IETF Logo Mail Archive

Re: [Rats] Profile identifier (was Re: EAT Profiles)

Laurence Lundblade <lgl@island-resort.com> Wed, 21 September 2022 17:56 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A310C14CE21 for <rats@ietfa.amsl.com>; Wed, 21 Sep 2022 10:56:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3fthlMJoOvSf for <rats@ietfa.amsl.com>; Wed, 21 Sep 2022 10:55:56 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1anam02on2127.outbound.protection.outlook.com [40.107.96.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E823C1522D7 for <rats@ietf.org>; Wed, 21 Sep 2022 10:55:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XWE2qdimlIM7PSQoI0e/kceQt3Am/9XkguhE3JMtuvf/mCcb9FeZ3pams9o57d6zaBfCfw8p6ge0I658pj7aiqgxvhfn3PePlVPhBH5hahuBnOAg/XNCkk1tej3kBCb5VrgGGD9efEVx9tBV3jSor0Z8X8Y5wRFwnOcnVmmIwSf/Gf8pEDTl7zxtcuT+JBHwna3yiXC2KXb3UPmaqoyx8tdJnZP/Gd8BMRNMKiPOPXdeO4xQ3q9oV3AfXb0g1wOhBBAuRBEGixGzatuF0Zp/tCEcbtt2xAAvzM3pcm6pICsCc9gGjj8EQrxNWIkJHWauRWtkcY3GLsERiErKOqxUUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gIOInMYVrAjG/T3Nh4HcmHgKLuU//drc9L67xfn1KpA=; b=WYv8gxR03VS43TX64A8J1jNowOX2WxZVEMqvRIwg+/iewqDRu/RcXxBn/kDbgXunyna6wEwhI8miDT4C1p4BuXXXhrvVPNyuhYRkCq7tpp16uS7BmSrin23aRAcCJwkVDt3EXWC+ScJqCY1JgkKMHG2tWkeRP+Fkpch+6xHdPVmzGDvJ1RM9Ij2BVzqNb9O9MTuXdnN7fH+c3oojoLcRYSelHaaUOWAQiAx18RRSTNU6nh2Z6pyCacBKtfLIwC3LxeQ5WePpgTxIPoFfkGM3aUtOQaMCWqF2SnaOaNOFDmXh85tiqip7EQkVgcJkwZnWKtPTpEg2b0wBuZ1Wq24+5w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by SA0PR22MB2222.namprd22.prod.outlook.com (2603:10b6:806:90::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.17; Wed, 21 Sep 2022 17:55:49 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::20fc:7118:33f4:ffaf]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::20fc:7118:33f4:ffaf%4]) with mapi id 15.20.5654.016; Wed, 21 Sep 2022 17:55:49 +0000
Content-Type: text/plain; charset="utf-8"
From: Laurence Lundblade <lgl@island-resort.com>
In-Reply-To: <4B5A2D51-7F18-43E6-8322-FE93CD4C30B5@intel.com>
Date: Wed, 21 Sep 2022 10:55:44 -0700
Cc: Giridhar Mandyam <mandyam@qti.qualcomm.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <16C27DE9-2187-471C-8028-76653026C86B@island-resort.com>
References: <71934.1663019954@dooku> <DBBPR08MB5915AC23726BF997EB9E44C4FA489@DBBPR08MB5915.eurprd08.prod.outlook.com> <19805.1663344806@dooku> <AS8PR08MB5911DB2FE9608541698983B0FA4D9@AS8PR08MB5911.eurprd08.prod.outlook.com> <ab4312d3-c35f-5e72-9658-ca88ba3523c2@sit.fraunhofer.de> <CAObGJnNjuTT+QqnSpp1abrX-1hHGzCkVkzrM8GArPs8sDu=W+g@mail.gmail.com> <f9f289ad-5f36-b781-7502-219778148491@sit.fraunhofer.de> <885ABB6E-FD98-45E2-84BE-5A3A3C37D3F8@island-resort.com> <ABB7105F-6B5F-47AA-886C-8490024C3D47@intel.com> <46605.1663756035@dooku> <SJ0PR02MB835323B33E4FFA04DB96FECB814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <2f371cdb-38b1-f042-27e7-86afb91a38a2@sit.fraunhofer.de> <SJ0PR02MB835310DBD2C9CE9B3EB7424B814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <e251b4bc-7757-a681-f408-4309942fad53@sit.fraunhofer.de> <SJ0PR02MB8353435EAD5F0D7727DBD840814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <9dc8f783-49f1-ef9b-14ba-c9f9b775e5cd@sit.fraunhofer.de> <SJ0PR02MB83534E072B04BF8DF4BAA284814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <4B5A2D51-7F18-43E6-8322-FE93CD4C30B5@intel.com>
To: "Smith, Ned" <ned.smith@intel.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-ClientProxiedBy: BYAPR03CA0014.namprd03.prod.outlook.com (2603:10b6:a02:a8::27) To PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: PH7PR22MB3092:EE_|SA0PR22MB2222:EE_
X-MS-Office365-Filtering-Correlation-Id: b60929d0-7eda-4318-a2e2-08da9bfa8469
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: UoyAFLtYRrcIHhgojb2YktYiz2RZYsgIl4cHVXfVzzA4gvzWrir3kwJbwJ6z4As+Y5Jd2eAyzS3FciWGfRpRHkBgYYANL9w1A8s37wea9pp3LT4azUm0WOSdoGN0PctsGcHutPJzSZLkyIp/GBcDh630tPBzKzeGtpWm9J4f+KCVFc4U4DNUpqCRafMfO2TdAnFoAHSLEERnJOyfCA90Vph8SnsJkPyXQbZNgysG2ORYxEuqWOvhVnxdjazM0Pyy89FC4DcPTM4xRHPW1eV/OiFvWnL4m4oJnckt+kFrXsFWpBSB5jdSncXxCAExAQAQEu8yowOscnoC5FhWJyMtvr6+nd+Akcnumk9qZX9VAywI8oC3X/22cJgz1Zn0b91iLmsKuthI+zj0WAGyNsyKSK8re9faU7H1FE7HTtO0P0Yi20J3O0dsX/SLfylKCM/n9LRtZO6JQnlBkcBgMAGocmVAQBeabVoHrWaKa2BnlWMzkaKE2rRF4R429C6MYRDxBV6e2avEGZvBXPoJEfDSJlWQ6iFsJpi1yQQFQOh7iGMmYEIaD6tHLh4KVUnPBcsElD04KDTbPfjr4NrXO9QHXd7UTCQKzWTUSMftvaP7N53doYlwQ/aUiYcRCCnl3mcEFkbk5Mpo1vij+ZUmz+UHr9cp6VxE58VfvNUtdIgjoqu89rRVcc2PGtKehm6mUKF9ZubXUt07r5jBw3ToIGK6E++Oyp3Gh61boZPJhJfgjWYcKGTBJKwshQQGf1Y4b3Ef44IsogpdbIGqAnsBr/mWlg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR22MB3092.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(376002)(39830400003)(346002)(136003)(366004)(396003)(451199015)(41300700001)(6666004)(6916009)(38100700002)(316002)(54906003)(186003)(4326008)(8676002)(66476007)(66946007)(66556008)(83380400001)(33656002)(2906002)(6512007)(2616005)(36756003)(8936002)(6506007)(53546011)(52116002)(30864003)(86362001)(5660300002)(6486002)(966005)(478600001)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: EQ2M39VHqRc/8bu0e9jmMqewx+TXZ2/x5MyLpqj1WSmV0VNKHDN/WGab97kpKiruW5rFohqo5JlBW8i+k+1Eg27lJt7lljLDK1VeDMcPvnw0fybUOzaB1of64biPJVMJEUlrVSUAEUdwHwYhqvRO5ThbSMtnKEmYt7OMr0ZMvCHC8YM6PB3pHG9/fvPxO6EYgKfsT98/4+HAOAEqDRe/XAX4/jWAKCWxLaiCbCbPJhTfk6ifaywSkrcOXtPjTNa2g0yL/J3ymSEwJnLb5O2LHQWOcg91B41KT1CSr0DbaiW5IQ+2qwIougJtZBGPpiyz7jITJX7jRx8OmSwfb9sfianVgG2dhfNg0In90aUIlzd6+ZFF9FZolIcSRu3VfTjPHtSKIPWeBp2B+DySAki+8TTEU7CUEZTV3GBdYfpG32X4SoNzOaoT8rcSbo2BVqIr1jTQjsH2+YtqP8vTCUl5JJtYJjbBeLN6zKKjI+ir+kqhUno8YdYUycvGDQAnOZBJQDPjGqtudSsPjYi7Imk0kb4D3wyFPte+zw+gh1VdrEpVXzWJvVrQzv4s7k8I+r98uWCr922CYEu//ENzvf0552L7LRfaJHeO3t8QNTcc00DG7Q+d52Bku+NRttXPS/dasqst58ArehOMgWSyoEkZL/022hPrJUU3VRkmWvwCczZP7t/grTjYNwGdOZo0luS7vwjoG7J9e5+gnU0LK2/Qx+FJUQTeVM7nhyjg/Kt0sZZCMl1mdFG7YVmz+8jObDHwSyYY3rq2/A5SFxkEzL4zAGk1WrI9oMRJQIm3UNJ7DbKBjyXMjAgJwHH+2mfbN6FFizFTFBF7KmdWPxUm5IFxrXOfEdM0iJ2C+BC42I4ZR8iT+2HLL+8WDrlkpLAqwXcA1nMd6+AW0TdveUYWbeFZbeULNwf40RmmjM7wdZ6mqKZbiM0cOgzy9e0WxgJ6Sk/gCbcN6dpM3HkQtLRUlvb+b9m1iArTvVlUgqPWFvMeMZ7521bZ30jDMXHniaA7fQyC65FZs7XWuPiD/9tUtt5NHaZtrvJqxauE47ThI2U+8nTeNAkHPOfuy6MjBfmjvEPeNZQpnB4qg9CL2aBnY1R8sOMrmOXhNn12qxIWIG+J0X7PotkxvXsoylxmY8ikjyFof6qK69H5EgCqUdI1f1GCWcwqoyPbx4VZQVSIbKiiG2ZlnxfbJD/OsbfwPycLndauvvC8ES565vVHRmK9iiuAQWpPVrvoZ71kV5zbpTML74zo/Fxf+0KoEeoZcd0yQRmU7NN6c51fnW2lyNyJgj8BeN7M+jHgG1tbjSFKiGJtr8Mo4e32O5W38MN9sIYJNvBylZXs9tCkO8lQ4R/GScElu0okIQLvfVHtW7IQ2xHg/ROnxH7/F663ves39ib9whX1EB4VCy1dCA9JaF7//FDA+k846EJg/YrWqa32ObwnD7tCGXg3QaGOuUyXXQI14G9yvuz8IQNHJsEs1VnNkOYARH7nvHNYEvb72JcsMiO4UdmJ+SQRMsnFSycNE5BmukIWsbMQT0VN9Y0SyqOV33MiO2ZZsbhsw7ZUEchbGgR0tHRJrH1lDgaXwWZ/m0ha7sUbYzr+ADJHuv/0rCKNs6rSTj36zcE/pfv3qP1xbU87bB79/wqVI+h0XDWr9gERZcPlAdHQg9qYch17kz2+W8gddg==
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b60929d0-7eda-4318-a2e2-08da9bfa8469
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Sep 2022 17:55:49.3241 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: dpN6vzfwLTDNY1j1VRgN9VHPBl7uZo1HfBH+tNibaOZH9M50hy1k/vunVD42/6ipWz3rjk2K4I7PNLJNdCi1zQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR22MB2222
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Njs0xxTrD77QV8pjCoeXMv-h4O0>
Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2022 17:56:00 -0000

This is how I think the profile id works today and should work as an integer too.

The profile definition can be anything — full IETF standard or no standard at all, top secret or public, proprietary or open standard, Chinese or Martian, written down or not written down, expert reviewed or not. It has to be like this to accommodate use cases. This is what it is for the current profile identifier.

For example, it is OK for a Chinese military computer science genius to register profile X for a black box EAT implementation he created and tells no one about (if you don’t like non-standard, private, undocumented profiles, don’t use them).

The only point of the profile identifier is to be globally unique so some one else doesn’t use the same identifier for something different. The OID and URI spaces are very large and are coordinated so they work great, except they are a bit large on the wire.

Main option for me:
- A new IANA registry
- A first-come first-served number kept unique by increasing monotonically
- The name of the entity registering the number
- An optional URI for a document
- An optional description
- Some throttle to prevent mass registration of millions that consumes the whole space
- Possibly ranges for standard action, private, proprietary use...
- Little to no expert review (it’s just a number registration, not profile quality control)
- Typically 3 bytes on the wire

We can also keep the OID and URI forms adding integer as another option. We should say that all receivers of EAT MUST handle all three forms and that creators of EATs can use what ever form they want so there is no interop issue.

Another option is to just have the integer and remove OID and URI. That is simpler for the EAT receiver because they won’t be required to decode multiple forms.

Something based on a PEN could be possible, but would be fourth form. PEN by itself is not enough because one org needs to be able to create multiple profiles. It doesn’t seem worthwhile to me.

No matter what, the EAT document has to change because the profile identifier is not extensible. We really don’t want it extensible either. It would also be really awkward for the reader for this to be elsewhere too. I think this is best handled in the EAT document if we’re going to do it.

Agreed that use of EAT profiles does not require using an EAT profile identifier. You might know a particular profile is in effect implicitly and/or through some other means. For example, when EAT is used in the FOO protocol, it is always the BAR profile.

LL



> On Sep 21, 2022, at 9:30 AM, Smith, Ned <ned.smith@intel.com> wrote:
> 
> I agree that lack of clarity around profiles should not be a blocker for EAT draft moving forward. But capturing issues surrounding profiles is important IMO as these questions will come up again. 
> 
> Responding to Henk's original question below but restated here:
> "    >> are you talking about the values of the profile claim (I am assuming numbers for now) to be registered in an IANA registry or are you talking about new claims defined by a profile specification to be registered in the IANA CBOR Web Token (CWT) Claims registry? I am really not sure anymore."
> 
> It wasn't (isn't) clear to me which IANA registry is most appropriate for registering profiles. It could be reasonable that a new IANA registry is created for that purpose. This thread also observes that there isn't necessarily a need to register a profile as there could be other ways to publish profile existence and allowing vendors flexibility to use a PEN and manage profiles locally. 
> 
> It is still ambiguous to me what value is realized by placing a profile ID on a registry (given the properties of profile lifecycle are adhered to).
> 
> -Ned
> 
> 
> On 9/21/22, 8:53 AM, "Giridhar Mandyam" <mandyam@qti.qualcomm.com> wrote:
> 
>> While it is not necessary to register a profile in a registry to achieve the "rough consensus and running code" goal, that should not stop us establish and use an IANA "EAT Profile" registry, right? (specification required + expert review)
> 
>    In my opinion, the establishment of such a registry should not be a blocker to moving the EAT spec forward.  If there are interested persons who feel a profile registry is an absolute necessity, then they could put out an I.-D. that establishes such a registry along with the mechanics for proposing profiles and administering the registry.
> 
>    I personally feel the value of profiles is not solely in the unique claim value, but the CBOR canonicalization that the profile defines.  EAT in this regards inherits the application-specific COSE considerations (https://datatracker.ietf.org/doc/html/rfc8152#section-15).  
> 
>    -Giri
> 
>    -----Original Message-----
>    From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de> 
>    Sent: Wednesday, September 21, 2022 7:38 AM
>    To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; rats@ietf.org
>    Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
> 
>    WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
> 
>    Hi Giri,
> 
>    the ACE profile example is giving me a lot of more context! And the approach seems to be fine. An EAT analog could be:
> 
>    The claims defined in the EAT framework (including the profile claim), then could simply be registered in the IANA CBOR Web Token (CWT) Claims registry and profiles making use of the EAT framework would be registered in an IANA "EAT Profile" registry, analogous to https://www.rfc-editor.org/rfc/rfc9200.html#name-ace-profiles
> 
>    While it is not necessary to register a profile in a registry to achieve the "rough consensus and running code" goal, that should not stop us establish and use an IANA "EAT Profile" registry, right? (specification required + expert review)
> 
>    Viele Grüße,
> 
>    Henk
> 
>    On 21.09.22 16:22, Giridhar Mandyam wrote:
>>> So "The EAT Framework" document could come with both a definition of the profile claim for the IANA CBOR Web Token (CWT) Claims registry, as well as... a profile '0' (the first set of Claims that will be included in the final EAT framework document) for an IANA EAT Profile registry?
>> 
>> I did not say the above.
>> 
>> Let me try again.  It is not necessary to have an "IANA EAT Profile registry".  The FIDO example demonstrates that this it is possible to deliver "running code" without it.  The CWT claims registry is sufficient.
>> 
>> BTW, RFC 9200 is the precedent in my opinion.  https://www.rfc-editor.org/rfc/rfc9200.html#name-ace-profiles does not require the creation of a new IANA ACE-Profile registry either as far as I can tell.  The reservation of the CWT claim appears to have been sufficient.
>> 
>> -Giri
>> 
>> -----Original Message-----
>> From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
>> Sent: Wednesday, September 21, 2022 7:16 AM
>> To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson 
>> <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; 
>> rats@ietf.org
>> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
>> 
>> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
>> 
>> Hi Giri,
>> 
>> thanks for clarifying. So "The EAT Framework" document could come with both a definition of the profile claim for the IANA CBOR Web Token (CWT) Claims registry, as well as... a profile '0' (the first set of Claims that will be included in the final EAT framework document) for an IANA EAT Profile registry?
>> 
>> Viele Grüße,
>> 
>> Henk
>> 
>> On 21.09.22 16:06, Giridhar Mandyam wrote:
>>> Both.
>>> 
>>> In the case of FIDO, the profile claim value was not registered.  That did not stop us from achieving the "rough consensus and running code" goal.
>>> 
>>> -Giri
>>> 
>>> -----Original Message-----
>>> From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
>>> Sent: Wednesday, September 21, 2022 7:01 AM
>>> To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson 
>>> <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; 
>>> rats@ietf.org
>>> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
>>> 
>>> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
>>> 
>>> Hi Ned, Michael, Giri,
>>> 
>>> are you talking about the values of the profile claim (I am assuming numbers for now) to be registered in an IANA registry or are you talking about new claims defined by a profile specification to be registered in the IANA CBOR Web Token (CWT) Claims registry? I am really not sure anymore.
>>> 
>>> Viele Grüße,
>>> 
>>> Henk
>>> 
>>> On 21.09.22 15:51, Giridhar Mandyam wrote:
>>>> This was not required for the FIDO implementation of EAT.  As per https://www.iana.org/assignments/cwt/cwt.xhtml, the FIDO EAT claims have been registered and the profile has been verified in interop events.  The profile itself was not registered.
>>>> 
>>>>> The IANA registry would point to some RFC that described the semantics.
>>>> 
>>>> Why only RFC's?  Are other standards body documents not suitable?  At least for FIDO, this didn't seem to be a requirement for IANA registry.
>>>> 
>>>> -Giri
>>>> 
>>>> -----Original Message-----
>>>> From: RATS <rats-bounces@ietf.org> On Behalf Of Michael Richardson
>>>> Sent: Wednesday, September 21, 2022 3:27 AM
>>>> To: Smith, Ned <ned.smith@intel.com>; rats@ietf.org
>>>> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
>>>> 
>>>> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
>>>> 
>>>> Smith, Ned <ned.smith@intel.com> wrote:
>>>>> @Laurence Lundblade<mailto:lgl@island-resort.com> What semantics are
>>>>> associated with a profile that appears on an IANA registry?
>>>> 
>>>> The IANA registry would point to some RFC that described the semantics.
>>>> 
>>>> --
>>>> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works 
>>>> -= IPv6 IoT consulting =-
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> RATS mailing list
>>>> RATS@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/rats
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email