IETF Logo Mail Archive

Re: [Rats] Adoption call for draft-lundblade-rats-eat-media-type

Anders Rundgren <anders.rundgren.net@gmail.com> Wed, 24 August 2022 15:57 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DC77C14F74A for <rats@ietfa.amsl.com>; Wed, 24 Aug 2022 08:57:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level:
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3jJPKjD9CrXU for <rats@ietfa.amsl.com>; Wed, 24 Aug 2022 08:56:59 -0700 (PDT)
Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30D94C1524B3 for <rats@ietf.org>; Wed, 24 Aug 2022 08:56:31 -0700 (PDT)
Received: by mail-wm1-x32d.google.com with SMTP id bd26-20020a05600c1f1a00b003a5e82a6474so1097106wmb.4 for <rats@ietf.org>; Wed, 24 Aug 2022 08:56:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc; bh=KfdVzu52Mw9n4GkPHM0WBzuJvanLbMO2epSQ33+Ypgs=; b=IV/srt8sGE/Wufdi19wHelU9iNsHWgwzAlWEsyWC9y9AqGMQ1Czq9JaPZf5LCeKAD+ jCzxK/hEJrlUqGtPMMFHvV/vuBaPTG+2GDKYK3eIStHfvUEqMcIWUUIEoJn/yxZzEKub +vIqSa33ymJ0tYN2OiBDO9Hj6rctGvsqOmKTRpmrmQI+S64XYLgtSwRO77KZD1njSsXL m21Znlz/p8nQLEvKiAeoYKVjG/JXKWjZvMdTbd4iHMF+vZLpiXdgojYxLQjyIsIFS5oM ngNeFqjiCeAFgTPOK7JXj5XN6LfJmxQFbp0LcyNGBgYPuy4beg2oI4UDyt2WmTWW+ezF /jdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc; bh=KfdVzu52Mw9n4GkPHM0WBzuJvanLbMO2epSQ33+Ypgs=; b=BBToLaC11HPdAZr+teJERi8MCcOugyg153uC0GmOHQDjANAf1CFO7H/+AaAnlkuYly Md8cZAlJipEomTBcRoRZckKd/k3G25IwWxSgyHF2/RQPqKRTe2h4Ujs/fIvmcpwPcfp9 ajyHJiDeZmjPY6/eM4k4rBNTF44pvHU7VjG6VEE4hCuo8u4dcRCK+88mpEwhjFeQdfZc l64UzV3IJZ88k0BM8Bpg7VmMU+OWYnOedJBoJlSfGS3euMZFL7K2QRT/T+ytucZXDigP q3pFvQK8gSZeXtBwbE0tVCWsK/gpaDMQ3oC2c70ztV9bTWF26nzz4Bta/43f7Ppfgtk4 Ki4g==
X-Gm-Message-State: ACgBeo2KIl+r/egj+YS360w0Pnv+t5SYbSJ5h6bkKFXBjZew046KkZUE bcRKn+a88Tq+AFyawLerXgqM3qss5N0=
X-Google-Smtp-Source: AA6agR7vHeBgfAjvNNl8IOP4G2nKaFTNgWO8imoJbUmXOWi/RaQjoyefd59JGlZtWfkzJaoVt6JI3A==
X-Received: by 2002:a05:600c:1c19:b0:3a5:51aa:d041 with SMTP id j25-20020a05600c1c1900b003a551aad041mr5752285wms.172.1661356589679; Wed, 24 Aug 2022 08:56:29 -0700 (PDT)
Received: from ?IPV6:2a01:e34:ec4e:5670:d977:3eeb:a8c3:d47a? ([2a01:e34:ec4e:5670:d977:3eeb:a8c3:d47a]) by smtp.googlemail.com with ESMTPSA id k14-20020a05600c0b4e00b003a5c999cd1asm1275711wmr.14.2022.08.24.08.56.29 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 24 Aug 2022 08:56:29 -0700 (PDT)
Message-ID: <e381f2c9-f707-83cd-ca46-5c52cc4ff9c6@gmail.com>
Date: Wed, 24 Aug 2022 17:56:27 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0
Content-Language: en-US
To: Dave Thaler <dthaler@microsoft.com>, "rats@ietf.org" <rats@ietf.org>
References: <BYAPR11MB291957ABA67F8D244406BCC8D69D9@BYAPR11MB2919.namprd11.prod.outlook.com> <CH2PR21MB14648DFF6D6188DA29851BB4A39C9@CH2PR21MB1464.namprd21.prod.outlook.com> <69991a8d-9dbd-e368-f48d-5e06d6c2e3e5@gmail.com> <CH2PR21MB14648356915D17DB33893EF8A3739@CH2PR21MB1464.namprd21.prod.outlook.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
In-Reply-To: <CH2PR21MB14648356915D17DB33893EF8A3739@CH2PR21MB1464.namprd21.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/-ilDb0m9fgnm32rXuxP35CbkCa0>
Subject: Re: [Rats] Adoption call for draft-lundblade-rats-eat-media-type
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2022 15:57:05 -0000

On 2022-08-24 15:59, Dave Thaler wrote:
> Anders Rundgren <anders.rundgren.net@gmail.com> writes:
>>> And FYI to respond to Anders, the TEEP use definitely cannot use an in-object
>> tag, and I expect some other uses outlined in the RATS architecture cannot
>> either for the same reason.  Specifically, the TEEP use is to distinguish between
>> (among other things) an EAT using the TEEP Profile, vs existing proprietary
>> formats (such as SGX reports) that do not use CBOR.
>>
>> Hi David,
>> As we all know there are usually multiple ways to address a problem and this
>> case is no exception :)
>>
>> The established way dealing with different objects in an HTTP world is using
>> different paths.  This has native support in most server frameworks while the
>> support for media types is practically non-existent.
>>
>> If for some reason SGX reports and EAT attestation must invoke the same
>> application, wrapping SGX reports with with a tag ("wrapped EAT") seems like
>> a reasonable alternative.
>>
>> In short: EAT/TEEP/RATS would (IMO...) gain by sticking to de-facto standards.
>> Media types are great but their primary use are in REEs.
> 
> The TEEP use of this draft is not in HTTP per se, but in TEEP messages.
> HTTP carries TEEP messages.  TEEP messages carry attestation payloads.
> Attestation payload formats are denoted with a media type carried in the TEEP message.
> 
> Separately, for use in HTTP, see RFC 9205's discussion of media types.  This was recently published by the HTTPbis working group.   It's possible (I don't know)
> that it could be a useful Informative reference from the eat-media-type draft.

David et al, feel free to go ahead standardizing a multi-dimensional typing system.  Personally, I consider FIDO's one-dimensional in-object attestation typing scheme a better mousetrap.

Anders

> 
> Dave
>

v2.23.0 | Report a Bug | By Email