Re: [Cwt-reg-review] [EXTERNAL] Re: Registration of Entity Attestation Token claims in the CWT registry

Giridhar Mandyam <mandyam@qti.qualcomm.com> Thu, 13 January 2022 15:35 UTC

Return-Path: <mandyam@qti.qualcomm.com>
X-Original-To: cwt-reg-review@ietfa.amsl.com
Delivered-To: cwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 177B93A13DB; Thu, 13 Jan 2022 07:35:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fbkvq9Zb28Jh; Thu, 13 Jan 2022 07:35:27 -0800 (PST)
Received: from esa.hc3962-90.iphmx.com (esa.hc3962-90.iphmx.com [216.71.142.165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E57FD3A13D4; Thu, 13 Jan 2022 07:35:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qccesdkim1; t=1642088127; x=1642692927; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=YhSstffcJoalidraj4PjUhd3M8FjHyLCh1p45/JzbFs=; b=U2D6JAGUCKJ5Fo8Q4U5FkvGu+tcC9TcC87B6mTOEpkNb4Ytr7dpz2nBo 20zZI0m1bZlZGccGnIzVMbCDU9gnWm5XcgOAJTQHeqimC932EpR/NAog1 J3IJAqJFh75Ze9DOjNayutQ3E7XSwMev84gfRZeYlRpFx6040UAM+13xM 8=;
Received: from mail-bn8nam08lp2042.outbound.protection.outlook.com (HELO NAM04-BN8-obe.outbound.protection.outlook.com) ([104.47.74.42]) by ob1.hc3962-90.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jan 2022 15:35:24 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H3u16McwctJEQtkWEIN2DxjFhbtTU2QKeAKPseWS87c5QrP/jABepcuYQqQLIBzUnjiFrB3rP85KNoiLIrjz70FOX389/LjW2QCCCTxsHA4DEhK+lIV8jBx/SPooUh3pppA+gbAEVdar4zha89CwXdf1oJ6ueujmIYyaVF15R0SxZwBH4rmPgxphFklPN6I4YRBkpPtJOYIOhiZRqtPq7zPFpTsYrYw7oqycv/ZHlcA0a2OZ78ThgzCe1/DOeIlCvtr3mA01F8csNr0eXmEzDCqnptiu7vFwmhdb6U9JPpkghkuY5O2C5SZDawbOPFbmCwP9EreHy5YSuyEytWTtqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YhSstffcJoalidraj4PjUhd3M8FjHyLCh1p45/JzbFs=; b=cf4mGaC943fNqHUEXXJg8jGfA+13oL26SjboGf6yP/7Fez02P20qgEJFXVFH55CBGDwVwwadlPraMpnCpVsJt7VP2QOqzqXYr533JwzJy9EHcenKY2SXMJHY7DHZh7JddUgGujqTCOQX13tPtc57YanOJ8FoKbxMgzLnfv/E374goZe3cCg6IAd0hViFtYiSeWWzLfNV5kBrmWUyA6PRIsFuNufsGLiR2W0ImdKzI+eK5tEUTi88jHEbSvuiHSqJosLB6WK7PyMcXJ80Xqcy3EKKNWv9549YOI/OOgT3Gh5FdJmJEgYVnh7a3qOtm37g3cXijh2NyOhiPWhPLLNQMg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from SJ0PR02MB8353.namprd02.prod.outlook.com (2603:10b6:a03:3e4::7) by BYAPR02MB4022.namprd02.prod.outlook.com (2603:10b6:a02:ff::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.10; Thu, 13 Jan 2022 15:35:21 +0000
Received: from SJ0PR02MB8353.namprd02.prod.outlook.com ([fe80::99da:604c:9db7:e163]) by SJ0PR02MB8353.namprd02.prod.outlook.com ([fe80::99da:604c:9db7:e163%4]) with mapi id 15.20.4888.011; Thu, 13 Jan 2022 15:35:21 +0000
From: Giridhar Mandyam <mandyam@qti.qualcomm.com>
To: Mike Jones <Michael.Jones@microsoft.com>, Laurence Lundblade <lgl@island-resort.com>, "rdd@cert.org" <rdd@cert.org>
CC: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>, "cwt-reg-review@ietf.org" <cwt-reg-review@ietf.org>, Ned Smith <ned.smith@intel.com>, "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, rats-chairs <rats-chairs@ietf.org>
Thread-Topic: [EXTERNAL] Re: Registration of Entity Attestation Token claims in the CWT registry
Thread-Index: AdfC4h5/iyKlcunsQMW+S9Z9NAjwkKxgcVbA1CpYyQCAAEUiAP//r/GQ
Date: Thu, 13 Jan 2022 15:35:21 +0000
Message-ID: <SJ0PR02MB8353344FC438C0E7F792999081539@SJ0PR02MB8353.namprd02.prod.outlook.com>
References: <BYAPR02MB44220D6BED944249AC4E32B981BA9@BYAPR02MB4422.namprd02.prod.outlook.com> <SJ0PR00MB10050DA0F62755FCE7028000F5539@SJ0PR00MB1005.namprd00.prod.outlook.com> <2E0FD21A-4CB3-487A-980D-494EDE316674@island-resort.com> <E34599A0-B436-4D23-A67D-23995FFBA06B@island-resort.com> <SJ0PR02MB835353146FFADE9C98E2479C81539@SJ0PR02MB8353.namprd02.prod.outlook.com> <SJ0PR00MB100547B70B0DB6E150E9DA8DF5539@SJ0PR00MB1005.namprd00.prod.outlook.com> <D834724B-D80F-4516-8D62-CE53F7D0B763@island-resort.com> <SJ0PR00MB1005DEBD050002C47BEDF578F5539@SJ0PR00MB1005.namprd00.prod.outlook.com>
In-Reply-To: <SJ0PR00MB1005DEBD050002C47BEDF578F5539@SJ0PR00MB1005.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-01-13T10:31:09Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=654d2c84-9d02-4934-a63b-d55669957ed1; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=qti.qualcomm.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 513d590c-81e9-4958-c467-08d9d6aa4fa1
x-ms-traffictypediagnostic: BYAPR02MB4022:EE_
x-microsoft-antispam-prvs: <BYAPR02MB402287B659D8129C43D8AE7B81539@BYAPR02MB4022.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4714;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hq7hVGkxL/Zre5yPBe56HdVI7FS9Q6TWztVMaf0ZsKm0Qm7S1sjqJjQRNxlzMGimGA3nSVMvpV4QuKEPAxraf1383RxosnsGf/FW7lFUBrouCMkLhV2zFsNH4JKBOOV+x6334gEK1gzQ+yFe0ZLuTVZPanJuTGvANNwdRUYzILqETrW9tNnPLTYWnFXdB7OogWWXn90Fn66p8S2cypP1elHkzSeYzthaUQwgl23lI1Mj8ZxMqPBwkgPwUzhuE7Aa1k1PnteWVQG9t15uhjlF9EqnneQ0MfvhxduZWXQ5hzzL+oPwmB1JpKp2AB5xuZphBzx38OvnmeIFHbsOnOqNIRK5Vc40YOs3H3DyQo6xcILoqfOX1sWtkULrdFDdKjc/an2NSbYxlrgqEyJWKTZvR5YTsb0BgKFWfUvi3srdMyEOFJ3FKjMCSqELY2OQ1Xr5+bRDqBZY365wz9dhJke8ur24NqpPUphxz9QbBcyxrmYNY2mEnALhk2+zAKXkrjB72t3TnyCDb5jwyGpO+FiKydc+PIY6cpWM4xZR4rl6ZHXFyMM1fqu9fHehLVP6wO6VV2jw97kzk+9/o4l2Wzpde8seSD/zJ+yb1rzdn4CqtPodu9yQXhTSpFOaA1liERln7h98ToOcHTIAtJHv5/l8DUslkpmO2SuLSvqkCliZ3fv0go/RPjY/xaAkK1Wf+vlhL27bGP+Dj8Sz382bxdyl3QpwiD8PKMzp6NCOHCTGuQxR/iGq2k1e+0g7HYDsicd/VdZqyyYoxYhhqd8qMs/qtL7OIYw6KubKojyXgJXc0+vir3FzXnR9sIRPBo1tAIdLCC+JUbGIjwdf8Rxj8MzNoQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR02MB8353.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(33656002)(6506007)(53546011)(7696005)(83380400001)(54906003)(5660300002)(66446008)(110136005)(76116006)(64756008)(86362001)(66556008)(66476007)(66946007)(55016003)(508600001)(71200400001)(52536014)(316002)(21615005)(4326008)(8676002)(26005)(2906002)(38100700002)(8936002)(9686003)(966005)(38070700005)(122000001)(186003)(166002)(30864003)(45080400002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: nJiJSk4nB+BL7AQWh5IN3Js8aZtaJZAdj9cpaqptLk2ROITQm2YE2ioC1AxZa7YVVrDoi7teq2z2RFeTajd8gP+OD5zUe1EtPpuP+nAhW/ZvC4ILkWTdeGF77vKDgQ2CagKz7b20yyAZQ3ELge7ES6NPpWJgccrKG/eXMmv0X63NIpgqxn4+BAfA2LDKANt7NiVSg3dW37/0WdYO9kheGnB93GPJxyLjl/VSBFIY53Gb4shXnRcSIlA7lGzoeTQU+kMhBbtvXsEU67ks4QXSHcuLbnZwKDCgiXLZSSVja+LFchLia7QTp7VrtMygEkYCtwhpOCf3JJvhDeXznj/zlHwcgzCe1O6iTOA7hqkZc7xsy1k0dMAVw9NjzIFYf0jqiPbdor45MsIEVXoLOAXy7cT/YTMsTe+a7l8JYFSRq0Vf4dIlx+Qy1TZvpYijFWFfzReVyw2EZ5J4tuJUo+PY+ofR+r+eHjpDSA8xhWb8vTByQSXYIYd2d29U4xk3jyiOwJYEK+dCx4pJ0iERCixEplgdYSZIte78CnyyRLU9QMgbihl5mT9ZfYTJlNzrlA3+4u0st8/J1kWPxtEQCuRNnYY6Jn8pw1zjNEyMl7zzBstCsKPeHg7d2m4wauEPTNJ3bAY1KHOE/rnvNHXAevkhQ7LN1paeSemSEWWskMQuSehqwd4ppmSmVwWm/MdcgWOItnz2Ox/+vFCleA6xz6f/gLUAjg9VdzZ+koI5z3HNHOb4ee4M/DqFMHl3wT0DOwbhMM004uDW/MHaozd5Ysh+PwiY/8hM4AYzOVS6YCstmZSYm4aVR5zyk8W+dF8JoZR8pU/a1/TlthReAeh9IE1sTNHwuvedcCYviCsXG0SUHxVg53oI17YU+DDb5ORYg6QJ5pvSa+A2gQGq4mKfY2s6XZwVBzu36GHejHLjh34nWK+uofqd/kJmOpeRYQNnnoPWBCBG1iHz19BmRJfyvD1+ceaAoCkiPjsVuQhHOIumShAoI9lmQK7fMZS7zoi2zBX9Bx0JrREW9muT25QNOvV/wMJ2Nrw1eu/xlVhCEzkGtzBkSQopGNDGwE8LmpRVPlc+vWMzsp9//CldskAz93vTBDv6sM2wq99vmbAkEo2mte33jz8b5mftM9aSs8wGt27sNLOZ/Uy5Vk/Do0npPC4ybUGSxNoIpIh9JmLlj6YHqFgMaPBBNaIiPcXwXp0YzrbaGHdVnsgC0w4mh/2fb8JLc/ZbY7JPPFVgNgSY9c2Hp7UUJwzhBxZ4/XN5i7F50S5jSPntohFyX+/E3lQYxMNsKML5SRvM7ZTarK5F9mujqDCf4Laj0GhvFdylwYpfiOkcVZkPHpEf+Gu+MNZk+lyekEN1zVxM/MR7yXKMy4IxgLubAZLcHn0tNx5nCEz8Ro7R2q9SAatUMLBaDTipA488Y8RFnByrDSOpzaybotX9SLp3T9TszAdPdDLG4ECA8iLiD76nraYG67H9gd2PIbe5TUu8ZEsv/X/MS1Tw/H/Fg3MsVgKNEvUdGhsAjyB4X7Yx2b5Z5PGTXjhtJ8xxKyNvjEBUML3vKqLbPsw6pPpAudJ1RzdJn6EUCP5GL8ne5PsqDLSlDFNQRHFiFHrQhwmObxrGMme8iTnx9cssL6wSLPjWhBum9ohIbLWF7nSNpl6b59q89u95oPo4JUfCMkszIg==
Content-Type: multipart/alternative; boundary="_000_SJ0PR02MB8353344FC438C0E7F792999081539SJ0PR02MB8353namp_"
MIME-Version: 1.0
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB8353.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 513d590c-81e9-4958-c467-08d9d6aa4fa1
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2022 15:35:21.7077 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DuDScQBBZtxZ9qoFsPAs3NR1tGy/bfqhqFEm/wZ2Wprr3V5qWOMME+6/M0u2daxTufDUQ06Tdmc5yhJ6TRzCru0vT5Y5QxKNvjpQ4tuPoWY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR02MB4022
Archived-At: <https://mailarchive.ietf.org/arch/msg/cwt-reg-review/6Z7WwZdPQqJws8UavkgCQZTuW_I>
Subject: Re: [Cwt-reg-review] [EXTERNAL] Re: Registration of Entity Attestation Token claims in the CWT registry
X-BeenThere: cwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CWT Registry Review <cwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cwt-reg-review/>
List-Post: <mailto:cwt-reg-review@ietf.org>
List-Help: <mailto:cwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jan 2022 15:35:32 -0000

+ Roman D.

I would like to escalate this to the AD.  Note that the EAT editors acted in good faith in the expectation that the RATS  chairs would address early allocation, and we were assured last March that there was no issues with the requested values.  As a result, we put off Last Call for the draft and went forward with guidance to other SDO’s (e.g. FIDO Alliance, GlobalPlatform) that these claim values were stable.

Now for the first time we are finding out that (a) the values called out in the spec are not acceptable as per expert review criteria, and (b) the RATS chairs never initiated the process of pre-registration in the first place.

My request to the AD is simple:  allow for pre-registration of the values as called out in the current EAT draft.  If this is not possible (and it looks likely that it is not), then my additional request is that the AD directly manage shepherding of this spec to Last Call and RFC as I believe communication between the EAT editors and the RATS Chairs has broken down and the RATS Chairs are not driving consensus decisions from the Working Group with respect to this spec.

-Giri

From: Mike Jones <Michael.Jones@microsoft.com>
Sent: Thursday, January 13, 2022 2:39 AM
To: Laurence Lundblade <lgl@island-resort.com>
Cc: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>; cwt-reg-review@ietf.org; Ned Smith <ned.smith@intel.com>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com>; Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>; rats-chairs <rats-chairs@ietf.org>
Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation Token claims in the CWT registry


WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
Early allocation did not occur.  If it had, the numbers would be assigned in https://www.iana.org/assignments/cwt/cwt.xhtml.  (For an example of early allocation listings, see claims 38, 39, and 40.)  Early registration, like normal registration, involves review by the designated experts, which also didn’t occur, because as far as I can tell, it wasn’t asked for.

I’m trying to help you get to stable assignments as soon as possible.  I know the value of having those.

Again, if you want stable assignments before upcoming interop events, I’d suggest making an early registration request by sending the registration request to cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>.  It would be cleaner to do so by first changing the assignments in your IANA Considerations section to “TBD”, but you could also do so based on the current draft (realizing that the proposed assignments in the draft might not be the ones assigned by the designated experts and IANA).

You could have stable assignments within a few weeks if you choose to request them soon.

                                                       Best wishes,
                                                       -- Mike

From: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>
Sent: Wednesday, January 12, 2022 10:31 PM
To: Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
Cc: Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; Jeremy O'Donoghue <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>>; rats-chairs <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>
Subject: [EXTERNAL] Re: Registration of Entity Attestation Token claims in the CWT registry

Hi Mike,

I’m not trying grab anything here that we should not have.

The early allocation process, according to RFC 7120, is handled by the WG chairs. It is my understanding is that the RATS chairs followed this process and that number 10-18, 20 have early assignment. That’s why they are in the draft without “TBD”. Maybe the process wasn’t completed or there is some other confusion. I did not interact with IANA myself (but I did read 7120).

I think this needs to be resolved between the RATS chairs, designated experts and IANA. I am happy to adjust the draft when this gets resolved.

LL



On Jan 12, 2022, at 9:58 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:

Yours is not the first specification that’s tried to preallocate the rare single-byte claim numbers for claims not of general applicability.  At https://www.iana.org/assignments/cwt/cwt.xhtml, you’ll note that most of the claims allocated by draft-ietf-ace-oauth-authz are in the double-byte space because they’re not applicable to a wide variety of applications.  They were originally requested to be in the single-byte range and the designated experts negotiated with the editors to move their requested assignments.

Jim Schaad was always a stickler about specifications using TBD in their registration requests instead of assumed numbers.  At most, he would tolerate “TBD (requested assignment NNN)”.  Of course, he was right.  It’s up to IANA and the designated experts to make the assignments, particular of scarce resources, not the spec authors.

Therefore, please revise your specification to remove the current numbers and replace them with “TBD”.  At that point, it would be fine to make an early registration request.  The experts and IANA could likely get you permanent numbers at that point, probably within a matter of weeks.

If you do not want to go the early allocation route, the other option is to use numbers in the “less than -65536” space, which are designated as “Reserved for Private Use”.  You can use numbers in that space however you want for as long as you want – including for facilitating interop testing until permanent numbers are assigned.

I’m sorry this appears to have come as a surprise.  The designated experts are trying to ensure that the CWT Claims numbers are efficiently allocated to do the most good for the most applications.  I hope you’ll take this request in that spirit and choose one of the paths outlined above to quickly resolve this issue.

                                                       Best wishes,
                                                       -- Mike

From: Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>
Sent: Wednesday, January 12, 2022 9:05 PM
To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>; Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>; Jeremy O'Donoghue <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>
Cc: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>>; rats-chairs <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>
Subject: [EXTERNAL] RE: Registration of Entity Attestation Token claims in the CWT registry

+ @Jeremy O'Donoghue<mailto:jodonogh@qti.qualcomm.com>

Ned, RATS Chairs,

We were assured by the RATS Chairs when we highlighted these values in Rev. -09 that they would be signed off for the registry.  This is one of the reasons why we did not try to accelerate Last Call during the first half of last year.  There was clearly a disconnect.  Can you check into why this occurred?

Mike,

We just put out an FDO update on the assumption that these claim values are set (https://fidoalliance.org/specs/FDO/FIDO-Device-Onboard-RD-v1.1-20211214/FIDO-device-onboard-spec-v1.1-rd-20211214.html).  We are planning a 2nd interop event during the next couple of months and we may have to put that off now.  Is this issue intractable?  Can the claims not be assigned to EAT?

Jeremy can comment on any GlobalPlatform dependencies.

-Giri

From: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>
Sent: Wednesday, January 12, 2022 8:18 PM
To: Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
Cc: Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Smith, Ned <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.com>>
Subject: Re: Registration of Entity Attestation Token claims in the CWT registry

WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
A couple more comments.

I know what you mean about taking the numbers <24. Not trying to be a hog or anything. It seems nobody, myself included, thought about it when this was done a year ago.

I know that Arm has SW that uses these assignments (ask Hannes and Thomas F). I think FIDO does too. I think there would be objections to a re assignment.

LL


On Jan 12, 2022, at 7:52 PM, Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>> wrote:

+ RATS chairs

Hi Mike,

The claims key numbers 10-18, 20 are early assignments by IANA. I didn’t handle the interaction with IANA, but I understand this to be true.  Changing them now would undermine some implementations that are using them.

LL



On Jan 12, 2022, at 6:11 PM, Mike Jones <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> wrote:

Please change the proposed CWT claim values for claims UEID through Submodules Section from 11 through 20 to 41 through 50 so that they are not using up most of the rare single-byte claim numbers.  Only claims that are of general applicability across multiple kinds of applications should be allocated in that space.

The one exception I would consider is the Location claim, which could be of general applicability.  If you believe that this location representation will be used by multiple kinds of applications, I would be willing to consider registering it in the single-byte claim space.

                                                       -- Mike

From: Cwt-reg-review <cwt-reg-review-bounces@ietf.org<mailto:cwt-reg-review-bounces@ietf.org>> On Behalf Of Giridhar Mandyam
Sent: Saturday, October 16, 2021 4:11 PM
To: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>
Cc: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>
Subject: [Cwt-reg-review] Registration of Entity Attestation Token claims in the CWT registry

To the CWT claims registry designated experts:

I am contacting you on behalf of the editors of the Entity Attestation Token specification (latest draft available athttps://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10).  This is a standards-track document in the IETF Remote Attestation Procedures (RATS) Working Group.

Please note the requests for CWT registry of the claims outlined in https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10#section-7.3.1.  We would like these claim values reflected in the IANA CWT registry as soon as possible.  Would this be possible?

Please contact myself Giri Mandyam or Laurence Lundblade (cc’ed) for further information if required.

Thanks

-Giri Mandyam