IETF Logo Mail Archive

Re: [Rats] use case document updates on Roots of Trust

Carl Wallace <carl@redhoundsoftware.com> Thu, 12 September 2019 22:48 UTC

Return-Path: <carl@redhoundsoftware.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 084061200A4 for <rats@ietfa.amsl.com>; Thu, 12 Sep 2019 15:48:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LHQVplWl-fYO for <rats@ietfa.amsl.com>; Thu, 12 Sep 2019 15:48:12 -0700 (PDT)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E551E120058 for <rats@ietf.org>; Thu, 12 Sep 2019 15:48:11 -0700 (PDT)
Received: by mail-qt1-x834.google.com with SMTP id j31so4802814qta.5 for <rats@ietf.org>; Thu, 12 Sep 2019 15:48:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version:content-transfer-encoding; bh=3AnNFNY4Y0LriRzyh7Uo7J9pzybK4U5oj/TqeFmrDLw=; b=RdnpSvx1zGEJyYAhE+A6oe/752XFnz5eXsHQmcOLR5tVuVDnwV13yD06iXi840k6L9 N3A0qnvhoT1S2astEari4/iCBNCUeKzdd/KFhvtIMLfIg8x8KciPq+y8mBLNfR74cs0A iQig2uv+164ZhbJrR4Tu8qqsy0SS5vdcTwrnE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=3AnNFNY4Y0LriRzyh7Uo7J9pzybK4U5oj/TqeFmrDLw=; b=a2oX9PaxPAPHKd/N+0hOFZv6SMLZ+3sACCSFozh7/krYp1KXGl0XfqpoNw1cOAXeMH lAvHTujqoZdMAqqrwSyAZxWpCTaXXVWtPyRMJe3NcSeF05xCHUkWxzjL6Uu4kMhMwuBu U/ZTpKnga3A18xbpAglBM32GbDpOTbWUuTC5g1X5DjXGPExxXrkRh3EPY/KaUk+GweV5 zvGuBpooqDcJhxpi7/cGR+gKvjB74WPnwNetBVyYRg8jZgAs1+417GU6RaRUXIo1ae9Z hvOIqakFlJyO2A7Q2kFsYLy7FAMFQN2upkH3O3OSsY0hM9+5vsgWwCYobOv0q4BXobuY MUKA==
X-Gm-Message-State: APjAAAXfdeweYjaH2mMNEG6JCSr/YmQCxdju1ghOR6ru2GB4QJrWHI/0 09l6qLZCX8HiDB6H9VctTyHmkA==
X-Google-Smtp-Source: APXvYqxxH6G4bzCZvE0ut3Bgbtnzm3bZtvD8+328w53VxYyN/vbYrE+JC13fmPDBIK7gYTvJWahMhg==
X-Received: by 2002:aed:2259:: with SMTP id o25mr101170qtc.55.1568328490850; Thu, 12 Sep 2019 15:48:10 -0700 (PDT)
Received: from [192.168.2.105] (pool-96-255-231-27.washdc.fios.verizon.net. [96.255.231.27]) by smtp.googlemail.com with ESMTPSA id y8sm3264009qki.0.2019.09.12.15.48.06 (version=TLS1 cipher=AES128-SHA bits=128/128); Thu, 12 Sep 2019 15:48:10 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/14.7.6.170621
Date: Thu, 12 Sep 2019 18:47:59 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: "Salz, Rich" <rsalz@akamai.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
Message-ID: <D9A04239.EAE63%carl@redhoundsoftware.com>
Thread-Topic: [Rats] use case document updates on Roots of Trust
References: <4155.1567948986@dooku.sandelman.ca> <64BD12AA-951A-468A-9F08-D442054605AD@island-resort.com> <de6ff852-062d-805d-3eed-10aca60502b2@sit.fraunhofer.de> <CAN40gStH5jUCJeVggREr3ABoFw7K97F=KtoJOSR_X+LWNLB+JA@mail.gmail.com> <CAN40gSu13DKkyahHA3_Cbt5j7Gsh=uGh5ic7fS3AvDGP3K1cug@mail.gmail.com> <5276.1568315351@dooku.sandelman.ca> <92137679-7DEA-42AD-B8D1-F3B909C77459@akamai.com>
In-Reply-To: <92137679-7DEA-42AD-B8D1-F3B909C77459@akamai.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/PS1n4FLQfrQ_97d-UIMWhcrDFxQ>
Subject: Re: [Rats] use case document updates on Roots of Trust
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2019 22:48:14 -0000

+1, though maybe say 'Used to verify a signature, possibly on a
certificate'. This is consistent with the 5914 (or 6024) definition: "A
trust anchor is an authoritative entity represented by a public key and
associated data.  The public key is used to verify digital signatures, and
the associated data is used to constrain the types of information or
actions for which the trust anchor is authoritative."

On 9/12/19, 6:31 PM, "RATS on behalf of Salz, Rich" <rats-bounces@ietf.org
on behalf of rsalz@akamai.com> wrote:

>I do not see a meaningful difference between "trust anchor" and "trust
>root" and "root(s) of trust."  All of them:
>	- Are pieces of data (certificate or key is not meaningful)
>	- Used to verify something such as a certificate or signature
>	- Are trusted by the application, based on actions that are "out of
>band" of the application itself
> 
>
>_______________________________________________
>RATS mailing list
>RATS@ietf.org
>https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email