Re: [EAT] [Rats] Real EAT implementations

Carl Wallace <> Sun, 07 October 2018 14:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D121D130DF0 for <>; Sun, 7 Oct 2018 07:11:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Zs7nix57Ji2e for <>; Sun, 7 Oct 2018 07:11:11 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::342]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A1AC2130DE1 for <>; Sun, 7 Oct 2018 07:11:11 -0700 (PDT)
Received: by with SMTP id i12-v6so17218971otl.1 for <>; Sun, 07 Oct 2018 07:11:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version:content-transfer-encoding; bh=xVaKyePNC8lgZbxRFrqhQqSg2rZXuCgeW2Pn/4T3Ppw=; b=fv/ZDTZyoGg3ePGCesAJNZkKkjhqVoAK1c/o3yzPwdB9AppW0nhpW0acoL/ib4JYms h5tChhbHbFpzAPOyV0G7NARTCgE3eWSPBi4/2vaGFijCWEjLfi/dpUTDIsfitq4d6XOt ftrmYALW3c8N5YfNCx4FYDhRCJFmbkm1aZGvI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=xVaKyePNC8lgZbxRFrqhQqSg2rZXuCgeW2Pn/4T3Ppw=; b=LBIafk+8bz0XLP13Etywm+O+IC+h0Vtl9Ubqf95AYO5OPqniwlT5pHpaM/BcXd5Ne+ k480bxFPddVCdXIeXKhLcFlpbUQBJ7TF0hWEa2CcfAuELuss0SGpTyCS1zmwU23sQPmr dRLqZZZEZ0mhuiOGq3BWdGcEKaX6YE9YVwKenatBeE4VU/340H5AoVQoYFF13V9Pb6n6 oIE9XJ+aDOFnDS3d4kkPpr8ZKEshW/RxQeSC4eN/p2SQSkNSwWBC8TOCC/xBgk5ZyROz s+oyREJ6DGt2rFeMYDhF5Ma/55RRxVCOFO8TRf3agfq+TTgzGkw9n2INls0UyICMcUlt gv4A==
X-Gm-Message-State: ABuFfojCodcECxlA11RZdY8rdO+6uiRVtF4QdUJUjUJ1t+1L3smvHvxQ mcu/ghRLjUAYX8IE/cey3G29UQ==
X-Google-Smtp-Source: ACcGV62DcDrsD72DRivvyy7YVSpOMjfeVzxdIwiEu/Jj9xLx8Vtl3bYtCK7p59apxFzzjxPjKK8w2g==
X-Received: by 2002:a9d:4695:: with SMTP id z21mr9277036ote.335.1538921470932; Sun, 07 Oct 2018 07:11:10 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id l56sm5151093otd.55.2018. (version=TLS1 cipher=AES128-SHA bits=128/128); Sun, 07 Oct 2018 07:11:10 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/
Date: Sun, 07 Oct 2018 10:11:01 -0400
From: Carl Wallace <>
To: Michael Richardson <>, <>, <>
Message-ID: <>
Thread-Topic: [EAT] [Rats] Real EAT implementations
References: <> <30469.1538847042@localhost>
In-Reply-To: <30469.1538847042@localhost>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <>
Subject: Re: [EAT] [Rats] Real EAT implementations
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 07 Oct 2018 14:11:14 -0000

On 10/6/18, 1:30 PM, "EAT on behalf of Michael Richardson"
< on behalf of> wrote:

>Laurence Lundblade <> wrote:
>    > I believe one of the area directors asked who’s going to implement
>    > these attestation schemes we standardize.

[CW] I work on a product that consumes several different types of
attestations in support of public key certificate issuance to phones and
tablets. We would likely adopt standard formats, verification rules and
bindings to certificate management protocols, where possible. We've had to
roll our own mechanisms to work around lack of standards support in some
cases (but in no case are we the source of an attestation, which may be
the spirit of the question).

>    > One answer is Qualcomm’s
>    > already commercialized precursor implementation of EAT which is
>    > described very briefly in official marketing material on Qualcomm’s
>    > web site as “Hardware Token”.
>I see this as evidence:
>  1) the market doesn't need/want a standard

[CW] There are definitely gaps that would benefit from standardization and
some proprietary mechanisms that could be improved by adopting the result
of standards work, if vendors that generate attestations are willing.

>  2) Qualcomm isn't going to implement our standard, they already have
>their own.
>Now that could be trivially be refuted if we saw clear participation from
>qualcomm, but I haven't seen it yet.  But, maybe I missed it.
>I await the charter.
>So far I haven't seen something that is concrete enough to be useful on
>its own.
>Michael Richardson <>ca>, Sandelman Software Works
> -= IPv6 IoT consulting =-
>EAT mailing list