Re: [Rats] What's to EAT? - terminology clarification
Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Wed, 13 November 2019 17:51 UTC
Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEE33120836 for <rats@ietfa.amsl.com>; Wed, 13 Nov 2019 09:51:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iWzA9JwxKjUz for <rats@ietfa.amsl.com>; Wed, 13 Nov 2019 09:51:17 -0800 (PST)
Received: from mailext.sit.fraunhofer.de (mailext.sit.fraunhofer.de [141.12.72.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51C72120841 for <rats@ietf.org>; Wed, 13 Nov 2019 09:51:17 -0800 (PST)
Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.15.2/8.15.2/Debian-10) with ESMTPS id xADHp66H006768 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NOT); Wed, 13 Nov 2019 18:51:07 +0100
Received: from [192.168.16.50] (79.234.112.245) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.468.0; Wed, 13 Nov 2019 18:51:01 +0100
To: Laurence Lundblade <lgl@island-resort.com>, "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
CC: "Salz, Rich" <rsalz@akamai.com>, "rats@ietf.org" <rats@ietf.org>
References: <229E0A72-4B44-4C9A-AD0A-142A13020C9A@intel.com> <MWHPR21MB0784058F591C52EEB31E0736A3770@MWHPR21MB0784.namprd21.prod.outlook.com> <4F586E15-9CF7-4824-87F2-8E2C20D1AF1D@intel.com> <MWHPR21MB078439E9EB07E3BB72E15137A3760@MWHPR21MB0784.namprd21.prod.outlook.com> <71173EC8-A167-47B9-B0F1-05759D59890B@akamai.com> <20191113071244.onqdgo2roqt7efb6@anna.jacobs.jacobs-university.de> <B555FC8E-FF3B-468A-B3DF-9F10DD6FBBF6@island-resort.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <2be3acbe-c2a3-076c-63a2-b5d00a3ba4c2@sit.fraunhofer.de>
Date: Wed, 13 Nov 2019 18:51:00 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <B555FC8E-FF3B-468A-B3DF-9F10DD6FBBF6@island-resort.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Originating-IP: [79.234.112.245]
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/RppDrsTCXo2hNS68e0m2H7MhVH4>
Subject: Re: [Rats] What's to EAT? - terminology clarification
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2019 17:51:21 -0000
Now I am a bit confused. Didn't you attempt to use CDDL as an information model in the EAT I-D? On 13.11.19 18:49, Laurence Lundblade wrote: > >> On Nov 12, 2019, at 11:12 PM, Schönwälder, Jürgen >> <J.Schoenwaelder@jacobs-university.de >> <mailto:J.Schoenwaelder@jacobs-university.de>> wrote: >> >> Concerning IMs and DMs, here is the (extended) RFC 3444 view that >> is commonly used by some parts of the IETF: >> >> IM --> conceptual/abstract model >> | for designers and operators >> +----------+---------+ >> | | | >> DM DM DM --> concrete/detailed model >> | | | for implementors >> +--+--+ +--+--+--+ | >> | | | | | | | >> EN EN EN EN EN EN EN --> encodings / representation formats >> for instance data > > In the EAT draft, the EAT claims information model is in the largely > textual description of each claim. > > In the EAT draft there is just one EAT claims data model. It is the CDDL > in the EAT draft. > > Currently there are two claims encodings, CBOR and JSON. Thanks to CDDL, > we get from data model to encoding in a largely mechanical way and there > is little text needed. > > > IM: Text > | > + > | > DM: CDDL > | > +---+--+ > | | > CBOR JSON > > > I think this is a good, simple and effective way to proceed. > > (There are a few things wrong with the way this is written up in the > current EAT draft that need to be fixed: > - The encodings are mis labeled as the data model > - I’m not sure the CDDL is correct) > > Maybe one more encoding for X.509/ASN.1/DER is added to cover Dave’s use > case. Hopefully it could be by saying how to encode the needed subset of > CDDL into ASN.1/DER. Android Keystore also uses X.509 for attestations, > so this might add motivation. To keep effort down, CDDL->ASN.1 should > just be for EAT and a CDDL subset. > > I do not think we should try to bring YANG in here. So there is no YANG > expression of EAT claims. (I did see Eric’s GPS use case, but don’t > think it is mainstream enough to motivate the complexity and large > effort to bring YANG into play here). > > This email is just about the “EAT claims information model”. There can > be other separate information models for other parts of RATS. I don’t > think there should be one global RATS information model that spans all > the documents. > > The gap of sorts here is IANA registered claims, the existing ones and > new ones. There’s no requirement to provide an information model or CDDL > when you register new claims with IANA or even coordinate between JWT > and CWT. > > LL > > > > > > _______________________________________________ > RATS mailing list > RATS@ietf.org > https://www.ietf.org/mailman/listinfo/rats >
- Re: [Rats] What's to EAT? - terminology clarifica… Smith, Ned
- Re: [Rats] What's to EAT? - terminology clarifica… Dave Thaler
- Re: [Rats] What's to EAT? - terminology clarifica… Smith, Ned
- Re: [Rats] What's to EAT? - terminology clarifica… Dave Thaler
- Re: [Rats] What's to EAT? - terminology clarifica… Salz, Rich
- Re: [Rats] What's to EAT? - terminology clarifica… Schönwälder
- Re: [Rats] What's to EAT? - terminology clarifica… Laurence Lundblade
- Re: [Rats] What's to EAT? - terminology clarifica… Henk Birkholz
- Re: [Rats] What's to EAT? - terminology clarifica… Laurence Lundblade
- Re: [Rats] What's to EAT? - terminology clarifica… Henk Birkholz
- Re: [Rats] What's to EAT? - terminology clarifica… Schönwälder
- Re: [Rats] What's to EAT? - terminology clarifica… Smith, Ned
- Re: [Rats] What's to EAT? - terminology clarifica… Michael Richardson
- Re: [Rats] What's to EAT? - terminology clarifica… Laurence Lundblade
- Re: [Rats] What's to EAT? - terminology clarifica… Henk Birkholz