Re: [Rats] EAT claims needed by TEEP

Dave Thaler <dthaler@microsoft.com> Mon, 08 November 2021 22:25 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FD3D3A0D5F; Mon, 8 Nov 2021 14:25:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9lAVtEPuFZLx; Mon, 8 Nov 2021 14:25:42 -0800 (PST)
Received: from na01-obe.outbound.protection.outlook.com (mail-cusazon11021025.outbound.protection.outlook.com [52.101.62.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 944B33A0D5E; Mon, 8 Nov 2021 14:25:42 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SOncFqeCujQq9tTkMlLK29IChbijtjGGRTY/u+XVMKItAM+NgtynTq/Ts0VcaFdngAPolkQnAovrz73dMoeD5qT3WpUqPp45k0nTJoJvQIiLvpH0F1IU7zyYrOXCyOhzhu8NCgSzKA3HUhI7IHa36+tdjEoZNMl5CusuNb/JRPrEu8jUzc6iPEo6rXyWPx0pYrf7RILfhdlm5rK+UGJE/nfNTHWP44VsBpVgfMnK2FTparEhiZt+s3R/vdZtTyQkH1mvdLiuDw7bwNKPviDxbwKZS+rYtl1vbUv5OnWlnR0NySEuDz4tZRijcrZo9epMfM4cFVT4mKDz7Qd9FQM0Hg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uzhpI5vbZjH0yWI/RLwlhlbxU6541sLK5yUFaUsZCwk=; b=ca/JbwGOMRXopgN+0UCDV32LASyc10axpvdusTmh/h9PTy6mqemJownsqrpC8LNkZYXgzJe1TlxxIsdmIo8B2EJl+FRRVQr0x94lDXbWIwqQ4ci6ZxY8FjRl9e3UxMcXIUDHUdR3m+yFWKU5CSbTRTeBlsN7kgkLSfTmNPpIKTgHZGGBm4NZoRB7qXblswt3ETkI2CJxa5I7pFVZjPP0ueyrd6qq9rOISfP1ZP4THsmPyvOszBz+HEwUwCOyeXilzqSLb0aRLIQYhizLEC1QiGrelGLGXftMAu6TOhbJ4mESlOs3NTSp8nmxYE1bwBtL8OqBiAKAUq+NnlbPptGGrQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uzhpI5vbZjH0yWI/RLwlhlbxU6541sLK5yUFaUsZCwk=; b=T48yHMpbSJ3anjCTfFLg+YBU3dYzRuaRXE7IAs44tMYh0B/AVhETZL/pE0rg2tHTdNVNL33+i/D+KFxPSXsnWWB9WNDLXuUCx9YU582tK+6jvbi7g8TFBipTQog7oqnBOxBn4geUcICZ+O7b91epUUAMTld0RgCgKUWTkATDF5A=
Received: from CH2PR21MB1464.namprd21.prod.outlook.com (20.180.10.208) by CH2PR21MB1446.namprd21.prod.outlook.com (10.141.57.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4713.3; Mon, 8 Nov 2021 22:25:08 +0000
Received: from CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::9007:83c9:e722:5236]) by CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::9007:83c9:e722:5236%7]) with mapi id 15.20.4713.005; Mon, 8 Nov 2021 22:25:08 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: Giridhar Mandyam <mandyam@qti.qualcomm.com>, "rats@ietf.org" <rats@ietf.org>, teep <teep@ietf.org>
Thread-Topic: [Rats] EAT claims needed by TEEP
Thread-Index: Adar5IMluvH5Xfk/TjCNoR5RTUTf2AAroFeAAAKv15AAARKhAAAtBI8AADYVQwAAAL1cOAABgHyAAABiwm5JodwIcAAJgbEAAAI5taA=
Date: Mon, 8 Nov 2021 22:25:08 +0000
Message-ID: <CH2PR21MB146427B07435A5F36DAE5782A3919@CH2PR21MB1464.namprd21.prod.outlook.com>
References: <BL0PR2101MB102770B8E03B95A44497004CA3190@BL0PR2101MB1027.namprd21.prod.outlook.com> <7607E6BF-459C-4A32-AAE2-08117A97E06B@island-resort.com> <BL0PR2101MB1027EA205417DAF375BA7085A3160@BL0PR2101MB1027.namprd21.prod.outlook.com> <B1FDD70B-2530-454C-90AF-F44EEDC4F1F3@island-resort.com> <AM6PR08MB342916CCDD01E8698BB3C883EF170@AM6PR08MB3429.eurprd08.prod.outlook.com> <2D53BD60-4FA8-4153-B28B-585E902845AE@island-resort.com> <AM6PR08MB423141370A5CE9DEF6C732C69C140@AM6PR08MB4231.eurprd08.prod.outlook.com> <3370D92E-23C2-41C3-B86F-A65C168E9082@island-resort.com> <AM6PR08MB42311D76B24E866812171BDC9C140@AM6PR08MB4231.eurprd08.prod.outlook.com> <CH2PR21MB14640330E3DA58D2144659F7A3919@CH2PR21MB1464.namprd21.prod.outlook.com> <C9FCDB94-1734-4F6C-B6D9-DDB384827E06@island-resort.com>
In-Reply-To: <C9FCDB94-1734-4F6C-B6D9-DDB384827E06@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=65227b2c-ef89-45b2-a12a-4e360742ed82; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2021-11-08T22:24:03Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7fb316cb-cd2f-4bca-561e-08d9a3069f65
x-ms-traffictypediagnostic: CH2PR21MB1446:
x-microsoft-antispam-prvs: <CH2PR21MB14460F847C69C6829466CB68A3919@CH2PR21MB1446.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uGBmr9hMiPhlp8FFl4D5Hsq1WDhiNH+p/JhfGs6W8gcMeaauYOHkznzSgIadaseLVN/t1n4l88RJwpMJdnK9hr4VTZdNbIB9DBDAgYDpMMX7A0KIBMMZBHaIUDUdGUAUhufnrbJDkBIbSJHyI2enQ1mnvWZhqZogvh21HZmwzeLZ0DE5qpk5pg4gSmcV5UofZsZIYtbVaw1Pv2NHc+0HfF9qX6y7JRAQX0vyh6O5Ojq0QbMP+DqFGkknUdWquxmLNm7gFwXxiH3fbbwZeN+RwDdd167bKcbG2GrFfjNMMqzkHy6VUeWOYWn5DmpFP5PQyK3OSk6esZ82iCCAKaQqvnHUJkDUh/Rzo/pvkOgtQWtz3UlyuLbEA98INjJGWCOmkhsQSa9RQkn0G+/8hxCmM8tSOpWYal9YdPnPjyqE8xwE5qpP587ZxcuCeh85shKjX8hJRSNLlBk5B1lpYVQPGjqp32EzYPB3dXOaQn8lkyqppI2g6N1mSD0BfffPJcaBTnTMDZRrnIBpI/rOhrRMyhH022UVVfiVFH2VzYxRWs67OaYsZjlCII9azE/ATe3mdoSDsv1Yr9FFXMdDy678VrKTYRJ1ZMacVruzSEC5toGA92zsEJt3KjkgLzgeshDX1oEhCQc5aO426CtEpL53HpJLl3bt48QS+MHYA14eOXFVh4ltCH9MF/dfVIniM1reIQwu24borwH98vtr6dW5haG7p0PkVhWL7aoC9xn6qV0X9VrmQ750ZQ7VPfkNmtlCgRQibfoM6HHWPKzCrTH+TSK+nWl0rd/1ByExdA9Y+u+KJSMpCa3rMAC0IYGAySjBYX7OVdqmLscvXOJoP1EeOw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR21MB1464.namprd21.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(76116006)(6916009)(54906003)(2906002)(8676002)(53546011)(166002)(83380400001)(186003)(8990500004)(38070700005)(5660300002)(82960400001)(82950400001)(64756008)(86362001)(8936002)(52536014)(66446008)(4326008)(38100700002)(122000001)(10290500003)(316002)(966005)(71200400001)(508600001)(9686003)(7696005)(33656002)(66476007)(6506007)(66556008)(66946007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?EI7B7PgX8+elnji4QcCjREa9YrsmIDx+xgph0Lwe6oQuGKnYA2AgAiHUDoEs?= =?us-ascii?Q?aYaefDxTaAYdfzbXxT1Kxvxu1P8VToHutMWI7hn3b0ZTfBMXtaH+jIIBuA6e?= =?us-ascii?Q?RnHXV07dSAGNB9ZJU3BPVjkjt+8C2ILMPy7oTieGU6MsS2YoMLvZFUxVEbBw?= =?us-ascii?Q?X4fM0HZjJS854M0j9GqiPIc8s2R2NX8AL9CGfdW4G8M4h6aTEc12mULqpjaz?= =?us-ascii?Q?u4HENCpoCEQeCl3EDZrf2rRlznvAsVsssmcbFr4+qC+V/m46tMaspiZT37eV?= =?us-ascii?Q?99lnQt1p0ov+pId36x6IiRhLLIqz8TWzcXjn2O5YHb3RZRKrXVXjyJTMWo5n?= =?us-ascii?Q?1oVlBWpHQB6LPy0IIdtDPF8RYQKsSafFP8rzX/TciZYZUh99hqTWapplUL+h?= =?us-ascii?Q?9kkIh5hB26EL2JMTL70dyEvk/3nlQ64yUzTLugGe1QVvIsBWQ2+JywVN7dDg?= =?us-ascii?Q?OwydqRVWz2v2De9U5+jZDjWIycuvjqTn/nmB7eTcwFqBVkA0p5GV4+xDdPex?= =?us-ascii?Q?DwjacDhdLAv9qAwL4OaXZYF4EhP4cVj+8FpfrKjgtilWVvHWcdpSFDtVkY8S?= =?us-ascii?Q?VL3mx0wnQ8t60pkY0Ml4HPkcMvgLKanI6GpO6D5qOi8YV1x6zCNdAYotiEAq?= =?us-ascii?Q?aJCts1m30Gr+y84hr418x8wjqe4EvYuVNuwAZ/SoZAQ8Wv1VSuACi9VViRVF?= =?us-ascii?Q?+sr0LC9u0Fp5K9CEECMbErsR9WhiFHVcmGA7QpIoF3oeLotia7F6R+/ViIri?= =?us-ascii?Q?z02+pCqHj4f17D7fU0v6ygxiSfPRI0deyZ9Npi1I1HoQaC2EiJ0EKI79A6PS?= =?us-ascii?Q?K5cKoVn+zkHuydsMVuZyDIvm/XnU8NmC7203QDx6puIvBCPy7weRvk17JzrH?= =?us-ascii?Q?wxxD0+78O0r3kYEW0FGbL7yX20+Ge9UDkgBxIqcGldb3d9H+PE0+wvBbqd9A?= =?us-ascii?Q?lPsK6zPszMCAllZWh0Kvneup51XL1Z1Ffqhs6MsysQSIeN2TCbCdyb9dz9gj?= =?us-ascii?Q?uetDiwACprZHInkQx8HcGhW8ZjRJo7o5T3Zn8BzS5KH62+p3cd94Vfn3wPgD?= =?us-ascii?Q?WqwggtH8xhnYjefMicV4g+xN6yhdo1rL3WOw1O/JdP+qk/zManH7ykVm8ac1?= =?us-ascii?Q?7Ch6q96u3nJLYMfcmd9CQWbVNBdUkG0UiOfvPeimkiG56CjKoHRLeKzGF/Sm?= =?us-ascii?Q?IK0QeBLvVCoXdGUweXl9jlfH69qZNrJQM6llYB2Xh2+3mY38X+JQr95yPdk3?= =?us-ascii?Q?IU34O1nz4XVsn1jQG9DngAAVdtcPqPlBmasF+hF+5DW4K1iG4TSygnpBqItK?= =?us-ascii?Q?7nypOD7p8v2UnQdRJ6xSBUugrnNxF5FGIfLM9QpgCOyET1XZDqV6jY+l6d9v?= =?us-ascii?Q?LJA/oGEGr1PLHPVNiA2CK3chqmavmG3/bnYFOa3zE39tJtOwcOYu4fMa1UVj?= =?us-ascii?Q?FW2yL1EpLptzd95QbsVP5qtlwwwaQP49wEJdxYJxlDrvbItTM/Nqn/0+DXSu?= =?us-ascii?Q?OoMaeY2dyBoNvmfdRWkzF4qlS6axfINP6rBESMs/3pXZbvYO5xWfD6+IwDs/?= =?us-ascii?Q?03bJF8EvTXKmoEBypREF/fJl02NFWmcqMRtfVO+PZjzvcc5OhywrI8cs8YU4?= =?us-ascii?Q?6mtWTb37GQwcUIqfB2u5Yq+sDT/nsmPZv5EMgpqdnLZPazHZAZULOOw+pqZ7?= =?us-ascii?Q?3rxLg8oE87NcKftm714GpXIdZsAo3/dJ3Cn+mKyUKl+nbg9MX66hbG3apaP5?= =?us-ascii?Q?i9v0pHfptg=3D=3D?=
Content-Type: multipart/alternative; boundary="_000_CH2PR21MB146427B07435A5F36DAE5782A3919CH2PR21MB1464namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR21MB1464.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7fb316cb-cd2f-4bca-561e-08d9a3069f65
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Nov 2021 22:25:08.7432 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nBNvnXB6rMBn3VYTYTK19ZcBVP/He5lKncAata4SFKqeKgh8di6y/qJj2WsIYHuOwT73AeV0j9xQmHCUABs3rSEKRV5oPV7vrnobI6o+F7Y=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR21MB1446
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/IiuMuj0PXV3bpwc80E_B0FNv-Xc>
Subject: Re: [Rats] EAT claims needed by TEEP
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2021 22:25:48 -0000

Yes I agree that PR would be sufficient to close the issue I raised.
Thanks Laurence for opening the PR, and I hope others will review so this
could get merged before the Friday meeting if there are no objections.

Dave

From: Laurence Lundblade <lgl@island-resort.com>
Sent: Monday, November 8, 2021 1:20 PM
To: Dave Thaler <dthaler@microsoft.com>
Cc: Giridhar Mandyam <mandyam@qti.qualcomm.com>om>; rats@ietf.org; teep <teep@ietf.org>
Subject: Re: [Rats] EAT claims needed by TEEP

This PR<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-rats-wg%2Feat%2Fpull%2F139&data=04%7C01%7Cdthaler%40microsoft.com%7Ccd1bfedf9bf24e41e68208d9a2fd94a6%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637720032296857318%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=33oCO7YuLj53p%2BgsjN%2FAINMAnc7Yec1oKj5%2F2WR4fYg%3D&reserved=0> now exists to address class.

I was never quite sure what it was and it seemed TEEP/SUITE specific to me, one of the reasons I didn't do anything about it for the -11 draft. See if what I've got in the PR makes sense.

LL



On Nov 8, 2021, at 9:20 AM, Dave Thaler <dthaler@microsoft.com<mailto:dthaler@microsoft.com>> wrote:

Following up on the RATS meeting today, I compared the latest EAT document
against the TEEP requirements discussed most recently at the IETF 111 RATS meeting.

There were 5 requirements from TEEP for claims, ideally general use ones not profile specific ones.
My reading is that the latest EAT doc now meets 4 of the 5 and only "device class" is missing,
and indeed the EAT document discussion of ueid explicitly says
"It does not identify types, models or classes of devices."
but nothing else in the document I could find provides a way to identify such.

Henk's proposal there was section 3.1.2 of draft-birkholz-rats-suit-claims:

> 3.1.2.  class-identifier
>
>   A RFC 4122 UUID representing the class of the Attester or one of its
>   hardware and/or software components.
>
>   $$system-property-claim //= ( class-identifier => RFC4122_UUID )

The other four requirements from TEEP can be met as follows, if I understand
the intent correctly:

  1.  Device unique identifier -> use ueid claim
  2.  Vendor of the device -> use oemid
  3.  Firmware type -> use sw-name
  4.  Firmware version -> use sw-version

The above claims would go in a claimset about the TEE (which may or may not be
a separate processor), but EAT already supports different claimsets for different
components as I understand it, so that's fine.

https://github.com/ietf-rats-wg/eat/issues/138<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-rats-wg%2Feat%2Fissues%2F138&data=04%7C01%7Cdthaler%40microsoft.com%7Ccd1bfedf9bf24e41e68208d9a2fd94a6%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637720032296857318%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=1yQ6r3uJM0T%2B9MvBxu901cHuyZZBNxRpY%2BLZSLd8nfI%3D&reserved=0> tracks this issue and my belief
is it should be simple to add a device class claim into a draft -12 of EAT.

I will also cover this in the TEEP WG meeting on Friday where I will discuss
what we need to change in the TEEP protocol spec, where this is tracked by
https://github.com/ietf-teep/teep-protocol/issues/165<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-teep%2Fteep-protocol%2Fissues%2F165&data=04%7C01%7Cdthaler%40microsoft.com%7Ccd1bfedf9bf24e41e68208d9a2fd94a6%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637720032296867281%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=xYQeyXBbyZ3FORI8I5ISSeMVQ0F4ZJ7aNS1nDfZxOOE%3D&reserved=0>

Dave

From: Thomas Fossati <Thomas.Fossati@arm.com<mailto:Thomas.Fossati@arm.com>>
Sent: Thursday, October 29, 2020 2:21 PM
To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>
Cc: rats@ietf.org<mailto:rats@ietf.org>; teep <teep@ietf.org<mailto:teep@ietf.org>>; Dave Thaler <dthaler@microsoft.com<mailto:dthaler@microsoft.com>>; Simon Frost <Simon.Frost@arm.com<mailto:Simon.Frost@arm.com>>; Thomas Fossati <Thomas.Fossati@arm.com<mailto:Thomas.Fossati@arm.com>>
Subject: Re: [Rats] EAT claims needed by TEEP

On 29/10/2020, 21:07, "RATS" <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> wrote:
> On Oct 29, 2020, at 1:45 PM, Thomas Fossati <Thomas.Fossati@arm.com<mailto:Thomas.Fossati@arm.com>> wrote:
>
> Hi Laurence,
>
> > My understanding is that they are always encoded as CBOR text strings,
> > so floating-point doesn't mean #7.25 or such.
>
> Correct.  In (Co)SWID software-version is just a text string and version-scheme
> is there to do some semantic polishing.  But the underlying type is always #3.
>
> Maybe I'm misunderstanding your proposal here, but I would be circumspect
> in mixing SWIDs attributes, which are scoped to software artifacts, with HW
> identifiers.
>
>
> Hi Thomas,
>
> All the SW Version stuff would fall under a single EAT claims that
> contains a full CoSWID.
>
> For HW Version, I was thinking of two EAT claims, one for the version
> text, another for the version scheme (or we could go off and define a
> full CoHWID).

OK, looks like I had misunderstood your plan :-) thanks for the
clarification!
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.