IETF Logo Mail Archive

Re: [Cwt-reg-review] [EXTERNAL] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)

Mike Jones <Michael.Jones@microsoft.com> Fri, 14 January 2022 01:00 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: cwt-reg-review@ietfa.amsl.com
Delivered-To: cwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBD753A121E; Thu, 13 Jan 2022 17:00:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.677
X-Spam-Level:
X-Spam-Status: No, score=-2.677 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8g1oyAcDTt4J; Thu, 13 Jan 2022 17:00:06 -0800 (PST)
Received: from na01-obe.outbound.protection.outlook.com (mail-cusazon11020021.outbound.protection.outlook.com [52.101.61.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED57A3A121C; Thu, 13 Jan 2022 17:00:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Utgvc5G7P97su6SfMYWJ1yus6iy4ORPzOsQGiMPUkVT6qw+3+G+95Pn4GQJXtUcUyd3VmBCmld/yjpe1+eHZvRpsOIEDYcD5wv6I7s3JxhLtmb4ZZXSVDaDaqFvtMPswuO4nbdNm5xwb/8e+ez1RwqK2wUJJBLOsEO2qZ47gydJseNZfAIZymdXiqyI9WbgM1MO8WBwiwfVAG8S0EmLr2+YUuJN7BjggIwGon7rFKqUGVZaL73bUn457guEbxAffcRlg1E40G5CiLif8mL1ad0zTCQoj3exaIlMtB9/x90GeLeMnNSgDyU6d1sTV2W2rYHqVf0PVn1cbTdOMHMbPPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AtEM2SarKhMXNjGmG2Di707zk51htNJnk3d47rBP4XE=; b=UNhsSSQ2Wo/ffjL+2It8CEDrmBQxHPsAjabsbBHqPYQP4twlMcbgxyOfIDkJPHrpcMHQHoHWrnndA8w5k8bP9tf3w8INVNX4SCigzjJbYIt/3kmn/E80qZJutvN2iQMD2FUlAYPAB0/pO5HrgSY1EglzEeQE4KNAA+jtpGUUOMDDz5eQ2mbFN0zOawrChRZftUNalG476qiNkreMZ3nvDosAMSDN5+0pMEpajP406nV6gzfGQIqLNFQFk/mqtscaowjHccXdfvUy/wWYLIZw7dUxg571Rqp9FsmUBjd1Y6QLdx1QbVkOSlTsWN0QZi7k+c5VJQ92jfCYV9cDl1WR/w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AtEM2SarKhMXNjGmG2Di707zk51htNJnk3d47rBP4XE=; b=Xf18XMbBuuo62As17dwAi/9nuekWEUzGayBqGXhYbC2QTJmgxD9Ic/KzC1aW5qanVvUU/k7ewARJN+OeMa3mdXHsgxJp348g4fVSAWORh0RF0HxqHYEcfw+2nU0rcJnFtITg6+9n117rYbibwCPqHlTxP9Ff98Klw+4a1X8rtWo=
Received: from SA2PR00MB1002.namprd00.prod.outlook.com (2603:10b6:806:11a::8) by CH2PR00MB0842.namprd00.prod.outlook.com (2603:10b6:610:6f::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4931.0; Fri, 14 Jan 2022 00:59:59 +0000
Received: from SA2PR00MB1002.namprd00.prod.outlook.com ([fe80::b543:d86f:f7f4:6d29]) by SA2PR00MB1002.namprd00.prod.outlook.com ([fe80::b543:d86f:f7f4:6d29%7]) with mapi id 15.20.4931.000; Fri, 14 Jan 2022 00:59:59 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "iana-prot-param@iana.org" <iana-prot-param@iana.org>, "rdd@cert.org" <rdd@cert.org>
CC: "rats-chairs@ietf.org" <rats-chairs@ietf.org>, Ned Smith <ned.smith@intel.com>, "ncamwing@cisco.com" <ncamwing@cisco.com>, "mandyam@qti.qualcomm.com" <mandyam@qti.qualcomm.com>, "lgl@island-resort.com" <lgl@island-resort.com>, "kathleen.moriarty.ietf@gmail.com" <kathleen.moriarty.ietf@gmail.com>, "jodonogh@qti.qualcomm.com" <jodonogh@qti.qualcomm.com>, "iana@iana.org" <iana@iana.org>, "cwt-reg-review@ietf.org" <cwt-reg-review@ietf.org>
Thread-Topic: [EXTERNAL] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
Thread-Index: AdgIvwFoH7FDXUA2SZ6lnDdcHG5IXgAIlZQAAAAJoIA=
Date: Fri, 14 Jan 2022 00:59:59 +0000
Message-ID: <SA2PR00MB10028856F99EDA5484217500F5549@SA2PR00MB1002.namprd00.prod.outlook.com>
References: <RT-Ticket-1222304@icann.org> <BN2P110MB110762719A9AE8C9E00CD2A8DC539@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <rt-4.4.3-12745-1642121694-704.1222304-37-0@icann.org>
In-Reply-To: <rt-4.4.3-12745-1642121694-704.1222304-37-0@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-01-14T00:55:59Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=4f9cc0a5-1590-4fe3-b98d-71f5ca9fb788; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7fcda4ec-95d7-4123-d106-08d9d6f9301a
x-ms-traffictypediagnostic: CH2PR00MB0842:EE_
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-ms-exchange-atpmessageproperties: SA|SL
x-microsoft-antispam-prvs: <CH2PR00MB0842ECB1240747B5C13913EFF5549@CH2PR00MB0842.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4714;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: eR2itGxRJzTMuCCqmKlw+IHd40LmELwsD7t8zf5YdlYvh63sJXJnFx7fXs+oL9QNrwMmS/zXFYKPGfrI7sPAMJvon9V0mAlsWkv9T466PCbi5W1b5NdoAM4CXskQKiKCVQivCZp1rz5gEP9qTgkeyuTbD8KwVpYdY9McfDaKAV3jk/ob6VBWQV/ERkItczbK3rNWNASx9jxT3XT0709T8QZ1UFgQM2xyoB9CBou0wZOLVb3K5wGbdgpkJB2cn1UpP/JIZrGwloMmkA3xzG+crZ/elpPkDH8FGPLZSUyNCIJoetsq5f7eXInFGD9LlzhUVVje5Jl8xGqAILZA0xdRjHchkF/3rEegV7GPRANaDnYLDko9yqvAARKvfmYES92pUzJHQReo09iUUuFTCjjZNNCfeWb0VgQc+ukL8xQu/zchfu7vCMIN6+lLnD8BSvurpoW1Rziv6ipIv+mbZVmhXlCH0A+xyvGVvZtOA3Mk6PxcEpLB0TdEHIVwHwPSmlNt7NiU+pxxhpnHijQFkVCCtjICW0k7scjpwIrk3ebinD6oqrn6eSIgmBVqRA+yZoHwSsG268C0HiDOEB0/c+6mbE7aYYgp0NpMHHM76jPPc0DkTZa7ZrN0N/PVNUBQiZVsQlgh44FVz5l66q+yfNtkwgdmpWlbaPTrObxY0wIDAqUf6uyUkaO3hSGI1weSR2gS8T940RjfW7ToiyKAMscaMsXI1N8eJ7w8LkOrzzSr5ys7i1oQYKrCc8dGAaXig726rAVtZ7O4tY2KpLOYD4HqRDn95C2qfWN3018hlxeN6X9zGWcr9JkAMc0HRQ2yi40sPf2sJitxqGmb6woj8qt3VUIFHNYK7fC5c5AOZR9yCSOm6kkAAD23FkfMZz+bF30B
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA2PR00MB1002.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(71200400001)(83380400001)(122000001)(38070700005)(76116006)(33656002)(66476007)(66446008)(52536014)(110136005)(54906003)(30864003)(4326008)(8676002)(66946007)(316002)(5660300002)(8936002)(7416002)(64756008)(55016003)(2906002)(66556008)(7696005)(6506007)(10290500003)(508600001)(966005)(9686003)(38100700002)(82950400001)(186003)(82960400001)(86362001)(8990500004)(53546011)(20210929001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: EskYbZ1fv2CHu6QLyok86nIHjThnn4RVly3u1FX1Ja18zXG6w0v2J9EMsaFkUlfM9mFhZd8vZrIz+j3Vl9/4pAkCLMOo13YYX9fmo2v8Y5Su7yZSwMGrrexJMypcf2o34rMlKxVHl0EluOaSNA4J4WL3QeNS3XmSmxDd+Adog5dnCcNpPnP/YaP0pRLGAJfaR+eAFcOO7J/bgTOXoOqIvqQWJ8n5nuMr/8j+JyQMpx0VlTdRcyJefaao/c2xpFC0CVu8tIMEFpru0NTaGCJlM19qJqgpWOrEhprJPj8qdibFn5rbB9EPcaXFdxPkPT0R1Ywf2jrWQ5CuzAROAQ22zvpHQMGiJ7/0kPon/XyDy7S03F1+9okT5pY3n+MIs7aIi4hHIXl1ghJ1nbLQ0maZgJVTh6zvXG9R1AYOgRtE5jnjMyk4P64FB/zOU3J9R4iZgcahMBLwpEbYRpGeynyOZhDyOt1d8/LihXclxef7kpazqyMxyCYPDEwgjdE6XQ5CiBP99vpuTvipbTwUMGJX8Q6CbCBHC2FogSy1QrsrPo/N9+XfP3kTfua5oEEQM596qfXzrdKpLQCsZXt+LYsayX9r+Nyxh0DH4rnJMXgu8yVNoRDjcTpwTFeL36e3YsblblRsjNpv1LgOPrLrC0WgGC8xEJZV3RHtWoDi+vldxQBE3QfX2Mbi/UAHfVuVwmQ1xEVlfIgDd3mueakW3n7I0epHEyqeS6SrWktfQrhoBVqVMAdn08XdHYaIM2C4AiUffeDmzb0f8iyHLWg1LMn8sDuSCeB4WYfcnE6/1gC1bLEbxrL+9PJGcwPYKyp5xwsoA4DIT2Fu5Q9bPuLRlWRKMe1iVWdFRhcxrr3dvoU6OxVHE7mPqxmvRlNDjXae4F0hPOZkuxZpB73jQBmWRr/jyWbc/VJ4CraRHER4wO0cwCJUfa9OmRSKnx5boNt8KDGmrAPZW4oSyFsawAzAhfDaNSFF2TyIOaaTUnI/CZ+4q+g2fKsIfcB9FoqvJhzft1Y1PmO2A/muUG5KyoDR3V2saJMOzJi7y/iW3SlPQRza049xP4tyl0SNJNvLXPhgSY+GqcwIYZ5NAwk3TgnQU/EX8ixS/fXS6zcNEp1//xUlpxOafYBs9hd4gDUTv99G+47NIesgMLBx8t7FmXF4uudUwu/P7EOAa+XFch843gagEx6yLeEdZWvw8bxAnAOF11dViFo2/zT+TeBlvZck07iKBLhhg4rYP+6MXTXT5JIDZvrYQsHqPUhJZ0QzQcz7vtJO+x6IYBt3dwOP2Vm7kCebof441m31Sv8dzHGuEeJA2NRBlMoapvD6azHsPp156ljOEjKVCE8Z2JI/IahsElnymdfN4ktgMIEeIPGBkyIoN23iE2Xx3ZRyaK4Ug1kuvyyA3vAo+qqcKwqqvHXtIA8hhTtlWTI96jTdF9eioCnx7C2FtnPHnnN6nSRs6HEPfYlOH4RGk/OTPr11oYvjVwGwGtGhCRrqSrs55nuinM2ydb5kKSVpSVLZhCshZ7J59trl/PhqawWvNs+weVrwI86Z6YfZR3mS4vcPMuzfq30rFnen6rsGxjOxZM5AxAMzSbN80QP1KWRfjeMCOHIkQ9p4xImKGsnMfhubTjMghsjgpR9vB6XZQACtpCDhCie4Psu1NdBILWabiiZmMjS7gZiXmwxRLEvL9P6dGl8/gS0+voc=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA2PR00MB1002.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7fcda4ec-95d7-4123-d106-08d9d6f9301a
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jan 2022 00:59:59.0861 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 941pis8Fx28euXYanajnavLfQ9gZFnK/T1RzFbuucu7iSjmgvMO8VYpBTulKESMEAe44Pw7ZZsv141wm4/Q6cw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR00MB0842
Archived-At: <https://mailarchive.ietf.org/arch/msg/cwt-reg-review/9CggB49B1SCvmYkPIobQEJcDJlM>
Subject: Re: [Cwt-reg-review] [EXTERNAL] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
X-BeenThere: cwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CWT Registry Review <cwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cwt-reg-review/>
List-Post: <mailto:cwt-reg-review@ietf.org>
List-Help: <mailto:cwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jan 2022 01:00:12 -0000

Thanks for writing, Amanda.

We are definitely *not* using the values currently in the document, as they fail the registration criteria.  As one of the designated experts, I will be proposing conforming values today or tomorrow.  The criteria that the current values fail are at https://datatracker.ietf.org/doc/html/rfc8392#section-9.1, specifically:

   Criteria that should be applied by the Designated Experts includes
   ...  Registrations for the limited set
   of values between -256 and 255 and strings of length 1 are to be
   restricted to claims with general applicability.

				Best wishes,
				-- Mike

-----Original Message-----
From: Amanda Baber via RT <iana-prot-param@iana.org> 
Sent: Thursday, January 13, 2022 4:55 PM
To: rdd@cert.org
Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>; ncamwing@cisco.com; Mike Jones <Michael.Jones@microsoft.com>; mandyam@qti.qualcomm.com; lgl@island-resort.com; kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com; iana@iana.org; cwt-reg-review@ietf.org
Subject: [EXTERNAL] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)

Hi Roman, all,

For our records, can one of the RATS chairs confirm this request?

I understand that for the CWT registrations, we'll be using the numeric values requested in the document:

https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-11#section-9.3.1

thanks,

Amanda Baber
IANA Operations Manager

On Thu Jan 13 21:00:35 2022, rdd@cert.org wrote:
> Hi!
> 
> 
> 
> Officially pulling everything together in one place for an early 
> registration request.
> 
> 
> 
> ==[ Request to IANA ]==
> 
> Per step #5 of Section 3.1 of RFC 7120, the RATS WG would like select 
> pre-registration actions for
> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-11 described 
> in the "Pre-Registration actions" section below.
> 
> 
> 
> Mike: Thanks so much for your help here.  Consider this an approval 
> for early allocation.
> 
> 
> 
> ==[ WG Coordination ]==
> 
> Step #4 (AD Approval) Implicit in this note
> 
> 
> 
> Step #3 (Discussion on the WG mailing list) 
> https://mailarchive.ietf.org/arch/msg/rats/FwCqNrYjbiTd0nGZ0Wg9RQ2uU8o
> /
> 
> 
> 
> ==[ Pre-Registration actions ]==
> 
> 
> 
> See Section 9.3.1 of https://datatracker.ietf.org/doc/html/draft-ietf-
> rats-eat-11#section-9.3.1
> 
> 
> 
> Thanks,
> 
> Roman
> 
> 
> From: Mike Jones <Michael.Jones@microsoft.com>
> Sent: Thursday, January 13, 2022 2:57 PM
> To: Roman Danyliw <rdd@cert.org>; Giridhar Mandyam 
> <mandyam@qti.qualcomm.com>; Laurence Lundblade <lgl@island-resort.com>
> Cc: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>; cwt-reg- 
> review@ietf.org; Ned Smith <ned.smith@intel.com>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com>; Kathleen Moriarty 
> <kathleen.moriarty.ietf@gmail.com>; rats-chairs <rats-chairs@ietf.org>
> Subject: Re: Registration of Entity Attestation Token claims in the 
> CWT registry
> 
> Roman, once you let the designated experts know that you approve of 
> requesting early allocation per RFC 7120, then I’d be glad to consider 
> this thread to be the request for early registration and proceed to do 
> so.
> 
> Giri, Lawrence, etc., the registration procedures for CWT claims are 
> defined at https://datatracker.ietf.org/doc/html/rfc8392#section-9.1.
> In particular, the following sections are particularly relevant to the 
> current discussion:
> 
> Criteria that should be applied by the Designated Experts includes 
> determining whether the proposed registration duplicates existing 
> functionality, whether it is likely to be of general applicability or 
> whether it is useful only for a single application, and whether the 
> registration description is clear.  Registrations for the limited set 
> of values between -256 and 255 and strings of length 1 are to be 
> restricted to claims with general applicability.
> 
> IANA must only accept registry updates from the Designated Experts and 
> should direct all requests for registration to the review mailing 
> list.
> 
> So whether early or not, the claims being proposed for registration 
> that are not of general applicability are ineligible for registration 
> in the range -256 to 255.  Also, any IANA registrations of CWT claims 
> necessarily involve designated expert review.
> 
> I’m trying to help you as a designated expert to get to stable 
> registrations soon.  Once Roman has approved the request for early 
> registration, I’d be glad to work with IANA to do early registration 
> of code points that meet the registration criteria above.
> 
> Best wishes,
> -- Mike
> 
> From: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>
> Sent: Thursday, January 13, 2022 8:38 AM
> To: Giridhar Mandyam
> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; Mike 
> Jones 
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>;
> Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>
> Cc: Jeremy O'Donoghue
> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; cwt- 
> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith 
> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen 
> Moriarty 
> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
> com>>; rats-chairs 
> <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>; Roman Danyliw 
> <rdd@cert.org<mailto:rdd@cert.org>>
> Subject: Re: Registration of Entity Attestation Token claims in the 
> CWT registry
> 
> Hi all!
> 
> I wanted to acknowledge that I got this note, but I am not up-to-speed 
> on the issue and need to catch-up before providing a meaningful 
> response.  A search of my mailbox also found this related thread which 
> I attached.
> 
> Roman
> 
> From: Giridhar Mandyam
> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>
> Sent: Thursday, January 13, 2022 10:35 AM
> To: Mike Jones
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>;
> Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>; Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>
> Cc: Jeremy O'Donoghue
> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; cwt- 
> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith 
> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen 
> Moriarty 
> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
> com>>; rats-chairs <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>
> Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation Token 
> claims in the CWT registry
> 
> + Roman D.
> 
> I would like to escalate this to the AD.  Note that the EAT editors 
> acted in good faith in the expectation that the RATS  chairs would 
> address early allocation, and we were assured last March that there 
> was no issues with the requested values.  As a result, we put off Last 
> Call for the draft and went forward with guidance to other SDO’s (e.g.
> FIDO Alliance, GlobalPlatform) that these claim values were stable.
> 
> Now for the first time we are finding out that (a) the values called 
> out in the spec are not acceptable as per expert review criteria, and
> (b) the RATS chairs never initiated the process of pre-registration in 
> the first place.
> 
> My request to the AD is simple:  allow for pre-registration of the 
> values as called out in the current EAT draft.  If this is not 
> possible (and it looks likely that it is not), then my additional 
> request is that the AD directly manage shepherding of this spec to 
> Last Call and RFC as I believe communication between the EAT editors 
> and the RATS Chairs has broken down and the RATS Chairs are not 
> driving consensus decisions from the Working Group with respect to 
> this spec.
> 
> -Giri
> 
> From: Mike Jones
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
> Sent: Thursday, January 13, 2022 2:39 AM
> To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>
> Cc: Giridhar Mandyam
> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; Jeremy 
> O'Donoghue 
> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; cwt- 
> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith 
> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen 
> Moriarty 
> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
> com>>; rats-chairs <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>
> Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation Token 
> claims in the CWT registry
> 
> 
> WARNING: This email originated from outside of Qualcomm. Please be 
> wary of any links or attachments, and do not enable macros.
> Early allocation did not occur.  If it had, the numbers would be 
> assigned in https://www.iana.org/assignments/cwt/cwt.xhtml.  (For an 
> example of early allocation listings, see claims 38, 39, and 40.) 
> Early registration, like normal registration, involves review by the 
> designated experts, which also didn’t occur, because as far as I can 
> tell, it wasn’t asked for.
> 
> I’m trying to help you get to stable assignments as soon as possible.
> I know the value of having those.
> 
> Again, if you want stable assignments before upcoming interop events, 
> I’d suggest making an early registration request by sending the 
> registration request to cwt-reg-review@ietf.org<mailto:cwt-reg-
> review@ietf.org>.  It would be cleaner to do so by first changing the 
> assignments in your IANA Considerations section to “TBD”, but you 
> could also do so based on the current draft (realizing that the 
> proposed assignments in the draft might not be the ones assigned by 
> the designated experts and IANA).
> 
> You could have stable assignments within a few weeks if you choose to 
> request them soon.
> 
> Best wishes,
> -- Mike
> 
> From: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>
> Sent: Wednesday, January 12, 2022 10:31 PM
> To: Mike Jones
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
> Cc: Giridhar Mandyam
> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; Jeremy 
> O'Donoghue 
> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; cwt- 
> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith 
> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen 
> Moriarty 
> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
> com>>; rats-chairs <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>
> Subject: [EXTERNAL] Re: Registration of Entity Attestation Token 
> claims in the CWT registry
> 
> Hi Mike,
> 
> I’m not trying grab anything here that we should not have.
> 
> The early allocation process, according to RFC 7120, is handled by the 
> WG chairs. It is my understanding is that the RATS chairs followed 
> this process and that number 10-18, 20 have early assignment. That’s 
> why they are in the draft without “TBD”. Maybe the process wasn’t 
> completed or there is some other confusion. I did not interact with 
> IANA myself (but I did read 7120).
> 
> I think this needs to be resolved between the RATS chairs, designated 
> experts and IANA. I am happy to adjust the draft when this gets 
> resolved.
> 
> LL
> 
> 
> 
> On Jan 12, 2022, at 9:58 PM, Mike Jones 
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
> wrote:
> 
> Yours is not the first specification that’s tried to preallocate the 
> rare single-byte claim numbers for claims not of general 
> applicability.  At https://www.iana.org/assignments/cwt/cwt.xhtml,
> you’ll note that most of the claims allocated by draft-ietf-ace-oauth- 
> authz are in the double-byte space because they’re not applicable to a 
> wide variety of applications.  They were originally requested to be in 
> the single-byte range and the designated experts negotiated with the 
> editors to move their requested assignments.
> 
> Jim Schaad was always a stickler about specifications using TBD in 
> their registration requests instead of assumed numbers.  At most, he 
> would tolerate “TBD (requested assignment NNN)”.  Of course, he was 
> right.  It’s up to IANA and the designated experts to make the 
> assignments, particular of scarce resources, not the spec authors.
> 
> Therefore, please revise your specification to remove the current 
> numbers and replace them with “TBD”.  At that point, it would be fine 
> to make an early registration request.  The experts and IANA could 
> likely get you permanent numbers at that point, probably within a 
> matter of weeks.
> 
> If you do not want to go the early allocation route, the other option 
> is to use numbers in the “less than -65536” space, which are 
> designated as “Reserved for Private Use”.  You can use numbers in that 
> space however you want for as long as you want – including for 
> facilitating interop testing until permanent numbers are assigned.
> 
> I’m sorry this appears to have come as a surprise.  The designated 
> experts are trying to ensure that the CWT Claims numbers are 
> efficiently allocated to do the most good for the most applications.
> I hope you’ll take this request in that spirit and choose one of the 
> paths outlined above to quickly resolve this issue.
> 
> Best wishes,
> -- Mike
> 
> From: Giridhar Mandyam
> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>
> Sent: Wednesday, January 12, 2022 9:05 PM
> To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>; Mike Jones
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>;
> Jeremy O'Donoghue
> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>
> Cc: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith 
> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen 
> Moriarty 
> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
> com>>; rats-chairs <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>
> Subject: [EXTERNAL] RE: Registration of Entity Attestation Token 
> claims in the CWT registry
> 
> + @Jeremy O'Donoghue<mailto:jodonogh@qti.qualcomm.com>
> 
> Ned, RATS Chairs,
> 
> We were assured by the RATS Chairs when we highlighted these values in 
> Rev. -09 that they would be signed off for the registry.  This is one 
> of the reasons why we did not try to accelerate Last Call during the 
> first half of last year.  There was clearly a disconnect.  Can you 
> check into why this occurred?
> 
> Mike,
> 
> We just put out an FDO update on the assumption that these claim 
> values are set (https://fidoalliance.org/specs/FDO/FIDO-Device-
> Onboard-RD-v1.1-20211214/FIDO-device-onboard-spec-v1.1-rd-
> 20211214.html).  We are planning a 2nd interop event during the next 
> couple of months and we may have to put that off now.  Is this issue 
> intractable?  Can the claims not be assigned to EAT?
> 
> Jeremy can comment on any GlobalPlatform dependencies.
> 
> -Giri
> 
> From: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>
> Sent: Wednesday, January 12, 2022 8:18 PM
> To: Mike Jones
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
> Cc: Giridhar Mandyam
> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; cwt-reg- 
> review@ietf.org<mailto:cwt-reg-review@ietf.org>; Smith, Ned 
> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-Winget
> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; Kathleen 
> Moriarty 
> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
> com>>
> Subject: Re: Registration of Entity Attestation Token claims in the 
> CWT registry
> 
> WARNING: This email originated from outside of Qualcomm. Please be 
> wary of any links or attachments, and do not enable macros.
> A couple more comments.
> 
> I know what you mean about taking the numbers <24. Not trying to be a 
> hog or anything. It seems nobody, myself included, thought about it 
> when this was done a year ago.
> 
> I know that Arm has SW that uses these assignments (ask Hannes and 
> Thomas F). I think FIDO does too. I think there would be objections to 
> a re assignment.
> 
> LL
> 
> 
> On Jan 12, 2022, at 7:52 PM, Laurence Lundblade <lgl@island- 
> resort.com<mailto:lgl@island-resort.com>> wrote:
> 
> + RATS chairs
> 
> Hi Mike,
> 
> The claims key numbers 10-18, 20 are early assignments by IANA. I 
> didn’t handle the interaction with IANA, but I understand this to be 
> true.  Changing them now would undermine some implementations that are 
> using them.
> 
> LL
> 
> 
> 
> On Jan 12, 2022, at 6:11 PM, Mike Jones 
> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
> wrote:
> 
> Please change the proposed CWT claim values for claims UEID through 
> Submodules Section from 11 through 20 to 41 through 50 so that they 
> are not using up most of the rare single-byte claim numbers.  Only 
> claims that are of general applicability across multiple kinds of 
> applications should be allocated in that space.
> 
> The one exception I would consider is the Location claim, which could 
> be of general applicability.  If you believe that this location 
> representation will be used by multiple kinds of applications, I would 
> be willing to consider registering it in the single-byte claim space.
> 
> -- Mike
> 
> From: Cwt-reg-review <cwt-reg-review-bounces@ietf.org<mailto:cwt-reg-
> review-bounces@ietf.org>> On Behalf Of Giridhar Mandyam
> Sent: Saturday, October 16, 2021 4:11 PM
> To: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>
> Cc: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
> resort.com>>
> Subject: [Cwt-reg-review] Registration of Entity Attestation Token 
> claims in the CWT registry
> 
> To the CWT claims registry designated experts:
> 
> I am contacting you on behalf of the editors of the Entity Attestation 
> Token specification (latest draft available 
> athttps://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10).  This 
> is a standards-track document in the IETF Remote Attestation 
> Procedures (RATS) Working Group.
> 
> Please note the requests for CWT registry of the claims outlined in
> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10#section-
> 7.3.1.  We would like these claim values reflected in the IANA CWT 
> registry as soon as possible.  Would this be possible?
> 
> Please contact myself Giri Mandyam or Laurence Lundblade (cc’ed) for 
> further information if required.
> 
> Thanks
> 
> -Giri Mandyam
>

v2.23.0 | Report a Bug | By Email