Re: [Ace] Revised charter proposal: charter-ietf-ace-00-02

Stefanie Gerdes <gerdes@tzi.de> Thu, 29 May 2014 17:49 UTC

Return-Path: <gerdes@tzi.de>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61CC01A019F; Thu, 29 May 2014 10:49:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J-aa3aMGjxmG; Thu, 29 May 2014 10:49:08 -0700 (PDT)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA00D1A018A; Thu, 29 May 2014 10:49:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id s4THmdLl003553; Thu, 29 May 2014 19:48:40 +0200 (CEST)
Received: from [192.168.1.146] (p54BC4594.dip0.t-ipconnect.de [84.188.69.148]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id A995C1602; Thu, 29 May 2014 19:48:39 +0200 (CEST)
Message-ID: <538772F7.4080708@tzi.de>
Date: Thu, 29 May 2014 19:48:39 +0200
From: Stefanie Gerdes <gerdes@tzi.de>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Rene Struik <rstruik.ext@gmail.com>, Likepeng <likepeng@huawei.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "adrian@olddog.co.uk" <adrian@olddog.co.uk>
References: <20140514221215.8150.56543.idtracker@ietfa.amsl.com> <34966E97BE8AD64EAE9D3D6E4DEE36F252B2A345@SZXEMA501-MBS.china.huawei.com> <CAHbuEH6U7811XFdipULNwF3_2iocq9dpKje+G4kkU_bpnXHFKw@mail.gmail.com> <34966E97BE8AD64EAE9D3D6E4DEE36F252B38978@SZXEMA501-MBS.china.huawei.com> <34966E97BE8AD64EAE9D3D6E4DEE36F258140E59@SZXEMA501-MBX.china.huawei.com> <5383726F.30100@gmail.com> <5387583A.6040506@tzi.de>
In-Reply-To: <5387583A.6040506@tzi.de>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ace/UXKykTHBUiEG8c5dxabrRXl_u6U
Cc: Benoit Claise <bclaise@cisco.com>, "aaa-doctors@ietf.org" <aaa-doctors@ietf.org>, The IESG <iesg@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Subject: Re: [Ace] Revised charter proposal: charter-ietf-ace-00-02
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 May 2014 17:49:09 -0000

Maybe the purpose of my previous note was not clear enough. My intent
was to reason why I support Renes proposed changes to the charter.

Best regards,
Steffi


On 05/29/2014 05:54 PM, Stefanie Gerdes wrote:
> Hi everyone,
> 
> 
> On 05/26/2014 06:57 PM, Rene Struik wrote:
> 
>>
>> #RS-1: remove any suggestion that existing solutions are already known
>> to be suitable (this is still to be seen and part of the work of this
>> group). This removes the current tension between para 4 and para 6,
>> where para 4 says "indicate the suitability of existing work", whereas
>> para 6 suggests "this requires relevant specifications to be reviewed
>> for suitability". This is why I raised as concern in my original draft
>> review of April 10, 2014, 5:58pm EDT
>> (http://www.ietf.org/mail-archive/web/ace/current/msg00517.html) that
>> one should engage into this effort with open mind, without presorting
>> solution directions in the charter.
>>
>> OLD:
>>
>> Requirements derived from use cases indicate the suitability of existing
>>
>> work as a solution for constrained environments
>>
>> NEW:
>>
>> Requirements derived from use cases may indicate that existingwork is
>> useful as basis for as a solution for constrained environments
> 
> I think we can benefit from carefully reviewing existing protocols for
> their applicability to constrained environments. If we come to the
> conclusion that one of the proposed solutions is fitting, this is a good
> result. And we might have a clue afterwards which one of them fits best.
> The expectation is that some requirements of constrained environments
> can not easily be met by existing solutions and we might need to define
> profiles or extensions or otherwise bridge the gaps. We should be open
> for ideas and not try to fit a round piece through a square hole because
> it might work somehow.
> 
> The need for an authentication and authorization solution for
> constrained environments came up in the CoRE working group. The reason
> for initiating the ACE working group is that the discussions about
> possible solutions took up so much time in CoRE that other topics of the
> group were delayed.
> 
> 
>> #RS-2:  I would suggest scrapping the entire para 7, since much too
>> ambitious (one can easily recharter to take on more work or refocus at a
>> later stage). I made the same comment on the original draft charter
>> (April 10, 2014, 5:59pm EDT).
>>
>>
>> OLD:
>>
>> Once progress in identifying suitable candidate solutions has been made,
>>
>> the working group will verify whether the same mechanisms are also
>>
>> applicable beyond the use of CoAP and DTLS, which are the two main
>>
>> protocols the group will focus on for access to resources. In
>>
>> particular, the ability to use the developed solution over HTTP and TLS
>>
>> will be investigated. Note that the work is limited to CoAP and HTTP
>>
>> with DTLS and TLS. Other application protocols with their related
>>
>> transport protocols, and other protocols at other layers in the stack,
>>
>> are out of scope. Furthermore, to guarantee smooth transition, the
>>
>> integration with existing deployments will be studied, particularly
>>
>> concerning the use of protocol translation proxies.
>>
>>
>> NEW:
>>
>> The working group will focus on CoAP and DTLS for access to resources.
>> Any other work will require rechartering.
> 
> Concerning #RS-2: As I mentioned before I would be happy to leave
> speculations about future work after rechartering out of the charter.
> 
>>
>> #RS-3: I would suggest taking more time for the use cases and
>> requirements than currently suggested. Given the lengthy discussion on
>> draft charter and ACE WG coming into operation potentially just prior to
>> the July 2014 IETF meeting, I would suggest being more reflective on use
>> cases and aiming for WG item here after November 2014 meeting (Dec 2014)
>> and IESG phase Apr 2015. Not much harm will be done here, since solution
>> and use cases can be co-developed in parallel and, moreover, one can
>> always strive for beating the schedule (overdelivering, so to speak).
>>
>>
>> OLD:
>>
>> Jul 2014 Submit "Use cases and Requirements" as a WG item.
>>
>> Dec 2014 Submit Optionally submit "Use cases and Requirements" document
>> to the IESG for
>>
>> publication as an Informational RFC.
>>
>>
>> NEW:
>>
>> Dec 2014 Submit "Use cases and Requirements" as a WG item.
>>
>> Apr 2015 Submit Optionally submit "Use cases and Requirements" document
>> to the IESG for
>>
>> publication as an Informational RFC.
> 
> #RS-3: The discussion about the Use cases and Requirements draft
> indicated that it would be beneficial to work on this draft in parallel
> while working on the solution. This is only possible if we set the
> milestone accordingly.
> 
> Best regards,
> Steffi
> 
> 
> 
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace
> 


-- 
Stefanie Gerdes			Tel: +49 421 218 63906
TZI Universität Bremen		E-Mail: gerdes@tzi.de
Bibliothekstr. 1, MZH 5150
28359 Bremen, Germany