IETF Logo Mail Archive

Re: [Rats] Entity vs. role

Thomas Fossati <tho.ietf@gmail.com> Wed, 23 March 2022 09:43 UTC

Return-Path: <tho.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 276DE3A154D for <rats@ietfa.amsl.com>; Wed, 23 Mar 2022 02:43:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4XszccvPE5bh for <rats@ietfa.amsl.com>; Wed, 23 Mar 2022 02:43:14 -0700 (PDT)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D37F13A153E for <rats@ietf.org>; Wed, 23 Mar 2022 02:43:13 -0700 (PDT)
Received: by mail-lf1-x12a.google.com with SMTP id k21so1733321lfe.4 for <rats@ietf.org>; Wed, 23 Mar 2022 02:43:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=/FGtaKEshKQVp4X6rg8ajG5fqraMk0Br/vUpsswa41Q=; b=HbhqE2y4glB9zcbz9mjGiva8FIL7R1XD05cDJqnNxvL69CdCGZKAVGOJ0BR7fYgakv cXf7Z923R5Em7hYAim1rEw/YLuP3T5WYh782OCinZ2S5Nh3qfetsVk6f6KZm/Wg8BsWd 8fk9he1POAOJ972rAb9AT5FXJS2+MYlBe9ojEVWejtEQ+RMSv8sE6eKG/NBK839k477E HeGXLu7UD/O1ZrD9zTwP4TBH0Uimh3pGiFxESFN6Api+xpJJZL8dbCbxv3SQM+NUaKBV PM3+gL3m/PJ6+wk5RCzn9aBvqP1WRxaFet8qIXNnWaYi1ZhQzJ+QurKbI1ox46bIxpUr CC1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=/FGtaKEshKQVp4X6rg8ajG5fqraMk0Br/vUpsswa41Q=; b=F/jVqq6G1IA4uHlIX0TcQpLORBRpADtUUAEjU/8LMEFq7iTVPvZbOX4rZoNVUOIV40 veCAXVUA8vBSOl6g/bSx1HwpZv8mOKCXSivoIP8gvSQMNKfW10pVO7YcqxHaaPa9NFoo UqG1btxRfwvD/Q3JfoX34Q5lHkWgQyuXnOgCpwS1ygnsGySIDQ7k3Gh1iM9QT4WxoSAi 6+M5zKfKR80aq/BmFf+fMtojPhDdTd6LfokadJLjaNTSqp4Jp06U6fIZpqTJ5ic598z7 dA61+tCBjG9j64hH7CLK0pXzc8WSDjJGJgw437gZArt5VrvYRaygshgJidDnVkfRZlg7 O6ww==
X-Gm-Message-State: AOAM530t4FUOg/apf2isyU2GgAIsOrSNsIbENl3gDw9QLUMT+gF3RVk+ vLzzOzhSOqucJx3EvxzdCyqWFxpaALsmRIrCybg=
X-Google-Smtp-Source: ABdhPJwFcTU4Te1qmzoe5a3LrmDE/1CEOVpluDi5jeOOPbLiqWv6Zw3+ji5TDXH7O9sZ/JchyJ/iKNTruu/7uR6kDuw=
X-Received: by 2002:a05:6512:3ca9:b0:44a:378f:53f3 with SMTP id h41-20020a0565123ca900b0044a378f53f3mr6801987lfv.63.1648028591607; Wed, 23 Mar 2022 02:43:11 -0700 (PDT)
MIME-Version: 1.0
References: <3407CFB9-B713-4E13-BDA3-08EC7B5A905E@intel.com> <CAObGJnOxU0vfxzzZ9tv1J64KHDigxLcEMrgx0gDy97bE7NQJcA@mail.gmail.com> <E20F61DD-8775-4E68-8E56-E6EC92682A18@island-resort.com> <CAObGJnOv8ePE=R6vvdg5uib3Y9=WS8A5vcOdpWY0sREXA98aPQ@mail.gmail.com> <2BC14C43-80D0-4611-BEA0-9D9B9948BE0C@island-resort.com> <BYAPR11MB31255F64BDB773DB93A0C6CCA1179@BYAPR11MB3125.namprd11.prod.outlook.com> <9BFD1E45-569D-4E2F-BCD7-5DA6FF5A1BDF@island-resort.com> <34813642-B327-4A35-A27C-312FB43757E2@intel.com>
In-Reply-To: <34813642-B327-4A35-A27C-312FB43757E2@intel.com>
From: Thomas Fossati <tho.ietf@gmail.com>
Date: Wed, 23 Mar 2022 09:43:00 +0000
Message-ID: <CAObGJnNYwxdYSgEA8=xvuA6eMkmX+Ak2Pb51xJH3OvKsuFOQGg@mail.gmail.com>
To: "Smith, Ned" <ned.smith@intel.com>
Cc: Laurence Lundblade <lgl@island-resort.com>, "Eric Voit (evoit)" <evoit@cisco.com>, "rats@ietf.org" <rats@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Hrbjf4I9p32p7aMI8mBqj4zrlT4>
Subject: Re: [Rats] Entity vs. role
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2022 09:43:19 -0000

hi Ned

On Wed, Mar 23, 2022 at 8:53 AM Smith, Ned <ned.smith@intel.com> wrote:
> [ned] Maybe it is helpful to describe swim lanes between entities where each pairwise role interaction can be represented? It might also be helpful to qualify entities vs. roles in diagrams where both are needed such as passport and background check as it would seem the entity name is overloaded with the role name in the RATS architecture.
>
> e.g., given a verifier entity (V-E) that is connected to a relying party entity (RP-E), a hybrid model might have swimlanes as follows:
>
> V-E           RP-E
> ---           ----
> V  ----AR----> RP
> A  ----E-----> V

I like this.

Just a note: in this case, the existence of a Verifier role at RP-E is
predicated on the RP-E having access to, at least, the key material to
verify E - e.g., the public key of the attester A.  Otherwise, E is
just "passthrough/forwarded" and the RP role is all there is at RP-E.

cheers,
-- 
Thomas

v2.23.0 | Report a Bug | By Email