IETF Logo Mail Archive

Re: [Rats] EAT IANA registry

Laurence Lundblade <lgl@island-resort.com> Sat, 23 November 2019 16:29 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 962E5120932 for <rats@ietfa.amsl.com>; Sat, 23 Nov 2019 08:29:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sda5fka3jXJP for <rats@ietfa.amsl.com>; Sat, 23 Nov 2019 08:29:27 -0800 (PST)
Received: from p3plsmtpa06-02.prod.phx3.secureserver.net (p3plsmtpa06-02.prod.phx3.secureserver.net [173.201.192.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71F0C120953 for <rats@ietf.org>; Sat, 23 Nov 2019 08:29:26 -0800 (PST)
Received: from [10.86.0.74] ([45.56.150.43]) by :SMTPAUTH: with ESMTPA id YYHliPPUEYCagYYHlizEzv; Sat, 23 Nov 2019 09:29:25 -0700
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <53C13986-A523-4349-BDC3-F8ACC2BCFD29@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_0F33BB2B-E50A-4B45-8712-AB3704325A90"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Sat, 23 Nov 2019 08:29:24 -0800
In-Reply-To: <09C4F36B-C9CE-44DF-9DF8-F3365A7E3053@gmail.com>
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "rats@ietf.org" <rats@ietf.org>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
References: <D2CF9D31-057E-4B47-A3D0-08BBBF997F47@gmail.com> <VI1PR08MB53605A2A2E61E6EAE2609FECFA490@VI1PR08MB5360.eurprd08.prod.outlook.com> <09C4F36B-C9CE-44DF-9DF8-F3365A7E3053@gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-CMAE-Envelope: MS4wfKFwDmYgfUK/VITyNegZEXae05CdLTXUK195lHI31pVXLOvux8b/elbJHzyZrB64ko2HJ/NcdYpbHheTnySTkn7RFxhAxaqvS9EWn7ddKJPdJndoKZla QV/sdCGuC80VhMohGl42VfHEEoLc4kut7wFMbzqDPAfsYPlI8F48o4sMVr6SAt/PAg2HXgeHYany/edZFC7dgxpV4x9xG8LIQlWCJWNfztySGDz123ktGew9
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/2uXR47pgM6ZqCx0ukegeapsBOeI>
Subject: Re: [Rats] EAT IANA registry
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Nov 2019 16:29:31 -0000

One of our thoughts is that EAT profiles will help with this. For example, a special profile for toasters might list 5 claims that must be included in every attestation and 10 claims that are optional and maybe even prohibit all others.

LL


> On Nov 22, 2019, at 6:57 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:
> 
> Hi Hannes,
>  
> Looking at the JWT claim IANA registry [1], it is already a terrible mess of several different standards, obviously with many more coming. I guess what’s done is done, and I’ll take back my objection.
>  
> Thanks,
>                 Yaron
>  
> [1] https://www.iana.org/assignments/jwt/jwt.xhtml#claims <https://www.iana.org/assignments/jwt/jwt.xhtml#claims>
>  
> From: Hannes Tschofenig <Hannes.Tschofenig@arm.com <mailto:Hannes.Tschofenig@arm.com>>
> Date: Friday, November 22, 2019 at 14:17
> To: Yaron Sheffer <yaronf.ietf@gmail.com <mailto:yaronf.ietf@gmail.com>>, "rats@ietf.org <mailto:rats@ietf.org>" <rats@ietf.org <mailto:rats@ietf.org>>
> Subject: RE: EAT IANA registry
>  
> Yaron, 
> Could you explain why you think that this is a good idea? 
> Ciao
> Hannes
>  
> From: RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org>> On Behalf Of Yaron Sheffer
> Sent: Friday, November 22, 2019 2:05 PM
> To: rats@ietf.org <mailto:rats@ietf.org>
> Subject: [Rats] EAT IANA registry
>  
> Unrelated to my earlier mail, I would recommend to create a separate registry for EAT claims (I suppose that implies a nested object in the JWT/CWT) rather than to overload the CWT registry. Architecturally it just doesn’t jive to have all these claims as baseline CWT claims, and process-wise, it’s much more convenient for this group to control its own namespace.
>  
> Sorry if this has been raised before.
>  
> Thanks,
>                 Yaron
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org <mailto:RATS@ietf.org>
> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>

v2.23.0 | Report a Bug | By Email