IETF Logo Mail Archive

Re: [Rats] Android comments on EAT draft

Mathias Brossard <Mathias.Brossard@arm.com> Thu, 16 May 2019 16:31 UTC

Return-Path: <Mathias.Brossard@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE2561201F0 for <rats@ietfa.amsl.com>; Thu, 16 May 2019 09:31:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nPHLh7suLXX3 for <rats@ietfa.amsl.com>; Thu, 16 May 2019 09:31:47 -0700 (PDT)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10073.outbound.protection.outlook.com [40.107.1.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B214B1202D8 for <rats@ietf.org>; Thu, 16 May 2019 09:31:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0CRfHYRVNQl1I4SM6U/rrIEjXmff8ASXcfK0ntLLsws=; b=KUmYSKXJRNaKJgEzLFWH/BBRjIXBfDPY5zjtpHZ8IXQJDwAd+zpSogIU4/RgmLum0/kTYt2js4jmpVHLAtNDmV133mLR130EuIXFd7AHZ+mI48HhgJyBl+3FEjRaqu2Hj+ER7YZEAc9HZhDwGkAFpTU6ypmHYpFmwUC6xxJyzy8=
Received: from VI1PR08MB3486.eurprd08.prod.outlook.com (20.177.59.28) by VI1PR08MB3711.eurprd08.prod.outlook.com (20.178.14.80) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1900.17; Thu, 16 May 2019 16:31:43 +0000
Received: from VI1PR08MB3486.eurprd08.prod.outlook.com ([fe80::5577:824b:4260:bd45]) by VI1PR08MB3486.eurprd08.prod.outlook.com ([fe80::5577:824b:4260:bd45%6]) with mapi id 15.20.1900.010; Thu, 16 May 2019 16:31:43 +0000
From: Mathias Brossard <Mathias.Brossard@arm.com>
To: Simon Frost <Simon.Frost@arm.com>, Laurence Lundblade <lgl@island-resort.com>, Shawn Willden <swillden=40google.com@dmarc.ietf.org>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Android comments on EAT draft
Thread-Index: AQHVC4B6nxCMg/fQZEq9jJEGbvWfcqZtBoOAgACT9wCAAAQrgA==
Date: Thu, 16 May 2019 16:31:43 +0000
Message-ID: <0B8DFC2F-9C35-4F72-A07F-E5258413F50F@arm.com>
References: <CAFyqnhVJ-ps4bdhsyQDOHdzHVZsXeK7_kCDXxUVUcuyDzWS3uA@mail.gmail.com> <35459D73-3D08-4E0B-814B-780AD60DD600@island-resort.com> <HE1PR0801MB1643AA2E129098E2C65F9163EF0A0@HE1PR0801MB1643.eurprd08.prod.outlook.com>
In-Reply-To: <HE1PR0801MB1643AA2E129098E2C65F9163EF0A0@HE1PR0801MB1643.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Mathias.Brossard@arm.com;
x-originating-ip: [217.140.111.135]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9c4f3b7d-5e1d-4bfb-cbcf-08d6da1bfb54
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:VI1PR08MB3711;
x-ms-traffictypediagnostic: VI1PR08MB3711:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <VI1PR08MB37116E840793C7804E1FA5D6860A0@VI1PR08MB3711.eurprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:5516;
x-forefront-prvs: 0039C6E5C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(366004)(136003)(39860400002)(396003)(40434004)(189003)(199004)(7736002)(6512007)(305945005)(6306002)(25786009)(2906002)(6116002)(3846002)(102836004)(76176011)(6506007)(99286004)(53546011)(82746002)(256004)(14444005)(5024004)(316002)(110136005)(71190400001)(71200400001)(81156014)(6246003)(81166006)(8676002)(4326008)(14454004)(68736007)(36756003)(8936002)(478600001)(72206003)(229853002)(6486002)(83716004)(5660300002)(2616005)(64756008)(11346002)(446003)(76116006)(53936002)(486006)(476003)(66946007)(66476007)(66556008)(66446008)(66066001)(73956011)(91956017)(26005)(33656002)(6436002)(86362001)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB3711; H:VI1PR08MB3486.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: bUDK5jLm6rrWJZQdAizd0L0tjBZGu8zWaQH5CMucv8R89e9W1Fe+iGR2z/Fw9Ol8KAbdSZGIvGrlR5V3+BfKpQ/VJ+MUYZkkc3zlB2cKK90a9UZLy8uyIGETdi1P8B4E7MFdkzlIR7XWgc4Bget/cU0RiA5qzlpN/f+QvQVS0ZAKLT6TZ4oQCpW0eK72pyrWQd4fNVGSi4zJRlg0ylISe+5NuuoYErv20MfLCsxCdvmz61PM+1ArYZigdzXboCqXNfitO/wqFJXcur9USKeEZkHmeybVxt41WkvfqDevz3mAGb9H5TVkIjlMeE3SAP3BH2Ke5L3H5YzQT3z2qE9uF7nV7tNOfDVbdICH6NBMarO1t8l4lyxsJT+4EF42O/X0axHc+D+MIbIK0OO1I4mMtcgoiNo63VCOwr0RJxCgauE=
Content-Type: text/plain; charset="utf-8"
Content-ID: <E55702BE8B69B346A2DD6589A0CA05D1@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9c4f3b7d-5e1d-4bfb-cbcf-08d6da1bfb54
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 May 2019 16:31:43.3625 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3711
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/4QEQZjiGLxvV7wr2nO9D_RFmasg>
Subject: Re: [Rats] Android comments on EAT draft
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2019 16:31:56 -0000

On Thursday, May 16, 2019 at 6:16 AM Simon Frost <Simon.Frost@arm.com> wrote:
> I would be very interested in reading your set of claims necessary to describe a key as that use case has also been expressed for our usage.

On that topic, the "Proof-of-Possession Key Semantics for CBOR Web Tokens" (https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-06) is looking to add a CWT claim that contains key information. Once this is standardized it would be possible to include this claim, like all CWT claims, inside an EAT token.

But even for the relatively simple use-case of putting a public key in a token, which it technically supports, I am worried that the semantics might be too constraining. It focuses on proof-of-possession (PoP), where we are thinking about additional functions (signature, encryption, key agreement, etc.). I was wondering if others have an opinion w.r.t. draft-ietf-ace-cwt-proof-of-possession (engage to add language to allow "cnf" use for other things than PoP, create a "key" claim possibly based of "cnf" syntax, ...).

Sincerely,
-- Mathias Brossard

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email