Consistent use of the 'exi' ACE Groupcomm Parameter

[marco-tiloca-sics]

Overall, the 'exp' parameter can silently inherit the same rules specified in draft-ietf-ace-key-groupcomm for its inclusion in messages.

Thinking of the worst case where a Client does not support UTC time, the parameter to privilege should instead be 'exi'.

This means, among other things:

• In Section 6.3 "Send the Join Response"

  OLD

  • The 'exp' parameter MUST be present.

  NEW

  • The 'exi' parameter MUST be present.

• Section 9.1 "Retrieve Updated Keying Material"

  OLD

  ... or when the Security Context expires as specified by the 'exp' parameter of the Join Response.

  NEW

  ... or when the Security Context expires as specified by the 'exp' or 'exi' parameter of the Join Response.

• In Section 9.1.1 "Get Group Keying Material"

  OLD

  • The 'exp' parameter MUST be present.

  NEW

  • The 'exp' parameter SHOULD be present.

  • The 'exi' parameter MUST be present.

• In Section 9.1.2 "Get Group Keying Material and OSCORE Sender ID"

  OLD

  • The 'exp' parameter MUST be present.

  NEW

  • The 'exp' parameter SHOULD be present.

  • The 'exi' parameter MUST be present.

• In Section 9.6 "Retrieve Signature Verification Data"

  OLD

  From the Join Response message, only the parameters 'gkty', 'key', 'num', 'exp' and 'ace_groupcomm_profile' are present.

  NEW

  Of the parameters present in the Join Response message, only the parameters 'gkty', 'key', 'num', 'exp', 'exi', and 'ace_groupcomm_profile' are present in Signature Verification Data Response.

  (then accordingly revise the example in Figure 4)

• In Section 11.1 "Sending Rekeying Messages"

  OLD

  From the Join Response, only the parameters 'gkty', 'key', 'num', 'exp', and 'ace_groupcomm_profile' are present.

  NEW

  Of the parameters present in the Join Response message, only the parameters 'gkty', 'key', 'num', 'exp', 'exi', and 'ace_groupcomm_profile' are present.