IETF Logo Mail Archive

Re: [Rats] draft-birkholz-rats-uccs

Thomas Fossati <tho.ietf@gmail.com> Mon, 15 March 2021 10:45 UTC

Return-Path: <tho.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA36E3A0BBA for <rats@ietfa.amsl.com>; Mon, 15 Mar 2021 03:45:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uQv7VYtUCdUI for <rats@ietfa.amsl.com>; Mon, 15 Mar 2021 03:45:02 -0700 (PDT)
Received: from mail-lj1-x235.google.com (mail-lj1-x235.google.com [IPv6:2a00:1450:4864:20::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48E463A0BB2 for <rats@ietf.org>; Mon, 15 Mar 2021 03:45:02 -0700 (PDT)
Received: by mail-lj1-x235.google.com with SMTP id z8so15579245ljm.12 for <rats@ietf.org>; Mon, 15 Mar 2021 03:45:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=+Ubc8wfQKkSpd1WMpN/IJLD3IRvUJqM8KGF7YMOCcuo=; b=audu4zjbT38Qxs5CtIdm+Vu3413iewvc5ShdaHylhc4k3OhD5Hzlzha9KhbmARzVID kEM7rKEJuU9jW9kYj9q4j0Y4dW6AfSTQUqp90kWg7/7kA6UzuA6og12VnvOlyTJNYoom qMyJaZY+r+jnGZkEh+vMbrdur19cw760SiUcGY8Q271mmEGUq4amaUyxThDaKiDpW8Hs dpXhcr3b6G5dRMybqgE2xU/CXdkIlPC3idCD+JJ1bTaeBNhuX31pJBFCD6i3izcH8XGG VCB/0kG3oGEW2RzgztZsoZWvSsEaC3lRRCgcb8wxKvMF61CMO7S4XZJgC8q6v4v7VnK0 jN5g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=+Ubc8wfQKkSpd1WMpN/IJLD3IRvUJqM8KGF7YMOCcuo=; b=tTHbw4wwSoZSsCw/4nwAKSwxG3O2PIYkZPU3KoegzL/R7znn24DbHVfdkAPdliKYSn o5XPiJMVH36olfA7mwCzKhOPZEPyMNiYJKyMbtcIBZNqWCUm3rUkMQqech7/kykfLs6e wY0uacZroT8eAiV0HTptDmEEz9NumcXb6FDjUKvLL416eXUkopeoEckkTYDSuF9QTwcV lGX7h4j9iJYsZnxXMtYKnfGRy6jW/Zbpkkm341ky8+yox2J+qa8SEuVvqL10N09bvIMk 6YcgSsqueqiVeFGCNVWP2cbEimh2H4/lJ+kTixxKtbiGsVw8/T3HtxQLNqcLfjkI2Jup TXow==
X-Gm-Message-State: AOAM533Ck9164ysNMx9zEqPaTU8VW3A7AOV7cy4JDoT5JA8DJdPgtjvL Uu8Nw9chZUxIfAvpI01tyBdEeUUuHe63p2W7vQo=
X-Google-Smtp-Source: ABdhPJz7ZJaWJrjVqdoaKLehdleFLGN7wPJMagUumfDd82uhrlPzwC1V0IK8VQu8q+tDMHg1kM+WbcSgauImvvxYhnE=
X-Received: by 2002:a2e:978b:: with SMTP id y11mr10184736lji.452.1615805095307; Mon, 15 Mar 2021 03:44:55 -0700 (PDT)
MIME-Version: 1.0
References: <VI1PR08MB2639119D9BB1C98A1FBF3863FA6F9@VI1PR08MB2639.eurprd08.prod.outlook.com> <BYAPR02MB442217661B96C66A8881DD89816F9@BYAPR02MB4422.namprd02.prod.outlook.com> <659C7D3E-B5C9-484F-85E8-5D48E2C2F856@island-resort.com> <VI1PR08MB2639F0B6CDC8DA24A300BA22FA6F9@VI1PR08MB2639.eurprd08.prod.outlook.com> <E98547E5-6F6D-4CDE-9F7E-54D8B5C3BCD5@island-resort.com> <CAObGJnNGqGLKVq7Xi_-GL5w-xFNhULg4BPR18pdRWoSCvKYRiQ@mail.gmail.com> <3C82808C-E93B-43A7-B8A4-21CD73299C6F@tzi.org> <CAObGJnN8VbTs5ppyZ3vdx4B75By=LUXuhFDwrORcYr3WzAH-KA@mail.gmail.com> <9D63D9F6-7A8C-42CD-AD8D-7EF9E4C9B86E@tzi.org>
In-Reply-To: <9D63D9F6-7A8C-42CD-AD8D-7EF9E4C9B86E@tzi.org>
From: Thomas Fossati <tho.ietf@gmail.com>
Date: Mon, 15 Mar 2021 10:44:44 +0000
Message-ID: <CAObGJnPL-E1ts2G8Jy_ZNXxF59ftk4UqmDHZneuwdxEXhK01LQ@mail.gmail.com>
To: Carsten Bormann <cabo@tzi.org>
Cc: Laurence Lundblade <lgl@island-resort.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "rats@ietf.org" <rats@ietf.org>, Giridhar Mandyam <mandyam@qti.qualcomm.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/KlCIk7g14BJb-y9oQQBsCtlfkus>
Subject: Re: [Rats] draft-birkholz-rats-uccs
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Mar 2021 10:45:04 -0000

On Mon, Mar 15, 2021 at 10:26 AM Carsten Bormann <cabo@tzi.org> wrote:
>
> On 2021-03-15, at 11:16, Thomas Fossati <tho.ietf@gmail.com> wrote:
> >
> > The oxymoron between "Unprotected" and the COSE in "CWT" has the
> > potential of creating cognitive dissonance.
>
> It is not the CWT that is unprotected; the CWT claims set is.

I don't want to sound polemic, but if you take a CWT and you peel off
its security layer (i.e., you "unprotect" the CWT) what you are left
with is the CWT claims set :-)

> > That IMHO deserves some discussion *in* the document.
>
> Definitely.  But piling up security considerations for when you are carrying around unprotected information seems a bit on the motherhood and apple pie side.

I don't think I have suggested piling up stuff - IIRC I even used
"minimalist" upthread - but something needs to be said to clarify what
are the assumptions that need to hold for this to be usable.

(I will review the draft and provide some more useful/actionable comments.)

> Grüße, Carsten

-- 
Thomas

v2.23.0 | Report a Bug | By Email