Re: [Rats] Adoption call for draft-lundblade-rats-eat-media-type

Anders Rundgren <anders.rundgren.net@gmail.com> Thu, 04 August 2022 05:43 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECDC9C159496 for <rats@ietfa.amsl.com>; Wed, 3 Aug 2022 22:43:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R2ngp8FujgWd for <rats@ietfa.amsl.com>; Wed, 3 Aug 2022 22:43:40 -0700 (PDT)
Received: from mail-wm1-x336.google.com (mail-wm1-x336.google.com [IPv6:2a00:1450:4864:20::336]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 417CEC15AD3B for <rats@ietf.org>; Wed, 3 Aug 2022 22:43:40 -0700 (PDT)
Received: by mail-wm1-x336.google.com with SMTP id b21-20020a05600c4e1500b003a32bc8612fso1815679wmq.3 for <rats@ietf.org>; Wed, 03 Aug 2022 22:43:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:from:subject:to:references :content-language:in-reply-to:content-transfer-encoding; bh=dcXarIdisCL6816cNSW3PnWn+ayKCVyA+rPYm5fKqiA=; b=Nhh7SCjWrLyQQFVa9yogr2nB5XfaS63n1EeSANn9kX6SLx8gnK0xuqNXMppj3j9pDx jn9f+n3OTSbefvatDni6OqvKtGwdgFt1Io0gVTLzujjmRmBCINhOcnf2eNeIzAhiPVgV eUCj4b+54SVCITRCiORPQcLOEXEJYPduOXMo+IX/QfWtRLWLqERHUnZuMzyInue7RS0Z jRRDhUIpiSlckFyjPevVHZR3ywivtcqKSO0ueQuOgh3Ftwe2B4hi4o/7NYAAJQiX2tDT rXXq9JjhbWap3a92nUjH5fkOlFg3PM2gAH4AymefhWxyI8SGMikckYHOYkWjE2HOW/vW 1rVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:from :subject:to:references:content-language:in-reply-to :content-transfer-encoding; bh=dcXarIdisCL6816cNSW3PnWn+ayKCVyA+rPYm5fKqiA=; b=FWpmF1Z9Mwbj9lEuqNCog4ueL+Dm2sW6XuVGicsujQj57HLe8AY11Jn2Xqayg3IU2E 2ksaNYWKKGn1hylXtZRFSuT0orlzoN+XUhUB+WtpfONkkC9Pn/9jnRPQV6ZFi8rxI4ZX gQ6GanVEo7CI1ZYkHUbY2EbTV8GWD6ekJi8kikDsD3WjZrQ4ZDAX8Kp+ndxuG28x8ioB bMz8443MdZF6M3uuGPHsBe4Xppky/RoIfm83a1ZI3LCwi/7cQzaV9rOd3hL7+Yr35H91 SxftSceAIJwN8ZXaeHV3Abxo53nk/pKmuZT8XEjsaozq/6/F7akNil9EgJ/Dcpoz1e6q o5XA==
X-Gm-Message-State: ACgBeo2O6lSe3pN67Ko9cp3GNpDIUidnG8hZ6nsKXQZSNZpvoltU9lru gIr39HDKVln30ma0y8fNEivPwnXkH7Y=
X-Google-Smtp-Source: AA6agR6gpgNRsyMkrLQ/r98iNaqvyNoxPQRI2PsjA0yc8J66khwWj1z2Ev/iNW13HD6JCLId6OoYQw==
X-Received: by 2002:a05:600c:3c83:b0:39c:9039:852c with SMTP id bg3-20020a05600c3c8300b0039c9039852cmr119158wmb.187.1659591818619; Wed, 03 Aug 2022 22:43:38 -0700 (PDT)
Received: from ?IPV6:2a01:e34:ec4e:5670:5de5:6e0e:8545:ebbe? ([2a01:e34:ec4e:5670:5de5:6e0e:8545:ebbe]) by smtp.googlemail.com with ESMTPSA id m38-20020a05600c3b2600b003a31df6af2esm5292298wms.1.2022.08.03.22.43.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 03 Aug 2022 22:43:37 -0700 (PDT)
Message-ID: <69991a8d-9dbd-e368-f48d-5e06d6c2e3e5@gmail.com>
Date: Thu, 4 Aug 2022 07:43:36 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0
From: Anders Rundgren <anders.rundgren.net@gmail.com>
To: Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>, "Nancy Cam-Winget (ncamwing)" <ncamwing=40cisco.com@dmarc.ietf.org>, "rats@ietf.org" <rats@ietf.org>
References: <BYAPR11MB291957ABA67F8D244406BCC8D69D9@BYAPR11MB2919.namprd11.prod.outlook.com> <CH2PR21MB14648DFF6D6188DA29851BB4A39C9@CH2PR21MB1464.namprd21.prod.outlook.com>
Content-Language: en-US
In-Reply-To: <CH2PR21MB14648DFF6D6188DA29851BB4A39C9@CH2PR21MB1464.namprd21.prod.outlook.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/IcJvJqsZjsK28vO3s1Ao_XlNLjI>
Subject: Re: [Rats] Adoption call for draft-lundblade-rats-eat-media-type
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Aug 2022 05:43:44 -0000

On 2022-08-03 14:22, Dave Thaler wrote:
> Nancy Cam-Winget (ncamwing) wrote:
>> Please respond to this thread on the following:
>>
>> 1. You have read the draft and believe it is ready to be adopted by the working group. Any other feedback on the content of the draft is welcomed too.
>> 2. You support and are willing to provide feedback and comments on the draft
>> 3. You support the draft and plan to implement
> 
> 1-3 above.  I have read the draft, provided feedback, took a normative dependency on it from a TEEP WG draft,
> and already implemented it in my implantation of that draft.
> 
> And FYI to respond to Anders, the TEEP use definitely cannot use an in-object tag, and I expect some other uses outlined in the RATS architecture cannot either for the same reason.  Specifically, the TEEP use is to distinguish between (among other things) an EAT using the TEEP Profile, vs existing proprietary formats (such as SGX reports) that do not use CBOR.

Hi David,
As we all know there are usually multiple ways to address a problem and this case is no exception :)

The established way dealing with different objects in an HTTP world is using different paths.  This has native support in most server frameworks while the support for media types is practically non-existent.

If for some reason SGX reports and EAT attestation must invoke the same application, wrapping SGX reports with with a tag ("wrapped EAT") seems like a reasonable alternative.

In short: EAT/TEEP/RATS would (IMO...) gain by sticking to de-facto standards.  Media types are great but their primary use are in REEs.

Cheers,
Anders

Related: I'm trying to make CBOR useful in ISO 20022 contexts which among many things means adopting ISO's URN-based tagging scheme:
(shameless self-promotion) https://www.ietf.org/archive/id/draft-rundgren-cotx-01.html


> 
> Dave
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats