Re: [Cwt-reg-review] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
Roman Danyliw <rdd@cert.org> Tue, 25 January 2022 13:45 UTC
Return-Path: <rdd@cert.org>
X-Original-To: cwt-reg-review@ietfa.amsl.com
Delivered-To: cwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 468DD3A1236; Tue, 25 Jan 2022 05:45:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DLdKj_I384gW; Tue, 25 Jan 2022 05:45:50 -0800 (PST)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0129.outbound.protection.office365.us [23.103.208.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4BA83A1223; Tue, 25 Jan 2022 05:45:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=iynIVQ6GC4Oksg4XHbmKXIX6j8B0FBzh57cqo87+aLnQBjgTZXX5X+zYG7VutOTvlY5UnGKol/Lq6c0iYKB1VPQFEU8BoT0pd5Lj+eniSn0QBUi4iv3sJQMhjdPLuHYvoLeDMXzTjA6RcjcMlMvPITfQQrAmqifN9rgsvI/4iJnTWXImBYVbsCsGF4DMki6w5c5XY0tFVzdMbdpe6dmPJSCk7d0/D6/kA8kyi+cm0vfCU+V/2/pK4cd88jjhSKjkQSm+0j9tyaXRaC86Xy2Tr54N38A9chZEfcGIvmoZLWxfiXUUIq/Bk9P3msjUVgIbPrxC6jG0+K0pgTnpODGv9Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eEJmtUlr+Rh3g34xFMZGn/B42tI1YXkR/asHSPgNDKY=; b=vwge+ZFOCCmGBozUtLOiit6wpNmQjCr17RF6Fe9sQIU1Yl5/l2Xjc01D9tDQ7yjQmRaMfox9IpaXrVP2XtavifSVRpOnuVMezH5MrAaMMVZKNMQmG0HIxu7Dyi9ovIzj71RdAcVTySYBWYk9ap/dHdgqjWU8Gsi3E5DV1ndqH/zRytmujs2lo5feW9PwmCJRic03hgZUG3jVOmQHK2Nzevecf+r8Is2XbFDrqcZu6jUne0C6lEbM4PTLzlWsBUGRQZZ9LqhmC1ogXvej09qFkkkLUT34+TijasH7rujuhTA2vDfzKEV6R3kUtfHN9rnX/PLLEwmlsjaDadBuvki0FA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eEJmtUlr+Rh3g34xFMZGn/B42tI1YXkR/asHSPgNDKY=; b=Is/mCtH7my10IY7chiUIvEyJOu51oeZ2ET7JqWEHdFaIDlQdNVTKWjWdkDxi1ONXy9XXCpnY9c5KvlZOSeu9HTSMWhxocIXLIHcg9rddg/t7YK4VLtb9QkFmsRQbftDybJftymrtKwCKZ9ylAs5O0rlK6xGhCmABSCT93YOXYQI=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1656.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17e::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.10; Tue, 25 Jan 2022 13:45:47 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::45f0:b470:9c74:ef6e]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::45f0:b470:9c74:ef6e%3]) with mapi id 15.20.4909.019; Tue, 25 Jan 2022 13:45:46 +0000
From: Roman Danyliw <rdd@cert.org>
To: "iana-prot-param@iana.org" <iana-prot-param@iana.org>
CC: "rats-chairs@ietf.org" <rats-chairs@ietf.org>, "ned.smith@intel.com" <ned.smith@intel.com>, "ncamwing@cisco.com" <ncamwing@cisco.com>, "michael.jones@microsoft.com" <michael.jones@microsoft.com>, "mandyam@qti.qualcomm.com" <mandyam@qti.qualcomm.com>, "lgl@island-resort.com" <lgl@island-resort.com>, "kathleen.moriarty.ietf@gmail.com" <kathleen.moriarty.ietf@gmail.com>, "jodonogh@qti.qualcomm.com" <jodonogh@qti.qualcomm.com>, "iana@iana.org" <iana@iana.org>, "cwt-reg-review@ietf.org" <cwt-reg-review@ietf.org>, Roman Danyliw <rdd@cert.org>
Thread-Topic: [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
Thread-Index: AdgI+1ENC4E7qTCYSuKxED22Q7j04gAW8KFFAADSwcACDGtMTwAZbVPg
Date: Tue, 25 Jan 2022 13:45:46 +0000
Message-ID: <BN2P110MB1107D5D046E92F3918312BBEDC5F9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <RT-Ticket-1222304@icann.org> <SA2PR00MB100283777A6B0E44EDC5A734F5549@SA2PR00MB1002.namprd00.prod.outlook.com> <rt-4.4.3-12750-1642132893-1016.1222304-37-0@icann.org> <rt-4.4.3-22493-1642172244-670.1222304-37-0@icann.org> <BN2P110MB11071368803E6A49F60AC297DC549@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <rt-4.4.3-22499-1642173879-736.1222304-37-0@icann.org> <rt-4.4.3-17746-1643074603-1297.1222304-37-0@icann.org>
In-Reply-To: <rt-4.4.3-17746-1643074603-1297.1222304-37-0@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 375a4666-c3c5-449c-931a-08d9e008fd9d
x-ms-traffictypediagnostic: BN2P110MB1656:EE_
x-microsoft-antispam-prvs: <BN2P110MB16563518E6E6B7C9E605FCFDDC5F9@BN2P110MB1656.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:514;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: RShnezzOwBppjAmy60lKA3Bf8SlFGNnfR9CEhTluuX+goMQHh/G4wtZz4xjO0QvQe17Z1kxPnGxtJJl1g7f66gRtP/exy4Wci0D96W95ADCqDeV3U6JhGryk13o0hwjIuwmEETF4OQrivJZo+hWRlOaZqJo/Z0Tr52KCxMwQjhXVOznLW7aSOgLZtxmdQ5u5SGv/BuoXjUi5KxY+E5B0NW7PmEtefe2BOr08R5hksKEg4+r3AVGC3kS7tVU1bjI+5UBTmhq+OHyTbhghrC/Ki8Pi0ZWJemF+F654Rfwq38DyUDt914xHCWkdqnxtBuC6MvHDanxdtFpRw+PrGazJ7e3/kJPdxEpivDddUrypcGi19tKbxd6rJ+836kA22Js+3QR9kPKzprOyZaOabG8+j9ODub8Hsea/wHqcs/pMhgA2vwQhbvmZp9l1vZU3niEvtw3JpV3/538hJU9jR/KiZ62MG+dfEoPoTh7uS8rtalBJOWvYClMR9eyG9NlTuzTMgj5aozr/HIQnJWmDWRzyVUqglrsV0R7x9ZyeSVHfDsUtXLmRFMQrOLKdlhshBOkb7ook2R9WeOz36wz+uJxLpvRS817o/vvB7aLC+9jrFLIy5v5R9eF5mGYJIDpdihq61dbkQOSj/CzjZsGoXDIE0YCQh9zhAGfTevEd7i2jlUF+PScrwpL5D1AB6Okl/XteQUx+Ki5Rf4t4oxsjtWdrWw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(55016003)(83380400001)(30864003)(52536014)(26005)(8936002)(7696005)(8676002)(86362001)(966005)(186003)(54906003)(6506007)(53546011)(66946007)(38070700005)(66476007)(82960400001)(71200400001)(45080400002)(33656002)(498600001)(9686003)(6916009)(38100700002)(4326008)(107886003)(2906002)(64756008)(66556008)(66446008)(5660300002)(7416002)(76116006)(122000001)(559001)(579004); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: vR+23IfjxTmMleKFSs6v8cduFMZWNByz/A8C+WCtDo2pI24qea/pFlJkZfUWPH9ja+GBSssA5phmfq+bpSlSYFiLVQ6/m2PjMGREf7yLVIMEclt/pwXjV2fKpw58gKWVMXQSll2RC8lhz2Rg8jOjRg==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 375a4666-c3c5-449c-931a-08d9e008fd9d
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jan 2022 13:45:46.6927 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1656
Archived-At: <https://mailarchive.ietf.org/arch/msg/cwt-reg-review/QQKRfsiX3XQEzXvR-EwNnDx-8GA>
Subject: Re: [Cwt-reg-review] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
X-BeenThere: cwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CWT Registry Review <cwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cwt-reg-review/>
List-Post: <mailto:cwt-reg-review@ietf.org>
List-Help: <mailto:cwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jan 2022 13:45:55 -0000
Yes, please. After review, the WG can live with these allocations despite them not being the original plan. Thanks for double checking. Roman > -----Original Message----- > From: Amanda Baber via RT <iana-prot-param@iana.org> > Sent: Monday, January 24, 2022 8:37 PM > To: Roman Danyliw <rdd@cert.org> > Cc: rats-chairs@ietf.org; ned.smith@intel.com; ncamwing@cisco.com; > michael.jones@microsoft.com; mandyam@qti.qualcomm.com; lgl@island- > resort.com; kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com; > iana@iana.org; cwt-reg-review@ietf.org > Subject: [IANA #1222304] Early allocation for Entity Attestation Token claims in > the CWT registry (was Re: Registration of Entity Attestation Token claims in the > CWT registry) > > Hi Roman, > > Should we go ahead with the values proposed by Mike? > > thanks, > Amanda > > On Fri Jan 14 15:24:39 2022, rdd@cert.org wrote: > > Hi Amanda! > > > > Could we please have another day before making this allocation plan > > the way ahead. I'd like to give the document authors who best > > understand the potentially consequences of these identifiers a chance > > to look at them. Until I think a day or two ago there was the > > expectation in the WG that these would all be one-byte identifiers > > with those specific numeric code points (which have been communicated > > to outside SDOs). Mike has talked us through it but we need a chance > > to internalize it. > > > > Roman > > > > > -----Original Message----- > > > From: Amanda Baber via RT <iana-prot-param@iana.org> > > > Sent: Friday, January 14, 2022 9:57 AM > > > To: Roman Danyliw <rdd@cert.org> > > > Cc: rats-chairs@ietf.org; ned.smith@intel.com; ncamwing@cisco.com; > > > michael.jones@microsoft.com; mandyam@qti.qualcomm.com; lgl@island- > > > resort.com; kathleen.moriarty.ietf@gmail.com; > > > jodonogh@qti.qualcomm.com; iana@iana.org; cwt-reg-review@ietf.org > > > Subject: [IANA #1222304] Early allocation for Entity Attestation > > > Token claims in the CWT registry (was Re: Registration of Entity > > > Attestation Token claims in the CWT registry) > > > > > > Hi Roman, > > > > > > Can you confirm that we can move ahead with the values listed below? > > > > > > thanks, > > > Amanda > > > > > > On Fri Jan 14 04:01:33 2022, Michael.Jones@microsoft.com wrote: > > > > As a designated expert for the CWT Claims registry, I approve of > > > > the early registration of the CWT Claims defined in > > > > https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat- > > > > 11#section- > > > > 9.3.1 with the following assignments. The registrations should > > > > occur on Friday, February 4, 2022 (after the three-week review > > > > period specified by RFC 8392). > > > > > > > > o Claim Name: Nonce > > > > o Claim Description: Nonce > > > > o JWT Claim Name: "nonce" (already registered for JWT) o Claim > > > > Key: > > > > 10 o Claim Value Type(s): byte string o Change Controller: IESG > > > > o Specification Document(s): [OpenIDConnectCore], *this document* > > > > > > > > o Claim Name: UEID > > > > o Claim Description: The Universal Entity ID o JWT Claim Name: > > > > "ueid" > > > > o CWT Claim Key: 256 > > > > o Claim Value Type(s): byte string o Change Controller: IESG o > > > > Specification Document(s): *this document* > > > > > > > > o Claim Name: OEMID > > > > o Claim Description: IEEE-based OEM ID o JWT Claim Name: "oemid" > > > > o Claim Key: 257 > > > > o Claim Value Type(s): byte string o Change Controller: IESG o > > > > Specification Document(s): *this document* > > > > > > > > o Claim Name: Security Level > > > > o Claim Description: Characterization of the security of an > > > > Attester or submodule o JWT Claim Name: "seclevel" > > > > o Claim Key: 258 > > > > o Claim Value Type(s): integer > > > > o Change Controller: IESG > > > > o Specification Document(s): *this document* > > > > > > > > o Claim Name: Secure Boot > > > > o Claim Description: Indicate whether the boot was secure o JWT > > > > Claim Name: "secboot" > > > > o Claim Key: 259 > > > > o Claim Value Type(s): Boolean > > > > o Change Controller: IESG > > > > o Specification Document(s): *this document* > > > > > > > > o Claim Name: Debug Status > > > > o Claim Description: Indicate status of debug facilities o JWT > > > > Claim > > > > Name: "dbgstat" > > > > o Claim Key: 260 > > > > o Claim Value Type(s): integer > > > > o Change Controller: IESG > > > > o Specification Document(s): *this document* > > > > > > > > o Claim Name: Location > > > > o Claim Description: The geographic location o JWT Claim Name: > > > > "location" > > > > o Claim Key: 261 > > > > o Claim Value Type(s): map > > > > o Change Controller: IESG > > > > o Specification Document(s): *this document* > > > > > > > > o Claim Name: Profile > > > > o Claim Description: Indicates the EAT profile followed o JWT > > > > Claim > > > > Name: "eat_profile" > > > > o Claim Key: 262 > > > > o Claim Value Type(s): map > > > > o Change Controller: IESG > > > > o Specification Document(s): *this document* > > > > > > > > o Claim Name: Submodules Section > > > > o Claim Description: The section containing submodules (not > > > > actually a claim) o JWT Claim Name: "submods" > > > > o Claim Key: 263 > > > > o Claim Value Type(s): map > > > > o Change Controller: IESG > > > > o Specification Document(s): *this document* > > > > > > > > Per Roman's note, I believe that chair approval of the act of > > > > early registration is also needed to proceed. These registrations > > > > should hopefully satisfy the need for early assignments for > > > > interop testing desired by the requestors of the registration. > > > > > > > > Best wishes, > > > > -- Mike > > > > > > > > -----Original Message----- > > > > From: Mike Jones > > > > Sent: Thursday, January 13, 2022 5:00 PM > > > > To: 'iana-prot-param@iana.org' <iana-prot-param@iana.org>; > > > > rdd@cert.org > > > > Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>; > > > > ncamwing@cisco.com; mandyam@qti.qualcomm.com; lgl@island- > > > resort.com; > > > > kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com; > > > > iana@iana.org; cwt-reg-review@ietf.org > > > > Subject: RE: [IANA #1222304] Early allocation for Entity > > > > Attestation Token claims in the CWT registry (was Re: Registration > > > > of Entity Attestation Token claims in the CWT registry) > > > > > > > > Thanks for writing, Amanda. > > > > > > > > We are definitely *not* using the values currently in the > > > > document, as they fail the registration criteria. As one of the > > > > designated experts, I will be proposing conforming values today or > > > > tomorrow. > > > > The > > > > criteria that the current values fail are at > > > > https://datatracker.ietf.org/doc/html/rfc8392#section-9.1, > > > > specifically: > > > > > > > > Criteria that should be applied by the Designated Experts includes > > > > ... > > > > Registrations for the limited set of values between -256 and 255 > > > > and strings of length 1 are to be restricted to claims with > > > > general applicability. > > > > > > > > Best wishes, > > > > -- Mike > > > > > > > > -----Original Message----- > > > > From: Amanda Baber via RT <iana-prot-param@iana.org> > > > > Sent: Thursday, January 13, 2022 4:55 PM > > > > To: rdd@cert.org > > > > Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>; > > > > ncamwing@cisco.com; Mike Jones <Michael.Jones@microsoft.com>; > > > > mandyam@qti.qualcomm.com; lgl@island-resort.com; > > > > kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com; > > > > iana@iana.org; cwt-reg-review@ietf.org > > > > Subject: [EXTERNAL] [IANA #1222304] Early allocation for Entity > > > > Attestation Token claims in the CWT registry (was Re: Registration > > > > of Entity Attestation Token claims in the CWT registry) > > > > > > > > Hi Roman, all, > > > > > > > > For our records, can one of the RATS chairs confirm this request? > > > > > > > > I understand that for the CWT registrations, we'll be using the > > > > numeric values requested in the document: > > > > > > > > https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat- > > > > 11#section- > > > > 9.3.1 > > > > > > > > thanks, > > > > > > > > Amanda Baber > > > > IANA Operations Manager > > > > > > > > On Thu Jan 13 21:00:35 2022, rdd@cert.org wrote: > > > > > Hi! > > > > > > > > > > > > > > > > > > > > Officially pulling everything together in one place for an early > > > > > registration request. > > > > > > > > > > > > > > > > > > > > == [ Request to IANA ]== > > > > > > > > > > Per step #5 of Section 3.1 of RFC 7120, the RATS WG would like > > > > > select pre-registration actions for > > > > > https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-11 > > > > > described > > > > > in the "Pre-Registration actions" section below. > > > > > > > > > > > > > > > > > > > > Mike: Thanks so much for your help here. Consider this an > > > > > approval for early allocation. > > > > > > > > > > > > > > > > > > > > == [ WG Coordination ]== > > > > > > > > > > Step #4 (AD Approval) Implicit in this note > > > > > > > > > > > > > > > > > > > > Step #3 (Discussion on the WG mailing list) > > > > > https://mailarchive.ietf.org/arch/msg/rats/FwCqNrYjbiTd0nGZ0Wg9R > > > > > Q2uU > > > > > 8o > > > > > / > > > > > > > > > > > > > > > > > > > > == [ Pre-Registration actions ]== > > > > > > > > > > > > > > > > > > > > See Section 9.3.1 of > > > > > https://datatracker.ietf.org/doc/html/draft- > > > > > ietf- > > > > > rats-eat-11#section-9.3.1 > > > > > > > > > > > > > > > > > > > > Thanks, > > > > > > > > > > Roman > > > > > > > > > > > > > > > From: Mike Jones <Michael.Jones@microsoft.com> > > > > > Sent: Thursday, January 13, 2022 2:57 PM > > > > > To: Roman Danyliw <rdd@cert.org>; Giridhar Mandyam > > > > > <mandyam@qti.qualcomm.com>; Laurence Lundblade <lgl@island- > > > > > resort.com> > > > > > Cc: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>; cwt-reg- > > > > > review@ietf.org; Ned Smith <ned.smith@intel.com>; Nancy Cam- > > > > > Winget > > > > > (ncamwing) <ncamwing@cisco.com>; Kathleen Moriarty > > > > > <kathleen.moriarty.ietf@gmail.com>; rats-chairs <rats- > > > > > chairs@ietf.org> > > > > > Subject: Re: Registration of Entity Attestation Token claims in > > > > > the CWT registry > > > > > > > > > > Roman, once you let the designated experts know that you approve > > > > > of requesting early allocation per RFC 7120, then I’d be glad to > > > > > consider this thread to be the request for early registration > > > > > and proceed to do so. > > > > > > > > > > Giri, Lawrence, etc., the registration procedures for CWT claims > > > > > are defined at > > > > > https://datatracker.ietf.org/doc/html/rfc8392#section- > > > > > 9.1. > > > > > In particular, the following sections are particularly relevant > > > > > to the current discussion: > > > > > > > > > > Criteria that should be applied by the Designated Experts > > > > > includes determining whether the proposed registration > > > > > duplicates existing functionality, whether it is likely to be of > > > > > general applicability or whether it is useful only for a single > > > > > application, and whether the registration description is clear. > > > > > Registrations for the limited set of values between -256 and 255 > > > > > and strings of length > > > > > 1 > > > > > are to be restricted to claims with general applicability. > > > > > > > > > > IANA must only accept registry updates from the Designated > > > > > Experts and should direct all requests for registration to the > > > > > review mailing list. > > > > > > > > > > So whether early or not, the claims being proposed for > > > > > registration that are not of general applicability are > > > > > ineligible for registration in the range -256 to 255. Also, any > > > > > IANA registrations of CWT claims necessarily involve designated > > > > > expert review. > > > > > > > > > > I’m trying to help you as a designated expert to get to stable > > > > > registrations soon. Once Roman has approved the request for > > > > > early registration, I’d be glad to work with IANA to do early > > > > > registration of code points that meet the registration criteria > > > > > above. > > > > > > > > > > Best wishes, > > > > > -- Mike > > > > > > > > > > From: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>> > > > > > Sent: Thursday, January 13, 2022 8:38 AM > > > > > To: Giridhar Mandyam > > > > > > <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; > > > Mike > > > > > Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > >; Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- > > > > > resort.com>> > > > > > Cc: Jeremy O'Donoghue > > > > > > <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; > > > cwt- > > > > > reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith > > > > > <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- > > > > > Winget > > > > > (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; > > > > > Kathleen Moriarty > > > > > > <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. > > > > > com>> ; rats-chairs > > > > > <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>; Roman > > > > > Danyliw <rdd@cert.org<mailto:rdd@cert.org>> > > > > > Subject: Re: Registration of Entity Attestation Token claims in > > > > > the CWT registry > > > > > > > > > > Hi all! > > > > > > > > > > I wanted to acknowledge that I got this note, but I am not > > > > > up-to- speed on the issue and need to catch-up before providing > > > > > a meaningful response. A search of my mailbox also found this > > > > > related thread which I attached. > > > > > > > > > > Roman > > > > > > > > > > From: Giridhar Mandyam > > > > > > <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> > > > > > Sent: Thursday, January 13, 2022 10:35 AM > > > > > To: Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > >; Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- > > > > > resort.com>>; Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>> > > > > > Cc: Jeremy O'Donoghue > > > > > > <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; > > > cwt- > > > > > reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith > > > > > <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- > > > > > Winget > > > > > (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; > > > > > Kathleen Moriarty > > > > > > <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. > > > > > com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- > > > > > com>> chairs@ietf.org>> > > > > > Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation > > > > > Token claims in the CWT registry > > > > > > > > > > + Roman D. > > > > > > > > > > I would like to escalate this to the AD. Note that the EAT > > > > > editors acted in good faith in the expectation that the RATS > > > > > chairs would address early allocation, and we were assured last > > > > > March that there was no issues with the requested values. As a > > > > > result, we put off Last Call for the draft and went forward with > > > > > guidance to other SDO’s (e.g. > > > > > FIDO Alliance, GlobalPlatform) that these claim values were > > > > > stable. > > > > > > > > > > Now for the first time we are finding out that (a) the values > > > > > called out in the spec are not acceptable as per expert review > > > > > criteria, and > > > > > (b) the RATS chairs never initiated the process of pre- > > > > > registration in the first place. > > > > > > > > > > My request to the AD is simple: allow for pre-registration of > > > > > the values as called out in the current EAT draft. If this is > > > > > not possible (and it looks likely that it is not), then my > > > > > additional request is that the AD directly manage shepherding of > > > > > this spec to Last Call and RFC as I believe communication > > > > > between the EAT editors and the RATS Chairs has broken down and > > > > > the RATS Chairs are not driving consensus decisions from the > > > > > Working Group with respect to this spec. > > > > > > > > > > -Giri > > > > > > > > > > From: Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > > > > > > > Sent: Thursday, January 13, 2022 2:39 AM > > > > > To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- > > > > > resort.com>> > > > > > Cc: Giridhar Mandyam > > > > > > <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; > > > Jeremy > > > > > O'Donoghue > > > > > > <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; > > > cwt- > > > > > reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith > > > > > <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- > > > > > Winget > > > > > (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; > > > > > Kathleen Moriarty > > > > > > <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. > > > > > com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- > > > > > com>> chairs@ietf.org>> > > > > > Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation > > > > > Token claims in the CWT registry > > > > > > > > > > > > > > > WARNING: This email originated from outside of Qualcomm. Please > > > > > be wary of any links or attachments, and do not enable macros. > > > > > Early allocation did not occur. If it had, the numbers would be > > > > > assigned in https://www.iana.org/assignments/cwt/cwt.xhtml. > > > > > (For an example of early allocation listings, see claims 38, 39, > > > > > and 40.) Early registration, like normal registration, involves > > > > > review by the designated experts, which also didn’t occur, > > > > > because as far as I can tell, it wasn’t asked for. > > > > > > > > > > I’m trying to help you get to stable assignments as soon as > > > > > possible. > > > > > I know the value of having those. > > > > > > > > > > Again, if you want stable assignments before upcoming interop > > > > > events, I’d suggest making an early registration request by > > > > > sending the registration request to > > > > > cwt-reg-review@ietf.org<mailto:cwt- > > > > > reg- > > > > > review@ietf.org>. It would be cleaner to do so by first > > > > > changing the assignments in your IANA Considerations section to > > > > > “TBD”, but you could also do so based on the current draft > > > > > (realizing that the proposed assignments in the draft might not > > > > > be the ones assigned by the designated experts and IANA). > > > > > > > > > > You could have stable assignments within a few weeks if you > > > > > choose to request them soon. > > > > > > > > > > Best wishes, > > > > > -- Mike > > > > > > > > > > From: Laurence Lundblade <lgl@island- > > > > > resort.com<mailto:lgl@island- > > > > > resort.com>> > > > > > Sent: Wednesday, January 12, 2022 10:31 PM > > > > > To: Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > > > > > > > Cc: Giridhar Mandyam > > > > > > <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; > > > Jeremy > > > > > O'Donoghue > > > > > > <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; > > > cwt- > > > > > reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith > > > > > <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- > > > > > Winget > > > > > (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; > > > > > Kathleen Moriarty > > > > > > <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. > > > > > com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- > > > > > com>> chairs@ietf.org>> > > > > > Subject: [EXTERNAL] Re: Registration of Entity Attestation Token > > > > > claims in the CWT registry > > > > > > > > > > Hi Mike, > > > > > > > > > > I’m not trying grab anything here that we should not have. > > > > > > > > > > The early allocation process, according to RFC 7120, is handled > > > > > by the WG chairs. It is my understanding is that the RATS chairs > > > > > followed this process and that number 10-18, 20 have early > > > > > assignment. That’s why they are in the draft without “TBD”. > > > > > Maybe the process wasn’t completed or there is some other > > > > > confusion. I did not interact with IANA myself (but I did read > > > > > 7120). > > > > > > > > > > I think this needs to be resolved between the RATS chairs, > > > > > designated experts and IANA. I am happy to adjust the draft when > > > > > this gets resolved. > > > > > > > > > > LL > > > > > > > > > > > > > > > > > > > > On Jan 12, 2022, at 9:58 PM, Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > > > > > > > wrote: > > > > > > > > > > Yours is not the first specification that’s tried to preallocate > > > > > the rare single-byte claim numbers for claims not of general > > > > > applicability. At > > > > > https://www.iana.org/assignments/cwt/cwt.xhtml, > > > > > you’ll note that most of the claims allocated by draft-ietf-ace- > > > > > oauth- > > > > > authz are in the double-byte space because they’re not > > > > > applicable to a wide variety of applications. They were > > > > > originally requested to be in the single-byte range and the > > > > > designated experts negotiated with the editors to move their > > > > > requested assignments. > > > > > > > > > > Jim Schaad was always a stickler about specifications using TBD > > > > > in their registration requests instead of assumed numbers. At > > > > > most, he would tolerate “TBD (requested assignment NNN)”. Of > > > > > course, he was right. It’s up to IANA and the designated > > > > > experts to make the assignments, particular of scarce resources, > > > > > not the spec authors. > > > > > > > > > > Therefore, please revise your specification to remove the > > > > > current numbers and replace them with “TBD”. At that point, it > > > > > would be fine to make an early registration request. The > > > > > experts and IANA could likely get you permanent numbers at that > > > > > point, probably within a matter of weeks. > > > > > > > > > > If you do not want to go the early allocation route, the other > > > > > option is to use numbers in the “less than -65536” space, which > > > > > are designated as “Reserved for Private Use”. You can use > > > > > numbers in that space however you want for as long as you want – > > > > > including for facilitating interop testing until permanent > > > > > numbers are assigned. > > > > > > > > > > I’m sorry this appears to have come as a surprise. The > > > > > designated experts are trying to ensure that the CWT Claims > > > > > numbers are efficiently allocated to do the most good for the > > > > > most applications. > > > > > I hope you’ll take this request in that spirit and choose one of > > > > > the paths outlined above to quickly resolve this issue. > > > > > > > > > > Best wishes, > > > > > -- Mike > > > > > > > > > > From: Giridhar Mandyam > > > > > > <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> > > > > > Sent: Wednesday, January 12, 2022 9:05 PM > > > > > To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- > > > > > resort.com>>; Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > >; > > > > > Jeremy O'Donoghue > > > > > <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>> > > > > > Cc: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; > > > > > Ned Smith <ned.smith@intel.com<mailto:ned.smith@intel.com>>; > > > > > Nancy Cam-Winget > > > > > (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; > > > > > Kathleen Moriarty > > > > > > <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. > > > > > com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- > > > > > com>> chairs@ietf.org>> > > > > > Subject: [EXTERNAL] RE: Registration of Entity Attestation Token > > > > > claims in the CWT registry > > > > > > > > > > + @Jeremy O'Donoghue<mailto:jodonogh@qti.qualcomm.com> > > > > > > > > > > Ned, RATS Chairs, > > > > > > > > > > We were assured by the RATS Chairs when we highlighted these > > > > > values in Rev. -09 that they would be signed off for the > > > > > registry. This is one of the reasons why we did not try to > > > > > accelerate Last Call during the first half of last year. There > > > > > was clearly a disconnect. > > > > > Can > > > > > you check into why this occurred? > > > > > > > > > > Mike, > > > > > > > > > > We just put out an FDO update on the assumption that these claim > > > > > values are set (https://fidoalliance.org/specs/FDO/FIDO-Device- > > > > > Onboard-RD-v1.1-20211214/FIDO-device-onboard-spec-v1.1-rd- > > > > > 20211214.html). We are planning a 2nd interop event during the > > > > > next couple of months and we may have to put that off now. Is > > > > > this issue intractable? Can the claims not be assigned to EAT? > > > > > > > > > > Jeremy can comment on any GlobalPlatform dependencies. > > > > > > > > > > -Giri > > > > > > > > > > From: Laurence Lundblade <lgl@island- > > > > > resort.com<mailto:lgl@island- > > > > > resort.com>> > > > > > Sent: Wednesday, January 12, 2022 8:18 PM > > > > > To: Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > > > > > > > Cc: Giridhar Mandyam > > > > > > <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; > > > cwt- > > > > > reg- > > > > > review@ietf.org<mailto:cwt-reg-review@ietf.org>; Smith, Ned > > > > > <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- > > > > > Winget > > > > > (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; > > > > > Kathleen Moriarty > > > > > > <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. > > > > > com>> > > > > > Subject: Re: Registration of Entity Attestation Token claims in > > > > > the CWT registry > > > > > > > > > > WARNING: This email originated from outside of Qualcomm. Please > > > > > be wary of any links or attachments, and do not enable macros. > > > > > A couple more comments. > > > > > > > > > > I know what you mean about taking the numbers <24. Not trying to > > > > > be a hog or anything. It seems nobody, myself included, thought > > > > > about it when this was done a year ago. > > > > > > > > > > I know that Arm has SW that uses these assignments (ask Hannes > > > > > and Thomas F). I think FIDO does too. I think there would be > > > > > objections to a re assignment. > > > > > > > > > > LL > > > > > > > > > > > > > > > On Jan 12, 2022, at 7:52 PM, Laurence Lundblade <lgl@island- > > > > > resort.com<mailto:lgl@island-resort.com>> wrote: > > > > > > > > > > + RATS chairs > > > > > > > > > > Hi Mike, > > > > > > > > > > The claims key numbers 10-18, 20 are early assignments by IANA. > > > > > I didn’t handle the interaction with IANA, but I understand this > > > > > to be true. Changing them now would undermine some > > > > > implementations that are using them. > > > > > > > > > > LL > > > > > > > > > > > > > > > > > > > > On Jan 12, 2022, at 6:11 PM, Mike Jones > > > > > <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com> > > > > > > > > > > > wrote: > > > > > > > > > > Please change the proposed CWT claim values for claims UEID > > > > > through Submodules Section from 11 through 20 to 41 through 50 > > > > > so that they are not using up most of the rare single-byte claim > > > > > numbers. > > > > > Only > > > > > claims that are of general applicability across multiple kinds > > > > > of applications should be allocated in that space. > > > > > > > > > > The one exception I would consider is the Location claim, which > > > > > could be of general applicability. If you believe that this > > > > > location representation will be used by multiple kinds of > > > > > applications, I would be willing to consider registering it in > > > > > the single-byte claim space. > > > > > > > > > > -- Mike > > > > > > > > > > From: Cwt-reg-review > > > > > <cwt-reg-review-bounces@ietf.org<mailto:cwt-reg- > > > > > review-bounces@ietf.org>> On Behalf Of Giridhar Mandyam > > > > > Sent: Saturday, October 16, 2021 4:11 PM > > > > > To: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org> > > > > > Cc: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- > > > > > resort.com>> > > > > > Subject: [Cwt-reg-review] Registration of Entity Attestation > > > > > Token claims in the CWT registry > > > > > > > > > > To the CWT claims registry designated experts: > > > > > > > > > > I am contacting you on behalf of the editors of the Entity > > > > > Attestation Token specification (latest draft available > > > > > athttps://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10). > > > > > This > > > > > is a standards-track document in the IETF Remote Attestation > > > > > Procedures (RATS) Working Group. > > > > > > > > > > Please note the requests for CWT registry of the claims outlined > > > > > in > > > > > https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat- > > > > > 10#section > > > > > - 7.3.1. We would like these claim values reflected in the > > > > > IANA CWT registry as soon as possible. Would this be possible? > > > > > > > > > > Please contact myself Giri Mandyam or Laurence Lundblade (cc’ed) > > > > > for further information if required. > > > > > > > > > > Thanks > > > > > > > > > > -Giri Mandyam > > > > > > > > > > >
- [Cwt-reg-review] Early allocation for Entity Atte… Roman Danyliw
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [EXTERNAL] [IANA #1222304] E… Mike Jones
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Mike Jones
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Kathleen Moriarty
- Re: [Cwt-reg-review] [EXTERNAL] [IANA #1222304] E… Kathleen Moriarty
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Roman Danyliw
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Laurence Lundblade
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Roman Danyliw
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Roman Danyliw
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Giridhar Mandyam
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Laurence Lundblade
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Mike Jones
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Smith, Ned
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Laurence Lundblade
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Giridhar Mandyam
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Giridhar Mandyam