[Rats] Re: UCCS and EAT media types (was: Re: Re: AD follow-up review of draft-ietf-rats-uccs-09)

Henk Birkholz <henk.birkholz@ietf.contact> Thu, 06 June 2024 12:29 UTC

Return-Path: <henk.birkholz@ietf.contact>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4714C15109F for <rats@ietfa.amsl.com>; Thu, 6 Jun 2024 05:29:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.23
X-Spam-Level:
X-Spam-Status: No, score=-5.23 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-3.135, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ietf.contact
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2gZ2nMxT9Boz for <rats@ietfa.amsl.com>; Thu, 6 Jun 2024 05:29:47 -0700 (PDT)
Received: from smtp05-ext.udag.de (smtp05-ext.udag.de [62.146.106.75]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A37FDC151077 for <rats@ietf.org>; Thu, 6 Jun 2024 05:29:47 -0700 (PDT)
Received: from [192.168.110.186] (tmo-080-41.customers.d1-online.com [80.187.80.41]) by smtp05-ext.udag.de (Postfix) with ESMTPA id BE5CCE0292; Thu, 6 Jun 2024 14:29:44 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ietf.contact; s=uddkim-202310; t=1717676985; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=iho+7H+T1kcoOnPo5kN4CrAzKnG+640UO2ZKrO1nib4=; b=hgF84yk/hHEVFZhg4TMVz+MYANiTbsz3s1zIrSYJUUueQz+t1xwRwaGpryWqnFviTuvByS 3Ilv2w2tO+2f8DRBxs6NLY9bdQ3CuClrGb/N0Hxttxr+HILFjVVDZi2afHQSIrZgel772q dof+WSw/rKNVskExI1A1OKKlAQKfPiImjpiguSXBCmSCyFyD1Z0nwcQcx13srJE2MHr99P FZlj+9WkuLO1U6FvECLUlgC8N4SQVk5D9nZveV4BtcCm5q/sKOR7KJNokPA+SK3RiROoPm ei03Gke9nIS1lk6oSN4FtuCULy3P5uAiwHPINGP+1yvQnoR2p/8n+ELW1Bvmzg==
Message-ID: <849942bd-a013-cbba-76a0-c4a51624bdfa@ietf.contact>
Date: Thu, 06 Jun 2024 14:29:43 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: Carsten Bormann <cabo@tzi.org>, "thomas.fossati@linaro.org" <thomas.fossati@linaro.org>
References: <PH1P110MB1116C5BE031039613AA69302DC2DA@PH1P110MB1116.NAMP110.PROD.OUTLOOK.COM> <609017C0-5043-46A1-81B1-6835F4BD6FF9@tzi.org> <CA+1=6ydAVSbKmphfiFiukv2m7tpkgsZ3RUsqcQW1QRZeMc9_qA@mail.gmail.com> <6E22DA74-DF3A-48ED-AC30-CCEFB4816A05@tzi.org>
From: Henk Birkholz <henk.birkholz@ietf.contact>
In-Reply-To: <6E22DA74-DF3A-48ED-AC30-CCEFB4816A05@tzi.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Authentication-Results: smtp05-ext.udag.de; auth=pass smtp.auth=henk.birkholz@ietf.contact smtp.mailfrom=henk.birkholz@ietf.contact
Message-ID-Hash: EYFMR2MI23E3HB5GSBIVXM75LOUHF27J
X-Message-ID-Hash: EYFMR2MI23E3HB5GSBIVXM75LOUHF27J
X-MailFrom: henk.birkholz@ietf.contact
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rats.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Roman Danyliw <rdd@cert.org>, "rats@ietf.org" <rats@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Rats] Re: UCCS and EAT media types (was: Re: Re: AD follow-up review of draft-ietf-rats-uccs-09)
List-Id: Remote ATtestation procedureS <rats.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/L-RWAgWFNCtAssnZncOVAbVc9Hc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Owner: <mailto:rats-owner@ietf.org>
List-Post: <mailto:rats@ietf.org>
List-Subscribe: <mailto:rats-join@ietf.org>
List-Unsubscribe: <mailto:rats-leave@ietf.org>

Hi Carsten & Thomas,

it is perfectly fine to define useful informative CDDL definitions in an 
Appendix (that we have to mark as informative) and then let other 
specification use that definition in an informative or normative manner.

It is also very useful :-) I do not think that removing the UJCS 
reference from draft-ietf-rats-eat-media-type is useful or necessary, 
though. I am slightly leaning towards the UCCS spec handling its 
media-type definition, but (!) we could also up-level to 
rats-media-types, yes?


Viele Grüße,

Henk

On 03.06.24 17:09, Carsten Bormann wrote:
> 
> 
>> On 2024-06-03, at 09:46, Thomas Fossati <thomas.fossati@linaro.org> wrote:
>>
>> Hi Carsten,
>>
>> On Fri, 31 May 2024 at 22:45, Carsten Bormann <cabo@tzi.org> wrote:
>>>> I don’t understand.  This CDDL in Appendix A is normative, and so is the flexibility in its design to support JSON.  Otherwise, it would be “C< ...>” and not “JC<...>”.  I don’t take exception with providing a JSON binding but please explain this in the prose and in the introduction..
>>>
>>> We now made it explicit that this is there as “CDDL you can use” — a normative intent when actually using this is desirable but the CDDL itself is not changing the specifications in any way, hence it is an informative appendix.  Line 462..465.
>>
>> Hence, UJCS is *not* defined by draft-ietf-rats-uccs.  Correct?
> 
> Well, it is *defined*.
> It is another name for the JWT claims set as defined in RFC 7519.
> The UCCS document simply supplies CDDL that can be used for this.
> The UCCS document also describes the role an unprotected claims set can have in the RATS context, specifically for UCCS.
> There is no normative intent with this definition beyond that, but the description of the role of UCCS can be analogously applied to UJCS.
> The normative intent of referencing UJCS would be in the document that uses this CDDL definition normatively.
> Interestingly, Section 4.2.18 already reads exactly like this, without using the term UJCS (it only gives UCCS as an example).
> 
>> If so, we need to remove it from draft-ietf-rats-eat-media-type.
> 
> I don’t think that this is necessarily following.
> 
>> As an aside, I am starting to wonder whether it'd be better for
>> draft-ietf-rats-eat-media-type to just drop the registrations for UCCS
>> and let draft-ietf-rats-uccs handle it.
> 
> I think this could also very well be done (media type and content format, that is).
> Is there a need to have “eat” in the name?
> (I would probably also let the names reveal that UJCS and UCCS are not exactly the same data structures, so this would be application/uccs+cbor and application/ujcs+json.)
> 
>> Transplanting Section 6.7 [1] and moving the "ucs" line from Table 2
>> [2] should do the trick, and disentangle the fate of the two
>> documents.
>>
>> cheers, t
>>
>> [1] https://www.ietf.org/archive/id/draft-ietf-rats-eat-media-type-07.html#section-6.7
>> [2] https://www.ietf.org/archive/id/draft-ietf-rats-eat-media-type-07.html#table-2
> 
> _______________________________________________
> RATS mailing list -- rats@ietf.org
> To unsubscribe send an email to rats-leave@ietf.org