Re: [Rats] Attestation of implementation vs authenticity of service
Carsten Bormann <cabo@tzi.org> Wed, 05 August 2020 11:47 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C8B23A145F for <rats@ietfa.amsl.com>; Wed, 5 Aug 2020 04:47:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8XNzvBFI_cfE for <rats@ietfa.amsl.com>; Wed, 5 Aug 2020 04:47:13 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE0983A145D for <rats@ietf.org>; Wed, 5 Aug 2020 04:47:13 -0700 (PDT)
Received: from [172.16.42.101] (p5089ae91.dip0.t-ipconnect.de [80.137.174.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4BM8xC2zZTzytS; Wed, 5 Aug 2020 13:47:11 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <0B64B104-1BA0-4341-8470-A17D2C6AC181@island-resort.com>
Date: Wed, 05 Aug 2020 13:47:09 +0200
Cc: rats@ietf.org
X-Mao-Original-Outgoing-Id: 618320829.004822-df18f8a91d321a372e68729ca238c2e5
Content-Transfer-Encoding: quoted-printable
Message-Id: <B61BA81C-6E39-4B3D-83FB-336694E99DC5@tzi.org>
References: <0B64B104-1BA0-4341-8470-A17D2C6AC181@island-resort.com>
To: Laurence Lundblade <lgl@island-resort.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/8R63kuh_R43EVl-KFx6AwppEXno>
Subject: Re: [Rats] Attestation of implementation vs authenticity of service
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Aug 2020 11:47:18 -0000
On 2020-08-03, at 20:58, Laurence Lundblade <lgl@island-resort.com> wrote: > > Service Authenticity > • Focus is on the provider of the service, not the HW or SW > • The legal entity of interest is the service provider > • There is no equivalent of claims, but if there was they would be about the business or person operating the service > • Example: a web site > • Example: an email provider (IMAP service) > Hi Laurence, if you are talking about HTTPS, there is exactly one claim: The service is speaking for a specific name (e.g., facebook.com). All other claims are funneled through this one very special one. Of course, the TLS handshake could be leveraged to do more than this one claim, but that is not what happens in HTTPS. Grüße, Carsten
- [Rats] Attestation of implementation vs authentic… Laurence Lundblade
- Re: [Rats] Attestation of implementation vs authe… Salz, Rich
- Re: [Rats] Attestation of implementation vs authe… Ira McDonald
- Re: [Rats] Attestation of implementation vs authe… Carsten Bormann
- Re: [Rats] Attestation of implementation vs authe… Laurence Lundblade
- Re: [Rats] Attestation of implementation vs authe… Smith, Ned
- Re: [Rats] Attestation of implementation vs authe… Laurence Lundblade
- Re: [Rats] Attestation of implementation vs authe… Michael Richardson
- Re: [Rats] Attestation of implementation vs authe… Henk Birkholz
- Re: [Rats] Attestation of implementation vs authe… Laurence Lundblade