Re: [Rats] OEM ID lifetime (was Re: Warren Kumari's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT))
Warren Kumari <warren@kumari.net> Thu, 07 September 2023 14:54 UTC
Return-Path: <warren@kumari.net>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D04D1C14CF0C for <rats@ietfa.amsl.com>; Thu, 7 Sep 2023 07:54:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5vXQdOJ0Tus7 for <rats@ietfa.amsl.com>; Thu, 7 Sep 2023 07:54:41 -0700 (PDT)
Received: from mail-vs1-xe32.google.com (mail-vs1-xe32.google.com [IPv6:2607:f8b0:4864:20::e32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05410C14CE3B for <rats@ietf.org>; Thu, 7 Sep 2023 07:54:22 -0700 (PDT)
Received: by mail-vs1-xe32.google.com with SMTP id ada2fe7eead31-44d526f96fcso408177137.1 for <rats@ietf.org>; Thu, 07 Sep 2023 07:54:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari.net; s=google; t=1694098461; x=1694703261; darn=ietf.org; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=NMc1+JrpMuK/En+W6MAlOuLZaou9UL5MbqQwCftHekA=; b=RH2j0+GWxfPmrAQesXtFnEvN0zMn8CwNBYqtNDms+JkFmPTNGBS3cy3IzcSRAVBHVj kFK6XcpKezUaGDqQy8BcNWr1kYtG5KGVgP1W+tJtyyhtZPt8jx8Cw7mexin8JW0w5+AT dUohgmVwHOoiPOX3eY9+SBf9D69kGmcZyby7nG/aN4qc5Q0nr/tUZN+b7XndCncQ2lK1 GGFFRztAhv6Q/s1fR6bxYClDe0K0SvaIBZajwUBQ04ATwfF+L9npQr7/6+EQ+2szKOnC dmxoa1idy2ubsgF1dT/Ew3YQjAr1Z+5KxXuoyTsdLMcnxWOZ5DLvIXuF4Hqv/SMnnQOx IdmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1694098461; x=1694703261; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=NMc1+JrpMuK/En+W6MAlOuLZaou9UL5MbqQwCftHekA=; b=RXlpImJ0kb9/RwBdsNcWdup2Msk9jQcsg8otgmyZVr/XQ7UM0mb06DDo9pYr3x8ggK YGjZbeSMN8cK3/OLgVWKd7bEq38rjupMUpyDkO/c/WgAZel4Itxp+zG6WQS0w0+3hZey p/kUImmqsmhUbNI4tF8sc7oejnoCuLjmqcc9IfYc7YKd6dvKzKh8SVLp7T9kBJbaEOSI xlW7DIVDfGUPyOjoHyitVtK2mWyD2lZ99104+1orzRvxIilscUutVBlpVdYlgiVxLsTd zkNNXbx0SPudEDIL8Rk8TYLBWHuGE0WZDWt0UxXySth5P+Sx+zucCBE7FTizcZx9o/RH d+TA==
X-Gm-Message-State: AOJu0YyHN57NU3T8d1kkECelEtoJnL2uQufSVC1bHzoJIkwBReK4CW/K rg/IklKL2ZaD1iHJgU8QAWCpSCrM/pMhJjoYk/QhYQ==
X-Google-Smtp-Source: AGHT+IGG+49l3yItbjCju4jlEjgxl1JMtROmENYwPuHKWtDm30lcJTkExD4ztEP1G1c7y6P6/rEDnOch3NCrLcQJ6zc=
X-Received: by 2002:a67:ee0b:0:b0:44d:4553:4fd8 with SMTP id f11-20020a67ee0b000000b0044d45534fd8mr6136234vsp.18.1694098461046; Thu, 07 Sep 2023 07:54:21 -0700 (PDT)
Received: from 649336022844 named unknown by gmailapi.google.com with HTTPREST; Thu, 7 Sep 2023 10:54:20 -0400
Mime-Version: 1.0
X-Superhuman-ID: lm9agxoe.e81d7ec7-2835-4257-af31-db1cf796def4
In-Reply-To: <0110BAEE-EADF-4EF1-835F-A5CACED3C68B@island-resort.com>
References: <169403778969.57957.4295244570758062114@ietfa.amsl.com> <0110BAEE-EADF-4EF1-835F-A5CACED3C68B@island-resort.com>
From: Warren Kumari <warren@kumari.net>
X-Mailer: Superhuman Desktop (2023-09-06T19:18:33Z)
X-Superhuman-Draft-ID: draft00c1ee601d44f52b
Date: Thu, 07 Sep 2023 10:54:20 -0400
Message-ID: <CAHw9_iJkvS5Y2y8EszahBJJ48wv3tRZb+JU54x5ti1Yf6vM5fg@mail.gmail.com>
To: "lgl island-resort.com" <lgl@island-resort.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-rats-eat@ietf.org, rats-chairs <rats-chairs@ietf.org>, rats <rats@ietf.org>, ned.smith@intel.com
Content-Type: multipart/alternative; boundary="000000000000fc4c3f0604c6080e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/SEXjdZGwyvx5AND5L8nPV2fD_A4>
Subject: Re: [Rats] OEM ID lifetime (was Re: Warren Kumari's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT))
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Sep 2023 14:54:44 -0000
On Thu, Sep 07, 2023 at 12:13 AM, lgl island-resort.com < lgl@island-resort.com> wrote: > On Sep 6, 2023, at 3:03 PM, Warren Kumari via Datatracker <noreply@ietf. > org> wrote: > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Be ye not afraid -- a DISCUSS ballot is a request to have a discussion -- > https://www.ietf.org/about/groups/iesg/statements/ > handling-ballot-positions/ . > > > :-) > > > 4: S 4.2.3.1. Random Number Based OEMID > "They would perform this only once in the life of the company to generate > the > single ID for said company. They would use that same ID in every entity > they > make. This uniquely identifies the OEM on a statistical basis and is large > enough should there be ten billion companies." > > It is very unclear what exactly the "life of a company" is here. America > Online > has been, variously: Control Video Corporation (1983–1985) Quantum Computer > Services (1985–1991) America Online (1991–2009) AOL Time Warner > (2001–2009) AOL > (2009 - 2015) AOL, part of Verizon (2015 - now) > > At what point(s) in this tangled web (if ever) should "AOL" have generated > a > new "single SID"? Another example: "In April 2012, Facebook paid $1B for > Instagram, a photo and video sharing software." -- which "single" SID > should > Facebook (whoops, Meta) used for Oculus headsets? > > > Good point. Thx. > > I’ve made a PR here <https://github.com/ietf-rats-wg/eat/pull/406/files>. > For convenience I’ve pasted the text here: > > The "oemid" claim identifies the Original Equipment Manufacturer (OEM) of > the hardware. Any of the three forms described below MAY be used at the > convenience of the claim sender. The receiver of this claim MUST be able to > handle all three forms. > > Note that the "hwmodel" claim in Section 4.2.4, the "oemboot" claim in > Section 4.2.8 and "dbgstat" claim in Section 4.2.9 depend on this claim. > > Sometimes one manufacturer will acquire or merge with another. Depending > on the situation and use case newly manfactured devices may continue to use > the old OEM ID or switch to a new one. This is left to the discretion of > the manufacturers, but they should consider how it affects the > above-mentioned claims and the attestation eco-system for their devices. > The considerations are the same for all three forms of this claim > > discuss…. > Erm… Ok, but it will be a VERY short discussion - LGTM! :-) W > LL >
- Re: [Rats] OEM ID lifetime (was Re: Warren Kumari… Warren Kumari
- Re: [Rats] OEM ID lifetime (was Re: Warren Kumari… Warren Kumari
- [Rats] Warren Kumari's Discuss on draft-ietf-rats… Warren Kumari via Datatracker
- [Rats] OEM ID lifetime (was Re: Warren Kumari's D… lgl island-resort.com