Re: [Rats] [sacm] CoSWID and EAT and CWT
"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Thu, 21 November 2019 13:24 UTC
Return-Path: <david.waltermire@nist.gov>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 650A412083C; Thu, 21 Nov 2019 05:24:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H6qvogTPCtKQ; Thu, 21 Nov 2019 05:24:40 -0800 (PST)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02hn2231.outbound.protection.outlook.com [52.100.154.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F82F12081A; Thu, 21 Nov 2019 05:24:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O1gjNIgjJaHYUQPYoEHhiBU8VhJqf+U2y3OoD6JJ5NLgiV6qyKGLosv/tuOKdLtGImYDYWGkr9T2RZcmKkUhWzmrrYoWqT0AT+uQUxNO/qyG96YuclcXf+cn+cDIsPiFFzb+Wwec0m900dUK9XEhkk/uMUDGpwnpCoJao+iDQ8QjiJIf49kH4KPoh/Hhrh48cTbiCPBXNzpS/NG99A+x8Bec1zThxnOoIw7TvCU2ylXubEe2sPapqSqPMa77Qcn4qGbwqfpZLeq5Qyi7P5IL7V4PzpBpE4sbb709r9TsZi+QFWTnyRYAgxYjGZ9i5dx+HAP3ydD161ga+wOHJyKEdA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rlJzA8wm05VL2cgIc/QSr7+bhzqgeQOvX+xqGUqyBX8=; b=QHSOp5oXPm+J6v4Juegk/Esp1AFLNdtw8wvdYzIfkaNu70t0Rdi13gqoo2X2z4AOS1qIg5gjsQq150k/e/yVaBhJbpW5J0G5QgzEJkuVXEGf8LLeDu1+vA5++lncENRypUa8KIRbdh6HxUnEYPtJXaDlkbQx5bTtvgoeKPggvgQI9o5AEvFVtm3n2n0/RZW56BqQ+zxx5hQwLTAu8GGBqOvkS/tA+bYfgkvB0t/dHWTGigZXJi0cGUFH70AlGUiLE3/+N1VNbxz0Fxh4KIfqCuOdAZy7Wny/VWZzU55XgGXGMjR+n2tTYba4VPwCJkSWjTwL3Yh7OLs06nINqxgOSQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rlJzA8wm05VL2cgIc/QSr7+bhzqgeQOvX+xqGUqyBX8=; b=kQL5sOfW8EpYDiZUyz8+1+pKcymSxx/vGqetcl3k5dbglnZ3LAEojTLYQxtl0wiJeU2uyuc+VJS67rzDvRp/WS3fVu7nB7gZBDcPPsJjr0erk3HqVEAJSYTbrcFz9w3c6VnNB/WjhNGLAz6K0ZLaK4AFT1RQZMJC8huPvUCrICY=
Received: from BN7PR09MB2819.namprd09.prod.outlook.com (52.135.242.24) by BN7PR09MB2802.namprd09.prod.outlook.com (52.135.246.158) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.17; Thu, 21 Nov 2019 13:24:31 +0000
Received: from BN7PR09MB2819.namprd09.prod.outlook.com ([fe80::6d13:7512:b4df:e310]) by BN7PR09MB2819.namprd09.prod.outlook.com ([fe80::6d13:7512:b4df:e310%7]) with mapi id 15.20.2474.019; Thu, 21 Nov 2019 13:24:31 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
CC: Ira McDonald <blueroofmusic@gmail.com>, "rats@ietf.org" <rats@ietf.org>, sacm <sacm@ietf.org>, Laurence Lundblade <lgl@island-resort.com>
Thread-Topic: [sacm] [Rats] CoSWID and EAT and CWT
Thread-Index: AQHVoAcinV4l/iw9i0usrObSRdkD+6eU4bqAgAAkxTKAAHmxAIAAHcVh
Date: Thu, 21 Nov 2019 13:24:31 +0000
Message-ID: <5r0dnrkillm4odhp4it9ejl8.1574342669212@email.android.com>
References: <BN7PR09MB2819D797B89183218BEFA823F04E0@BN7PR09MB2819.namprd09.prod.outlook.com>, <922EA164-FB96-4245-A46C-6520809E6311@gmail.com>
In-Reply-To: <922EA164-FB96-4245-A46C-6520809E6311@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=david.waltermire@nist.gov;
x-originating-ip: [61.8.205.200]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 9fbe5277-3bd7-4e1e-305e-08d76e86249f
x-ms-traffictypediagnostic: BN7PR09MB2802:|BN7PR09MB2802:|BN7PR09MB2802:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <BN7PR09MB2802D6B212CA7E344001167BF04E0@BN7PR09MB2802.namprd09.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0228DDDDD7
x-forefront-antispam-report: SFV:SPM; SFS:(10019020)(366004)(396003)(376002)(346002)(136003)(39860400002)(13464003)(189003)(199004)(102836004)(6436002)(71190400001)(71200400001)(256004)(966005)(54906003)(606006)(86362001)(81156014)(6486002)(76176011)(6116002)(81166006)(14454004)(3846002)(478600001)(25786009)(14444005)(91956017)(316002)(66556008)(66446008)(64756008)(76116006)(66946007)(5660300002)(19273905006)(186003)(66476007)(6246003)(7736002)(8676002)(2906002)(229853002)(99286004)(8936002)(6512007)(66066001)(446003)(11346002)(53546011)(236005)(6306002)(6916009)(4326008)(66574012)(9686003)(54896002)(26005)(6506007)(563064011)(989001); DIR:OUT; SFP:1501; SCL:6; SRVR:BN7PR09MB2802; H:BN7PR09MB2819.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; CAT:OSPM;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rZhUgXRhWdhwpQ7gZ7FsxwriRC/+zw95S549Y1+VEfJcRay4lqQOKCOBhNjDdzeiiaCO6Wev5cmK9+CpLEIFeuwpMVnBxlNp1BCzte4yC21tEXgqbuKBXUNFegO1EqUZPzmF8VgygYLWhvk6npzJfgaF/0CHzflKe4Zg0r5tEjenjH3L0vW0WHXCnS8+HEpp5jc6xLJYr+Dly6XGdGJOV2pBYqUUNQPxvcG8THi9otq2oP3fkGlZLdW4BmsL0mxhGTFdB9QQrnCbN7o7ODxxoKYorZyj5mDgD26JhSxs1jSIFWV7n0V4eQX6wl5hnfVVcAPtZEzmp2y0p7lxV/MgND3PSs547SOxTIFLmE29ugPMsVrNbMXaRT1cgJhbNa+P7oZI4Ae6gM0HyWvYzCU6ufFL6WtNFftl/wdT9DVx1np/DbIu9Yz0PAUPFF2TF7/PPzh96GhQWIw0/WLWd+9zWoG0KXAKHa0bF3khAg4aWrsYCaQsfVwodODbAg1ueO+7SlTyCxL2J3m92JJE3QgnlhW9MZAGkvjt+ozv1WYAveJldCdn98LnuZPSi/KC/W8Fisnvo4ewNF8tFqjlEs1mDp7GxrXcrJ2c5PnCeqFgMIuw2l+XC2dB2GXv5KAZEsllV3QOleLTvztNrXed+b4h2sZn6xIeDviJkd6XMFuHnqJqOgREUGoooX7z1pPNZIqU9isyjdnUPmLcMP8qDcopjz25L6xmUeai6kMWKY4LcKN0trdzeZ/QIQYNzQz7knr+
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_5r0dnrkillm4odhp4it9ejl81574342669212emailandroidcom_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: 9fbe5277-3bd7-4e1e-305e-08d76e86249f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2019 13:24:31.2061 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PcccCpXIUoRS0fNCYAXQ1oFaNgf7JxNp663fSdhcjSz0VE6tEGAoOdwGoQMnVkEgW1pqxQ9MRhbtjrm8T4kE8Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR09MB2802
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/IsIRy0xYxV6sm3L4T5-OL-ewe3I>
Subject: Re: [Rats] [sacm] CoSWID and EAT and CWT
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Nov 2019 13:24:43 -0000
Ok. Can you send some text? Thanks, Dave -------- Original Message -------- From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Date: Thu, November 21, 2019 7:38 PM +0800 To: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov> CC: Ira McDonald <blueroofmusic@gmail.com>, rats@ietf.org, sacm <sacm@ietf.org>, Laurence Lundblade <lgl@island-resort.com> Subject: Re: [sacm] [Rats] CoSWID and EAT and CWT Sent from my mobile device On Nov 20, 2019, at 11:29 PM, Waltermire, David A. (Fed) <david.waltermire@nist.gov> wrote: It sounds like having a CWT claim that contains an entire CoSWID is a path forward. It may also make sense to do something similar for ISO SWID tags. Am I right in thinking that this CWT work can be done in RATS, referencing CoSWID once it is published as a normative reference? This would allow CoSWID to go forward to the IESG, while the CoSWID CWT claim is worked in parallel in RATS. Kathleen, if this is true, does this way forward address your CWT-related comments? Hi Dave, I think the signature may have to be on the CWT as opposed to on the claim that is the CoSWID or SWID. We can define it fully in another draft, but should state it here so that option is understood. It’s a simple write up, I think. Thank you, Kathleen Regards, Dave ________________________________ From: sacm <sacm-bounces@ietf.org> on behalf of Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Sent: Wednesday, November 20, 2019 9:10 PM To: Ira McDonald <blueroofmusic@gmail.com> Cc: rats@ietf.org <rats@ietf.org>; sacm <sacm@ietf.org>; Laurence Lundblade <lgl@island-resort.com> Subject: Re: [sacm] [Rats] CoSWID and EAT and CWT Great, thanks Laurence. If that's easier I think having the CoSWID in one claim should be ok and would have the same result as the suggestion I made. Changing the CoSWID format is a big enough process that it shouldn't happen very often. Best regards, Kathleen On Wed, Nov 20, 2019 at 8:00 PM Ira McDonald <blueroofmusic@gmail.com<mailto:blueroofmusic@gmail.com>> wrote: Hi Laurence, That seems like a good suggestion for a simple way to integrate CoSWID content into EAT. Cheers, - Ira Ira McDonald (Musician / Software Architect) Co-Chair - TCG Trusted Mobility Solutions WG Co-Chair - TCG Metadata Access Protocol SG Chair - Linux Foundation Open Printing WG Secretary - IEEE-ISTO Printer Working Group Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG IETF Designated Expert - IPP & Printer MIB Blue Roof Music / High North Inc http://sites.google.com/site/blueroofmusic<https://gcc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsites.google.com%2Fsite%2Fblueroofmusic&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C85a323f673924389c45e08d76e7745e5%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C637099330879448050&sdata=HNKKsYDUx5jZoxujKDqJicqUBZ9oe9mxXcTjJ1JlhHM%3D&reserved=0> http://sites.google.com/site/highnorthinc<https://gcc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsites.google.com%2Fsite%2Fhighnorthinc&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C85a323f673924389c45e08d76e7745e5%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C637099330879448050&sdata=PPUqVo1NgGXTgtO10NkLvTHqh5OEqfAeoObWvguIzwY%3D&reserved=0> mailto: blueroofmusic@gmail.com<mailto:blueroofmusic@gmail.com> PO Box 221 Grand Marais, MI 49839 906-494-2434 On Wed, Nov 20, 2019 at 7:35 PM Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>> wrote: Hi, I’m not on the SACM list, but did look at the archive. Hopefully I’m not out of sync. My thought is to register one claim for CWT that is an entire CoSWID (in CDDL the concise-swid-tag). That way CoSWID can grow and develop on its own without lots of adds and subtracts to the CWT registry. It has its own IANA registry with its own experts and such. Seems like the coupling / factoring is about right. This would also be the way I’d like to have it in EAT attestation. We’ve done a mini version of this with the location claim<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-rats-eat-01%23section-3.8&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C85a323f673924389c45e08d76e7745e5%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C637099330879458044&sdata=ssqf1hrDm3bHXDTpewMd%2BhxK9Yh7mNDfmJH%2B9Lk8JsM%3D&reserved=0>. Then if you just want to sign a CoSWID CWT style, this works pretty well too. It has a slight overhead compared to having all the CoSWID data items as direct CWT claims in that it will have an additional map layer, but that is only about three bytes. LL _______________________________________________ RATS mailing list RATS@ietf.org<mailto:RATS@ietf.org> https://www.ietf.org/mailman/listinfo/rats<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Frats&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C85a323f673924389c45e08d76e7745e5%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C637099330879458044&sdata=K4z%2BpZK5s6Ng%2B7amizoONuHllxjshmG5aTzP3yO8adU%3D&reserved=0> _______________________________________________ sacm mailing list sacm@ietf.org<mailto:sacm@ietf.org> https://www.ietf.org/mailman/listinfo/sacm<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C85a323f673924389c45e08d76e7745e5%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C637099330879468039&sdata=JviOvpKGQLNyMiV2fEFSE1qZA3XosOoECBCQuiTK4Lo%3D&reserved=0> -- Best regards, Kathleen
- [Rats] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] CoSWID and EAT and CWT Ira McDonald
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Waltermire, David A. (Fed)
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Waltermire, David A. (Fed)
- Re: [Rats] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] CoSWID and EAT and CWT Hannes Tschofenig
- Re: [Rats] [sacm] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] [sacm] CoSWID and EAT and CWT Adrian Shaw
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Adrian Shaw
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] [sacm] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Brendan Moran
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [sacm] [Suit] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Smith, Ned
- [Rats] Review of draft-birkholz-rats-uccs-01 Russ Housley
- Re: [Rats] Review of draft-birkholz-rats-uccs-01 Henk Birkholz