Re: [EAT] Scope, Goals & Background for RATS
"Diego R. Lopez" <diego.r.lopez@telefonica.com> Fri, 21 September 2018 22:08 UTC
Return-Path: <diego.r.lopez@telefonica.com>
X-Original-To: eat@ietfa.amsl.com
Delivered-To: eat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EF91130E1A; Fri, 21 Sep 2018 15:08:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telefonica.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c2h-DQ-S-bi1; Fri, 21 Sep 2018 15:08:07 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30100.outbound.protection.outlook.com [40.107.3.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB61E120072; Fri, 21 Sep 2018 15:08:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telefonica.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ek34T0mw42Zqakd5+8R6F/tgzkzym90uLCVuz6EtPHY=; b=b+Z/QjPtynIjyPZVelh7l6AJYM+a/gdOZWL6CGDQK9ZbNPjCKx7qLPzt5HEk4VqeLohtWnfYLITUyWb2BuA4mvJVx0ASIdwM3qhbI7nFtaFGQuYb1I9G60c8Cl5zdXgFz2SLjZs109eZIwPD+b6ghosXdtmfxGesz96W7115gOM=
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com (52.134.70.148) by DB3PR0602MB3836.eurprd06.prod.outlook.com (52.134.72.33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Fri, 21 Sep 2018 22:08:04 +0000
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::f98c:de95:f78:6396]) by DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::f98c:de95:f78:6396%5]) with mapi id 15.20.1143.017; Fri, 21 Sep 2018 22:08:03 +0000
From: "Diego R. Lopez" <diego.r.lopez@telefonica.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Laurence Lundblade <lgl@island-resort.com>
CC: "rats@ietf.org" <rats@ietf.org>, "eat@ietf.org" <eat@ietf.org>
Thread-Topic: [EAT] Scope, Goals & Background for RATS
Thread-Index: AQHUTylonUGZQhG/1kaWvO+5vdwhGaT5n+wAgAFQzACAAAp1AIAARGoAgAAyvQA=
Date: Fri, 21 Sep 2018 22:08:03 +0000
Message-ID: <5B1A7AF4-3514-4FFA-AA25-AFC7B0E2E953@telefonica.com>
References: <710df01c-c45f-9d26-b578-e4baa53c6de8@sit.fraunhofer.de> <000D27F1-C5C0-4F14-A628-42A321077A52@island-resort.com> <5c64c380-3460-0c13-c1a5-b6f7f1a2a73c@sit.fraunhofer.de> <26930031-1893-46DC-A552-79E8DB497617@island-resort.com> <98c60791-a015-d92d-40e2-cc885b64eab4@sit.fraunhofer.de>
In-Reply-To: <98c60791-a015-d92d-40e2-cc885b64eab4@sit.fraunhofer.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.2.180910
authentication-results: spf=none (sender IP is ) smtp.mailfrom=diego.r.lopez@telefonica.com;
x-originating-ip: [207.164.135.99]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB3PR0602MB3836; 6:sWsSsvCS0iSNH6+5/Z7oRt/y6tKUgPdhuH391W/RYbwRTIvAiCQzKdcr3B7yUuvrMJPfVt5uBaVYDMcch+9qj5QW1SpHvFJ3fd3ib+fhmfWHhtlK6EPK2SMY2f61tvy12k8ib/ovA/a9Rt7HJWaBEBMH88rFnqb0TXK+zohP4iBhdgI6MiTG/EkXDu6UijC3NWiqB4JNRTa7lGwZj/2CgAeNWvEmPpJy8bKJVpw+7t54HeRmp/FN5ZLSvGkdYDSAvNKLSTHYThkgU6tEYrD05Ae3au+6eGJREQorcGhUo8P1bF9D0Hg4olt5nzDg8zoEnetI8PRo7C2ww+kZYY21JB+XUsMWnDW5AlfkE/gshcHW81N6EBrrKBw1E52nnVudE8B7fyn3/JLH2pKyUDCREaD3Llof7D5o2VLESGwcjghiZ9xKvuSwnRx6VvswOqg2lJZeCdZqaj/a2IEtnjt81Q==; 5:8J0Nh6u5yCyUTEU5yKsRdWU0cnNkeNswWEc/LLocAYG6M7QqAPtnbSRHU2usZ6bvFDho3B6OngMkS4dFEj7rqrdzNUkHYU9zaMtJqekGluUun//wNake+CXICryAmitKxbz7LD3V+3NlA4Xn3UGSIhGGEuCmH2vkKRJEaVkyYOY=; 7:yzzOtITlzDo7ZianxzRJKNJXCOcAmyDhQJPwnnP/qkcSro+jzHF+CKINhHDqRCKOtgOCQ+8V2fvuYUtEpgAPGducNyytrUYYUworgn0P1UHqonkJ0XAzLUy86uahLhf5KL9YQSBHetCYJKSUjLHSs0SC7rE2fh/HFmM6TPbQdCy70GCjjUaQJDgOGWqnZfY3PC8xJZ8EVkOVLUFsDBatepZS7imGbvaQ0DjCUwJEJ69y5R/v4zV2VcWPIawXISJC
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: c45e6699-9f4e-4701-6649-08d6200eb3e6
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DB3PR0602MB3836;
x-ms-traffictypediagnostic: DB3PR0602MB3836:
x-microsoft-antispam-prvs: <DB3PR0602MB3836E64FF87462520A460734DF120@DB3PR0602MB3836.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(40392960112811)(128460861657000)(81160342030619)(163750095850);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231355)(944501410)(52105095)(93006095)(93001095)(10201501046)(3002001)(6055026)(149027)(150027)(6041310)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281529075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(201708071742011)(7699051); SRVR:DB3PR0602MB3836; BCL:0; PCL:0; RULEID:; SRVR:DB3PR0602MB3836;
x-forefront-prvs: 0802ADD973
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(39860400002)(396003)(376002)(136003)(366004)(199004)(189003)(40134004)(25724002)(252514010)(58126008)(2900100001)(6512007)(6306002)(6486002)(105586002)(4326008)(81156014)(5660300001)(6246003)(81166006)(45080400002)(6436002)(53936002)(68736007)(8676002)(8936002)(5250100002)(26005)(71190400001)(71200400001)(83716004)(66066001)(93886005)(106356001)(2906002)(33656002)(110136005)(186003)(54906003)(229853002)(316002)(102836004)(82746002)(786003)(36756003)(76176011)(86362001)(2616005)(476003)(14444005)(99286004)(966005)(6116002)(3846002)(486006)(97736004)(53546011)(446003)(305945005)(7736002)(11346002)(25786009)(6506007)(478600001)(14454004)(256004); DIR:OUT; SFP:1102; SCL:1; SRVR:DB3PR0602MB3836; H:DB3PR0602MB3788.eurprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: QbJf1u88BB5TdsJ7edbkGMY9FEoDIktxGM4nlpyxcl9EcQX3WSK3Gm4PgARNB2fYHZrlSMXml2o2chLMZNeZVUzAzCjnlCJzWg57iLD4GtG0rUkPEc2+BIFST+5ld5dbVbSiIwNxIZAtlNZSAYKQYL9imEjqiAOku3oZ9zcQ+HN9Dx6V3Vzmy7hMkoHzQE9SVNU4bu5Rjoy9ng5UGUyMK5zP+5bF7xHl1wculGufwrwZeSzxwm55VBtPOF8HiXDSw+aRqDR4i5aHIEi3KNB6/AaxpMfscmTWj/bAR9IWZk2Sip/LaNdib2ou+9onI9/4FFunZ9i1GWEl6VNksatDsP2Rn33SXHZJogooXYE70+Y=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <EB4265E83D6BDE45827D1C877CCB723C@eurprd06.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: telefonica.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c45e6699-9f4e-4701-6649-08d6200eb3e6
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2018 22:08:03.8085 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0602MB3836
Archived-At: <https://mailarchive.ietf.org/arch/msg/eat/fA_OjV_Nd8Jx6kkLpkjTGS6uuQs>
Subject: Re: [EAT] Scope, Goals & Background for RATS
X-BeenThere: eat@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <eat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eat>, <mailto:eat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eat/>
List-Post: <mailto:eat@ietf.org>
List-Help: <mailto:eat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eat>, <mailto:eat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Sep 2018 22:08:11 -0000
Regarding the length, we could always aim at using the intersection rather than the union... -- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D https://www.linkedin.com/in/dr2lopez/ e-mail: diego.r.lopez@telefonica.com Tel: +34 913 129 041 Mobile: +34 682 051 091 ---------------------------------- On 21/09/2018, 17:06, "EAT on behalf of Henk Birkholz" <eat-bounces@ietf.org on behalf of henk.birkholz@sit.fraunhofer.de> wrote: Hello Laurence, splintering emerging work on attestation in the IETF at the very beginning does not seem to be very productive to me, too. I wholeheartedly agree with that notion. I hear your assessment that EAT and RATS have distinct goals and - as our slowly improving convergence of approaches shows - that is true to some extend, I think. But I also think that there is significant overlap and creating synergy via this overlap, while also creating a shared consistent terminology, is vital and I'd optimistically consider that achievable. I really am interested in the deployment scenarios that you envision for EAT. I am rather certain that we could identify more overlap there. The RATS charter covers deployment only in very specific detail at the moment. Some scoping had to be done to create a tangible set of realistic goals for chartering. That said, deployment is also an important aspect for RATS, just not at this very beginning. I am also rather certain that EAT can be used in a lot of places. I really like the approach, as I am a proponent of CWT. I also was under the impression that EAT does not exclude the option to be rooted in TPM? While that might only be a technical detail, I bring that up because the "non-exclusiveness" of both EAT and RATS wrt to specific hardware solutions was an overlap. But maybe I missed something obvious here. In summary, creating a common "middle ground" and working in concert in these shared domains (manifested in drafts) seems to be the optimal way to move forward, I think. My only actual concern remains to be the creation of a shorter charter :) Merging goals does not really sound like making it shorter - well, at least initially. Viele Grüße, Henk On 09/21/2018 07:01 PM, Laurence Lundblade wrote: > RATS folks: Henk, Ned, Monty and Eric, > > EAT has deployment scenarios and goals that are distinct from RATS. They don’t need new protocols in the same way as that RATS does. They will not be rooted in TCG and TPM work. There is precedence in the industry for these use as can be seen in FIDO and Android Keystore Attestation. EAT can not just be a subordinate part of RATS as you seem to imply below. > > Even if our deployment goals and use cases are not the same, I would think we can have separate documents where we need to and do the work in one WG. > > I think it would be bad to have two attestation working groups in the IETF, one for EAT and one for RATS. Thus, I think the charter of this WG must explicitly include the EAT use cases and goals. > > LL > > >> On Sep 21, 2018, at 9:24 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote: >> >> Hello Laurence, >> >> please find replies and comments in-line: >> >> On 09/20/2018 10:18 PM, Laurence Lundblade wrote: >>> It’s a bit buried, but I see you do intend that this include the EAT work. Thus the work would not be TPM/TCG centric. It would include use cases like FIDO and Android Keystore attestation that are often based on TrustZone. It could also include EPID-related use cases. Please confirm. >> >> I am not sure, if I am the authority to confirm this, as kickstarting RATS is a group effort. What I can do is to agree with the statement that RATS is abstracting from specific hardware solutions that provide, for example trust anchors and shielded locations (which keystores are a subset of, I think), or restrict secret key access (protection of execution, I think) based on system status (or more generic - system health). >> >> Conveyance of Attestation Claims is a big part of implicit attestation and the comparison of (amongst other information) claims wrt to appraisal of Attestation Evidence in explicit attestation. As EAT provides a data format to express these claim sets in a state-of-the art representation (and, if signed, via a state-of-the-art COSE envelope) they are compose a perfect option to address the data model part of conveyance. >> > > > _______________________________________________ EAT mailing list EAT@ietf.org https://www.ietf.org/mailman/listinfo/eat ________________________________ Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
- [EAT] Scope, Goals & Background for RATS Henk Birkholz
- Re: [EAT] Scope, Goals & Background for RATS Denis
- Re: [EAT] [Rats] Scope, Goals & Background for RA… Fuchs, Andreas
- Re: [EAT] Scope, Goals & Background for RATS Henk Birkholz
- Re: [EAT] Scope, Goals & Background for RATS Denis
- Re: [EAT] Scope, Goals & Background for RATS Carsten Bormann
- Re: [EAT] Scope, Goals & Background for RATS Michael Richardson
- Re: [EAT] Scope, Goals & Background for RATS Michael Richardson
- Re: [EAT] Scope, Goals & Background for RATS Eric Voit (evoit)
- Re: [EAT] Scope, Goals & Background for RATS Carsten Bormann
- Re: [EAT] Scope, Goals & Background for RATS Melinda Shore
- Re: [EAT] Scope, Goals & Background for RATS Smith, Ned
- Re: [EAT] Scope, Goals & Background for RATS Laurence Lundblade
- [EAT] Implicit vs Explicit Attestation (was Re: S… Laurence Lundblade
- Re: [EAT] Scope, Goals & Background for RATS Diego R. Lopez
- [EAT] Terminology definitions (was Re: Scope, Goa… Laurence Lundblade
- Re: [EAT] Terminology definitions (was Re: Scope,… Henk Birkholz
- Re: [EAT] Implicit vs Explicit Attestation (was R… Henk Birkholz
- Re: [EAT] Scope, Goals & Background for RATS Henk Birkholz
- Re: [EAT] [Rats] Terminology definitions (was Re:… Smith, Ned
- Re: [EAT] Scope, Goals & Background for RATS Laurence Lundblade
- Re: [EAT] Scope, Goals & Background for RATS Henk Birkholz
- Re: [EAT] Scope, Goals & Background for RATS Diego R. Lopez
- Re: [EAT] Implicit vs Explicit Attestation (was R… Laurence Lundblade
- Re: [EAT] [Rats] Implicit vs Explicit Attestation… Fuchs, Andreas
- Re: [EAT] Implicit vs Explicit Attestation (was R… Henk Birkholz
- Re: [EAT] [Rats] Implicit vs Explicit Attestation… Laurence Lundblade
- Re: [EAT] [Rats] Implicit vs Explicit Attestation… Wheeler, David M
- Re: [EAT] Implicit vs Explicit Attestation (was R… Laurence Lundblade
- Re: [EAT] [Rats] Implicit vs Explicit Attestation… Smith, Ned
- [EAT] Naming (was Re: Scope, Goals & Background f… Laurence Lundblade
- [EAT] EAT additions to Charter (was Re: Scope, Go… Laurence Lundblade
- Re: [EAT] EAT additions to Charter (was Re: Scope… Suresh Marisetty
- Re: [EAT] Naming (was Re: Scope, Goals & Backgrou… Diego R. Lopez
- Re: [EAT] EAT additions to Charter (was Re: Scope… Carl Wallace
- Re: [EAT] Naming (was Re: Scope, Goals & Backgrou… Laurence Lundblade