IETF Logo Mail Archive

Re: [Rats] Call for charter consensus

Laurence Lundblade <lgl@island-resort.com> Fri, 18 January 2019 06:17 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EBAD131120 for <rats@ietfa.amsl.com>; Thu, 17 Jan 2019 22:17:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cUyTKpsQIzHA for <rats@ietfa.amsl.com>; Thu, 17 Jan 2019 22:17:32 -0800 (PST)
Received: from p3plsmtpa07-07.prod.phx3.secureserver.net (p3plsmtpa07-07.prod.phx3.secureserver.net [173.201.192.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6D6A13111E for <rats@ietf.org>; Thu, 17 Jan 2019 22:17:32 -0800 (PST)
Received: from [192.168.1.82] ([76.192.164.238]) by :SMTPAUTH: with ESMTPSA id kNT8gSv9u7vZdkNT9gVStX; Thu, 17 Jan 2019 23:17:31 -0700
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <B60D5D8B-F434-45CD-9CB6-3C33E1EA91D3@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1984ECFC-BDAC-49FD-8ADB-FEF5A003A8E3"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Thu, 17 Jan 2019 22:17:30 -0800
In-Reply-To: <6C7E1E60-2507-4B1E-98DB-AB572C239ACD@cisco.com>
Cc: "rats@ietf.org" <rats@ietf.org>
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
References: <6C7E1E60-2507-4B1E-98DB-AB572C239ACD@cisco.com>
X-Mailer: Apple Mail (2.3445.9.1)
X-CMAE-Envelope: MS4wfF+djJZYqyxOynsljFYNbOFrabGmkwQ2miEjH9gv4I6qtNgyPhrumQBv3lL97PvXwKygsLrB7UAxl8PzeZuNjCAIRpKD1M51hRkeeDTFWM4cz3fhzrqI /iG38iFIEAd6Rc2gs2ita8XC21qmPFLjjb8EwBjqcKIPokJgAjmsHRS8vLSZhsd/By5YxhimLzjrLeTZEMBWus/vfkqjkbJz0ec=
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Md9Wo9uoM1t-aplZjUNA4MncOZQ>
Subject: Re: [Rats] Call for charter consensus
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 06:17:35 -0000

Hi Nancy,

The charter lists some types of claims/assertions in the introduction.  That list does not include things like GPS Location, public part of key pairs generated on device, enforced conditions for use of that key, identity of an app requesting a token, and app/user defined claims. Most of these types of claims have been implemented already either by FIDO, Android attestation or other products.  A vision here is that Android or other types of apps prove who they are to the server and pass a lot of data to the relying party via the token, often as input to authentication and financial transaction risk engines. 


I assume it will continue to hold that anyone can add any proprietary claim they want, but a lot of the types of claims/assertions I just mentioned would be valuable as a standard. Some will be relatively easy to standardize. Some may not be. My first thought is that some of the easy obvious ones should be in scope, but we need to draw a line somewhere so we’re not creating claims forever. Not sure where that line is.

Answers to other questions below.

LL



>> On Jan 17, 2019, at 7:38 PM, Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com> wrote:
> Hello RATS participants:
>  
> At the virtual meeting on 1/16/2019, there was consensus [1] that we should pursue chartering a Working Group with the text reflected in [2].
>  
> We need to continue this discussion on the email list as well as gauge continued interest in participating in this work.  Please do so by responding to the following questions:
> 	• Do you support this charter text (full text also provided at the end of email or at [1])?  Or do you have objections or blocking concerns?
Concern described above, not blocking.

> 	• Are you willing to author or participate in the development of the drafts of this WG?
Yes

> 	• Are you willing to help review the drafts of this WG?
Yes

> 	• Are you interested in implementing drafts of this WG?
Yes

>  
> Please provide comments including proposed text changes ASAP to provide ample time for discussion.  This call for consensus ends on February 1, 2019. 
>  
> Thanks, Roman and Nancy
>  
> [1] Minutes sent: https://mailarchive.ietf.org/arch/msg/rats/xEwczqnoNgyBYlRTKg35Yo4ccWY
> [2] Updated charter sent: https://mailarchive.ietf.org/arch/msg/rats/MQLZIkIK23ZlSBMB5wJjo71bOr0
>  
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email