IETF Logo Mail Archive

[Rats] CWT and JWT are good enough?

Laurence Lundblade <lgl@island-resort.com> Mon, 16 September 2019 15:30 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4F7C120122 for <rats@ietfa.amsl.com>; Mon, 16 Sep 2019 08:30:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0myw5uYacUlo for <rats@ietfa.amsl.com>; Mon, 16 Sep 2019 08:30:37 -0700 (PDT)
Received: from p3plsmtpa12-02.prod.phx3.secureserver.net (p3plsmtpa12-02.prod.phx3.secureserver.net [68.178.252.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34E5512084C for <rats@ietf.org>; Mon, 16 Sep 2019 08:30:37 -0700 (PDT)
Received: from [192.168.1.76] ([76.167.193.86]) by :SMTPAUTH: with ESMTPA id 9sxXiiqRcSfiY9sxXi5CaD; Mon, 16 Sep 2019 08:30:35 -0700
From: Laurence Lundblade <lgl@island-resort.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Message-Id: <CDC992AE-B6DB-4BAE-975F-6E2BF9ED2C97@island-resort.com>
Date: Mon, 16 Sep 2019 08:30:35 -0700
To: rats@ietf.org
X-Mailer: Apple Mail (2.3445.104.11)
X-CMAE-Envelope: MS4wfNVi2e72losTtfxJinUES+cEMnGjHtv/4gTPweM1la6YSFmCNmBIG0+tskB1dKAzWV1FdJjfijyI1/4CB3u9vv1lwPBM3VDNWPY2a1dojKacyCl1Sn8N s51ZBcYbdVmLImWNo/0/xE8upGFGSf4Dg+3jJ18pSRzcI6tVhvmKQ5ru
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/72KUjH2Gqq_vxLELjSIhBJmy_3Y>
Subject: [Rats] CWT and JWT are good enough?
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Sep 2019 15:30:39 -0000

I’ve been trying to take the position to avoid even minor divergences from CWT and JWT in EAT. I wish there wasn’t inconsistency between the two, particularly in how the claims registry is handled. That inconsistency has already consumed many hours, even days, of this WG. There’s been some really long email threads about it.

Fixing it only for EAT seems half-baked. Fixing it for all of CWT and JWT would have to go through those WGs. Seems like a lot of work. We have enough to do, so I’m inclined to live with it.

LL

v2.23.0 | Report a Bug | By Email