Re: [Cwt-reg-review] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
Laurence Lundblade <lgl@island-resort.com> Tue, 25 January 2022 01:40 UTC
Return-Path: <lgl@island-resort.com>
X-Original-To: cwt-reg-review@ietfa.amsl.com
Delivered-To: cwt-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53C2C3A094A for <cwt-reg-review@ietfa.amsl.com>; Mon, 24 Jan 2022 17:40:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dr5272_YsXSr for <cwt-reg-review@ietfa.amsl.com>; Mon, 24 Jan 2022 17:40:10 -0800 (PST)
Received: from p3plsmtpa09-08.prod.phx3.secureserver.net (p3plsmtpa09-08.prod.phx3.secureserver.net [173.201.193.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A37B93A094D for <cwt-reg-review@ietf.org>; Mon, 24 Jan 2022 17:40:10 -0800 (PST)
Received: from [192.168.1.3] ([75.80.148.243]) by :SMTPAUTH: with ESMTPSA id CAobnJxKNQCatCAobnafaW; Mon, 24 Jan 2022 18:40:10 -0700
X-CMAE-Analysis: v=2.4 cv=e/XD9Yl/ c=1 sm=1 tr=0 ts=61ef54fa a=VPU1mRQhDhA4uSX60JRRww==:117 a=VPU1mRQhDhA4uSX60JRRww==:17 a=4BOCG2nUI6ZxQ9CJ:21 a=IkcTkHD0fZMA:10 a=I0CVDw5ZAAAA:8 a=TWq6ZYQzAAAA:8 a=48vgC7mUAAAA:8 a=QyXUC8HyAAAA:8 a=AUd_NHdVAAAA:8 a=yMhMjlubAAAA:8 a=EUspDBNiAAAA:8 a=GC1cjSYIAAAA:8 a=pGLkceISAAAA:8 a=K6EGIJCdAAAA:8 a=lKIKd7NtAAAA:8 a=Ctw16U4lQ5TLxpibC2kA:9 a=QEXdDO2ut3YA:10 a=zSF-2UlRMTDwElVHd_bR:22 a=YdXdGVBxRxTCRzIkH2Jn:22 a=ELI009spOhp4_qEUuRHw:22 a=w1C3t2QeGrPiZgrLijVG:22 a=rMCfJy6NHDicN4J276Yl:22 a=njIGE84mS72cP4S-5YiW:22 a=L6pVIi0Kn1GYQfi8-iRI:22 a=Q4nn7pJknIVYsolpXXmV:22
X-SECURESERVER-ACCT: lgl@island-resort.com
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
From: Laurence Lundblade <lgl@island-resort.com>
In-Reply-To: <rt-4.4.3-17746-1643074603-1297.1222304-37-0@icann.org>
Date: Mon, 24 Jan 2022 17:40:09 -0800
Cc: Roman Danyliw <rdd@cert.org>, rats-chairs <rats-chairs@ietf.org>, "Smith, Ned" <ned.smith@intel.com>, "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, michael.jones@microsoft.com, Giridhar Mandyam <mandyam@qti.qualcomm.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>, iana@iana.org, cwt-reg-review@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <2EDC9741-7CAF-4D7C-BD7B-97F36911C76E@island-resort.com>
References: <RT-Ticket-1222304@icann.org> <SA2PR00MB100283777A6B0E44EDC5A734F5549@SA2PR00MB1002.namprd00.prod.outlook.com> <rt-4.4.3-12750-1642132893-1016.1222304-37-0@icann.org> <rt-4.4.3-22493-1642172244-670.1222304-37-0@icann.org> <BN2P110MB11071368803E6A49F60AC297DC549@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <rt-4.4.3-22499-1642173879-736.1222304-37-0@icann.org> <rt-4.4.3-17746-1643074603-1297.1222304-37-0@icann.org>
To: iana-prot-param@iana.org
X-Mailer: Apple Mail (2.3608.120.23.2.1)
X-CMAE-Envelope: MS4xfPQeOg2z+j5wxvO2ysouH2g7Dn2LmW4O8XQfydB0F6PTAGQC70BO340LZS2KSYDFO8XiXQob/4FK/8rySI9U+dRl+81cXBVJxfYKBYrCg0sptP+GrMXq EUuf8cSCwnWi6VBwTWDbR+q5ui6nm56mzXK5QXjI9HEz69cM2PFQoUipYXlASy78s9dNmylAHjWT7Ho/eu3BwcXSUYv0ylEZdCQe0hXLQFnOzGsZ2Wso2O34 V5PsmPf+qAoRhc+Wr3JH2pup0QfPRezcKNHYgF3TFu1R52dnt8Gup9wboDnjHyE1IpPZT6dS80WVonwgEnyZB5Fdwe6auTthi51BYtYv0dcfVl/CkHDryIZM fpY44y8ax0c0kQbbW8M9aBofqqoC9r9QTEln+e4w5fjlg+KOn5/asdkhEjUqA4HKbAQXrguNszNBbmoDzar7KpRRcL3nHoIk3dIgKohxE+xGgX9uSYvpaFzs fFGES51E03WMjDCyRp8NkCYtTNdE39Sk1yJGEBkL0nLt1Hi/wN7p7PWJnaY=
Archived-At: <https://mailarchive.ietf.org/arch/msg/cwt-reg-review/VsBnIJbwd7tSUqB6vi9PgZmWBrM>
Subject: Re: [Cwt-reg-review] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)
X-BeenThere: cwt-reg-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CWT Registry Review <cwt-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cwt-reg-review/>
List-Post: <mailto:cwt-reg-review@ietf.org>
List-Help: <mailto:cwt-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cwt-reg-review>, <mailto:cwt-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jan 2022 01:40:16 -0000
Please no. There is not agreement from the document authors yet. The differences are not large, but they are also not settled. LL > On Jan 24, 2022, at 5:36 PM, Amanda Baber via RT <iana-prot-param@iana.org> wrote: > > Hi Roman, > > Should we go ahead with the values proposed by Mike? > > thanks, > Amanda > > On Fri Jan 14 15:24:39 2022, rdd@cert.org wrote: >> Hi Amanda! >> >> Could we please have another day before making this allocation plan >> the way ahead. I'd like to give the document authors who best >> understand the potentially consequences of these identifiers a chance >> to look at them. Until I think a day or two ago there was the >> expectation in the WG that these would all be one-byte identifiers >> with those specific numeric code points (which have been communicated >> to outside SDOs). Mike has talked us through it but we need a chance >> to internalize it. >> >> Roman >> >>> -----Original Message----- >>> From: Amanda Baber via RT <iana-prot-param@iana.org> >>> Sent: Friday, January 14, 2022 9:57 AM >>> To: Roman Danyliw <rdd@cert.org> >>> Cc: rats-chairs@ietf.org; ned.smith@intel.com; ncamwing@cisco.com; >>> michael.jones@microsoft.com; mandyam@qti.qualcomm.com; lgl@island- >>> resort.com; kathleen.moriarty.ietf@gmail.com; >>> jodonogh@qti.qualcomm.com; >>> iana@iana.org; cwt-reg-review@ietf.org >>> Subject: [IANA #1222304] Early allocation for Entity Attestation >>> Token claims in >>> the CWT registry (was Re: Registration of Entity Attestation Token >>> claims in the >>> CWT registry) >>> >>> Hi Roman, >>> >>> Can you confirm that we can move ahead with the values listed below? >>> >>> thanks, >>> Amanda >>> >>> On Fri Jan 14 04:01:33 2022, Michael.Jones@microsoft.com wrote: >>>> As a designated expert for the CWT Claims registry, I approve of >>>> the >>>> early registration of the CWT Claims defined in >>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat- >>>> 11#section- >>>> 9.3.1 with the following assignments. The registrations should >>>> occur >>>> on Friday, February 4, 2022 (after the three-week review period >>>> specified by RFC 8392). >>>> >>>> o Claim Name: Nonce >>>> o Claim Description: Nonce >>>> o JWT Claim Name: "nonce" (already registered for JWT) o Claim >>>> Key: >>>> 10 o Claim Value Type(s): byte string o Change Controller: IESG o >>>> Specification Document(s): [OpenIDConnectCore], *this document* >>>> >>>> o Claim Name: UEID >>>> o Claim Description: The Universal Entity ID o JWT Claim Name: >>>> "ueid" >>>> o CWT Claim Key: 256 >>>> o Claim Value Type(s): byte string >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: OEMID >>>> o Claim Description: IEEE-based OEM ID o JWT Claim Name: "oemid" >>>> o Claim Key: 257 >>>> o Claim Value Type(s): byte string >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: Security Level >>>> o Claim Description: Characterization of the security of an >>>> Attester >>>> or submodule o JWT Claim Name: "seclevel" >>>> o Claim Key: 258 >>>> o Claim Value Type(s): integer >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: Secure Boot >>>> o Claim Description: Indicate whether the boot was secure o JWT >>>> Claim Name: "secboot" >>>> o Claim Key: 259 >>>> o Claim Value Type(s): Boolean >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: Debug Status >>>> o Claim Description: Indicate status of debug facilities o JWT >>>> Claim >>>> Name: "dbgstat" >>>> o Claim Key: 260 >>>> o Claim Value Type(s): integer >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: Location >>>> o Claim Description: The geographic location o JWT Claim Name: >>>> "location" >>>> o Claim Key: 261 >>>> o Claim Value Type(s): map >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: Profile >>>> o Claim Description: Indicates the EAT profile followed o JWT >>>> Claim >>>> Name: "eat_profile" >>>> o Claim Key: 262 >>>> o Claim Value Type(s): map >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> o Claim Name: Submodules Section >>>> o Claim Description: The section containing submodules (not >>>> actually >>>> a claim) o JWT Claim Name: "submods" >>>> o Claim Key: 263 >>>> o Claim Value Type(s): map >>>> o Change Controller: IESG >>>> o Specification Document(s): *this document* >>>> >>>> Per Roman's note, I believe that chair approval of the act of early >>>> registration is also needed to proceed. These registrations should >>>> hopefully satisfy the need for early assignments for interop >>>> testing >>>> desired by the requestors of the registration. >>>> >>>> Best wishes, >>>> -- Mike >>>> >>>> -----Original Message----- >>>> From: Mike Jones >>>> Sent: Thursday, January 13, 2022 5:00 PM >>>> To: 'iana-prot-param@iana.org' <iana-prot-param@iana.org>; >>>> rdd@cert.org >>>> Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>; >>>> ncamwing@cisco.com; mandyam@qti.qualcomm.com; lgl@island- >>> resort.com; >>>> kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com; >>>> iana@iana.org; cwt-reg-review@ietf.org >>>> Subject: RE: [IANA #1222304] Early allocation for Entity >>>> Attestation >>>> Token claims in the CWT registry (was Re: Registration of Entity >>>> Attestation Token claims in the CWT registry) >>>> >>>> Thanks for writing, Amanda. >>>> >>>> We are definitely *not* using the values currently in the document, >>>> as >>>> they fail the registration criteria. As one of the designated >>>> experts, I will be proposing conforming values today or tomorrow. >>>> The >>>> criteria that the current values fail are at >>>> https://datatracker.ietf.org/doc/html/rfc8392#section-9.1, >>>> specifically: >>>> >>>> Criteria that should be applied by the Designated Experts includes >>>> ... >>>> Registrations for the limited set of values between -256 and 255 >>>> and >>>> strings of length 1 are to be restricted to claims with general >>>> applicability. >>>> >>>> Best wishes, >>>> -- Mike >>>> >>>> -----Original Message----- >>>> From: Amanda Baber via RT <iana-prot-param@iana.org> >>>> Sent: Thursday, January 13, 2022 4:55 PM >>>> To: rdd@cert.org >>>> Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>; >>>> ncamwing@cisco.com; Mike Jones <Michael.Jones@microsoft.com>; >>>> mandyam@qti.qualcomm.com; lgl@island-resort.com; >>>> kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com; >>>> iana@iana.org; cwt-reg-review@ietf.org >>>> Subject: [EXTERNAL] [IANA #1222304] Early allocation for Entity >>>> Attestation Token claims in the CWT registry (was Re: Registration >>>> of >>>> Entity Attestation Token claims in the CWT registry) >>>> >>>> Hi Roman, all, >>>> >>>> For our records, can one of the RATS chairs confirm this request? >>>> >>>> I understand that for the CWT registrations, we'll be using the >>>> numeric values requested in the document: >>>> >>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat- >>>> 11#section- >>>> 9.3.1 >>>> >>>> thanks, >>>> >>>> Amanda Baber >>>> IANA Operations Manager >>>> >>>> On Thu Jan 13 21:00:35 2022, rdd@cert.org wrote: >>>>> Hi! >>>>> >>>>> >>>>> >>>>> Officially pulling everything together in one place for an early >>>>> registration request. >>>>> >>>>> >>>>> >>>>> == [ Request to IANA ]== >>>>> >>>>> Per step #5 of Section 3.1 of RFC 7120, the RATS WG would like >>>>> select pre-registration actions for >>>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-11 >>>>> described >>>>> in the "Pre-Registration actions" section below. >>>>> >>>>> >>>>> >>>>> Mike: Thanks so much for your help here. Consider this an >>>>> approval >>>>> for early allocation. >>>>> >>>>> >>>>> >>>>> == [ WG Coordination ]== >>>>> >>>>> Step #4 (AD Approval) Implicit in this note >>>>> >>>>> >>>>> >>>>> Step #3 (Discussion on the WG mailing list) >>>>> https://mailarchive.ietf.org/arch/msg/rats/FwCqNrYjbiTd0nGZ0Wg9RQ2uU >>>>> 8o >>>>> / >>>>> >>>>> >>>>> >>>>> == [ Pre-Registration actions ]== >>>>> >>>>> >>>>> >>>>> See Section 9.3.1 of https://datatracker.ietf.org/doc/html/draft- >>>>> ietf- >>>>> rats-eat-11#section-9.3.1 >>>>> >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> Roman >>>>> >>>>> >>>>> From: Mike Jones <Michael.Jones@microsoft.com> >>>>> Sent: Thursday, January 13, 2022 2:57 PM >>>>> To: Roman Danyliw <rdd@cert.org>; Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com>; Laurence Lundblade <lgl@island- >>>>> resort.com> >>>>> Cc: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>; cwt-reg- >>>>> review@ietf.org; Ned Smith <ned.smith@intel.com>; Nancy Cam- >>>>> Winget >>>>> (ncamwing) <ncamwing@cisco.com>; Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com>; rats-chairs <rats- >>>>> chairs@ietf.org> >>>>> Subject: Re: Registration of Entity Attestation Token claims in >>>>> the >>>>> CWT registry >>>>> >>>>> Roman, once you let the designated experts know that you approve >>>>> of >>>>> requesting early allocation per RFC 7120, then I’d be glad to >>>>> consider this thread to be the request for early registration and >>>>> proceed to do so. >>>>> >>>>> Giri, Lawrence, etc., the registration procedures for CWT claims >>>>> are >>>>> defined at https://datatracker.ietf.org/doc/html/rfc8392#section- >>>>> 9.1. >>>>> In particular, the following sections are particularly relevant >>>>> to >>>>> the current discussion: >>>>> >>>>> Criteria that should be applied by the Designated Experts >>>>> includes >>>>> determining whether the proposed registration duplicates existing >>>>> functionality, whether it is likely to be of general >>>>> applicability >>>>> or whether it is useful only for a single application, and >>>>> whether >>>>> the registration description is clear. Registrations for the >>>>> limited set of values between -256 and 255 and strings of length >>>>> 1 >>>>> are to be restricted to claims with general applicability. >>>>> >>>>> IANA must only accept registry updates from the Designated >>>>> Experts >>>>> and should direct all requests for registration to the review >>>>> mailing list. >>>>> >>>>> So whether early or not, the claims being proposed for >>>>> registration >>>>> that are not of general applicability are ineligible for >>>>> registration in the range -256 to 255. Also, any IANA >>>>> registrations >>>>> of CWT claims necessarily involve designated expert review. >>>>> >>>>> I’m trying to help you as a designated expert to get to stable >>>>> registrations soon. Once Roman has approved the request for >>>>> early >>>>> registration, I’d be glad to work with IANA to do early >>>>> registration >>>>> of code points that meet the registration criteria above. >>>>> >>>>> Best wishes, >>>>> -- Mike >>>>> >>>>> From: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>> >>>>> Sent: Thursday, January 13, 2022 8:38 AM >>>>> To: Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; >>> Mike >>>>> Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>; >>>>> Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- >>>>> resort.com>> >>>>> Cc: Jeremy O'Donoghue >>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; >>> cwt- >>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith >>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- >>>>> Winget >>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; >>>>> Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. >>>>> com>> ; rats-chairs >>>>> <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>; Roman >>>>> Danyliw >>>>> <rdd@cert.org<mailto:rdd@cert.org>> >>>>> Subject: Re: Registration of Entity Attestation Token claims in >>>>> the >>>>> CWT registry >>>>> >>>>> Hi all! >>>>> >>>>> I wanted to acknowledge that I got this note, but I am not up-to- >>>>> speed on the issue and need to catch-up before providing a >>>>> meaningful response. A search of my mailbox also found this >>>>> related >>>>> thread which I attached. >>>>> >>>>> Roman >>>>> >>>>> From: Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> >>>>> Sent: Thursday, January 13, 2022 10:35 AM >>>>> To: Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>; >>>>> Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- >>>>> resort.com>>; Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>> >>>>> Cc: Jeremy O'Donoghue >>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; >>> cwt- >>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith >>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- >>>>> Winget >>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; >>>>> Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. >>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- >>>>> com>> chairs@ietf.org>> >>>>> Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation >>>>> Token >>>>> claims in the CWT registry >>>>> >>>>> + Roman D. >>>>> >>>>> I would like to escalate this to the AD. Note that the EAT >>>>> editors >>>>> acted in good faith in the expectation that the RATS chairs >>>>> would >>>>> address early allocation, and we were assured last March that >>>>> there >>>>> was no issues with the requested values. As a result, we put off >>>>> Last Call for the draft and went forward with guidance to other >>>>> SDO’s (e.g. >>>>> FIDO Alliance, GlobalPlatform) that these claim values were >>>>> stable. >>>>> >>>>> Now for the first time we are finding out that (a) the values >>>>> called >>>>> out in the spec are not acceptable as per expert review criteria, >>>>> and >>>>> (b) the RATS chairs never initiated the process of pre- >>>>> registration >>>>> in the first place. >>>>> >>>>> My request to the AD is simple: allow for pre-registration of >>>>> the >>>>> values as called out in the current EAT draft. If this is not >>>>> possible (and it looks likely that it is not), then my additional >>>>> request is that the AD directly manage shepherding of this spec >>>>> to >>>>> Last Call and RFC as I believe communication between the EAT >>>>> editors >>>>> and the RATS Chairs has broken down and the RATS Chairs are not >>>>> driving consensus decisions from the Working Group with respect >>>>> to >>>>> this spec. >>>>> >>>>> -Giri >>>>> >>>>> From: Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> >>>>> Sent: Thursday, January 13, 2022 2:39 AM >>>>> To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- >>>>> resort.com>> >>>>> Cc: Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; >>> Jeremy >>>>> O'Donoghue >>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; >>> cwt- >>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith >>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- >>>>> Winget >>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; >>>>> Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. >>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- >>>>> com>> chairs@ietf.org>> >>>>> Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation >>>>> Token >>>>> claims in the CWT registry >>>>> >>>>> >>>>> WARNING: This email originated from outside of Qualcomm. Please >>>>> be >>>>> wary of any links or attachments, and do not enable macros. >>>>> Early allocation did not occur. If it had, the numbers would be >>>>> assigned in https://www.iana.org/assignments/cwt/cwt.xhtml. (For >>>>> an >>>>> example of early allocation listings, see claims 38, 39, and 40.) >>>>> Early registration, like normal registration, involves review by >>>>> the >>>>> designated experts, which also didn’t occur, because as far as I >>>>> can >>>>> tell, it wasn’t asked for. >>>>> >>>>> I’m trying to help you get to stable assignments as soon as >>>>> possible. >>>>> I know the value of having those. >>>>> >>>>> Again, if you want stable assignments before upcoming interop >>>>> events, I’d suggest making an early registration request by >>>>> sending >>>>> the registration request to cwt-reg-review@ietf.org<mailto:cwt- >>>>> reg- >>>>> review@ietf.org>. It would be cleaner to do so by first changing >>>>> the assignments in your IANA Considerations section to “TBD”, but >>>>> you could also do so based on the current draft (realizing that >>>>> the >>>>> proposed assignments in the draft might not be the ones assigned >>>>> by >>>>> the designated experts and IANA). >>>>> >>>>> You could have stable assignments within a few weeks if you >>>>> choose >>>>> to request them soon. >>>>> >>>>> Best wishes, >>>>> -- Mike >>>>> >>>>> From: Laurence Lundblade <lgl@island- >>>>> resort.com<mailto:lgl@island- >>>>> resort.com>> >>>>> Sent: Wednesday, January 12, 2022 10:31 PM >>>>> To: Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> >>>>> Cc: Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; >>> Jeremy >>>>> O'Donoghue >>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>; >>> cwt- >>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith >>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- >>>>> Winget >>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; >>>>> Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. >>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- >>>>> com>> chairs@ietf.org>> >>>>> Subject: [EXTERNAL] Re: Registration of Entity Attestation Token >>>>> claims in the CWT registry >>>>> >>>>> Hi Mike, >>>>> >>>>> I’m not trying grab anything here that we should not have. >>>>> >>>>> The early allocation process, according to RFC 7120, is handled >>>>> by >>>>> the WG chairs. It is my understanding is that the RATS chairs >>>>> followed this process and that number 10-18, 20 have early >>>>> assignment. That’s why they are in the draft without “TBD”. Maybe >>>>> the process wasn’t completed or there is some other confusion. I >>>>> did >>>>> not interact with IANA myself (but I did read 7120). >>>>> >>>>> I think this needs to be resolved between the RATS chairs, >>>>> designated experts and IANA. I am happy to adjust the draft when >>>>> this gets resolved. >>>>> >>>>> LL >>>>> >>>>> >>>>> >>>>> On Jan 12, 2022, at 9:58 PM, Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> >>>>> wrote: >>>>> >>>>> Yours is not the first specification that’s tried to preallocate >>>>> the >>>>> rare single-byte claim numbers for claims not of general >>>>> applicability. At >>>>> https://www.iana.org/assignments/cwt/cwt.xhtml, >>>>> you’ll note that most of the claims allocated by draft-ietf-ace- >>>>> oauth- >>>>> authz are in the double-byte space because they’re not applicable >>>>> to >>>>> a wide variety of applications. They were originally requested >>>>> to >>>>> be in the single-byte range and the designated experts negotiated >>>>> with the editors to move their requested assignments. >>>>> >>>>> Jim Schaad was always a stickler about specifications using TBD >>>>> in >>>>> their registration requests instead of assumed numbers. At most, >>>>> he >>>>> would tolerate “TBD (requested assignment NNN)”. Of course, he >>>>> was >>>>> right. It’s up to IANA and the designated experts to make the >>>>> assignments, particular of scarce resources, not the spec >>>>> authors. >>>>> >>>>> Therefore, please revise your specification to remove the current >>>>> numbers and replace them with “TBD”. At that point, it would be >>>>> fine to make an early registration request. The experts and IANA >>>>> could likely get you permanent numbers at that point, probably >>>>> within a matter of weeks. >>>>> >>>>> If you do not want to go the early allocation route, the other >>>>> option is to use numbers in the “less than -65536” space, which >>>>> are >>>>> designated as “Reserved for Private Use”. You can use numbers in >>>>> that space however you want for as long as you want – including >>>>> for >>>>> facilitating interop testing until permanent numbers are >>>>> assigned. >>>>> >>>>> I’m sorry this appears to have come as a surprise. The >>>>> designated >>>>> experts are trying to ensure that the CWT Claims numbers are >>>>> efficiently allocated to do the most good for the most >>>>> applications. >>>>> I hope you’ll take this request in that spirit and choose one of >>>>> the >>>>> paths outlined above to quickly resolve this issue. >>>>> >>>>> Best wishes, >>>>> -- Mike >>>>> >>>>> From: Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> >>>>> Sent: Wednesday, January 12, 2022 9:05 PM >>>>> To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- >>>>> resort.com>>; Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>; >>>>> Jeremy O'Donoghue >>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>> >>>>> Cc: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned >>>>> Smith <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy >>>>> Cam-Winget >>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; >>>>> Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. >>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats- >>>>> com>> chairs@ietf.org>> >>>>> Subject: [EXTERNAL] RE: Registration of Entity Attestation Token >>>>> claims in the CWT registry >>>>> >>>>> + @Jeremy O'Donoghue<mailto:jodonogh@qti.qualcomm.com> >>>>> >>>>> Ned, RATS Chairs, >>>>> >>>>> We were assured by the RATS Chairs when we highlighted these >>>>> values >>>>> in Rev. -09 that they would be signed off for the registry. This >>>>> is >>>>> one of the reasons why we did not try to accelerate Last Call >>>>> during >>>>> the first half of last year. There was clearly a disconnect. >>>>> Can >>>>> you check into why this occurred? >>>>> >>>>> Mike, >>>>> >>>>> We just put out an FDO update on the assumption that these claim >>>>> values are set (https://fidoalliance.org/specs/FDO/FIDO-Device- >>>>> Onboard-RD-v1.1-20211214/FIDO-device-onboard-spec-v1.1-rd- >>>>> 20211214.html). We are planning a 2nd interop event during the >>>>> next >>>>> couple of months and we may have to put that off now. Is this >>>>> issue >>>>> intractable? Can the claims not be assigned to EAT? >>>>> >>>>> Jeremy can comment on any GlobalPlatform dependencies. >>>>> >>>>> -Giri >>>>> >>>>> From: Laurence Lundblade <lgl@island- >>>>> resort.com<mailto:lgl@island- >>>>> resort.com>> >>>>> Sent: Wednesday, January 12, 2022 8:18 PM >>>>> To: Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> >>>>> Cc: Giridhar Mandyam >>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>; >>> cwt- >>>>> reg- >>>>> review@ietf.org<mailto:cwt-reg-review@ietf.org>; Smith, Ned >>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam- >>>>> Winget >>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>; >>>>> Kathleen Moriarty >>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail. >>>>> com>> >>>>> Subject: Re: Registration of Entity Attestation Token claims in >>>>> the >>>>> CWT registry >>>>> >>>>> WARNING: This email originated from outside of Qualcomm. Please >>>>> be >>>>> wary of any links or attachments, and do not enable macros. >>>>> A couple more comments. >>>>> >>>>> I know what you mean about taking the numbers <24. Not trying to >>>>> be >>>>> a hog or anything. It seems nobody, myself included, thought >>>>> about >>>>> it when this was done a year ago. >>>>> >>>>> I know that Arm has SW that uses these assignments (ask Hannes >>>>> and >>>>> Thomas F). I think FIDO does too. I think there would be >>>>> objections >>>>> to a re assignment. >>>>> >>>>> LL >>>>> >>>>> >>>>> On Jan 12, 2022, at 7:52 PM, Laurence Lundblade <lgl@island- >>>>> resort.com<mailto:lgl@island-resort.com>> wrote: >>>>> >>>>> + RATS chairs >>>>> >>>>> Hi Mike, >>>>> >>>>> The claims key numbers 10-18, 20 are early assignments by IANA. I >>>>> didn’t handle the interaction with IANA, but I understand this to >>>>> be >>>>> true. Changing them now would undermine some implementations >>>>> that >>>>> are using them. >>>>> >>>>> LL >>>>> >>>>> >>>>> >>>>> On Jan 12, 2022, at 6:11 PM, Mike Jones >>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>> >>>>> wrote: >>>>> >>>>> Please change the proposed CWT claim values for claims UEID >>>>> through >>>>> Submodules Section from 11 through 20 to 41 through 50 so that >>>>> they >>>>> are not using up most of the rare single-byte claim numbers. >>>>> Only >>>>> claims that are of general applicability across multiple kinds of >>>>> applications should be allocated in that space. >>>>> >>>>> The one exception I would consider is the Location claim, which >>>>> could be of general applicability. If you believe that this >>>>> location representation will be used by multiple kinds of >>>>> applications, I would be willing to consider registering it in >>>>> the >>>>> single-byte claim space. >>>>> >>>>> -- Mike >>>>> >>>>> From: Cwt-reg-review >>>>> <cwt-reg-review-bounces@ietf.org<mailto:cwt-reg- >>>>> review-bounces@ietf.org>> On Behalf Of Giridhar Mandyam >>>>> Sent: Saturday, October 16, 2021 4:11 PM >>>>> To: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org> >>>>> Cc: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island- >>>>> resort.com>> >>>>> Subject: [Cwt-reg-review] Registration of Entity Attestation >>>>> Token >>>>> claims in the CWT registry >>>>> >>>>> To the CWT claims registry designated experts: >>>>> >>>>> I am contacting you on behalf of the editors of the Entity >>>>> Attestation Token specification (latest draft available >>>>> athttps://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10). >>>>> This >>>>> is a standards-track document in the IETF Remote Attestation >>>>> Procedures (RATS) Working Group. >>>>> >>>>> Please note the requests for CWT registry of the claims outlined >>>>> in >>>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat- >>>>> 10#section >>>>> - 7.3.1. We would like these claim values reflected in the IANA >>>>> CWT registry as soon as possible. Would this be possible? >>>>> >>>>> Please contact myself Giri Mandyam or Laurence Lundblade (cc’ed) >>>>> for >>>>> further information if required. >>>>> >>>>> Thanks >>>>> >>>>> -Giri Mandyam >>>>> >>>> >> >
- [Cwt-reg-review] Early allocation for Entity Atte… Roman Danyliw
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [EXTERNAL] [IANA #1222304] E… Mike Jones
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Mike Jones
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Kathleen Moriarty
- Re: [Cwt-reg-review] [EXTERNAL] [IANA #1222304] E… Kathleen Moriarty
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Roman Danyliw
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Laurence Lundblade
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Roman Danyliw
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Roman Danyliw
- [Cwt-reg-review] [IANA #1222304] Early allocation… Amanda Baber via RT
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Giridhar Mandyam
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Laurence Lundblade
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Mike Jones
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Smith, Ned
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Laurence Lundblade
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Giridhar Mandyam
- Re: [Cwt-reg-review] [IANA #1222304] Early alloca… Giridhar Mandyam