IETF Logo Mail Archive

Re: [Rats] What's to EAT? - terminology clarification

Dave Thaler <dthaler@microsoft.com> Wed, 13 November 2019 00:06 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5921D1200B5 for <rats@ietfa.amsl.com>; Tue, 12 Nov 2019 16:06:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xWfjuFJDIr0I for <rats@ietfa.amsl.com>; Tue, 12 Nov 2019 16:06:55 -0800 (PST)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-eopbgr750100.outbound.protection.outlook.com [40.107.75.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 947AB120044 for <rats@ietf.org>; Tue, 12 Nov 2019 16:06:54 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gywBg+rXbg2mQ3h95uPlfVTPaV5k5h4rnVRoyoeGZzmb0+jMArOGEcUpiYACrEtIDnBS1nbeGx40kjORHAI41cRGfvQccVC6XystvWDf1C3XNu9Z+Enko3LcGAG2wU/UdJ2cya4/PGD/q/e1YqyGTv19v+DCL+yGzLvZ4kIsYK8U1nKzo+hRuiGa2T6aZeml9nlv2dOAZXxnmd7J1tA6LrDOBofaspXB8zWN8KCwcVE2olYYvlN1NKkjbp4VBlNWWv6M+DhOap1oQvw6mVwB7fJdmNpaBoh35zNQjW9/oDuxlRYUAj7F5qWQXC3n2twivb5wzJ+cX7i1XWDsgMYnXg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QWObzK+/T23lwajgvF2JipWMkkeU2dl4XiV4tWH48bM=; b=jFvX5sOzt0osYP+h+LRvd7sPbpv3sNK8m5vlIB7y9HAwRQZSC8FSY6l/kGE4YZLt5bAcARKxQp8EPW/fR5q4T7QTl14cVQ64mT83AyONT5MgBIUSvk2YtToQIvvw2MzBQWomv+VlOUjzZJfnAQVENyfyFbS7XHOcZZ4WJocoo9t62Mt1gG/Xt2762CThpteu8puBl7l4ZqCGrXvc3+HbjArnFaCC3qgPwGDvPCS0LDNglYPmNKYX7xPk1A0Y2DrzemCJM+Xl5+d4+rhmWa7x3r0yWt5DxG49Asfd0x9meFddFMSZLIbwzZvLBY+4/tgIBRCK1tuDIaT6pBpT8nHW+A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QWObzK+/T23lwajgvF2JipWMkkeU2dl4XiV4tWH48bM=; b=gCWSDSt84pUMOIMwVFc6bQH61/lRLRW0nPCdfoC7DsEVFBZd2HrHePHwOqX7Lb18PAYmUoVlr21j6d9xL8iLOdi0nQZUBMflalxklbBNMiCNSxbS5ZZ2fIb7d+X1NjH+N4hRQvzmaEYyPoGWZSOOVI0igSrLQmeZKF1i23jODfY=
Received: from MWHPR21MB0784.namprd21.prod.outlook.com (10.173.51.150) by MWHPR21MB0751.namprd21.prod.outlook.com (10.173.51.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.11; Wed, 13 Nov 2019 00:06:51 +0000
Received: from MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::8d41:8f86:8654:8439]) by MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::8d41:8f86:8654:8439%12]) with mapi id 15.20.2474.001; Wed, 13 Nov 2019 00:06:51 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: "Smith, Ned" <ned.smith@intel.com>, Laurence Lundblade <lgl@island-resort.com>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] What's to EAT? - terminology clarification
Thread-Index: AQHVmaxQg/JbqfbFf0mfD9c0xlySNKeIK3rwgAALoICAAAAtIA==
Date: Wed, 13 Nov 2019 00:06:51 +0000
Message-ID: <MWHPR21MB078439E9EB07E3BB72E15137A3760@MWHPR21MB0784.namprd21.prod.outlook.com>
References: <229E0A72-4B44-4C9A-AD0A-142A13020C9A@intel.com> <MWHPR21MB0784058F591C52EEB31E0736A3770@MWHPR21MB0784.namprd21.prod.outlook.com> <4F586E15-9CF7-4824-87F2-8E2C20D1AF1D@intel.com>
In-Reply-To: <4F586E15-9CF7-4824-87F2-8E2C20D1AF1D@intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=dthaler@ntdev.microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-11-12T23:33:26.3540800Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=a7e8c754-18b3-4068-9621-248da0028d48; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com;
x-originating-ip: [2001:4898:80e8:0:f8a5:16bc:386f:88f5]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: b5b447fd-a095-4a27-0eea-08d767cd6285
x-ms-traffictypediagnostic: MWHPR21MB0751:
x-microsoft-antispam-prvs: <MWHPR21MB0751CCDAB402615B9C407F44A3760@MWHPR21MB0751.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:595;
x-forefront-prvs: 0220D4B98D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(396003)(136003)(376002)(346002)(366004)(199004)(189003)(71200400001)(76116006)(81156014)(8936002)(81166006)(8676002)(52536014)(790700001)(6116002)(5660300002)(66446008)(66556008)(66946007)(25786009)(33656002)(10290500003)(14454004)(561944003)(478600001)(4001150100001)(229853002)(66476007)(6436002)(236005)(6306002)(54896002)(2906002)(256004)(64756008)(14444005)(55016002)(9686003)(4326008)(6246003)(186003)(8990500004)(10090500001)(71190400001)(74316002)(7736002)(76176011)(102836004)(486006)(446003)(46003)(86362001)(99286004)(110136005)(53546011)(476003)(6506007)(22452003)(316002)(7696005)(11346002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0751; H:MWHPR21MB0784.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:3;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: YngtBqiemZXmJfEI7bQfYxqUEeWt/+QDm0gVk9hDE9dLeNtTqPDQ8481ViSk9OS0ej1DpIAeCCq5EDqg85VCEr1UKPVCCywDtvVFXTfEosmJHtVUHG0xC6OHr3xttuZ40FGoPeKbN2j6xRXFBPofwwhAzfvA8cqdaGalA/nrSHUddpucnUGLq0JhQq4onWPkWvqWTViuJaUo9H0L6hO9vm+yfsj1ThmgBlklAtUWdYe2x+egxt8Ali5E+Aenb2bnA6uPNBSjIV7bsV0eFXpyfNmjGVSNlMY2DI+9xDksC+h1BTy/T4DGUS1ZJ5XF6UrG4t06w297t4+DHeKe+XIx+I6wjJo7Wd8zqkuCwRrKG00PpDz6KBJjyVw55irp9TQlcb5Y1w8igiQ+XdgtGOQEyruKx7v2A/FdnfKsrCSqBvtxFH22bymsTNLI7rYSVSlq
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MWHPR21MB078439E9EB07E3BB72E15137A3760MWHPR21MB0784namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b5b447fd-a095-4a27-0eea-08d767cd6285
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Nov 2019 00:06:51.3848 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +S3Onp9ZQ95zvH4FnYGnMwiUu08fXkJrDyKi0wiPllTYUOgDAcg4J2+X5tLylqOA821ThZ/BvaQDjeLyn2l6yAFE6Zjr/6d+9kShgguLxK0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0751
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Hf3oa2f1avA6Jik8dHW14jxj_dE>
Subject: Re: [Rats] What's to EAT? - terminology clarification
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2019 00:06:59 -0000


From: Smith, Ned <ned.smith@intel.com>
Sent: Tuesday, November 12, 2019 4:00 PM
To: Dave Thaler <dthaler@microsoft.com>; Laurence Lundblade <lgl@island-resort.com>; Michael Richardson <mcr+ietf@sandelman.ca>
Cc: rats@ietf.org
Subject: Re: [Rats] What's to EAT? - terminology clarification

I agree that the thread regarding “Claims”, “Tokens” and “Evidence” largely is applicable to “Attestation Results”. Like Evidence, Attestation Results are a serialization. Claims are also relevant as information model expressions that may be realized as Attestation Results serialization.

I mostly agree with you there.   I would just say Attestation Results are conveyed using a serialization.  I would be fine also using the term to refer to the information, not just the serialization.
as in saying “The Attestation Results are serialized using format XYZ and sent to the Relying Party via protocol ABC”.   Such a sentence uses the term to apply to the information both before and after
serialization.   If the WG chooses to fine it to just post-serialization that’s ok with me, I just think it’s more convenient as I described.

See more inline [nms].

On 11/12/19, 15:33 PM, "Dave Thaler" <dthaler@microsoft.com<mailto:dthaler@microsoft.com>> wrote:



From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> On Behalf Of Smith, Ned
Sent: Tuesday, November 12, 2019 2:56 PM
To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>; Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr+ietf@sandelman.ca>>
Cc: rats@ietf.org<mailto:rats@ietf.org>
Subject: Re: [Rats] What's to EAT? - terminology clarification


Including Dave Thaler’s thread from forked subject line in [1].

The eat draft uses “Claim(s)” in the section heading for the Information Model. CDDL expressions are used. I think this is OK. We don’t need to change it to “Evidence” IMO. The architecture draft (birkholz) strongly implies that Evidence is signed (verifiable or provable). This suggests Evidence is in a serialized format (hence isn’t CDDL, YANG or ASN.1).



Sure, Evidence is certainly conveyed in a serialized format.

[nms] It is also signed in a serialized format.



Yes I agree with that part.   I was trying to just make the point I articulated more specifically at the top of this response.   But I don’t feel strongly either way.



I don’t think “Evidence” would be as precise a way to talk about an information model object as “Claim(s)” would be.



YANG is not a serializable format hence it is more appropriately an information model language for the purposes of RATS (IMO).



Going back to the original question. A Token (EAT, CWT, JWT) is an example of something the architecture calls Evidence.



FYI, I (and others I’ve talked to) are far more interested in the use of a Token for what the architecture calls Attestation Format,

[nms] I don’t see the term “Attestation Format” occurring in the current arch (editors draft). Maybe this needs disambiguation from the current text that uses “format” in the context of defining other structures – i.e. Evidence, Reference Values and Attestation Results.



Sorry for the confusion, there is no single “arch doc”.   It’s in my arch doc, and it’s in the slides and minutes and discussion from last IETF where everyone agreed on it

(I believe it was Henk’s term originally, I got it from Henk at the hackathon :) then regardless of whether the other arch doc proposal uses the term or not ☺



much less interested in standardizing what the architecture calls Evidence.

[nms] My assumption is that a claim formatted as Evidence could be synonymous with a claim formatted as Attestation Results (and the reverse is also true).

Agree



This doesn’t imply there couldn’t be other formatted Evidence with different formatting that isn’t suitable for use as Attestation Results.

Agree.   I’ve heard some people arguing that tcglog is one such format, but other opinions may vary.



Likewise, Verifiers could produce Attestation Results with claims that are not asserted by any Attester.

Agree.



But the architecture wouldn’t expect (I presume) to define Attestation Results using a format that could not be used as Evidence.

Agree.



Sound like you and I are on the same page, modulo minor terminology preference at top that I don’t consider a big deal either way.



Dave



A Verifier can have multiple simultaneous purposes, as mentioned in my draft:

1)     To make policy decisions that include verifying Evidence that chains up to a manufacturer, and then generating an Attestation Result

whose security chains up to the Verifier (or their org) rather than every manufacturer of every Attester, so that the Relying Party’s policy

can be simple and just trust the Verifier.

2)     To allow heterogeneous Attesters, with different Evidence formats (including existing/proprietary/whatever ones), to talk to a common Verifier,
which can then provide a standard Attestation Format to Relying Parties, so that one need not have every Relying Party understand every

Evidence format, of which many already exist.



So I personally will argue against scoping EAT to only Evidence, and for keeping it generic and usable for Attestation Results.

(Others I’ve talked to both inside and outside Microsoft share this view, so I’m also relying it as a messenger, not just an advocate.)



If the WG chooses to only standardize what we now call Evidence and ignore Attestation Results, then I don’t believe it meets the needs

of either Microsoft or, I suspect, the TEEP WG use case.



Dave



CDDL, YANG are expressions of something that the architecture should call Claims. (agree?)

-Ned



[1] Dave Thaler wrote:
> So far the group has used the term "EAT" to refer to both the information model and data serialization expressions.

I would rather see the term EAT (and any other terms ending in Token, like JWT and CWT) only be used to refer to
data serialization expressions, not the information model.

> When extending information model to YANG or some other serialization (e.g. ASN.1). Given the possibility for an IM
> expression to be realized by different serializations, what term should we give to the IM description?

That’s a fine question, and I don’t have any strong preference right now, other than to not use the same term as something else.
Offhand, my preference would be to not define a term, and just use Evidence and Attestation Result as the terms for
format-independent discussion.  I think it is useful to distinguish between Evidence vs Attestation Results in many cases.
And if you need to refer to both, then we can always use both together, such as “Evidence and Attestation Results”.

> The term "Claim" has been used extensively. Do we want to agree to use "claim" to refer to anything that is an IM
> expression in RATS and "Token" for any serialization (realization) even if it isn't a JWT or CWT?

I would say no. To me, a claim is one particular piece of information, where a “Token” or whatever else has a set of claims.

Dave


On 11/12/19, 11:00 AM, "RATS on behalf of Laurence Lundblade" <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org> on behalf of lgl@island-resort.com<mailto:lgl@island-resort.com>> wrote:


On Nov 12, 2019, at 1:08 AM, Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr+ietf@sandelman.ca>> wrote:


On 2019-11-12 12:19 p.m., Dave Thaler wrote:

Ned Smith wrote:

So far the group has used the term "EAT" to refer to both the
information model and data serialization expressions.



I would rather see the term EAT (and any other terms ending in Token,
like JWT and CWT) only be used to refer to

data serialization expressions, not the information model.
I concur.

I disagree with that.

I don’t think we want one information model for all of RATS.

EAT has an information model and data model for what it expresses.

The YANG Module has an information and data model for what it expresses.

The primary purpose for use of information models (plural!) is so we can described things like claims once and then have a largely mechanical way to serialize them in different ways, CBOR and JSON.

Note that CWT and JWT don’t use the information model concept. They are mostly two independently defined and loosely coordinated data models. We are trying to do different by having a common information model that covers both. One might argue that CWT and JWT should have done what we are doing in EAT.

LL

v2.23.0 | Report a Bug | By Email