Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

"Smith, Ned" <ned.smith@intel.com> Thu, 02 June 2022 16:35 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 586FEC14F692 for <rats@ietfa.amsl.com>; Thu, 2 Jun 2022 09:35:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.868
X-Spam-Level:
X-Spam-Status: No, score=-2.868 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.745, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sauk6JltlmJ3 for <rats@ietfa.amsl.com>; Thu, 2 Jun 2022 09:35:28 -0700 (PDT)
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07860C157B35 for <rats@ietf.org>; Thu, 2 Jun 2022 09:35:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1654187728; x=1685723728; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=nJsJWw4Xax+R9kH3thIPFHsLosiMFii3crU7RG7q+Ms=; b=knowifu9HjsuZAcH0M/Qy3XVJw06WEOuJqIwLvP9sq6WQZkYcbXhr+0N xXuNtCFi1wrLDkxJwMcBZi2aGIRvge1AZZ2UihnCNDKbG2qn+feoAFOs4 Pn6Z2bZIpw5QsMk+3by9NWJcoLDSIW29C8TfiMX4Bl/lWyLzi4ShDy0Hs ogPVNJztgJ5C62IV1a/yyEcKpS7yayjxMZQRKI5cGGZuC5SvyS/oFgohu 0lSM59AmpvQzxUKLwmD5ON/XCD+zeORLWDX3nttqXgCDvJAgwc/V05xnZ aZYzIQKoaWhl/dBp2vn6td16GLwC3dkbP0I9PHOsMgGVlPrz5NK+sZsdl g==;
X-IronPort-AV: E=McAfee;i="6400,9594,10366"; a="275733837"
X-IronPort-AV: E=Sophos;i="5.91,271,1647327600"; d="scan'208,217";a="275733837"
Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jun 2022 09:35:26 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.91,271,1647327600"; d="scan'208,217";a="757064556"
Received: from orsmsx604.amr.corp.intel.com ([10.22.229.17]) by orsmga005.jf.intel.com with ESMTP; 02 Jun 2022 09:35:26 -0700
Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by ORSMSX604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Thu, 2 Jun 2022 09:35:26 -0700
Received: from orsmsx605.amr.corp.intel.com (10.22.229.18) by ORSMSX608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Thu, 2 Jun 2022 09:35:26 -0700
Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Thu, 2 Jun 2022 09:35:26 -0700
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.103) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Thu, 2 Jun 2022 09:35:25 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hl2l9rP3/VzQ/Tb9Bj+558y/XO8SVoMalSrjQ7oEK++qYgSpjA4QjNKGYiq/88XsXIiv086C/GUIbLmAsAq1g+ggXRC7a1DlQCss+YpOCvJ4vgFNFq9tbZ4RAmT8k9KH795R2Emam3r3zhKevG0CkWTiUjUdsnvOK4FXN0etwYH200Lhfo/0w9VICd6iO+GQYORCM0wKc/2FnhnPhcEWD74RyPGKl7L3mSR5E3bvZiJ+OwsvdSTQg2k6OZ86VN0GijYSXnbNT1JXEtW3+43TBHTZQAt6n/gTK5YPSKsq5GXZa1F2v8XJgjqFTfDTyZ8HL88aDFDBcx3V+0Lk9iMseA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nJsJWw4Xax+R9kH3thIPFHsLosiMFii3crU7RG7q+Ms=; b=m+3O6gdZsk1gakapEmX+6i1gUpGnGKnBq/eSuABGMUtvnarvJVfLXg+y0Rp1VcGgyo/bZCfGBp+Bl6hmWiiZBiCbOJEozxIjZFzO6hjnfyar9fIkbJmGalmZwgUemIkWoQS/MO7yeNMdYfO35ad82evZ2QevjWQnt6TAujuBiDUAjpqowykA1S1rEhl57NJCiRG/xI8rWBmlhV8HUCrGhdBZ2dqrsvTnMXjYRrz+NG1tdnCt6VAjvRxU6QWjbRP1Rdg5reXVuBDpQXW7DI5xQUBxghiTENnnEhXuwRZ9Zorvn2hN5spzDzr+YW6NMrkVUyTwEdBHkDCphNO4mV/iEA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by DM4PR11MB5456.namprd11.prod.outlook.com (2603:10b6:5:39c::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.13; Thu, 2 Jun 2022 16:35:24 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5dfe:31c7:a62a:d8b8]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5dfe:31c7:a62a:d8b8%3]) with mapi id 15.20.5314.013; Thu, 2 Jun 2022 16:35:24 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: Giridhar Mandyam <mandyam@qti.qualcomm.com>, Thomas Fossati <Thomas.Fossati@arm.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
Thread-Index: AQHYdNVUG1GsbTr/P0eau4mczDwmD605NHiAgAAygwD//5vRAIAAnEqAgACW7QCAAGuZAIABebmAgAAByAD//8FigA==
Date: Thu, 02 Jun 2022 16:35:24 +0000
Message-ID: <55C9F1B1-2CEA-472B-B382-AC05D895DA91@intel.com>
References: <45618431-7329-4F31-941F-A39BBC9D575F@cisco.com> <DB9PR08MB65241E9E259EBBD532480E469CDC9@DB9PR08MB6524.eurprd08.prod.outlook.com> <30BB98D4-8CC0-4EA3-BB89-9F95DC6F2CA8@island-resort.com> <SJ0PR02MB83533D9FAAA5C935EFFE2BED81DC9@SJ0PR02MB8353.namprd02.prod.outlook.com> <D6FBA9E8-EAF5-4D43-831E-4F11EEF56AC1@intel.com> <D4DFCC84-43A9-45F1-86CC-577665206643@island-resort.com> <DB9PR08MB6524A23DF4EF603E60641C449CDF9@DB9PR08MB6524.eurprd08.prod.outlook.com> <SJ0PR02MB8353B3CAE4C2216DE827919D81DF9@SJ0PR02MB8353.namprd02.prod.outlook.com> <DB9PR08MB6524EF37525128BB58E914CB9CDE9@DB9PR08MB6524.eurprd08.prod.outlook.com> <SJ0PR02MB8353C0333529F58051E3B10581DE9@SJ0PR02MB8353.namprd02.prod.outlook.com>
In-Reply-To: <SJ0PR02MB8353C0333529F58051E3B10581DE9@SJ0PR02MB8353.namprd02.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.61.22050700
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ed88e7de-f8b4-4939-64ba-08da44b5e4d5
x-ms-traffictypediagnostic: DM4PR11MB5456:EE_
x-microsoft-antispam-prvs: <DM4PR11MB545678511724A6FBB0547E2BE5DE9@DM4PR11MB5456.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: NOmewBodA1GOM8tKr36rulqKfNUrzqqlutnEhANmmF/4He34DkP9S+S+16rgwK6EBGMdX9T6/jO2YbudAd2ZF7bL4hrr1bdz9XYDw1xW3KT/dXl14qPd5HUHLrYLT6Fi1V2c+qTi9YjaitTBC4HSgFcgDrNZZmSHl9AN4idOimcUUVkctq8YeUlsC0NsEK8wXcbzWBXHRidZ6gQgtwh5dzBIsn4bDLISu2HADvYFTv5FZTX2duoH/qDNvxN++Z5Nk6eAXRKSnHTkGYiy/mxx7ChAojAQJwt8F1qxs8HuTARtWr4fXcJmGV5ZpYLGuqiVZz/N3pCP8gOoXemS8x+4l69Wr51ft0S18Pxn+FEGNzuckwEkSMyuh/r5SOE994i6W6YplRxX5AxnQ/UIVFpJOd7WC4akzj3OOavnKNz4Yxkj+sk5nBBQNHh3OFVuhsIKQCzRQqReIAMlArdiSjn3QMCDYbTNAxbDXBKzNU+SeZm9Y9weoUstdoWG3ULbjvkHPraLBe0Un9Z5j1Wb5eHtdwAgjoCQsnZySjO7XRJOrrt7vq5f3tPoIr0pu17pFDcP915p+53xU8vrJHuruPvvWM+3fflYzXtJQ44Ex4m3wssiV2uV4aiVV4gm39knjePiRtnjelbdXCR/MbzkHga+vPuOhN4Ca0HSNwJA08juaY/pTTYlEuacyWAsWgAwmpjbH7gitWwvZAi6gJYGA3tqXy2Vg5FZqpaEU6iOkFIUOV5U01wiAtNBOzOK5uI/O1TtauWMJJ/1hB6N44OYz1Sl20EtyUHETqrh2rgcl3eK/Mzahd8sM9Hr8AiOJFwx0PVXoYoCcwQhE17FX1H8Jme2AYvC4HvXHkp0TteIrAqmEJs=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(8936002)(64756008)(66946007)(33656002)(76116006)(66446008)(66476007)(66556008)(8676002)(2616005)(110136005)(5660300002)(966005)(71200400001)(6486002)(36756003)(2906002)(53546011)(26005)(6512007)(6506007)(508600001)(83380400001)(38100700002)(86362001)(186003)(316002)(122000001)(82960400001)(166002)(38070700005)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jrz6QQGJUh/zW6R8A6kjBYqMeLL0493DdH77Zbg1ynM4BFObRVsupm4wEbPMMeqT1AGEhj1QI5hczYMHBDjvXon1LY4AQTqDK9ntii7JjALPxu81gjhyAUTlOewIRMg7dI0Rov0z7DgnXhKWJ7rc3XYARcfFQMkolE/kL/TAmXDJegKVl0E28i/+bZhaofDjHSEeUzH/dYHxTT51rggzR5CA/fIrHx1feCXBHVt+DSfc1yPraoCvXxbngeV39XbMDT+av+NTUx7rb9VzQmCJ62z9fCadWjqKXEVyJ01bB0WB/ORVNWV+Q5wjDztXEF0/hfRJ02nQ2sCIbF+FHVr5ZPyAXby3dIeQsEl+hEO0f10kijxBFSE6VdQPYKOIVu/OQVgx515RALhFqwjmOuykEAWR48yO8/WMqOb6QxbQj32Avnpj6VlmIukXRTy77tteDUO6iowihZ9jurOqjmfIwhJ/nH/Xy0I8j+WwHUMItznyn6x2zZXXUu2KycZWFUVhrfZx75LFj8hPylUCG0gwAl2LL9624PTPRlD77bhz8ykd4zvr2kntr1Ml37U0crAjFk1fWdw3O7YcCtVk0blIhN4t9ohuc7tEIgHeG1SN2gkiceRMfwwTkr2RLctvhu06j1aZjq+aVDH3D7hNLxCRn350yL1+UJfEqieaD1pZnqsntA8g3Pg7BeU6gqmogNcg2814bwfVbWI+WgiWiSv0V2tk39XyjPdLRQLfECYqxj42i/rPdGeQoFaaSwllSfx9XXOLggf3meXwH0kfkPduHvdVRpeCMTE3np7ZXUNFHSm5sbyspjmifTBm2UzDypOWwZHgmPO1llNvCiI8MaCrqAoL0nD/FsyxrGGTPXmLxQmDDDQE8kA5mIK912zRxFM77NxVFs4eHYKucnrCPiRyqNN6cHIFIk/dCPCeVDRdu5pSsnlMwR/w1hs1b9bHT+dH9gbK3WJBtbONSHLpQmEOXb56m9TCOQWGt8hmSzu5ZZEx5PclXNyoEorNoEKfyjO5i7211sTqiv+VwrhibgmD+RijaXB5fDVUGFsVZB8P44MVZfU+jf2JuzIKvTbqjbMCY3GhmA8d+/I2x4VWMesSWhwmi3aBo1P2oqAn2XbS0uNCoYu9Z7zQrmItJDBcqKqdYQOEcwa5JQI/EoKj20arGDQfCS34ZFVr+Vgh3jdjWJE+dj2nKgJGMsZfdITsmBvV1XdemUN4gbYxtEzCU0O8DDdcDDv/2uyFIWXpaksDYH7FJwL0YMvBJSjOp02LY7fIibtlgBJDujoyFFEStndcOcQiXmJguAcYkuPT04jqnYYBeoHQbB780hpV/8rYc5ZzBrhBE6TZpvDu4UzWq05f8fgSv8l50Ic+QkeTPT5sbdzKrCYFBBRM7meuvm78FmeDSti0odFHV+g83v8KEdAQ5oT70Ay9vSI+75ah4lnRKxnJTf3ZBwcI2vn36L365otc2I/M0QZsPcOl2vLqSnoIkrux7TYMqoZsaekBHicq5DfMJfqbVIpO/4hifeYGzz/icYvxzrRiP2onSmdDmfoBAkauL1dXuBAgJIzYtOp/uAv0fXXppYUrr5HtD9QtBzJyWhyRMzAFI1w9l0XK5M7Mf3dRdRUmMxJhSdmF0CK+KsgRXeHL5J2/nEhmSwkmIMMEyXO8KmV97dCRNJHAg54cDb8vDShoPw2ox0xRU0jvmAIeCcpMJW0GMl5tBevdBS2CWhO4S62i7vmdXNbC0K//nRVOdOn5e6FYq97dLXvRNug=
Content-Type: multipart/alternative; boundary="_000_55C9F1B12CEA472BB382AC05D895DA91intelcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ed88e7de-f8b4-4939-64ba-08da44b5e4d5
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2022 16:35:24.4993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: VQMk+uVfjewVsSj2sY0kesgiJBBdguWayYs1fME7cr14kIoGuEJaojJA4E1Pw1tHaaiv7OIPIuqLRXIWD3N59w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB5456
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/5M4yoz9_9Xn2Omx9EbFe0Po09r0>
Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2022 16:35:32 -0000

>the profile definition addresses interop
Section 7 suggests that a profile can take on many forms. The EAT draft accommodates this by offering a way to reference the profile document (or whatever it happens to be). I interpret Thomas’s point that “the claims-set is governed by the CWT Claims registry, whilst the EAT type system has no
such mechanism (yet)” to mean there isn’t a profile yet defined that operates like a global registry.

It seems IANA is being used as the global registry for code point names/values currently. IANA CBOR registry could be used for CBOR top level EAT structures, but such equivalent exists for JSON structures.

However, it seems some EAT CBOR structures that could be considered ‘top level’ don’t currently have IANA CBOR registry entries.

Is the way forward for EAT draft to create IANA CBOR tags for top level EAT structures?

Thx,
Ned

From: RATS <rats-bounces@ietf.org> on behalf of Giridhar Mandyam <mandyam@qti.qualcomm.com>
Date: Thursday, June 2, 2022 at 6:20 AM
To: Thomas Fossati <Thomas.Fossati@arm.com>, "rats@ietf.org" <rats@ietf.org>
Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

>> I think the underlying data structures make it extensible, independent of the CDDL notation.  However if an implementor chooses to extend EAT without an accompanying standard as a result, then interoperability may not be assured.  Therefore it is in an implementor’s interest to define a standard if they are seeking interop.

>The core difference is the extensibility story for the claims-set is governed by the CWT Claims registry, whilst the EAT type system has no such mechanism (yet).

I don’t agree:  the profile definition addresses interop – see https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat#section-7.  Up to this point, no-one has objected to the way profiles are defined in the specification, nor the lack of a registry.

-Giri

From: Thomas Fossati <Thomas.Fossati@arm.com>
Sent: Thursday, June 2, 2022 6:13 AM
To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; rats@ietf.org
Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)


WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
> Giridhar Mandyam <mandyam@qti.qualcomm.com<mailto:mandyam@qti.qualcomm.com>> wrote:
> I think the underlying data structures make it extensible, independent
> of the CDDL notation.  However if an implementor chooses to extend EAT
> without an accompanying standard as a result, then interoperability
> may not be assured.  Therefore it is in an implementor’s interest to
> define a standard if they are seeking interop.

The core difference is the extensibility story for the claims-set is
governed by the CWT Claims registry, whilst the EAT type system has no
such mechanism (yet).




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.