Re: [EAT] Scope, Goals & Background for RATS

Carsten Bormann <cabo@tzi.org> Tue, 18 September 2018 17:49 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: eat@ietfa.amsl.com
Delivered-To: eat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9D62130E62; Tue, 18 Sep 2018 10:49:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCgAdTq_EVOw; Tue, 18 Sep 2018 10:49:26 -0700 (PDT)
Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DD7E130DF6; Tue, 18 Sep 2018 10:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id w8IHnMb7018356; Tue, 18 Sep 2018 19:49:22 +0200 (CEST)
Received: from [192.168.2.102] (p54A6C3C7.dip0.t-ipconnect.de [84.166.195.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 42F9VB2NqLzDXS5; Tue, 18 Sep 2018 19:49:22 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <67234e9e-1543-5ecb-7fd8-3797d529744c@free.fr>
Date: Tue, 18 Sep 2018 19:49:24 +0200
Cc: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, eat@ietf.org, rats@ietf.org
X-Mao-Original-Outgoing-Id: 558985764.065886-b62ebf1e71eafb72e0d0441690d10fd5
Content-Transfer-Encoding: quoted-printable
Message-Id: <35813E42-4192-4999-B40A-96340E534C8D@tzi.org>
References: <710df01c-c45f-9d26-b578-e4baa53c6de8@sit.fraunhofer.de> <b3aa7b71-a80a-78fc-aef7-fc9145a3169b@free.fr> <17ba2709-0a0e-859f-2fa2-fd09747273d9@sit.fraunhofer.de> <67234e9e-1543-5ecb-7fd8-3797d529744c@free.fr>
To: Denis <denis.ietf@free.fr>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/eat/nO_SbKW7c5DLfOG-zGGEzLvxuAQ>
Subject: Re: [EAT] Scope, Goals & Background for RATS
X-BeenThere: eat@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <eat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eat>, <mailto:eat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eat/>
List-Post: <mailto:eat@ietf.org>
List-Help: <mailto:eat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eat>, <mailto:eat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Sep 2018 17:49:29 -0000

On 18. Sep 2018, at 17:56, Denis <denis.ietf@free.fr> wrote:
> 
> I fear that we don't understand each other. 

I think this is the usual terminology problem about “identity”.

Identity is a set of claims.

In the example, the device can prove possession of a key.

The manufacturer provides a signed claim (“certificate”) that possession of that key implies a certain set of protection properties.

That claim (together with the proven possession of the key) becomes the identity of the device that Henk was talking about.  The X.509 certificate that carries the manufacturer’s claim can therefore be called an “identity document”.

It is an identity that thousands of devices share (just as I share the identity that allows me to buy cigarettes from a vending machine in Germany, i.e. I’m 18 or older).  Note that identity can be limited and directed (which makes it somewhat different from identification).

Grüße, Carsten