Re: [EAT] [Rats] Attestation BoF charter updates?

"Smith, Ned" <> Tue, 23 October 2018 18:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B3C3C130EEC; Tue, 23 Oct 2018 11:49:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CkRhho8OD3FX; Tue, 23 Oct 2018 11:49:14 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7C31B130E1D; Tue, 23 Oct 2018 11:49:14 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Oct 2018 11:49:14 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos; i="5.54,417,1534834800"; d="scan'208,217"; a="80335590"
Received: from ([]) by with ESMTP; 23 Oct 2018 11:49:14 -0700
Received: from ( by ( with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 23 Oct 2018 11:49:13 -0700
Received: from ([]) by ([]) with mapi id 14.03.0319.002; Tue, 23 Oct 2018 11:49:13 -0700
From: "Smith, Ned" <>
To: Carl Wallace <>, Jeremy O'Donoghue <>
CC: Michael Richardson <>, "" <>, "" <>
Thread-Topic: [EAT] [Rats] Attestation BoF charter updates?
Thread-Index: AQHUavNRF3KZGpU4TEGGfYgrNJhz76UtFauAgAB27AD//5+qAA==
Date: Tue, 23 Oct 2018 18:49:12 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_FFA0BB1448AB45CE8D7A53D43821FC7Dintelcom_"
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [EAT] [Rats] Attestation BoF charter updates?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 23 Oct 2018 18:49:17 -0000

On 10/23/18, 10:34 AM, "EAT on behalf of Carl Wallace" <<> on behalf of<>> wrote:


It would be interesting to understand your thinking a bit further. At one level it is fairly straightforward to define a claim whose value contains an X.509 certificate, but I suspect that binding may imply more than that.
[nms] It is also reasonable to consider an X.509 certificate as being an object that contains a set of claims (rather than the other way around).
[cw] Not if the goal is to prevent issuance of a certificate because provenance of a key cannot be confirmed. Having a self-issued cert contain claims is fine, but this does not obviate the need to bind to issuance protocols to inform CA issuance.
[nms] I wasn’t asserting that a certificate would be self-issued. This is why I think it makes sense to talk about a claimant. SP800-164 refers to this as either a ‘device owner’ or ‘information owner’. I’m OK with these terms too. The expectation is the device owner during manufacturing  (aka mfg’r) will know which trust relevant claims can be asserted. They could assert them by issuing a certificate containing the claims. The verifier/relying party trusts the mfg’r to be an authoritative source regarding how a device (but more precisely, how the root-of-trust) was made. If a key is created during mfg time and the mfg issues evidence (aka a certificate) of that, then it serves as provenance as long as the verifier / relying party trusts the manufacturer to correctly embed the key. Confirmation can be achieved via manual inspection of the manufacturing process. Nevertheless, the verifier is trusting the mfg to a certain degree.

                This thread is about formats (X.509/ASN.1, CBOR etc…). The semantics of what a signature means is (should be) common across all the formats IMO. If self-signed claims are invalid, then they should be invalid for any encoding whether it is ASN.1, CBOR or something else. If they are valid for something else, then the signature should be valid for alternative formats too.