IETF Logo Mail Archive

Re: [Rats] should Evidence containers be explicit about Personally Identiable Information?

Thomas Fossati <Thomas.Fossati@arm.com> Mon, 06 July 2020 09:26 UTC

Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C33413A1265 for <rats@ietfa.amsl.com>; Mon, 6 Jul 2020 02:26:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=eIy8tNNf; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=eIy8tNNf
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id elu4PtAzbjES for <rats@ietfa.amsl.com>; Mon, 6 Jul 2020 02:25:58 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70045.outbound.protection.outlook.com [40.107.7.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 516693A1266 for <rats@ietf.org>; Mon, 6 Jul 2020 02:25:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=isGOm8nQ8DNxV6ArsEeaaZe114J/xlq88Nc71x8bz3Q=; b=eIy8tNNfa7tqJHnyPJKJAxpMN4N3s4YFdA6MI4PGxhDlpvNGJ7/w3l73w+fnrwQ40sX9pRtDQT/jwYbNkTijcaOluYF2m1EeTMP7pwdItAHQAachak6e9w2/FFyPwbtvIIbHdb1l2pFPVHon3wblwqp4FMDrMSFRzSen53Z7wMs=
Received: from AM6P193CA0083.EURP193.PROD.OUTLOOK.COM (2603:10a6:209:88::24) by VI1PR08MB3552.eurprd08.prod.outlook.com (2603:10a6:803:81::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.28; Mon, 6 Jul 2020 09:25:55 +0000
Received: from AM5EUR03FT022.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:88:cafe::ec) by AM6P193CA0083.outlook.office365.com (2603:10a6:209:88::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20 via Frontend Transport; Mon, 6 Jul 2020 09:25:55 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT022.mail.protection.outlook.com (10.152.16.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.24 via Frontend Transport; Mon, 6 Jul 2020 09:25:54 +0000
Received: ("Tessian outbound 114f46c34313:v62"); Mon, 06 Jul 2020 09:25:54 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 1be0e8fc6b6d3cdc
X-CR-MTA-TID: 64aa7808
Received: from 74831af39180.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 98D63B00-5113-4032-BDAE-A56DBFD8308A.1; Mon, 06 Jul 2020 09:25:48 +0000
Received: from EUR05-DB8-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 74831af39180.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 06 Jul 2020 09:25:48 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M7ym3oG9z4d24QAPREb7+upe9KiYQY5hVjNG5fXz/9TCmZ8lBnmGxRRqfNtxAFE1rQNfp0UZ1TUEIYfYD9uRXhq9V9AVv2drZJi70WDmbha5iig8fOjud9kECFEH1g8Zlt91UwUW8g3iF7pXy0z8OzkRQS3fW7Nq2hF3qgnot51c5Ju5j3ioS3AlZDfEUywsJiW0cgwEXdDJ5P1uHpfJxvYSY1yW+wib3fdamRR6feAH9dPqDujAmUkr44kMp4ZWFS9nlIdB/jp/f8KWcC0D4Fkh2M6805t2k9HvQzHNeGmty0j91dKh1JIMC7LTEYqbTGpnQOvnZXGXhZZEu2hSbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=isGOm8nQ8DNxV6ArsEeaaZe114J/xlq88Nc71x8bz3Q=; b=NavE7KFhTzI1EXuoP7FW76rsdpuHCkQ+dQRTo2YHZwuNn74tytNNyy7GTaXf373VdiulVTtpTSJCgNGKxb8IkF4TzTAXrImGo/8EMPPsE5tMeRbiTf+SdVAVVXJEUj8fwPj/YARCYpA74g24RWHgVIx3D0ptA6vf4yngHG98XYp1sq1L5cJfTZixCvqGaY5bWXhWBlH/QhEre2Uk272zu/SfGGICTkokFAjPfm07p+LUOHnjQes9SaRQpdRwA8zkaZk1gjUsFyrW6oDJGu+Dz4uGLcZdf1U02qmefvyWuKCi8H+g8dpgBIUlcz5GzKWNxbKICCw83tTTq19Gr4BGCA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=isGOm8nQ8DNxV6ArsEeaaZe114J/xlq88Nc71x8bz3Q=; b=eIy8tNNfa7tqJHnyPJKJAxpMN4N3s4YFdA6MI4PGxhDlpvNGJ7/w3l73w+fnrwQ40sX9pRtDQT/jwYbNkTijcaOluYF2m1EeTMP7pwdItAHQAachak6e9w2/FFyPwbtvIIbHdb1l2pFPVHon3wblwqp4FMDrMSFRzSen53Z7wMs=
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com (2603:10a6:20b:73::23) by AM6PR08MB4183.eurprd08.prod.outlook.com (2603:10a6:20b:a1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.28; Mon, 6 Jul 2020 09:25:48 +0000
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::459b:bcf3:b888:c906]) by AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::459b:bcf3:b888:c906%6]) with mapi id 15.20.3153.029; Mon, 6 Jul 2020 09:25:48 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
CC: Thomas Fossati <Thomas.Fossati@arm.com>
Thread-Topic: [Rats] should Evidence containers be explicit about Personally Identiable Information?
Thread-Index: AQHWT0qg16qdO1UkpEOwcIPLbGmPlKj1qKoAgAJpmQCAAYQngA==
Date: Mon, 06 Jul 2020 09:25:48 +0000
Message-ID: <74C3C9C3-F4A7-4577-B758-2FEAC06173E0@arm.com>
References: <ietf-rats-wg/architecture/issues/116@github.com> <28098.1593568476@localhost> <8AA2FB69-6E91-431A-BD57-354C65DAEE76@arm.com> <22564.1593904278@localhost>
In-Reply-To: <22564.1593904278@localhost>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.38.20061401
Authentication-Results-Original: sandelman.ca; dkim=none (message not signed) header.d=none; sandelman.ca; dmarc=none action=none header.from=arm.com;
x-originating-ip: [82.11.185.80]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: cdeb20bb-d766-4ceb-b16d-08d8218e956d
x-ms-traffictypediagnostic: AM6PR08MB4183:|VI1PR08MB3552:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <VI1PR08MB355284897D990C9073E2DBBA9C690@VI1PR08MB3552.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:7691;OLM:9508;
x-forefront-prvs: 04569283F9
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: LqM/hvEBhYHmN2QxDKQsYirHSRTQoMoDrD1J6w2B7SUm5zUm8i03+Lls1s0CETRhG8u2lm12rbzAROqOeysmGJ1iI3FfAPWuCnTyEoDFPPVNzJHqXhReXuUPcdMuWZuvdItcHDsEvZF2BNMNE3I5yqIaq+rgSooYhHcb4JmZZ16jyCLHtKmyh98bq0xuummqf85a9FgyqTBxD7L3TiBPnlQxU8eKd6Jj9L90iHvJN78c/ph4ThtMbpkj3KpYAuORsu+0q21rCg8FfU3CmtWfe9kHl19PsRRH6o2nY7eHEq3Nm/xdoiM38WTRsPcG9bqvvZXXzUVX4NXqB8P5vY23SQ==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB4231.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(39860400002)(376002)(366004)(346002)(136003)(4326008)(6506007)(186003)(53546011)(26005)(6486002)(86362001)(36756003)(6512007)(8676002)(8936002)(478600001)(83380400001)(2906002)(110136005)(316002)(5660300002)(2616005)(64756008)(66446008)(66476007)(33656002)(71200400001)(66946007)(66556008)(76116006)(91956017); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: OfI/18f2Fr0BwslWDWH6woikSlCHm1YoVRjuj4fWkkOfnE8ucBjGEFwjuZ+J3n9j0AJchr3zjoXBCX+kL345ZRRAJ69pw8X2A4a7y6lu7O5nygdPlh2G9UUrmTrMycsykDyqkSLBhZB8J2YA812tLdPBZuXkhQtdq/56hknEnw8BAc6lq5CWgCblf39qsZqBeQI0eHonEQ6gNQyEcs8nv3Sk3OE4xB87Hf+wK0NhwtT4LqidISyOHH8QkqE2zj76th7MoHF0s1z2cxixxRknOPXEYYdJ6f7TJD1unitWuFFw/G1Q/TDZPo26Rhk3cSc9didoPdSVovIeQ5dP11jWgccpuzvpMPUQS/M/aIu0iopQEQXU1RLEkCxEShRH4bjzJX4Dyw/3SA5/+CEHBACa0V3n747t7056cqCuEqcJm15mWElURknbA0lNW5QrlvnzKUTTYWBcf+XQ8bChwKqEY6tDOCotZPHd6k+xi5uiCM8=
Content-Type: text/plain; charset="utf-8"
Content-ID: <E2965EB84D089245A531CFB0F833D0B6@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4183
Original-Authentication-Results: sandelman.ca; dkim=none (message not signed) header.d=none; sandelman.ca; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT022.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(376002)(346002)(396003)(39860400002)(136003)(46966005)(356005)(110136005)(82310400002)(2906002)(316002)(70586007)(53546011)(6506007)(36906005)(83380400001)(33656002)(70206006)(82740400003)(2616005)(8676002)(186003)(336012)(4326008)(5660300002)(47076004)(6486002)(478600001)(8936002)(81166007)(26005)(86362001)(36756003)(6512007); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: fb73c292-f8be-40aa-dbfb-08d8218e9162
X-Forefront-PRVS: 04569283F9
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: qsfdh79thTSbzRk2uiiMdMqQ2tQschEZtG8a5/oG2tOG2qLJysCyf56CAQx/fNTGh/9+5LUfvKhw7Jki0rwTd9APxzxuhfE7lA//SIDYwMJxqRpf9zEToNaLsGYvjwY+LsH/x3GgyxuFFM05HUIEgRh91VHrggVIKSKa9Q37sFgadcoQu0kr4gYtuoeNpWm9Zs4DQH3SMQihQPMiyJcVwS74y9XqWt0ddYN0w48GohsXOkwdcQMdBka889fA+ijZAmUDJU8H0lyMe+Wv9ldstL6iS3mTOVFaG6GmlqKaL0yRmalpgVyXjLT+BpWVOQEmu8H75A+QwWbIlXm+sfNdUVwE5kZiq50XTW0SgsJflEE9kPG9EIhTJHNOvc3Dpq7rym6/Ukz0qWfP+QpmaPjiDg==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jul 2020 09:25:54.8372 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: cdeb20bb-d766-4ceb-b16d-08d8218e956d
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT022.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3552
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Rgjdki2FaTb8-CGBbG_YYZ--fpc>
Subject: Re: [Rats] should Evidence containers be explicit about Personally Identiable Information?
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2020 09:26:01 -0000

Hi Michael,

On 05/07/2020, 00:11, "Michael Richardson" <mcr+ietf@sandelman.ca> wrote:
> As we move towards a multi-vendor situation the rollout of new claims
> will occur in an unpredictable way.

Maybe the privacy dual of EAT's "MUST ignore unknown claims" is: "apply
the same privacy policy you'd use for PII claims to claims that you
don't understand"?

> > PS: Maybe there is a requirement for EAT profiles to specify in
> > their privacy considerations what claims are PII and what is the
> > expected treatment by actors in the attestation chain.  This is
> > EAT's job, not at the architecture doc level though.
>
> I'm okay if the answer is that EAT will include some kind of flag, but
> that we don't have to assume it exists at an architectural level.

What about:

1. EAT requires its profiles to explicitly highlight any potential PII.
   This will inform the privacy behaviour of the Verifiers that decide
   to support a certain profile.
2. For *unknown* claims included in Evidence that is produced according
   to a given profile, the requirement for the Verifier is to treat
   those unknown claims as PII.

Cheers, t



IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email