Re: [Pearg] [hrpc] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Laurence Lundblade <lgl@island-resort.com> Fri, 06 January 2023 01:08 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81B69C15153F; Thu, 5 Jan 2023 17:08:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6s6CIjLIccjd; Thu, 5 Jan 2023 17:08:45 -0800 (PST)
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2114.outbound.protection.outlook.com [40.107.220.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE5B0C151554; Thu, 5 Jan 2023 17:08:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NH5ggJyVbXtr6s0XPV4pqBvtPW1l5H8wFOyV/Yv1o/Y5pLW9fIZbEsY3v3MLz8akhfc9KTXDamrM/rbAEiamSlbUS4FaldDbpe6ZfVbUN0+WTbeP4LUQ7k+qa8XHlGeUTC84bVxiZ9VRmE/zzmE8PD/4Hep8LFUErXHVLW3YzN2tQI1mZvHL3kkfjdeeTdUckCEpIVPuLnnk3oS8Rj0VJvZG3tEcR0n1QUXo0mQot01FleSXjqZzXYa+bhtD/fXzdfIpzQhWUxLWoVFAOFSshAPvlCzUa5zeiW0mwO/XMYLusuU+55+ADPvLXRi2UQCbI8qMbVLLN4+IJVgc1N3+Cg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bP+TiUCV2ftkLNAbm9+83dr5c8Uz1qV/YxQHIGDu9SU=; b=PwaA4qgekcbZsmM/ZKFysKmLVCQOIc6POXrI4fHaij/c0jiBm497Mu2LN36995/1W8JhQ/4dWak2k81Yzo2Tfd/kAqehF5rzwlMKsspxNmA95opyB2G9gemiQbiVq0cYHP8yzzYeAsQs2jEFyUcqjxljC9W/k/I9ZVEWSKC9ab4IKy21v9Kn+9+kfbSFuXFEzQRVd3nok0e3WhnwuaoQOTRF5O9Ccu3fExadS34pW6iImogD6fT54N5PJosFCzC2J/JPxI4KisPrT+4bZr8PmNnbc+n4rbahnWeChU4Jn/4ihBASDHpIQ0efoSTZ4/35kCIqMetJ6MN/41Ry+PpMZA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by SN4PR22MB3222.namprd22.prod.outlook.com (2603:10b6:806:1ed::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Fri, 6 Jan 2023 01:08:41 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::56db:3dfb:772f:9043]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::56db:3dfb:772f:9043%8]) with mapi id 15.20.5944.019; Fri, 6 Jan 2023 01:08:41 +0000
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <C2DC0C2B-B80E-4612-B5E2-296AFA53685F@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_CA05C1DA-E43C-4574-92EC-D7D33711B38C"
Date: Thu, 05 Jan 2023 17:08:36 -0800
In-Reply-To: <25527.22246.491814.309129@gargle.gargle.HOWL>
Cc: trutkowski@netmagic.com, Ted Hardie <ted.ietf@gmail.com>, "pearg@irtf.org" <pearg@irtf.org>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, saag <saag@ietf.org>, "hrpc@irtf.org" <hrpc@irtf.org>, bzs@theworld.com
To: "ietf@ietf.org" <ietf@ietf.org>
References: <HE1PR0701MB305098F652DBC34E3C40810B89F49@HE1PR0701MB3050.eurprd07.prod.outlook.com> <764163366.39904.1672842828297@appsuite-gw2.open-xchange.com> <CABcZeBNA_nJ2waQVENUvEXro91wAYOcH0ZxWqbLH4hoKcGkosw@mail.gmail.com> <9658281.42904.1672912808774@appsuite-gw2.open-xchange.com> <CA+9kkMBLiijcAyLYn_6h8z3N00EDaxdP=f7P2-qUt4Bn1iSWEg@mail.gmail.com> <HE1PR0701MB30505DC24A725E014D60FE0189FA9@HE1PR0701MB3050.eurprd07.prod.outlook.com> <560fae4b-8624-f4ff-63a9-78e4362a5939@netmagic.com> <25527.22246.491814.309129@gargle.gargle.HOWL>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-ClientProxiedBy: SA9PR10CA0003.namprd10.prod.outlook.com (2603:10b6:806:a7::8) To PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: PH7PR22MB3092:EE_|SN4PR22MB3222:EE_
X-MS-Office365-Filtering-Correlation-Id: 9020e2a5-353d-453c-0c7e-08daef828c9a
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: WlJUjuinMKI52P4IJYitkr4d6otNuEJl5x9nvf4bz1CjbZSK7z0ceYYUuMGySe9J+dGBRHzs/9jcpKrypypIAZVY2rgjNeimUTS9LCwteswKO2DIxmXVez0PgrNIskr3iKvvGwUMzwuoVASPnxL34vpG91v+01tbAqYjAh0nMy9DKHJak3x8SfkD6Ya6aliVLKcMdAbixkLq6oDm1RuIeZ45vCuYiSE/1TKRO1K9Ve3bUVXWfjuK+ti+iRJNtB2A9k1LtHR3fZcORd23a/H0ecCfLvMt6kVH1bdll43OIydcqAnzYUhKL2aCZtoMJbandVH+1O7hShQSlBwupqoNe5Zfq3eP6szD9EWkHOo73xRaPt7Ft+kmt5fbztPuwnWOXf7a+yD2/cmkbYzF+3MAVC5EEgs3Ukra/zK6HalFiLjC2RN9DGUOwP+OJqsFHpv+y87BmvQ0Xw7tzOxTsoSyQlwCB079q/O+hpAeFDnTl1Lz7YJTx/7rxquRQlF/9pQWorlHAPAO8b6cv32g15oFWNPqqW0kB/hmt6gYQ8cR5N6f28eKZ5biw8ftyOtoX8d3/5rNyUSc/pXqZd/dmIxIz2C7peq20INzD0fWYbFF63i7LbA+DrNpG2gVhgM/7OVwtioBgpiBdTCuEQbK+3jr9e6QClS2Okch3FqkXOdHw24l0MZBiHEG/gBFIsHBxQn3BCQpnAED7YEsykLeR29Ngw==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR22MB3092.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(136003)(39830400003)(366004)(396003)(346002)(376002)(451199015)(36756003)(33656002)(38100700002)(6916009)(8936002)(5660300002)(41300700001)(166002)(21615005)(83380400001)(86362001)(66899015)(66946007)(6486002)(54906003)(2906002)(52116002)(6506007)(2616005)(66476007)(316002)(8676002)(4326008)(66556008)(33964004)(186003)(6666004)(478600001)(6512007)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 4sdfzw2/bLlu+xCJ+v6TXsOnyuhATx18+EPxZPJt5qx3NS2c6KQDc1rclFJtGm1LyE5s9EUOTtd8mQ2HvlWV3VBkHUEbTIZRXD4alsvqtDaKZajpDKk1skKhMsuPmIcaRh30TAuyKQC0pr/RXWRgP8XoC/PsltwtaAcfPn5Trp657v/Ec0mIPBZCvxNlgKQyyvaMba+xRftiu3EK/rc/fMKFQmW/9fwmQUwoVcywQP3KGJtT6EV1p4muC6HcJK3NU36XAVB7FBwb4tWtI1+JOLGiTSNluCseImpW3jLCtRE/CCMEygNSh6c++rQTPC2ptdMWIl9BysZ88+NNQWupBWZMLrOOpjQ4blaYtJQNkP65UqplZXJuuc1oOpHmjzSpNEPBn5h1ohy8TGXLUt28UiV0gPBNwz1/aaatwU+0HGFcqYJKNb1Wx06U+rSuArLbEmTnmwQF0MaAPUM5SGGLf2E3MbOy/knZvMdV2DTuTiTQ82HvMN2H9TK5IafQIgkZ8mcZbxNpVGClAot79Wusy+KIZ1Ds/02x31VuejmQdcjjQ90DTH79xH8/rNgcftR1INKPn+9mavMcSQVZQlAdH6T2oxlGYWJkxOiV5VG8G+rQoabWBQoYia0DjnwR0LlHuQEnoUlWhjNgtMTW3CznaEjHxe0UHmKd6+xFT967ZK55reuPjmg3MYlaJsn/BEpSnUPlv7UNnzCoQM3IjErpIQvry1ogh+6yqoxmQ25bAA2g86QosYnBZcuVBd+/gsE7CZcI5YTzMQlriG9bRx6/SBxmH2jnx3zG3eYTXXIXT0d+a/KxDtWJG281FHXQIcSpKPapf5YlJ7N9o/ZS0vnQJcwh1sahsg/cgMe5ss/+txi6Dag6dCbDONsswuebjwqzfhoogKsSabB5B8vnHrgTJp0K2IwuaWkSW20+lXjkb0UIPG8b0N9LGapU6AMfKSr+FLic0Vfd5Gu9f/mMPow/HNSDSivxOJWoZjuUYKNecJYRsTp82KMr48yf2/gnddNhFOfM2V84vkR0cYuPdhhKQcnSzAd87DPtwchhaLRmpt4SQGvYi3+H/HdSRbWGBJ6y19H97UvSdRc5tnA/e5H/tNFk5Hj4h4oWphecdrxFxFQVEgHKxtktBL6PVlpYRT9xn6L6uvQYGVjEUFp5JYH89TioNtqoFXUDZXWkT2cC5F9DguCsasUsp+9vzPPN9CHvfiekguUZ303Ab4bNzVmgIFNz1psERfewmQrufxfgducLyK5+l232hmigexuvCoRJI+tZm9Ex1kAmeHC78quQpu3PkI0q8S+2GysEid9WBEkUzUzPXYjVgKzIEdg4qf75goddDLPaSd2xcuDsJhp+2fqrovdHOrWxmYEKGeFY8S8RSaiQsCl9Hwu6uRYM7Vanj0H9wDIcWLHVJYbOd+owwM18zEhAV89MPibS3i5j7AnvNlWVXezKZQuh/GS1KS+sTUfnVlc9UJfNja5+2Xm9JiPk8qOvDAfbAT+4yMVsqbzbHFfJVBCYwLjLfj8Ctg+Sc61nCbAY7mCb58NkJApXk83hBWVlXXFDj0OXRqCwIFaOxeXY1inaj+rUGcT/1LmdxLQ/0+B4ATFhA04KYnf4h0qNLqbSjGOMRDXpdbogd/qrMJkyccZhHaUJzjZnAXeh
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9020e2a5-353d-453c-0c7e-08daef828c9a
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jan 2023 01:08:41.1914 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: vh4cmmwTGAH9r1TKdQSAhgn+NdrGqgQagdBfU6NV4l7sjwbCuBBHGiA5tpzEwW9yjHvEFribsE7X2Bo+rcbzRQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR22MB3222
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/OwJeQLr1Pj6WXSR4y0zbvXulcYM>
Subject: Re: [Pearg] [hrpc] [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2023 01:08:49 -0000

I believe work done by the RATS WG is IETF work related to end-point security.

Remote ATteStation <https://datatracker.ietf.org/doc/draft-ietf-rats-architecture/> allows an end device to provide cryptographically secured evidence of its manufacture, running state, SW versions, measurements and similar to the peer it is communicating with. The peer may choose to use this evidence to fully trust, limit trust or not-at-all trust the device.

The protocols defined by RATS (e.g., EAT <https://www.ietf.org/archive/id/draft-ietf-rats-eat-19.html>)  are primarily formats for encoding and authenticating the evidence about an end device. They don’t set any particular requirement for the privacy or security of the implementation for which evidence is given. 

In my view, strongly defining requirements for an implementation’s privacy/security and evaluating against such requirements is a certification activity, not a protocol design activity. We don’t do certification in the IETF. That’s more an activity for organizations like the FIDO Alliance, the Wi-Fi Alliance, automotive groups and such. These organizations have legal, policy and business structure needed for certification, to issue logos and such.

This seems in alignment with comments from Tony, Ekr and others that there’s limits on what we can do in the IETF. I know lots of you want this organization to do more, but I don’t see it so much with our current business, legal and organizational structure around designing and defining protocols.

That said, I think work on RATS is an IETF contribution that goes a bit beyond the usual protect-in-transit security model to one where the end points are not implicitly trusted.

LL