IETF Logo Mail Archive

[Rats] I-D Action: draft-birkholz-rats-uccs-01.txt

Laurence Lundblade <lgl@island-resort.com> Wed, 03 June 2020 19:24 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63F863A0E91 for <rats@ietfa.amsl.com>; Wed, 3 Jun 2020 12:24:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ishX0hMQ-W_b for <rats@ietfa.amsl.com>; Wed, 3 Jun 2020 12:24:21 -0700 (PDT)
Received: from p3plsmtpa07-02.prod.phx3.secureserver.net (p3plsmtpa07-02.prod.phx3.secureserver.net [173.201.192.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AB773A0E8F for <rats@ietf.org>; Wed, 3 Jun 2020 12:24:21 -0700 (PDT)
Received: from [192.168.1.78] ([76.167.193.86]) by :SMTPAUTH: with ESMTPA id gYzsjBMC0EHrKgYzsjpgEx; Wed, 03 Jun 2020 12:24:21 -0700
X-CMAE-Analysis: v=2.3 cv=C+qXNjH+ c=1 sm=1 tr=0 a=t2DvPg6iSvRzsOFYbaV4uQ==:117 a=t2DvPg6iSvRzsOFYbaV4uQ==:17 a=IkcTkHD0fZMA:10 a=lLa2_FpPX2HyelkZOr8A:9 a=QEXdDO2ut3YA:10 a=pHzHmUro8NiASowvMSCR:22 a=n87TN5wuljxrRezIQYnT:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Message-Id: <72AE6830-B424-47F1-BA3D-C694989300AF@island-resort.com>
Date: Wed, 03 Jun 2020 12:24:20 -0700
Cc: jeremy O'Donoghue <jodonogh@qti.qualcomm.com>
To: rats@ietf.org
X-Mailer: Apple Mail (2.3445.104.11)
X-CMAE-Envelope: MS4wfOeIy7dRgw202XgSilsUA8tJ1FFEjfWyGC6VrB1Q91Ja+6DRN7ZmOhWwqrD5JQhVvUHpD8e2v3/lcCEdjblumnTwldp4IeQ6FZCk+PAArE0AUTDbjotM v+g8RccrX5yg9NzKsobEaexkLtKKYLHs4Ey0TrdR/FjZwAQmDoG12LdtlVN/z5yPFTUR2xPlZhodeqkjGU37kXR0pUeUv3bh2rs=
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/EUgYk_9J3F1zqheTtD3jx0u9MJc>
Subject: [Rats] I-D Action: draft-birkholz-rats-uccs-01.txt
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2020 19:24:22 -0000

Perfectly in favor of the UCCS tag.

The security discussion in this seems like the tail wagging the dog. UCCS is the tail. Conveyance Security is the dog. 

I think this draft should only say it is up to you to attach a dog to this tail.  CWT’s are a dog+tail so you don’t have to worry. UCCS is tail-only so you do. Your choice of dog is of course up to you. Choose wisely.  

Note also that UCCS is useful if you don’t like the type of dog that CWT comes with. It allows you use different types of dogs with a CWT-style tail.

:-)

Or said another way, I’m not so much in favor of section 3. Anything about RATS / EAT security should be in RATS / EAT docs, not here. Would like the draft to say simply “Be warned. UCCS does not have the security that CWT does. If you use UCCS, you should add security”.

LL

v2.23.0 | Report a Bug | By Email