Markdown Version | Session Recording
Session Date/Time: 19 Dec 2022 14:00
ACE
Summary
The ACE Working Group met to discuss the status and progress of four drafts: draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore, draft-ietf-ace-groupcomm, draft-ietf-ace-groupcomm-oscore, and draft-ietf-ace-remote-token-notification. Key discussions centered on simplifying the groupcomm-oscore-pubsub draft by focusing on CoAP, the impending AD review for the groupcomm drafts and their clustered publication strategy, and the remote-token-notification draft's readiness for Working Group Last Call. The edoc draft discussion was postponed due to time constraints.
Key Discussion Points
draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore-05(Group Communication for PubSub)- The draft, revived and updated to align with
groupcomrequirements, has expanded its scope significantly to cover various KDC interface elements, resource operations, and group operations (clearing, credential updates, removal, re-keying). - A major change involved questioning the inclusion of MQTT support due to the perceived complexity for a single client needing to implement multiple protocols: HTTP for the MQTT-TLS profile (for ACE transport), CoAP for KDC interaction, and MQTT for pub/sub communication.
- A sense of those present indicated support for focusing the draft on CoAP for now, with the possibility of developing a separate MQTT-specific profile in the future. This approach simplifies the current document.
- The document's dependence on the
CoAP PubSubdraft was noted, and authors for that draft are actively working on a revival. - The author, Sigdem, requested assistance, particularly from individuals familiar with CoAP PubSub, to review and guide decisions on acceptable algorithms, authentication credentials, group key generation, and policy resources that the KDC should host.
- Marco offered to assist with reviewing key usage and alignment with
groupcomrequirements, suggesting a targeted telecon. He also advised on adopting methods fromgroupcom-oscorefor KDC challenges in DTLS profiles and registering a CoAP content format for the AIF data model. - The author indicated that the draft is not yet ready for a Working Group Last Call due to outstanding technical clarification needs.
- The draft, revived and updated to align with
draft-ietf-ace-groupcomm-15(Group Communication for CoAP)- This draft is currently undergoing AD review.
- A GitHub issue was raised, proposing to relax a
MUSTrequirement regarding a parameter's inclusion in the KDC's joining response to aSHOULD, with clarifying text for specific use cases (e.g., for pub/sub profiles). - The author, Marco, plans to incorporate this change during the processing of the AD's review comments, rather than submitting a new revision now, to avoid confusion.
draft-ietf-ace-groupcomm-oscore-15(Group Communication OSCORE Profile)- The draft is awaiting the Shepherd's write-up (Record is the Shepherd).
- Minor issues were identified: map keys in an example figure should use double quotes, and clarification is needed that map keys are text strings for convenience but are intended to be CBOR integer abbreviations. These will be addressed in the next revision.
- The publication strategy for this document, alongside
groupcommand two other CoRE documents, was discussed. There is a desire to cluster their publication for IESG convenience. Coordination between ACE and CoRE WGs chairs and relevant ADs will be necessary.
draft-ietf-ace-remote-token-notification-03- This draft defines a mechanism for clients and resource servers to receive notifications about revoked but not-yet-expired access tokens from the Authorization Server (AS), complementing introspection.
- The draft supports two modes: obtaining a full list of revoked tokens, and a "diff query" mode for updates, which now includes an optional
cursorextension for fetching updates from a specified resumption point. - Recent revisions have streamlined the
cursorextension and standardized AS messages to use CBOR maps as payloads. - Remaining work includes adding examples for the
cursorextension, summarizing parameters in an appendix, and adding security considerations. - The author, Marco, is confident that a new revision (04) addressing these points could be ready for a Working Group Last Call by the Yokohama meeting.
draft-ietf-ace-edoc- Discussion of this draft was postponed to the next interim meeting due to time constraints.
Decisions and Action Items
draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore:- Decision: The draft will focus on CoAP as the primary pub/sub protocol, with MQTT support potentially deferred to a separate profile in the future.
- Action Item (Sigdem): Work with Marco on the draft, focusing on key usage,
groupcomalignment, authentication credentials, and group key construction. - Action Item (Sigdem): Consider Marco's suggestions regarding KDC challenge methods (referencing
groupcom-oscore) and registering a CoAP content format for the AIF data model. - Action Item (Chairs): Explore organizing a design team meeting (involving Sigdem, Francesca, Marco, and other interested parties) to broaden input and accelerate progress.
- Action Item (Daniel): Identify additional resources for the draft if collaboration between Sigdem and Marco requires further support.
draft-ietf-ace-groupcomm:- Action Item (Marco): Incorporate the proposed text (relaxing a
MUSTto aSHOULD) from the GitHub issue during the processing of the AD review comments.
- Action Item (Marco): Incorporate the proposed text (relaxing a
draft-ietf-ace-groupcomm-oscore:- Action Item (Marco): Fix map key notation and add clarification about CBOR integer abbreviations when processing the Shepherd review for version 16.
draft-ietf-ace-remote-token-notification:- Action Item (Marco): Add example message exchanges for the
diff querymode withcursorextension, include an appendix summarizing parameters/constants, and expand the security considerations for revision 04.
- Action Item (Marco): Add example message exchanges for the
- Cross-WG Cluster Publication:
- Action Item (ACE Chair): Send a heads-up to the relevant ADs (Ace and CoRE) and CoRE Working Group chairs regarding the proposed cluster publication strategy for
groupcomm-oscore,groupcomm, and two other CoRE documents, especially once the Shepherd review forgroupcomm-oscoreis addressed. This should include discussion of a single AD potentially handling the entire cluster.
- Action Item (ACE Chair): Send a heads-up to the relevant ADs (Ace and CoRE) and CoRE Working Group chairs regarding the proposed cluster publication strategy for
Next Steps
- Sigdem and Marco will collaborate to advance
draft-ietf-ace-mqtt-tls-profile-groupcomm-oscore, with a potential design team meeting for broader input. - Marco will proceed with updates for
draft-ietf-ace-groupcommanddraft-ietf-ace-groupcomm-oscorebased on AD and Shepherd reviews, respectively. - Marco will finalize
draft-ietf-ace-remote-token-notificationfor a potential Working Group Last Call. - The ACE Chair will initiate coordination with CoRE WGs chairs and ADs regarding the clustered publication strategy.
- Discussion on
draft-ietf-ace-edocis deferred to the next interim meeting.