IETF Logo Mail Archive

Re: [Rats] draft-birkholz-rats-uccs

Thomas Fossati <tho.ietf@gmail.com> Mon, 15 March 2021 10:16 UTC

Return-Path: <tho.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CA603A09BD for <rats@ietfa.amsl.com>; Mon, 15 Mar 2021 03:16:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_25Gb66aoYj for <rats@ietfa.amsl.com>; Mon, 15 Mar 2021 03:16:15 -0700 (PDT)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 410533A09C3 for <rats@ietf.org>; Mon, 15 Mar 2021 03:16:15 -0700 (PDT)
Received: by mail-lf1-x12c.google.com with SMTP id m22so55886076lfg.5 for <rats@ietf.org>; Mon, 15 Mar 2021 03:16:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=UpbMlHjzAzwLaes8aiO4XTam13waZKVdmIpOYezV4Uc=; b=gFW1cLg5zxyr4aSfJYKEW+KNy0J3t4p4sPBQwz57BXf9COXk/PeUznAG6g4G1t6no2 6OaYyu4gVP4syPCT0mJH8y0yJ2kz6QoPj+ygA+JGKstmvX9bDQyYmpvuCo5crtJ6sWPD 0QJznTgsm1KSDmWUHGswDw8nXo7s6+JK+S2f3lvNf6GGR58KDyBN9ZRereBu5EU+Sm86 bR7SIzkWG3p1OU5jpdxcpLuHmhlTypQ8+c0AfhiGTIqLyRcl3MWkwsOkqlbGY1YgB9j0 NLbb2RktCQZFfLlwP+HwwwBhWSuilKYn89HbjPtB4P0OdKf7wPNTEtlQ0NgQa29DqLQ7 L2wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=UpbMlHjzAzwLaes8aiO4XTam13waZKVdmIpOYezV4Uc=; b=Ajm69ypNMEtBjQrBkaRtXt4l9auNB80/jQhALPqY3MfI/I7orx7xa7x1phek8lhfX7 bQDRiW+dbhW9vhlVCXQgehQ40AbcJgjIZ1XgHvOfn/fbpejr5n0c0ptZg8iybUJ92LDf m8bU02hKdaKfBrKNvDp/21Whrsh592ATfbMbbTpBVxH+QE6YdRrpKdhzoTO9W19fNXhj E8q0bO9iR4r0KONDFmDliPW7gC/gzT+x/CHpOYIVFYVzmAdOyxrHbWbEVdyTkR53rgD5 daEW9iEHaz/QrBfbTqvsngsy+Ei9tQ9s9pLREyaa7vwy/mVzCjDUdVYQ8mAoN6p4Vkw0 sWlw==
X-Gm-Message-State: AOAM532B29CUrZsGq3uhQJv8D5vmUTY9TJwGKk0Np7GKsJHUz1qfa3Vh evbM+L7ETfY96EZsBhkTYCPD4HJWJrn59vLpYOY=
X-Google-Smtp-Source: ABdhPJxPMZcXI7IKV3vLihwDEUDQthTYdT88LSsAupCUUs7OwVKEF9vbVj8LmFgIXuJ9Gfzt94sESPjZAaHshU84k3o=
X-Received: by 2002:ac2:48b1:: with SMTP id u17mr7891994lfg.627.1615803372585; Mon, 15 Mar 2021 03:16:12 -0700 (PDT)
MIME-Version: 1.0
References: <VI1PR08MB2639119D9BB1C98A1FBF3863FA6F9@VI1PR08MB2639.eurprd08.prod.outlook.com> <BYAPR02MB442217661B96C66A8881DD89816F9@BYAPR02MB4422.namprd02.prod.outlook.com> <659C7D3E-B5C9-484F-85E8-5D48E2C2F856@island-resort.com> <VI1PR08MB2639F0B6CDC8DA24A300BA22FA6F9@VI1PR08MB2639.eurprd08.prod.outlook.com> <E98547E5-6F6D-4CDE-9F7E-54D8B5C3BCD5@island-resort.com> <CAObGJnNGqGLKVq7Xi_-GL5w-xFNhULg4BPR18pdRWoSCvKYRiQ@mail.gmail.com> <3C82808C-E93B-43A7-B8A4-21CD73299C6F@tzi.org>
In-Reply-To: <3C82808C-E93B-43A7-B8A4-21CD73299C6F@tzi.org>
From: Thomas Fossati <tho.ietf@gmail.com>
Date: Mon, 15 Mar 2021 10:16:01 +0000
Message-ID: <CAObGJnN8VbTs5ppyZ3vdx4B75By=LUXuhFDwrORcYr3WzAH-KA@mail.gmail.com>
To: Carsten Bormann <cabo@tzi.org>
Cc: Laurence Lundblade <lgl@island-resort.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "rats@ietf.org" <rats@ietf.org>, Giridhar Mandyam <mandyam@qti.qualcomm.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/2FfAU_DSK7_bLEANq2aRr9AQJLQ>
Subject: Re: [Rats] draft-birkholz-rats-uccs
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Mar 2021 10:16:17 -0000

Hi Carsten

On Mon, Mar 15, 2021 at 9:31 AM Carsten Bormann <cabo@tzi.org> wrote:
>
> On 2021-03-13, at 21:32, Thomas Fossati <tho.ietf@gmail.com> wrote:
> >
> > I see this in a slightly different way: we take a data format that has
> > a "secure by default" label on it and we strip off the very thing that
> > makes it secure.  Since we are changing its commonly understood
> > semantics, it's probably wise that we simultaneously state why and
> > when this is acceptable, along with the assumed threat model.
>
> Well, we are defining a new thing, called
>
>         Unprotected CWT Claims Set (UCCS)
>
> What part of “unprotected” do you think will be hard to understand?

The oxymoron between "Unprotected" and the COSE in "CWT" has the
potential of creating cognitive dissonance.

That IMHO deserves some discussion *in* the document.

cheers!

v2.23.0 | Report a Bug | By Email