Re: [Cwt-reg-review] [IANA #1222304] Early allocation for Entity Attestation Token claims in the CWT registry (was Re: Registration of Entity Attestation Token claims in the CWT registry)

[Laurence Lundblade <lgl@island-resort.com>]

Please no. 

There is not agreement from the document authors yet. The differences are not large, but they are also not settled.

LL


> On Jan 24, 2022, at 5:36 PM, Amanda Baber via RT <iana-prot-param@iana.org> wrote:
> 
> Hi Roman,
> 
> Should we go ahead with the values proposed by Mike?
> 
> thanks,
> Amanda
> 
> On Fri Jan 14 15:24:39 2022, rdd@cert.org wrote:
>> Hi Amanda!
>> 
>> Could we please have another day before making this allocation plan
>> the way ahead.  I'd like to give the document authors who best
>> understand the potentially consequences of these identifiers a chance
>> to look at them.  Until I think a day or two ago there was the
>> expectation in the WG that these would all be one-byte identifiers
>> with those specific numeric code points (which have been communicated
>> to outside SDOs).  Mike has talked us through it but we need a chance
>> to internalize it.
>> 
>> Roman
>> 
>>> -----Original Message-----
>>> From: Amanda Baber via RT <iana-prot-param@iana.org>
>>> Sent: Friday, January 14, 2022 9:57 AM
>>> To: Roman Danyliw <rdd@cert.org>
>>> Cc: rats-chairs@ietf.org; ned.smith@intel.com; ncamwing@cisco.com;
>>> michael.jones@microsoft.com; mandyam@qti.qualcomm.com; lgl@island-
>>> resort.com; kathleen.moriarty.ietf@gmail.com;
>>> jodonogh@qti.qualcomm.com;
>>> iana@iana.org; cwt-reg-review@ietf.org
>>> Subject: [IANA #1222304] Early allocation for Entity Attestation
>>> Token claims in
>>> the CWT registry (was Re: Registration of Entity Attestation Token
>>> claims in the
>>> CWT registry)
>>> 
>>> Hi Roman,
>>> 
>>> Can you confirm that we can move ahead with the values listed below?
>>> 
>>> thanks,
>>> Amanda
>>> 
>>> On Fri Jan 14 04:01:33 2022, Michael.Jones@microsoft.com wrote:
>>>> As a designated expert for the CWT Claims registry, I approve of
>>>> the
>>>> early registration of the CWT Claims defined in
>>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-
>>>> 11#section-
>>>> 9.3.1 with the following assignments.  The registrations should
>>>> occur
>>>> on Friday, February 4, 2022 (after the three-week review period
>>>> specified by RFC 8392).
>>>> 
>>>> o  Claim Name: Nonce
>>>> o  Claim Description: Nonce
>>>> o  JWT Claim Name: "nonce" (already registered for JWT) o  Claim
>>>> Key:
>>>> 10 o  Claim Value Type(s): byte string o  Change Controller: IESG o
>>>> Specification Document(s): [OpenIDConnectCore], *this document*
>>>> 
>>>> o  Claim Name: UEID
>>>> o  Claim Description: The Universal Entity ID o  JWT Claim Name:
>>>> "ueid"
>>>> o  CWT Claim Key: 256
>>>> o  Claim Value Type(s): byte string
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: OEMID
>>>> o  Claim Description: IEEE-based OEM ID o  JWT Claim Name: "oemid"
>>>> o  Claim Key: 257
>>>> o  Claim Value Type(s): byte string
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: Security Level
>>>> o  Claim Description: Characterization of the security of an
>>>> Attester
>>>> or submodule o  JWT Claim Name: "seclevel"
>>>> o  Claim Key: 258
>>>> o  Claim Value Type(s): integer
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: Secure Boot
>>>> o  Claim Description: Indicate whether the boot was secure o  JWT
>>>> Claim Name: "secboot"
>>>> o  Claim Key: 259
>>>> o  Claim Value Type(s): Boolean
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: Debug Status
>>>> o  Claim Description: Indicate status of debug facilities o  JWT
>>>> Claim
>>>> Name: "dbgstat"
>>>> o  Claim Key: 260
>>>> o  Claim Value Type(s): integer
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: Location
>>>> o  Claim Description: The geographic location o  JWT Claim Name:
>>>> "location"
>>>> o  Claim Key: 261
>>>> o  Claim Value Type(s): map
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: Profile
>>>> o  Claim Description: Indicates the EAT profile followed o  JWT
>>>> Claim
>>>> Name: "eat_profile"
>>>> o  Claim Key: 262
>>>> o  Claim Value Type(s): map
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> o  Claim Name: Submodules Section
>>>> o  Claim Description: The section containing submodules (not
>>>> actually
>>>> a claim) o  JWT Claim Name: "submods"
>>>> o  Claim Key: 263
>>>> o  Claim Value Type(s): map
>>>> o  Change Controller: IESG
>>>> o  Specification Document(s): *this document*
>>>> 
>>>> Per Roman's note, I believe that chair approval of the act of early
>>>> registration is also needed to proceed.  These registrations should
>>>> hopefully satisfy the need for early assignments for interop
>>>> testing
>>>> desired by the requestors of the registration.
>>>> 
>>>> Best wishes,
>>>> -- Mike
>>>> 
>>>> -----Original Message-----
>>>> From: Mike Jones
>>>> Sent: Thursday, January 13, 2022 5:00 PM
>>>> To: 'iana-prot-param@iana.org' <iana-prot-param@iana.org>;
>>>> rdd@cert.org
>>>> Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>;
>>>> ncamwing@cisco.com; mandyam@qti.qualcomm.com; lgl@island-
>>> resort.com;
>>>> kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com;
>>>> iana@iana.org; cwt-reg-review@ietf.org
>>>> Subject: RE: [IANA #1222304] Early allocation for Entity
>>>> Attestation
>>>> Token claims in the CWT registry (was Re: Registration of Entity
>>>> Attestation Token claims in the CWT registry)
>>>> 
>>>> Thanks for writing, Amanda.
>>>> 
>>>> We are definitely *not* using the values currently in the document,
>>>> as
>>>> they fail the registration criteria.  As one of the designated
>>>> experts, I will be proposing conforming values today or tomorrow.
>>>> The
>>>> criteria that the current values fail are at
>>>> https://datatracker.ietf.org/doc/html/rfc8392#section-9.1,
>>>> specifically:
>>>> 
>>>> Criteria that should be applied by the Designated Experts includes
>>>> ...
>>>> Registrations for the limited set of values between -256 and 255
>>>> and
>>>> strings of length 1 are to be restricted to claims with general
>>>> applicability.
>>>> 
>>>> Best wishes,
>>>> -- Mike
>>>> 
>>>> -----Original Message-----
>>>> From: Amanda Baber via RT <iana-prot-param@iana.org>
>>>> Sent: Thursday, January 13, 2022 4:55 PM
>>>> To: rdd@cert.org
>>>> Cc: rats-chairs@ietf.org; Ned Smith <ned.smith@intel.com>;
>>>> ncamwing@cisco.com; Mike Jones <Michael.Jones@microsoft.com>;
>>>> mandyam@qti.qualcomm.com; lgl@island-resort.com;
>>>> kathleen.moriarty.ietf@gmail.com; jodonogh@qti.qualcomm.com;
>>>> iana@iana.org; cwt-reg-review@ietf.org
>>>> Subject: [EXTERNAL] [IANA #1222304] Early allocation for Entity
>>>> Attestation Token claims in the CWT registry (was Re: Registration
>>>> of
>>>> Entity Attestation Token claims in the CWT registry)
>>>> 
>>>> Hi Roman, all,
>>>> 
>>>> For our records, can one of the RATS chairs confirm this request?
>>>> 
>>>> I understand that for the CWT registrations, we'll be using the
>>>> numeric values requested in the document:
>>>> 
>>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-
>>>> 11#section-
>>>> 9.3.1
>>>> 
>>>> thanks,
>>>> 
>>>> Amanda Baber
>>>> IANA Operations Manager
>>>> 
>>>> On Thu Jan 13 21:00:35 2022, rdd@cert.org wrote:
>>>>> Hi!
>>>>> 
>>>>> 
>>>>> 
>>>>> Officially pulling everything together in one place for an early
>>>>> registration request.
>>>>> 
>>>>> 
>>>>> 
>>>>> == [ Request to IANA ]==
>>>>> 
>>>>> Per step #5 of Section 3.1 of RFC 7120, the RATS WG would like
>>>>> select pre-registration actions for
>>>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-11
>>>>> described
>>>>> in the "Pre-Registration actions" section below.
>>>>> 
>>>>> 
>>>>> 
>>>>> Mike: Thanks so much for your help here.  Consider this an
>>>>> approval
>>>>> for early allocation.
>>>>> 
>>>>> 
>>>>> 
>>>>> == [ WG Coordination ]==
>>>>> 
>>>>> Step #4 (AD Approval) Implicit in this note
>>>>> 
>>>>> 
>>>>> 
>>>>> Step #3 (Discussion on the WG mailing list)
>>>>> https://mailarchive.ietf.org/arch/msg/rats/FwCqNrYjbiTd0nGZ0Wg9RQ2uU
>>>>> 8o
>>>>> /
>>>>> 
>>>>> 
>>>>> 
>>>>> == [ Pre-Registration actions ]==
>>>>> 
>>>>> 
>>>>> 
>>>>> See Section 9.3.1 of https://datatracker.ietf.org/doc/html/draft-
>>>>> ietf-
>>>>> rats-eat-11#section-9.3.1
>>>>> 
>>>>> 
>>>>> 
>>>>> Thanks,
>>>>> 
>>>>> Roman
>>>>> 
>>>>> 
>>>>> From: Mike Jones <Michael.Jones@microsoft.com>
>>>>> Sent: Thursday, January 13, 2022 2:57 PM
>>>>> To: Roman Danyliw <rdd@cert.org>; Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com>; Laurence Lundblade <lgl@island-
>>>>> resort.com>
>>>>> Cc: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>; cwt-reg-
>>>>> review@ietf.org; Ned Smith <ned.smith@intel.com>; Nancy Cam-
>>>>> Winget
>>>>> (ncamwing) <ncamwing@cisco.com>; Kathleen Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com>; rats-chairs <rats-
>>>>> chairs@ietf.org>
>>>>> Subject: Re: Registration of Entity Attestation Token claims in
>>>>> the
>>>>> CWT registry
>>>>> 
>>>>> Roman, once you let the designated experts know that you approve
>>>>> of
>>>>> requesting early allocation per RFC 7120, then I’d be glad to
>>>>> consider this thread to be the request for early registration and
>>>>> proceed to do so.
>>>>> 
>>>>> Giri, Lawrence, etc., the registration procedures for CWT claims
>>>>> are
>>>>> defined at https://datatracker.ietf.org/doc/html/rfc8392#section-
>>>>> 9.1.
>>>>> In particular, the following sections are particularly relevant
>>>>> to
>>>>> the current discussion:
>>>>> 
>>>>> Criteria that should be applied by the Designated Experts
>>>>> includes
>>>>> determining whether the proposed registration duplicates existing
>>>>> functionality, whether it is likely to be of general
>>>>> applicability
>>>>> or whether it is useful only for a single application, and
>>>>> whether
>>>>> the registration description is clear.  Registrations for the
>>>>> limited set of values between -256 and 255 and strings of length
>>>>> 1
>>>>> are to be restricted to claims with general applicability.
>>>>> 
>>>>> IANA must only accept registry updates from the Designated
>>>>> Experts
>>>>> and should direct all requests for registration to the review
>>>>> mailing list.
>>>>> 
>>>>> So whether early or not, the claims being proposed for
>>>>> registration
>>>>> that are not of general applicability are ineligible for
>>>>> registration in the range -256 to 255.  Also, any IANA
>>>>> registrations
>>>>> of CWT claims necessarily involve designated expert review.
>>>>> 
>>>>> I’m trying to help you as a designated expert to get to stable
>>>>> registrations soon.  Once Roman has approved the request for
>>>>> early
>>>>> registration, I’d be glad to work with IANA to do early
>>>>> registration
>>>>> of code points that meet the registration criteria above.
>>>>> 
>>>>> Best wishes,
>>>>> -- Mike
>>>>> 
>>>>> From: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>
>>>>> Sent: Thursday, January 13, 2022 8:38 AM
>>>>> To: Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>;
>>> Mike
>>>>> Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>;
>>>>> Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
>>>>> resort.com>>
>>>>> Cc: Jeremy O'Donoghue
>>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>;
>>> cwt-
>>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith
>>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-
>>>>> Winget
>>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;
>>>>> Kathleen  Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
>>>>> com>> ; rats-chairs
>>>>> <rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>>; Roman
>>>>> Danyliw
>>>>> <rdd@cert.org<mailto:rdd@cert.org>>
>>>>> Subject: Re: Registration of Entity Attestation Token claims in
>>>>> the
>>>>> CWT registry
>>>>> 
>>>>> Hi all!
>>>>> 
>>>>> I wanted to acknowledge that I got this note, but I am not up-to-
>>>>> speed on the issue and need to catch-up before providing a
>>>>> meaningful response.  A search of my mailbox also found this
>>>>> related
>>>>> thread which I attached.
>>>>> 
>>>>> Roman
>>>>> 
>>>>> From: Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>
>>>>> Sent: Thursday, January 13, 2022 10:35 AM
>>>>> To: Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>;
>>>>> Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
>>>>> resort.com>>; Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>
>>>>> Cc: Jeremy O'Donoghue
>>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>;
>>> cwt-
>>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith
>>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-
>>>>> Winget
>>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;
>>>>> Kathleen  Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
>>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats-
>>>>> com>> chairs@ietf.org>>
>>>>> Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation
>>>>> Token
>>>>> claims in the CWT registry
>>>>> 
>>>>> + Roman D.
>>>>> 
>>>>> I would like to escalate this to the AD.  Note that the EAT
>>>>> editors
>>>>> acted in good faith in the expectation that the RATS  chairs
>>>>> would
>>>>> address early allocation, and we were assured last March that
>>>>> there
>>>>> was no issues with the requested values.  As a result, we put off
>>>>> Last Call for the draft and went forward with guidance to other
>>>>> SDO’s (e.g.
>>>>> FIDO Alliance, GlobalPlatform) that these claim values were
>>>>> stable.
>>>>> 
>>>>> Now for the first time we are finding out that (a) the values
>>>>> called
>>>>> out in the spec are not acceptable as per expert review criteria,
>>>>> and
>>>>> (b) the RATS chairs never initiated the process of pre-
>>>>> registration
>>>>> in the first place.
>>>>> 
>>>>> My request to the AD is simple:  allow for pre-registration of
>>>>> the
>>>>> values as called out in the current EAT draft.  If this is not
>>>>> possible (and it looks likely that it is not), then my additional
>>>>> request is that the AD directly manage shepherding of this spec
>>>>> to
>>>>> Last Call and RFC as I believe communication between the EAT
>>>>> editors
>>>>> and the RATS Chairs has broken down and the RATS Chairs are not
>>>>> driving consensus decisions from the Working Group with respect
>>>>> to
>>>>> this spec.
>>>>> 
>>>>> -Giri
>>>>> 
>>>>> From: Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
>>>>> Sent: Thursday, January 13, 2022 2:39 AM
>>>>> To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
>>>>> resort.com>>
>>>>> Cc: Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>;
>>> Jeremy
>>>>> O'Donoghue
>>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>;
>>> cwt-
>>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith
>>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-
>>>>> Winget
>>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;
>>>>> Kathleen  Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
>>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats-
>>>>> com>> chairs@ietf.org>>
>>>>> Subject: RE: [EXTERNAL] Re: Registration of Entity Attestation
>>>>> Token
>>>>> claims in the CWT registry
>>>>> 
>>>>> 
>>>>> WARNING: This email originated from outside of Qualcomm. Please
>>>>> be
>>>>> wary of any links or attachments, and do not enable macros.
>>>>> Early allocation did not occur.  If it had, the numbers would be
>>>>> assigned in https://www.iana.org/assignments/cwt/cwt.xhtml.  (For
>>>>> an
>>>>> example of early allocation listings, see claims 38, 39, and 40.)
>>>>> Early registration, like normal registration, involves review by
>>>>> the
>>>>> designated experts, which also didn’t occur, because as far as I
>>>>> can
>>>>> tell, it wasn’t asked for.
>>>>> 
>>>>> I’m trying to help you get to stable assignments as soon as
>>>>> possible.
>>>>> I know the value of having those.
>>>>> 
>>>>> Again, if you want stable assignments before upcoming interop
>>>>> events, I’d suggest making an early registration request by
>>>>> sending
>>>>> the registration request to cwt-reg-review@ietf.org<mailto:cwt-
>>>>> reg-
>>>>> review@ietf.org>.  It would be cleaner to do so by first changing
>>>>> the assignments in your IANA Considerations section to “TBD”, but
>>>>> you could also do so based on the current draft (realizing that
>>>>> the
>>>>> proposed assignments in the draft might not be the ones assigned
>>>>> by
>>>>> the designated experts and IANA).
>>>>> 
>>>>> You could have stable assignments within a few weeks if you
>>>>> choose
>>>>> to request them soon.
>>>>> 
>>>>> Best wishes,
>>>>> -- Mike
>>>>> 
>>>>> From: Laurence Lundblade <lgl@island-
>>>>> resort.com<mailto:lgl@island-
>>>>> resort.com>>
>>>>> Sent: Wednesday, January 12, 2022 10:31 PM
>>>>> To: Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
>>>>> Cc: Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>;
>>> Jeremy
>>>>> O'Donoghue
>>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>;
>>> cwt-
>>>>> reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned Smith
>>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-
>>>>> Winget
>>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;
>>>>> Kathleen  Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
>>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats-
>>>>> com>> chairs@ietf.org>>
>>>>> Subject: [EXTERNAL] Re: Registration of Entity Attestation Token
>>>>> claims in the CWT registry
>>>>> 
>>>>> Hi Mike,
>>>>> 
>>>>> I’m not trying grab anything here that we should not have.
>>>>> 
>>>>> The early allocation process, according to RFC 7120, is handled
>>>>> by
>>>>> the WG chairs. It is my understanding is that the RATS chairs
>>>>> followed this process and that number 10-18, 20 have early
>>>>> assignment. That’s why they are in the draft without “TBD”. Maybe
>>>>> the process wasn’t completed or there is some other confusion. I
>>>>> did
>>>>> not interact with IANA myself (but I did read 7120).
>>>>> 
>>>>> I think this needs to be resolved between the RATS chairs,
>>>>> designated experts and IANA. I am happy to adjust the draft when
>>>>> this gets resolved.
>>>>> 
>>>>> LL
>>>>> 
>>>>> 
>>>>> 
>>>>> On Jan 12, 2022, at 9:58 PM, Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
>>>>> wrote:
>>>>> 
>>>>> Yours is not the first specification that’s tried to preallocate
>>>>> the
>>>>> rare single-byte claim numbers for claims not of general
>>>>> applicability.  At
>>>>> https://www.iana.org/assignments/cwt/cwt.xhtml,
>>>>> you’ll note that most of the claims allocated by draft-ietf-ace-
>>>>> oauth-
>>>>> authz are in the double-byte space because they’re not applicable
>>>>> to
>>>>> a wide variety of applications.  They were originally requested
>>>>> to
>>>>> be in the single-byte range and the designated experts negotiated
>>>>> with the editors to move their requested assignments.
>>>>> 
>>>>> Jim Schaad was always a stickler about specifications using TBD
>>>>> in
>>>>> their registration requests instead of assumed numbers.  At most,
>>>>> he
>>>>> would tolerate “TBD (requested assignment NNN)”.  Of course, he
>>>>> was
>>>>> right.  It’s up to IANA and the designated experts to make the
>>>>> assignments, particular of scarce resources, not the spec
>>>>> authors.
>>>>> 
>>>>> Therefore, please revise your specification to remove the current
>>>>> numbers and replace them with “TBD”.  At that point, it would be
>>>>> fine to make an early registration request.  The experts and IANA
>>>>> could likely get you permanent numbers at that point, probably
>>>>> within a matter of weeks.
>>>>> 
>>>>> If you do not want to go the early allocation route, the other
>>>>> option is to use numbers in the “less than -65536” space, which
>>>>> are
>>>>> designated as “Reserved for Private Use”.  You can use numbers in
>>>>> that space however you want for as long as you want – including
>>>>> for
>>>>> facilitating interop testing until permanent numbers are
>>>>> assigned.
>>>>> 
>>>>> I’m sorry this appears to have come as a surprise.  The
>>>>> designated
>>>>> experts are trying to ensure that the CWT Claims numbers are
>>>>> efficiently allocated to do the most good for the most
>>>>> applications.
>>>>> I hope you’ll take this request in that spirit and choose one of
>>>>> the
>>>>> paths outlined above to quickly resolve this issue.
>>>>> 
>>>>> Best wishes,
>>>>> -- Mike
>>>>> 
>>>>> From: Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>
>>>>> Sent: Wednesday, January 12, 2022 9:05 PM
>>>>> To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
>>>>> resort.com>>; Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>;
>>>>> Jeremy O'Donoghue
>>>>> <jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.com>>
>>>>> Cc: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>; Ned
>>>>> Smith <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy
>>>>> Cam-Winget
>>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;
>>>>> Kathleen  Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
>>>>> com>> ; rats-chairs <rats-chairs@ietf.org<mailto:rats-
>>>>> com>> chairs@ietf.org>>
>>>>> Subject: [EXTERNAL] RE: Registration of Entity Attestation Token
>>>>> claims in the CWT registry
>>>>> 
>>>>> + @Jeremy O'Donoghue<mailto:jodonogh@qti.qualcomm.com>
>>>>> 
>>>>> Ned, RATS Chairs,
>>>>> 
>>>>> We were assured by the RATS Chairs when we highlighted these
>>>>> values
>>>>> in Rev. -09 that they would be signed off for the registry.  This
>>>>> is
>>>>> one of the reasons why we did not try to accelerate Last Call
>>>>> during
>>>>> the first half of last year.  There was clearly a disconnect.
>>>>> Can
>>>>> you check into why this occurred?
>>>>> 
>>>>> Mike,
>>>>> 
>>>>> We just put out an FDO update on the assumption that these claim
>>>>> values are set (https://fidoalliance.org/specs/FDO/FIDO-Device-
>>>>> Onboard-RD-v1.1-20211214/FIDO-device-onboard-spec-v1.1-rd-
>>>>> 20211214.html).  We are planning a 2nd interop event during the
>>>>> next
>>>>> couple of months and we may have to put that off now.  Is this
>>>>> issue
>>>>> intractable?  Can the claims not be assigned to EAT?
>>>>> 
>>>>> Jeremy can comment on any GlobalPlatform dependencies.
>>>>> 
>>>>> -Giri
>>>>> 
>>>>> From: Laurence Lundblade <lgl@island-
>>>>> resort.com<mailto:lgl@island-
>>>>> resort.com>>
>>>>> Sent: Wednesday, January 12, 2022 8:18 PM
>>>>> To: Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
>>>>> Cc: Giridhar Mandyam
>>>>> <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>>;
>>> cwt-
>>>>> reg-
>>>>> review@ietf.org<mailto:cwt-reg-review@ietf.org>; Smith, Ned
>>>>> <ned.smith@intel.com<mailto:ned.smith@intel.com>>; Nancy Cam-
>>>>> Winget
>>>>> (ncamwing) <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;
>>>>> Kathleen  Moriarty
>>>>> <kathleen.moriarty.ietf@gmail.com<mailto:kathleen.moriarty.ietf@gmail.
>>>>> com>>
>>>>> Subject: Re: Registration of Entity Attestation Token claims in
>>>>> the
>>>>> CWT registry
>>>>> 
>>>>> WARNING: This email originated from outside of Qualcomm. Please
>>>>> be
>>>>> wary of any links or attachments, and do not enable macros.
>>>>> A couple more comments.
>>>>> 
>>>>> I know what you mean about taking the numbers <24. Not trying to
>>>>> be
>>>>> a hog or anything. It seems nobody, myself included, thought
>>>>> about
>>>>> it when this was done a year ago.
>>>>> 
>>>>> I know that Arm has SW that uses these assignments (ask Hannes
>>>>> and
>>>>> Thomas F). I think FIDO does too. I think there would be
>>>>> objections
>>>>> to a re assignment.
>>>>> 
>>>>> LL
>>>>> 
>>>>> 
>>>>> On Jan 12, 2022, at 7:52 PM, Laurence Lundblade <lgl@island-
>>>>> resort.com<mailto:lgl@island-resort.com>> wrote:
>>>>> 
>>>>> + RATS chairs
>>>>> 
>>>>> Hi Mike,
>>>>> 
>>>>> The claims key numbers 10-18, 20 are early assignments by IANA. I
>>>>> didn’t handle the interaction with IANA, but I understand this to
>>>>> be
>>>>> true.  Changing them now would undermine some implementations
>>>>> that
>>>>> are using them.
>>>>> 
>>>>> LL
>>>>> 
>>>>> 
>>>>> 
>>>>> On Jan 12, 2022, at 6:11 PM, Mike Jones
>>>>> <Michael.Jones@microsoft.com<mailto:Michael.Jones@microsoft.com>>
>>>>> wrote:
>>>>> 
>>>>> Please change the proposed CWT claim values for claims UEID
>>>>> through
>>>>> Submodules Section from 11 through 20 to 41 through 50 so that
>>>>> they
>>>>> are not using up most of the rare single-byte claim numbers.
>>>>> Only
>>>>> claims that are of general applicability across multiple kinds of
>>>>> applications should be allocated in that space.
>>>>> 
>>>>> The one exception I would consider is the Location claim, which
>>>>> could be of general applicability.  If you believe that this
>>>>> location representation will be used by multiple kinds of
>>>>> applications, I would be willing to consider registering it in
>>>>> the
>>>>> single-byte claim space.
>>>>> 
>>>>> -- Mike
>>>>> 
>>>>> From: Cwt-reg-review
>>>>> <cwt-reg-review-bounces@ietf.org<mailto:cwt-reg-
>>>>> review-bounces@ietf.org>> On Behalf Of Giridhar Mandyam
>>>>> Sent: Saturday, October 16, 2021 4:11 PM
>>>>> To: cwt-reg-review@ietf.org<mailto:cwt-reg-review@ietf.org>
>>>>> Cc: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-
>>>>> resort.com>>
>>>>> Subject: [Cwt-reg-review] Registration of Entity Attestation
>>>>> Token
>>>>> claims in the CWT registry
>>>>> 
>>>>> To the CWT claims registry designated experts:
>>>>> 
>>>>> I am contacting you on behalf of the editors of the Entity
>>>>> Attestation Token specification (latest draft available
>>>>> athttps://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-10).
>>>>> This
>>>>> is a standards-track document in the IETF Remote Attestation
>>>>> Procedures (RATS) Working Group.
>>>>> 
>>>>> Please note the requests for CWT registry of the claims outlined
>>>>> in
>>>>> https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat-
>>>>> 10#section
>>>>> -  7.3.1.  We would like these claim values reflected in the IANA
>>>>> CWT registry as soon as possible.  Would this be possible?
>>>>> 
>>>>> Please contact myself Giri Mandyam or Laurence Lundblade (cc’ed)
>>>>> for
>>>>> further information if required.
>>>>> 
>>>>> Thanks
>>>>> 
>>>>> -Giri Mandyam
>>>>> 
>>>> 
>> 
>