt" 
> >>> claim,
> >>> < the COSE Key Thumbprint claim. This claim contains the value of
> >>> ---
> >>>>       <t>The proof-of-possession key is identified using the "ckt"
> >>>> member of the CWT confirmation claim "cnf". This member contains
> >>>> the value of
> >>> 299c302
> >>> < claim. In this approach, the issuer of a CWT declares that the
> >>> ---
> >>>> member. In this approach, the issuer of a CWT declares that the
> >>> 302c305
> >>> <       of the key by including a "ckt" claim in the CWT.</t>
> >>> ---
> >>>> of the key by including a "ckt" CWT confirmation method member in
> >>>> the CWT.</t>
> >>> 304c307
> >>> <         <t>The following example demonstrates the use of the "ckt" claim
> >>> ---
> >>>>       <t>The following example demonstrates the use of the "ckt"
> >>>> member
> >>> 319,320c322,323
> >>> <         <t><xref target="IANA"/> registers the "ckt" claim and the 
> >>> confirmation method.
> >>> < The "ckt" claim is expected to be used in the "cnf" claim.</t>
> >>> ---
> >>>>       <t><xref target="IANA"/> registers the "ckt" CWT confirmation 
> >>>> method member.
> >>>> The "ckt" member is used in the "cnf" claim.</t>
> >>> 510a514
> >>>>       <xi:include
> >>>> href="https://na01.safelinks.protection.outlook.com/?url=https%3A%252
> >>>> F%2Fbib.ietf.org%2Fpublic%2Frfc%2Fbibxml%2Freference.RFC.7800.xml%2
> >>>> 522%2F&data=05%7C02%7C%7C9544d46df66b4fad833008dd163551da%7C84df9e7
> >>>> fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638691140465036648%7CUnknown%7C
> >>>> TWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4
> >>>> zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=q2LHlyc0jk
> >>>> lVmi9pIrvk8G0YOJ%2BtkF5CGripORRLtlA%3D&reserved=0>
> >>
> >>
> >>> On Dec 4, 2024, at 12:12 PM, Karen Moore <kmo...@amsl.com> wrote:
> >>>
> >>> Hi Orie and *Paul (AD),
> >>>
> >>> We have updated the text with your additional suggested edits; the 
> >>> changes are now reflected in our files (links below). We now await 
> >>> approvals from Hannes and Paul.
> >>>
> >>> *Paul, please review the following changes and let us know if you 
> >>> approve. The updates can also be viewed here: 
> >>> https://www.rfc-editor.org/authors/rfc9679-auth48diff.html.
> >>>
> >>> 1) Section 5.1
> >>>
> >>> OLD:
> >>>  The COSE Key Thumbprint is a digest of the essential parameters
> >>> required  to represent the key as a COSE Key, rather than any
> >>> additional data that  might accompany the key.
> >>>
> >>> NEW:
> >>>  The COSE Key Thumbprint is a digest of the ordered essential
> >>> parameters needed to represent a COSE Key, with all other
> >>> parameters excluded.
> >>>
> >>> ...
> >>> 2) Section 5.3
> >>>
> >>> OLD:
> >>>  Any party in possession of a key that is represented as a COSE Key
> >>> can  use the COSE Key Thumbprint.
> >>>
> >>> NEW:
> >>>  The only prerequisites are that the COSE_Key representation  of the
> >>> key be defined and the party creating the COSE Key Thumbprint  be in
> >>> possession of the necessary key material.
> >>>
> >>> …
> >>> 3) Addition of Section 5.5
> >>>
> >>> NEW:
> >>>  5.5 Relationship to JSON Web Key Thumbprints
> >>>
> >>>  The ckt of a COSE Key, as described in Section 7 of [RFC9052], and
> >>> the jkt of a JSON Web Key,  as described in Section 4 of RFC 7517,
> >>> are different even when the underlying cryptographic  key material is the 
> >>> same.
> >>>
> >>>  This document does not register a JWT claim for using ckt as a
> >>> confirmation  method for a JWT or a CWT claim for using jkt as a 
> >>> confirmation method for a CWT.
> >>>
> >>> …
> >>> 4) Section 8
> >>>
> >>> OLD:
> >>>  Confirmation Method Name:  ckt
> >>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint  JWT
> >>> Confirmation Method Name:  jkt
> >>>
> >>> NEW:
> >>>  Confirmation Method Name:  ckt
> >>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint  JWT
> >>> Confirmation Method Name: (none)
> >>>
> >>>
> >>> —FILES (please refresh)—
> >>>
> >>> The updated XML file is here:
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679.xml&data=05%7C02%7C%7C9544d46df6
> >>> 6b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C
> >>> 638691140465060532%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsI
> >>> lYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%
> >>> 7C0%7C%7C%7C&sdata=pR%2FYwpMq8vYw1GuBuqwluIFHSkD9o0pIAPh1An6xJIY%3D&
> >>> reserved=0
> >>>
> >>> The updated output files are here:
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679.txt&data=05%7C02%7C%7C9544d46df6
> >>> 6b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C
> >>> 638691140465071281%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsI
> >>> lYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%
> >>> 7C0%7C%7C%7C&sdata=NTS6w4UFqkC%2BR9LoD86rZkqkPlwGbx%2BrxX%2BoRJz1Cy4
> >>> %3D&reserved=0
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679.pdf&data=05%7C02%7C%7C9544d46df6
> >>> 6b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C
> >>> 638691140465082645%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsI
> >>> lYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%
> >>> 7C0%7C%7C%7C&sdata=rgRi2sWh85kqRKA%2FSsrhBLvMqkqPg8H3uGjjoQ7dShc%3D&
> >>> reserved=0
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679.html&data=05%7C02%7C%7C9544d46df
> >>> 66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7
> >>> C638691140465093413%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUs
> >>> IlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D
> >>> %7C0%7C%7C%7C&sdata=pbPzR2vsSF8dKjaOCG5DeOMzqcLZo6tEPvNDJWynaTQ%3D&r
> >>> eserved=0
> >>>
> >>> This diff file shows all changes made during AUTH48:
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679-auth48diff.html&data=05%7C02%7C%
> >>> 7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaa
> >>> a%7C1%7C0%7C638691140465104166%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hc
> >>> GkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUI
> >>> joyfQ%3D%3D%7C0%7C%7C%7C&sdata=GW6JGkFDyHXApETPyRO9Gd6o1ZRJwrtYrqIFm
> >>> 1eP8RY%3D&reserved=0
> >>>
> >>> These diff files show only changes made during the last edit round:
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679-lastdiff.html&data=05%7C02%7C%7C
> >>> 9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%
> >>> 7C1%7C0%7C638691140465115074%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGk
> >>> iOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
> >>> yfQ%3D%3D%7C0%7C%7C%7C&sdata=BQ2SWfFPQo2nOGoRFi9eE7eh8ELr62cvtgXhZjX
> >>> wVR8%3D&reserved=0
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679-lastrfcdiff.html&data=05%7C02%7C
> >>> %7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaa
> >>> aa%7C1%7C0%7C638691140465126114%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1h
> >>> cGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldU
> >>> IjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=YTINm31Pzmtm9PuAJ5Jmo0EVHr3irXXJD%2B
> >>> 6yX40l%2Fo0%3D&reserved=0
> >>>
> >>> This diff file shows all changes made to date:
> >>> https://www/
> >>> .rfc-editor.org%2Fauthors%2Frfc9679-diff.html&data=05%7C02%7C%7C9544
> >>> d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%
> >>> 7C0%7C638691140465137113%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnR
> >>> ydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%
> >>> 3D%3D%7C0%7C%7C%7C&sdata=FGXOXzHwS%2FZNierdvtwwH7SQgwAE5P1OwPpARIv%2
> >>> F8P8%3D&reserved=0
> >>>
> >>> For the AUTH48 status of this document, please see:
> >>> https://www/
> >>> .rfc-editor.org%2Fauth48%2Frfc9679&data=05%7C02%7C%7C9544d46df66b4fa
> >>> d833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C63869
> >>> 1140465148142%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOi
> >>> IwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7
> >>> C%7C%7C&sdata=V1fBW3dE4mG2Pi4xKstvtQwyLT5vcwCSWuOAIDPAqmk%3D&reserve
> >>> d=0
> >>>
> >>> Thank you,
> >>> RFC Editor/kc
> >>>
> >>>
> >>>> On Dec 4, 2024, at 7:26 AM, Orie Steele <orie@transmute.industries> 
> >>>> wrote:
> >>>>
> >>>> Thank you!
> >>>>
> >>>> "cose key" should be "COSE Key",
> >>>>
> >>>> We could add "COSE Key as described in Section 7 of RFC9052" and "JSON 
> >>>> Web Key, as described in Section 4 of RFC7517"
> >>>>
> >>>> If the citations are helpful... This is a style nit.
> >>>>
> >>>> I approve of the changes.
> >>>>
> >>>> On Tue, Dec 3, 2024 at 3:48 PM Karen Moore <kmo...@amsl.com> wrote:
> >>>> Authors,
> >>>>
> >>>> Thank you for the discussion and suggested changes.  Our files now 
> >>>> reflect the updates below (see 
> >>>> <https://www.rfc-editor.org/authors/rfc9679-lastrfcdiff.html> for a 
> >>>> snapshot of the changes). Please review and let us know if these changes 
> >>>> are agreeable or if any further updates are needed. We will then ask the 
> >>>> AD to approve them.
> >>>>
> >>>> 1) Section 5.3
> >>>>
> >>>> OLD:
> >>>>  Any party in possession of a key that is represented as a COSE Key
> >>>> can  use the COSE Key Thumbprint.
> >>>>
> >>>> NEW:
> >>>>  The only prerequisites are that the COSE_Key representation  of
> >>>> the key be defined and the party creating the COSE Key Thumbprint
> >>>> be in possession of the necessary key material.
> >>>>
> >>>> ...
> >>>> 2) Addition of New Section. Note that we made “json web key” uppercase 
> >>>> for consistency.
> >>>>
> >>>> NEW:
> >>>>  5.5 Relationship to JSON Web Key Thumbprints
> >>>>
> >>>>  The ckt of a cose key and jkt of a JSON Web Key are different,
> >>>> even when  underlying cryptographic key material is the same.
> >>>>
> >>>>  This document does not register a JWT claim for using ckt as a
> >>>> confirmation  method for a JWT or a CWT claim for using jkt as a 
> >>>> confirmation method for a CWT.
> >>>>
> >>>> ...
> >>>> 3) Section 8
> >>>>
> >>>> OLD:
> >>>>  Confirmation Method Name:  ckt
> >>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint  JWT
> >>>> Confirmation Method Name:  jkt
> >>>>
> >>>> NEW:
> >>>>  Confirmation Method Name:  ckt
> >>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint  JWT
> >>>> Confirmation Method Name: (none)
> >>>>
> >>>>
> >>>> —FILES (please refresh)—
> >>>>
> >>>> The updated XML file is here:
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679.xml&data=05%7C02%7C%7C9544d46d
> >>>> f66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0
> >>>> %7C638691140465169721%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRyd
> >>>> WUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
> >>>> D%3D%7C0%7C%7C%7C&sdata=ybjaVt1EwEj%2BEPa9wa5V2Jb%2FlY9RtOtaYVb7ZOm
> >>>> EGkw%3D&reserved=0
> >>>>
> >>>> The updated output files are here:
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679.txt&data=05%7C02%7C%7C9544d46d
> >>>> f66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0
> >>>> %7C638691140465180567%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRyd
> >>>> WUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
> >>>> D%3D%7C0%7C%7C%7C&sdata=czMW16qPcbahA%2BfUSC4fq9p%2F1UPUJJP8CR%2BWH
> >>>> Bc%2FByg%3D&reserved=0
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679.pdf&data=05%7C02%7C%7C9544d46d
> >>>> f66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0
> >>>> %7C638691140465191478%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRyd
> >>>> WUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
> >>>> D%3D%7C0%7C%7C%7C&sdata=svfJ6nNkcPHgErawmc2gNhAADZcn8hHB1twcoPaKn38
> >>>> %3D&reserved=0
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679.html&data=05%7C02%7C%7C9544d46
> >>>> df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C
> >>>> 0%7C638691140465203657%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRy
> >>>> dWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%
> >>>> 3D%3D%7C0%7C%7C%7C&sdata=LLQbP9vw%2FCoZyuOIsrcih%2BI6vaBsMt7MjFhHoP
> >>>> p5tj4%3D&reserved=0
> >>>>
> >>>> This diff file shows all changes made during AUTH48:
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679-auth48diff.html&data=05%7C02%7
> >>>> C%7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaa
> >>>> aaaa%7C1%7C0%7C638691140465214410%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0e
> >>>> U1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIs
> >>>> IldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=CWMJs49ps76shRZc0uAIaBU0KsdJ9JQ
> >>>> 6FioGa7H5iLA%3D&reserved=0
> >>>>
> >>>> These diff files show only changes made during the last edit round:
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679-lastdiff.html&data=05%7C02%7C%
> >>>> 7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaa
> >>>> aa%7C1%7C0%7C638691140465224906%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1
> >>>> hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIl
> >>>> dUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=BQ0cX0W%2BW9vcbiX0ezMGrtGWYkHBjWM
> >>>> 5tkeTscYVCto%3D&reserved=0
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679-lastrfcdiff.html&data=05%7C02%
> >>>> 7C%7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaa
> >>>> aaaaa%7C1%7C0%7C638691140465235814%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0
> >>>> eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCI
> >>>> sIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=MKebtlbx92dwZEuZWWx%2BgszkRZvl
> >>>> %2FHfUY83Ef5TK1rk%3D&reserved=0
> >>>>
> >>>> This diff file shows all changes made to date:
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauthors%2Frfc9679-diff.html&data=05%7C02%7C%7C95
> >>>> 44d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7
> >>>> C1%7C0%7C638691140465246378%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGk
> >>>> iOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIj
> >>>> oyfQ%3D%3D%7C0%7C%7C%7C&sdata=kWD18%2BJo2%2FxJQ%2F0G187xs4c2WkTSyge
> >>>> 3wEtKK5gBaP0%3D&reserved=0
> >>>>
> >>>> For the AUTH48 status of this document, please see:
> >>>> https://ww/
> >>>> w.rfc-editor.org%2Fauth48%2Frfc9679&data=05%7C02%7C%7C9544d46df66b4
> >>>> fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C63
> >>>> 8691140465257424%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIl
> >>>> YiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%
> >>>> 7C0%7C%7C%7C&sdata=K1frRy3PTOkDxxSy0sJw1atwU5tn34OC65vx0b1%2BilY%3D
> >>>> &reserved=0
> >>>>
> >>>> Thank you,
> >>>> RFC Editor/kc
> >>>>
> >>>>> On Dec 3, 2024, at 7:55 AM, Hannes Tschofenig 
> >>>>> <hannes.tschofe...@gmail.com> wrote:
> >>>>>
> >>>>> Thanks for the insightful comment, Orie. I agree with your proposed 
> >>>>> edits for the IANA consideration section and the extra text before the 
> >>>>> section on relationship to certificate thumbprints.
> >>>>>
> >>>>> I am also fine with the additional text Mike proposed.
> >>>>>
> >>>>> It is indeed too late to add new functionality at this point in time.
> >>>>>
> >>>>> Ciao
> >>>>> Hannes
> >>>>>
> >>>>>
> >>>>> On Tue, Dec 3, 2024 at 3:13 AM Michael Jones 
> >>>>> <michael_b_jo...@hotmail.com> wrote:
> >>>>> I support adding the section that Orie proposed.
> >>>>>
> >>>>>
> >>>>>
> >>>>> However in reviewing related text, I unfortunately found a problem.  
> >>>>> Reading 
> >>>>> https://datatracker.ietf.org/doc/html/draft-ietf-cose-key-thumbprint-06#section-5.3,
> >>>>>  it differs from https://www.rfc-editor.org/rfc/rfc7638#section-3.5 in 
> >>>>> a counterproductive and overly restrictive way.  Please change:
> >>>>>
> >>>>>
> >>>>>
> >>>>> Any party in possession of a key that is represented as a COSE Key
> >>>>> can
> >>>>>
> >>>>> use the COSE Key Thumbprint.
> >>>>>
> >>>>>
> >>>>>
> >>>>> to:
> >>>>>
> >>>>>
> >>>>>
> >>>>> The only prerequisites are that the COSE_Key representation
> >>>>>
> >>>>> of the key be defined and the party creating the COSE Key
> >>>>> Thumbprint
> >>>>>
> >>>>> be in possession of the necessary key material.
> >>>>>
> >>>>>
> >>>>>
> >>>>> That way it will be more actionable and will parallel the corresponding 
> >>>>> RFC 7638 text.
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> Thanks all,
> >>>>>
> >>>>>                                                               --
> >>>>> Mike
> >>>>>
> >>>>>
> >>>>>
> >>>>> From: Orie Steele <orie@transmute.industries>
> >>>>> Sent: Monday, December 2, 2024 5:55 PM
> >>>>> To: Michael Jones <michael_b_jo...@hotmail.com>
> >>>>> Cc: Hannes Tschofenig <hannes.tschofe...@gmail.com>; Hannes
> >>>>> Tschofenig <hannes.tschofe...@gmx.net>; RFC Editor
> >>>>> <rfc-edi...@rfc-editor.org>; Isobe Kohei <isobeko...@gmail.com>;
> >>>>> cose-...@ietf.org; Cose Chairs Wg <cose-cha...@ietf.org>; Paul
> >>>>> Wouters <paul.wout...@aiven.io>; auth48archive
> >>>>> <auth48archive@rfc-editor.org>
> >>>>> Subject: Re: AUTH48: RFC-to-be 9679
> >>>>> <draft-ietf-cose-key-thumbprint-06> for your review
> >>>>>
> >>>>>
> >>>>>
> >>>>> Let's add a section to the document, before the section on relationship 
> >>>>> to certificate thumbprints.
> >>>>>
> >>>>>
> >>>>>
> >>>>> 5.5 Relationship to JSON Web Key Thumbprints
> >>>>>
> >>>>>
> >>>>>
> >>>>> The ckt of a cose key, and jkt of a json web key are different, even 
> >>>>> when underlying cryptographic key material is the same.
> >>>>>
> >>>>>
> >>>>>
> >>>>> This document does not register a JWT claim for using ckt as a 
> >>>>> confirmation method for a JWT, or a CWT claim for using jkt as a 
> >>>>> confirmation method for a CWT.
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> On Mon, Dec 2, 2024, 6:26 PM Orie Steele <orie@transmute.industries> 
> >>>>> wrote:
> >>>>>
> >>>>> I agree, let's just stick with the simple (none) solution.
> >>>>>
> >>>>>
> >>>>>
> >>>>> Hannes can you approve or suggest changes to the clarifying text that 
> >>>>> makes it clear this is not an oversight?
> >>>>>
> >>>>>
> >>>>>
> >>>>> Mike, do you object to that clarifying text assuming we take you change 
> >>>>> to the IANA considerations section?
> >>>>>
> >>>>>
> >>>>>
> >>>>> OS
> >>>>>
> >>>>>
> >>>>>
> >>>>> On Mon, Dec 2, 2024, 5:56 PM Michael Jones 
> >>>>> <michael_b_jo...@hotmail.com> wrote:
> >>>>>
> >>>>> I’m either fine with Orie’s proposed change to the registration wording 
> >>>>> or the following one:
> >>>>>
> >>>>>
> >>>>>
> >>>>> From:
> >>>>>
> >>>>>  Confirmation Method Name:  ckt
> >>>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint
> >>>>> JWT Confirmation Method Name:  jkt
> >>>>>
> >>>>> To:
> >>>>>
> >>>>>  Confirmation Method Name:  ckt
> >>>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint
> >>>>> JWT Confirmation Method Name: (none)
> >>>>>
> >>>>> For the record, I’m not OK trying to add a ckt JWT “cnf” method as an 
> >>>>> AUTH48 action (despite me appreciating Orie’s discussion of the 
> >>>>> possibility).
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> Cheers,
> >>>>>
> >>>>>                                                               --
> >>>>> Mike
> >>>>>
> >>>>>
> >>>>>
> >>>>> From: Orie Steele <orie@transmute.industries>
> >>>>> Sent: Monday, December 2, 2024 2:55 PM
> >>>>> To: Hannes Tschofenig <hannes.tschofe...@gmail.com>
> >>>>> Cc: Hannes Tschofenig <hannes.tschofe...@gmx.net>; RFC Editor
> >>>>> <rfc-edi...@rfc-editor.org>; Isobe Kohei <isobeko...@gmail.com>;
> >>>>> cose-...@ietf.org; Cose Chairs Wg <cose-cha...@ietf.org>; Michael
> >>>>> Jones <michael_b_jo...@hotmail.com>; Paul Wouters
> >>>>> <paul.wout...@aiven.io>; auth48archive@rfc-editor.org
> >>>>> Subject: Re: AUTH48: RFC-to-be 9679
> >>>>> <draft-ietf-cose-key-thumbprint-06> for your review
> >>>>>
> >>>>>
> >>>>>
> >>>>> This is indeed a bug, for extra assurance that it is a problem:
> >>>>>
> >>>>> How would you use a ckt to verify a JWT that was using "cnf"?
> >>>>>
> >>>>> Here is a more complete fix for the bug:
> >>>>>
> >>>>> https://d/
> >>>>> atatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-cose-key-thumbprint-
> >>>>> 06%23section-5.3&data=05%7C02%7C%7C9544d46df66b4fad833008dd163551d
> >>>>> a%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638691140465289880%
> >>>>> 7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMC
> >>>>> IsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sd
> >>>>> ata=ZBvwAnUBGfT%2BqBIzr8O%2F1BfCk7G30uNd0Km1Ympuews%3D&reserved=0
> >>>>>
> >>>>> Note that the ckt of a cose key, and jkt of a json web key are 
> >>>>> different, even when underlying cryptographic key material is the same.
> >>>>>
> >>>>> ckt is a binary string and jkt is always a base64url string encoded as 
> >>>>> described in section 6.1 of RFC9449.
> >>>>> To use a ckt claim inside a JWT, the ckt claim value MUST be base64url 
> >>>>> encoded.
> >>>>> The example provided in section 6.1 of RFC9449 is modified to 
> >>>>> distinguish confirmation with a CKT instead of JKT:
> >>>>> {
> >>>>> "sub":"some...@example.com",
> >>>>> "iss":"https://na01.safelinks.protection.outlook.com/?url=https%3A
> >>>>> %2F%2Fserver.example.com%2F&data=05%7C02%7C%7C9544d46df66b4fad8330
> >>>>> 08dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C63869114
> >>>>> 0465300783%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiI
> >>>>> wLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%
> >>>>> 7C%7C%7C&sdata=Cu%2BM21nJCIo93bexflhYWLtFa%2BdJI7smavIJA%2FSuCow%3
> >>>>> D&reserved=0",
> >>>>> "nbf":1562262611,
> >>>>> "exp":1562266216,
> >>>>> "cnf": {
> >>>>>   "ckt":"SWvYr63zB-WwjGSwQhv53AFSijRKQ72oj63RZp2iU-w"
> >>>>> }
> >>>>> }
> >>>>>
> >>>>> I used the same base64url encoded thumbprint the draft already used for 
> >>>>> extra clarity.
> >>>>>
> >>>>> ckt would also need to be added here:
> >>>>> https://w/
> >>>>> ww.iana.org%2Fassignments%2Fjwt%2Fjwt.xhtml%23confirmation-methods
> >>>>> &data=05%7C02%7C%7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f6
> >>>>> 40afb435aaaaaaaaaaaa%7C1%7C0%7C638691140465311278%7CUnknown%7CTWFp
> >>>>> bGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMi
> >>>>> IsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=a6xSVN2MN1U%
> >>>>> 2BULiMQ6Ie%2BVoiEhw26l1ZYGLi90Y5eMg%3D&reserved=0
> >>>>>
> >>>>> This kind of change might need to be taken to the relevant lists for 
> >>>>> review... and maybe another WGLC.
> >>>>>
> >>>>> ... we could leave the "ckt" in JWT cnf registration to another 
> >>>>> document, but I think at a minimum we need something added to section 
> >>>>> 5.3 to the effect of:
> >>>>>
> >>>>> Note that the ckt of a cose key, and jkt of a json web key are 
> >>>>> different, even when underlying cryptographic key material is the same.
> >>>>> ckt is a binary string and jkt is always a base64url string encoded as 
> >>>>> described in section 6.1 of RFC9449.
> >>>>>
> >>>>> ^ If we are comfortable with this change alone, we still have a problem 
> >>>>> with the registration template:
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Frfc%2Frfc8747.html%23name-registration-templat
> >>>>> e&data=05%7C02%7C%7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f
> >>>>> 640afb435aaaaaaaaaaaa%7C1%7C0%7C638691140465322198%7CUnknown%7CTWF
> >>>>> pbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zM
> >>>>> iIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=MegV9xM3Bdk
> >>>>> 2%2Bi%2BF7KXaLbdMuDj0cDAugZkgLYOotDU%3D&reserved=0
> >>>>>
> >>>>> """
> >>>>> CWT claims should normally have a corresponding JWT claim. If a 
> >>>>> corresponding JWT claim would not make sense, the designated experts 
> >>>>> can choose to accept registrations for which the JWT Claim Name is 
> >>>>> listed as "N/A".
> >>>>> """
> >>>>>
> >>>>> The logical JWT claim is "ckt"... not "jkt"... so N/A... does not make 
> >>>>> sense... and leaving it blank also does not make sense.
> >>>>>
> >>>>> There is also the x5t claim which sets the precedent that ckt is for 
> >>>>> cose key, jkt is for json web key, and x5t is for x.509 certs.
> >>>>>
> >>>>> I propose:
> >>>>>
> >>>>> From:
> >>>>>
> >>>>>  Confirmation Method Name:  ckt
> >>>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint
> >>>>> JWT Confirmation Method Name:  jkt
> >>>>>
> >>>>> To:
> >>>>>
> >>>>>  Confirmation Method Name:  ckt
> >>>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint
> >>>>> JWT Confirmation Method Name: Not assigned by RFCXXXX ( not to be
> >>>>> confused with x5t or jkt )
> >>>>>
> >>>>>
> >>>>> OS
> >>>>>
> >>>>>
> >>>>>
> >>>>> On Mon, Dec 2, 2024 at 4:14 PM Hannes Tschofenig 
> >>>>> <hannes.tschofe...@gmail.com> wrote:
> >>>>>
> >>>>> Thanks for the work on the draft and sorry for the slow response.
> >>>>>
> >>>>>
> >>>>>
> >>>>> I read through the draft carefully today and in general the edits look 
> >>>>> good but I noticed a possible bug.
> >>>>>
> >>>>>
> >>>>>
> >>>>> In the IANA consideration section we say that the ckt confirmation 
> >>>>> method maps to the jkt JWT configuration method. I double-checked RFC 
> >>>>> 9449, which defines the jkt, and it defines the computation as follows:
> >>>>>
> >>>>> "
> >>>>> The value of the jkt member MUST be the base64url encoding
> >>>>>
> >>>>> of the JWK SHA-256 Thumbprint.
> >>>>> "
> >>>>>
> >>>>> In draft-ietf-cose-key-thumbprint-06 we define the ckt thumbprint as 
> >>>>> the hash of the deterministic encoding of the COSE_Key structure.
> >>>>>
> >>>>>
> >>>>>
> >>>>> So, the question to me is whether we can even map the ckt to the jkt 
> >>>>> since the underlying structure that is hashed is different: JWK vs. 
> >>>>> COSE_Key structure.
> >>>>>
> >>>>>
> >>>>>
> >>>>> For that reason I believe it would be more correct to change the IANA 
> >>>>> consideration section by omitting the JWT Confirmation Method Name.
> >>>>>
> >>>>> Here is the proposed change:
> >>>>>
> >>>>> From:
> >>>>>
> >>>>>  Confirmation Method Name:  ckt
> >>>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint
> >>>>> JWT Confirmation Method Name:  jkt
> >>>>>
> >>>>>
> >>>>> To:
> >>>>>
> >>>>>  Confirmation Method Name:  ckt
> >>>>>  Confirmation Method Description:  COSE Key SHA-256 Thumbprint
> >>>>> JWT Confirmation Method Name:
> >>>>>
> >>>>>
> >>>>> Do you agree with me?
> >>>>>
> >>>>>
> >>>>>
> >>>>> Sorry for noticing this issue only now.
> >>>>>
> >>>>>
> >>>>>
> >>>>> Ciao
> >>>>>
> >>>>> Hannes
> >>>>>
> >>>>>
> >>>>>
> >>>>> Betreff:
> >>>>>
> >>>>> AUTH48: RFC-to-be 9679 <draft-ietf-cose-key-thumbprint-06> for
> >>>>> your review
> >>>>>
> >>>>> Datum:
> >>>>>
> >>>>> Mon, 21 Oct 2024 14:30:59 -0700 (PDT)
> >>>>>
> >>>>> Von:
> >>>>>
> >>>>> rfc-edi...@rfc-editor.org
> >>>>>
> >>>>> An:
> >>>>>
> >>>>> isobeko...@gmail.com, hannes.tschofe...@gmx.net,
> >>>>> orie@transmute.industries
> >>>>>
> >>>>> Kopie (CC):
> >>>>>
> >>>>> rfc-edi...@rfc-editor.org, cose-...@ietf.org,
> >>>>> cose-cha...@ietf.org, michael_b_jo...@hotmail.com,
> >>>>> paul.wout...@aiven.io, auth48archive@rfc-editor.org
> >>>>>
> >>>>>
> >>>>>
> >>>>> *****IMPORTANT*****
> >>>>>
> >>>>> Updated 2024/10/21
> >>>>>
> >>>>> RFC Author(s):
> >>>>> --------------
> >>>>>
> >>>>> Instructions for Completing AUTH48
> >>>>>
> >>>>> Your document has now entered AUTH48. Once it has been reviewed and 
> >>>>> approved by you and all coauthors, it will be published as an RFC. If 
> >>>>> an author is no longer available, there are several remedies available 
> >>>>> as listed in the FAQ (https://www.rfc-editor.org/faq/).
> >>>>>
> >>>>> You and you coauthors are responsible for engaging other parties (e.g., 
> >>>>> Contributors or Working Group) as necessary before providing your 
> >>>>> approval.
> >>>>>
> >>>>> Planning your review ---------------------
> >>>>>
> >>>>> Please review the following aspects of your document:
> >>>>>
> >>>>> * RFC Editor questions
> >>>>>
> >>>>> Please review and resolve any questions raised by the RFC Editor that 
> >>>>> have been included in the XML file as comments marked as follows:
> >>>>>
> >>>>> <!-- [rfced] ... -->
> >>>>>
> >>>>> These questions will also be sent in a subsequent email.
> >>>>>
> >>>>> * Changes submitted by coauthors
> >>>>> Please ensure that you review any changes submitted by your coauthors. 
> >>>>> We assume that if you do not speak up that you agree to changes 
> >>>>> submitted by your coauthors.
> >>>>>
> >>>>> * Content
> >>>>> Please review the full content of the document, as this cannot change 
> >>>>> once the RFC is published. Please pay particular attention to:
> >>>>> - IANA considerations updates (if applicable)
> >>>>> - contact information
> >>>>> - references
> >>>>>
> >>>>> * Copyright notices and legends
> >>>>>
> >>>>> Please review the copyright notice and legends as defined in RFC
> >>>>> 5378 and the Trust Legal Provisions (TLP – 
> >>>>> https://trustee.ietf.org/license-info).
> >>>>>
> >>>>> * Semantic markup
> >>>>>
> >>>>> Please review the markup in the XML file to ensure that elements of 
> >>>>> content are correctly tagged. For example, ensure that <sourcecode> and 
> >>>>> <artwork> are set correctly. See details at 
> >>>>> <https://authors.ietf.org/rfcxml-vocabulary>.
> >>>>>
> >>>>> * Formatted output
> >>>>>
> >>>>> Please review the PDF, HTML, and TXT files to ensure that the formatted 
> >>>>> output, as generated from the markup in the XML file, is reasonable. 
> >>>>> Please note that the TXT will have formatting limitations compared to 
> >>>>> the PDF and HTML.
> >>>>>
> >>>>>
> >>>>> Submitting changes
> >>>>> ------------------
> >>>>>
> >>>>> To submit changes, please reply to this email using ‘REPLY ALL’ as all 
> >>>>> the parties CCed on this message need to see your changes. The parties 
> >>>>> include:
> >>>>>
> >>>>> * your coauthors
> >>>>> * rfc-edi...@rfc-editor.org (the RPC team)
> >>>>>
> >>>>> * other document participants, depending on the stream (e.g., IETF 
> >>>>> Stream participants are your working group chairs, the responsible ADs, 
> >>>>> and the document shepherd).
> >>>>> * auth48archive@rfc-editor.org, which is a new archival mailing list to 
> >>>>> preserve AUTH48 conversations; it is not an active discussion list:
> >>>>> * More info:
> >>>>> https://m/
> >>>>> ailarchive.ietf.org%2Farch%2Fmsg%2Fietf-announce%2Fyb6lpIGh-4Q9l2U
> >>>>> SxIAe6P8O4Zc&data=05%7C02%7C%7C9544d46df66b4fad833008dd163551da%7C
> >>>>> 84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638691140465367921%7CUn
> >>>>> known%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIl
> >>>>> AiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=
> >>>>> obkx%2F40yWUGklVC2%2BYJOxWHa8g1LEBHGVq8w8PJo4OE%3D&reserved=0
> >>>>> * The archive itself:
> >>>>> https://m/
> >>>>> ailarchive.ietf.org%2Farch%2Fbrowse%2Fauth48archive%2F&data=05%7C0
> >>>>> 2%7C%7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaa
> >>>>> aaaaaaaa%7C1%7C0%7C638691140465379116%7CUnknown%7CTWFpbGZsb3d8eyJF
> >>>>> bXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTW
> >>>>> FpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=d%2BHWx1t%2FHc3FWu%2Bf5Z
> >>>>> MA2K6%2Bqzjr%2FvYTlSqs9JRDU1g%3D&reserved=0
> >>>>>
> >>>>> * Note: If only absolutely necessary, you may temporarily opt out of 
> >>>>> the archiving of messages (e.g., to discuss a sensitive matter).
> >>>>> If needed, please add a note at the top of the message that you have 
> >>>>> dropped the address. When the discussion is concluded, 
> >>>>> auth48archive@rfc-editor.org will be re-added to the CC list and its 
> >>>>> addition will be noted at the top of the message.
> >>>>> You may submit your changes in one of two ways:
> >>>>>
> >>>>> An update to the provided XML file — OR — An explicit list of
> >>>>> changes in this format
> >>>>>
> >>>>> Section # (or indicate Global)
> >>>>>
> >>>>> OLD:
> >>>>> old text
> >>>>>
> >>>>> NEW:
> >>>>> new text
> >>>>>
> >>>>> You do not need to reply with both an updated XML file and an explicit 
> >>>>> list of changes, as either form is sufficient.
> >>>>>
> >>>>> We will ask a stream manager to review and approve any changes
> >>>>> that seem beyond editorial in nature, e.g., addition of new text, 
> >>>>> deletion of text, and technical changes. Information about stream 
> >>>>> managers can be found in the FAQ. Editorial changes do not require 
> >>>>> approval from a stream manager.
> >>>>>
> >>>>>
> >>>>> Approving for publication
> >>>>> --------------------------
> >>>>>
> >>>>> To approve your RFC for publication, please reply to this email
> >>>>> stating that you approve this RFC for publication. Please use
> >>>>> ‘REPLY ALL’, as all the parties CCed on this message need to see your 
> >>>>> approval.
> >>>>>
> >>>>>
> >>>>> Files -----
> >>>>>
> >>>>> The files are available here:
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679.xml&data=05%7C02%7C%7C9544d4
> >>>>> 6df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%
> >>>>> 7C0%7C638691140465389898%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiO
> >>>>> nRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
> >>>>> yfQ%3D%3D%7C0%7C%7C%7C&sdata=tcSkll368Dg%2BzOMSk%2FRb%2FWNyBUXimvr
> >>>>> NaW0UybSTx%2Fs%3D&reserved=0
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679.html&data=05%7C02%7C%7C9544d
> >>>>> 46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1
> >>>>> %7C0%7C638691140465400400%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGki
> >>>>> OnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIj
> >>>>> oyfQ%3D%3D%7C0%7C%7C%7C&sdata=j1DCaezvNW8XL2%2FhW58e7EccIiR%2FtILE
> >>>>> AkyeaVlHX0c%3D&reserved=0
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679.pdf&data=05%7C02%7C%7C9544d4
> >>>>> 6df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%
> >>>>> 7C0%7C638691140465411063%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiO
> >>>>> nRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
> >>>>> yfQ%3D%3D%7C0%7C%7C%7C&sdata=zcQN%2FWA5p2O%2Bxpl2osMNyXaG4If8yNUo3
> >>>>> 6WCuhwh1ng%3D&reserved=0
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679.txt&data=05%7C02%7C%7C9544d4
> >>>>> 6df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%
> >>>>> 7C0%7C638691140465421715%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiO
> >>>>> nRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo
> >>>>> yfQ%3D%3D%7C0%7C%7C%7C&sdata=OKgr9qYu8sbcVXqe4JdTALXhd8wgRVCabtqC0
> >>>>> d7sNtk%3D&reserved=0
> >>>>>
> >>>>> Diff file of the text:
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679-diff.html&data=05%7C02%7C%7C
> >>>>> 9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaa
> >>>>> a%7C1%7C0%7C638691140465432408%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1
> >>>>> hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsI
> >>>>> ldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=dqdmC05LpkNX37Haih7URniw9P%2Baa
> >>>>> P5Iin4%2F0bmNdU4%3D&reserved=0
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679-rfcdiff.html&data=05%7C02%7C
> >>>>> %7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaa
> >>>>> aaaa%7C1%7C0%7C638691140465443134%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0
> >>>>> eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbC
> >>>>> IsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=MaQUhUwZo%2BWsex%2FYXkUXZHtM
> >>>>> 6Pln4QBnpO0dhxTyCQk%3D&reserved=0 (side by side)
> >>>>>
> >>>>> Diff of the XML:
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauthors%2Frfc9679-xmldiff1.html&data=05%7C02%7
> >>>>> C%7C9544d46df66b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaa
> >>>>> aaaaa%7C1%7C0%7C638691140465453825%7CUnknown%7CTWFpbGZsb3d8eyJFbXB
> >>>>> 0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpb
> >>>>> CIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=FQ8eUMTddYOqhvN%2FtyBTiBeLk
> >>>>> kkiaavzAAZwALEXVCg%3D&reserved=0
> >>>>>
> >>>>>
> >>>>> Tracking progress
> >>>>> -----------------
> >>>>>
> >>>>> The details of the AUTH48 status of your document are here:
> >>>>> https://w/
> >>>>> ww.rfc-editor.org%2Fauth48%2Frfc9679&data=05%7C02%7C%7C9544d46df66
> >>>>> b4fad833008dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7
> >>>>> C638691140465464782%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydW
> >>>>> UsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3
> >>>>> D%3D%7C0%7C%7C%7C&sdata=hnDXLcg9vwznYUysGzdoJwz4srLanOzY%2BR1gld57
> >>>>> hp8%3D&reserved=0
> >>>>>
> >>>>> Please let us know if you have any questions.
> >>>>> Thank you for your cooperation,
> >>>>>
> >>>>> RFC Editor
> >>>>>
> >>>>> --------------------------------------
> >>>>> RFC9679 (draft-ietf-cose-key-thumbprint-06)
> >>>>>
> >>>>> Title : CBOR Object Signing and Encryption (COSE) Key Thumbprint
> >>>>> Author(s) : K. Isobe, H. Tschofenig, O. Steele WG Chair(s) :
> >>>>> Matthew A. Miller, Ivaylo Petrov, Michael B. Jones
> >>>>>
> >>>>> Area Director(s) : Deb Cooley, Paul Wouters
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>>
> >>>>>
> >>>>> ORIE STEELE
> >>>>> Chief Technology Officer
> >>>>> http://ww/
> >>>>> w.transmute.industries%2F&data=05%7C02%7C%7C9544d46df66b4fad833008
> >>>>> dd163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C6386911404
> >>>>> 65475371%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwL
> >>>>> jAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C
> >>>>> %7C%7C&sdata=wLqU3MNLNYTqffiEL9zMRDDkXHYGRpuPObM93Swn4JA%3D&reserv
> >>>>> ed=0
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>>
> >>>> ORIE STEELE
> >>>> Chief Technology Officer
> >>>> http://www/
> >>>> .transmute.industries%2F&data=05%7C02%7C%7C9544d46df66b4fad833008dd
> >>>> 163551da%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C6386911404654
> >>>> 87222%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuM
> >>>> DAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7
> >>>> C&sdata=wNvQdi82LeneJ19AqYYISfVEA%2BYLywAZ3ec%2BymPIVSE%3D&reserved
> >>>> =0
> >>>>
> >>>
> >>
> >
> 
> 
> 
> -- 
> 
> ORIE STEELE
> Chief Technology Officer
> www.transmute.industries
> 

-- 
auth48archive mailing list -- auth48archive@rfc-editor.org
To unsubscribe send an email to auth48archive-le...@rfc-editor.org

Reply via email to