Hello Hannes, Thank you very much for your comments. I am replying to the comment that Ludwig did not yet address:
Ludwig Seitz <[email protected]> writes: > On 2017-10-01 11:35, Hannes Tschofenig wrote: >> - What is the reasoning behind this statement: >> >> "This specification mandates that at least the key derivation >> algorithm "HKDF SHA-256" as defined in [I-D.ietf-cose-msg] MUST be >> supported." >> >> I would have assumed at the session key provided by the AS to the client >> and the key embedded in the access token is used directly within TLS as >> a PSK. Yes, you could embed the session key in the access token. But then, you would always have to encrypt the access token and ensure that is never decrypted by unauthorized parties. Key derivation allows you to transfer the access token unencrypted (as long as the privacy objectives are met, of course). This could even save some bytes in the token as the encrypted session key does not have to be transferred. This mechanism has previously been discussed in section 6 of [1] but now has been adjusted from the simple ad-hoc syntax in DCAF to the more flexible COSE method. [1] https://tools.ietf.org/html/draft-gerdes-ace-dcaf-authorize-04#section-6 Grüße Olaf _______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
