IETF Logo Mail Archive

Re: [Rats] draft-ounsworth-rats-x509-evidence-00

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Thu, 09 November 2023 14:06 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35A5CC17C502 for <rats@ietfa.amsl.com>; Thu, 9 Nov 2023 06:06:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.597
X-Spam-Level:
X-Spam-Status: No, score=-6.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GB_ABOUTYOU=0.5, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sit.fraunhofer.de header.b="i9JWKmf2"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="Dd39VJV+"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i8oQ3wH9JKgp for <rats@ietfa.amsl.com>; Thu, 9 Nov 2023 06:06:48 -0800 (PST)
Received: from mail-edgeka27.fraunhofer.de (mail-edgeka27.fraunhofer.de [IPv6:2a03:db80:4420:b000::25:27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30CEDC17C8A7 for <rats@ietf.org>; Thu, 9 Nov 2023 06:05:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sit.fraunhofer.de; i=@sit.fraunhofer.de; q=dns/txt; s=emailbd1; t=1699538757; x=1731074757; h=message-id:date:subject:to:references:from:in-reply-to: content-transfer-encoding:mime-version; bh=Qfe1CvMbN6JnqFzoZELlOg4y/9imHFJA2WH528sm/ZY=; b=i9JWKmf2sgG8zh9BTwmSTdTbr6HNNq0tmpCh5cJttOSIehGeP6fmSu15 E5+nsIYW8++JAr1tBccHOolwhInJ4W0ze26IKboBic3pkyBr4ce40reBh WD9EYJ+Of9K/b8o2h6hrKitdKMcMm2gfN0BlZWXS94HptXi/pkYyB+vf+ n23E936OFXsahAZR720gOyRRNf4Idknw5Q++BacgCpW/gdaEnw2pNd3MC SqT99Rk69owA4bVGceUpdfQg1k19R7EOvKWF+xh2WJIDDKxGAH5SE3+Es Ao0p+7p+bL9DI3vVBnyTbJs30NFBlLpgojKdTqRmeA5jYb8K+MVui2naW w==;
X-CSE-ConnectionGUID: 6PlXCc0yQ320qtrnAvPnCQ==
X-CSE-MsgGUID: LaNDhhVhQ9WimkLC71vpHg==
Authentication-Results: mail-edgeka27.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-IPAS-Result: A2FCAACK5kxl/x0BYJlaHQEBAQEJARIBBQUBQIE7CAELAYI4eoFdhFODT4ROiRQtA5xSgSyBJQMuHwkPAQEBAQEBAQEBCAEuCwsEAQEDAQOEfwKHKCc0CQ4BAgEDAQEBAQMCAwEBAQEBAQECAQEGAQEBAQEBBgYCgRmFLzkNgxZqgR0BAQEBAQEBAQEBAQEBHQINKAwNGwEBHQEBAQECAQEBIQ8BBQgBASwMBAsJAhEEAQEBAgIjAwICJwsUCQgGAQwGAgEBgnoBgioDDiMUkFmbOHqBMoEBggkBAQaBB1BBrggYX4FfCQkBgRAuAYNbhC4BigcXH4FVRIEVJwsDgnU+gh9CAQECAYE7AQGDe4JohmOCAxUuBzKBCgwJgQODUo1CXSIFQnAdAwcDfxArBwQtGwcGCRQYFSMGUQQoJAkTEj4EgWOBUQp/Pw8OEYI/IgIHNjYZSIJbFQw0SnYQKgQUF4ESBGobFR43ERIXDQMIdB0CESM8AwUDBDMKEg0LIQVWA0IGSQsDAhoFAwMEgTYFDR4CEBoGDScDAxNNAhAUAzsDAwYDCzEDMFVEDFEDbx8YHgk8DwwfAhseDScoAjVDAxEFEgIWAycZBCoEDgMZKx1AAgELbT01CQsbRAInnj+DFksJNiYBA1ECWAMLK0kEAQZCUMQsNAeCMYFfgVkGDIoWlQ0GEy+EAYxzhjyRb2SYPyCNRZUshRcCBAIEBQIOCIFjghZNJE+CZwlJGQ+OIIN4hRSKZnUCOQIHAQoBAQMJi0MIAQE
IronPort-PHdr: A9a23:UL/mshEwo/OouPoLT7TYCJ1Gf3BNhN3EVzX9l7I53usdOq325Y/re Vff7K8w0gyBVtDB5vZNm+fa9LrtXWUQ7JrS1RJKfMlCTRYYj8URkQE6RsmDDEzwNvnxaCImW s9FUQwt5CSgPExYE9r5fQeXrGe78DgSHRvyL09yIOH0EZTVlMO5y6W5/JiABmcAhG+Te7R3f jm/sQiDjdQcg4ZpNvQUxwDSq3RFPsV6l0hvI06emQq52tao8cxG0gF9/sws7dVBVqOoT+Edd vl1HD8mOmY66YjQuB/PQBGmylAcX24VwX8qSwLFuRXWBZ7annPCvalRhne1AuPtVpFqdmmO1 qdyGBHklB49ayYm3nPFqOJ30f4O83fD7xYq74KPMb+3CrlQZYTZeo9dTkNAdJt8cgllOoaff dIvXrUCAP8BjdaljWQjlDaULzOtL+rxyjRTtyLk+Kwm3+1wTCyYwBwNQdsq83/btIv7JYIxX 8Su4PfU0yn+NtZd9ynA1YKSYA8CoM+2DL57a9PMimNzLlzIn2uyiancDTDW8MpKiTWQ0eZQW rP+zHA8slhzvBz23vgTqo/QlJwvmkCdqRhd0bw+LtiRTk4rNI3sAN5RrSacL4xsXoY4Tnp1v Dpv0rQdos3TlEkizZ0mw1vSZ/OKcIHSvVTtTu+MJzd/in9/Pr6y1F6+8kmln/X1TdL8kE1Lo SxMjsTWuzgT2gbS5MmKRro1/kqo1TuVkQGGwu9eKF0yla3VJoRnxbg1l5EJtl/EEDOwk0Lz5 JI=
X-Talos-CUID: 9a23:gQ1oBmEr2UfuDIYUqmI5zEokMct9Y0SGli/JP1W+IHhRTpasHAo=
X-Talos-MUID: 9a23:KU8V7wjtssu4UuYVndk32MMpEM5Oz6SuNkA0wKoHvsqgHnMpJS+9g2Hi
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.03,289,1694728800"; d="scan'208";a="2664686"
Received: from mail-mtaka29.fraunhofer.de ([153.96.1.29]) by mail-edgeka27.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Nov 2023 15:05:52 +0100
IronPort-SDR: 654ce73e_4nHt7hKfnZuEFAXagYPOIqmJ/1oE8x2CbE2m0g6ldkSx1JT G9z8lJhecT6kWCwZgr06sMnJBI7Q4C5rYHe5DYA==
X-IPAS-Result: A0ByAACK5kxl/3+zYZlaHAEBAQEBAQcBARIBAQQEAQFACRyBFgcBAQsBgWZSBz41WIEFhFKDTQEBhE5fhkABgXQtAzgBnBmBLIElA1YPAQMBAQEBAQgBLgsLBAEBhQYChyUCJzQJDgECAQECAQEBAQMCAwEBAQEBAQMBAQUBAQECAQEGBIEKE4VoDYZMAQEBAQIBAQEQEQ8BBQgBARQYDAQLCQIRBAEBAQICIwMCAicLBw0JCAYBDAYCAQEeglwBgioDDiMCAQEQkFmPTQGBQAKKKHqBMoEBggkBAQYEBIFPQa4IGF+BXwkJAYEQLgGDW4QuAYoHFx+BVUSBFScLA4J1PoIfQgEBAgGBOwEBg3uCaIZjggMVLgcygQoMCYEDg1KNQl0iBUJwHQMHA38QKwcELRsHBgkUGBUjBlEEKCQJExI+BIFjgVEKfz8PDhGCPyICBzY2GUiCWxUMNEp2ECoEFBeBEgRqGxUeNxESFw0DCHQdAhEjPAMFAwQzChINCyEFVgNCBkkLAwIaBQMDBIE2BQ0eAhAaBg0nAwMTTQIQFAM7AwMGAwsxAzBVRAxRA28fFgIeCTwPDB8CGx4NJygCNUMDEQUSAhYDJxkEKgQOAxkrHUACAQttPTUJCxtEAieeP4MWSwk2JgEDUQJYAwsrSQQBBkJQxCw0B4IxgV+BWQYMihaVDQYTL4QBjHOGPJFvZJg/II1FlSyFFwIEAgQFAg4BAQaBYzyBWU0kT4JnCUYDGQ+OIIN4hRSKZkIzAjkCBwEKAQEDCYtCCAEB
IronPort-PHdr: A9a23:LO1qNhNObyuFuo0KCvUl6nZKDBdPi9zP1nM99M9+2PpHJ7649tH5P EWFuKs+xFScR4jf4uJJh63MvqTpSWEMsvPj+HxXfoZFShkFjssbhUonBsuEAlf8N/nkc2oxG 8ERHEQw5Hy/PENJH9ykIlPIq2C07TkcFw+6MgxwJ+/vHZXVgdjy3Oe3qPixKwUdqiC6ZOFeJ Qm7/z7MvMsbipcwD6sq0RLGrz5pV7Z9wmV0KFSP2irt/sri2b9G3mFutug69slGA5W/Wp99Y KxTDD0gPG1w38DtuRTZZCek5nYXUTZz8FJCA13BwErzdbupiiC5mrQj9xa0JtbXE59pdQ2i9 vdlRAPRsnsfKBAr4kP5jZEs2fE+wlqr8jBzmN/qQr/WGuFZeqSBOtgzREAcc+N0cxREIZHlT 9pQDNcYZMQH96PCimIjhzGEBCKlGuPk0Q4VlFr3waEzgrkMTx3W8VIpO5EFv2yKosTQF6k2S szr0LfU8GzmZN1I5Ar3sprXUREfm6CAVqhpbIn7lXBwGhL7rHW1kL7mfBW7kd5QuFaX3+UxB KWxkHd+qR9V+yCQ+ecqk5vXvNIFkwz50TRDy40wDNu4GBsoKc7hEYFXsTmdLZczWM45XmV07 T4z0aZV0XbaVC0DyZBiwgLWSNXdIs6G+Bv+UuaWLzpiwn5oK/qzhBe3pFCp0fa0FtK131BDs jdfn5HSu2oM2R3e5onPSvZ08kq7nzfa/w7J4/xCIUc6mLCdLJgkw7UqkYEUv1iFFSjz8Hg=
IronPort-Data: A9a23:+zCV565JxzlC/6a1I0G5jwxRtFjCchMFZxGqfqrLsTDasY5as4F+v jAYWzvVP/aMNjHxKNB2a9y18EJXu5/cm9FrTQc6/yE8Zn8b8sCt6fZ1gavT04N+CuWZESqLO u1HMoGowPgcFyOa/FH3WlTYhSEU/bmSQbbhA/LzNCl0RAt1IA8skhsLd9QR2+aEuvDnRVvW0 T/Oi5eHYgT8gmYlaj58B5+r8XuDgtyi4Fv0gXRjPZinjHeG/1EJAZQWI72GLneQauG4ycbjG o4vZJnglo/o109F5uGNy94XQWVWKlLmBjViv1INM0SUbriukQRpukozHKJ0hU66EFxllfgpo DlGncTYpQvEosQglcxFOyS0HR2SMoUdu7LCH0D4t/aq9EbafFz9wuRtIxkfaNhwFuZfWQmi9 NQDLSwVKB2TjOLwzqiyV+9sgcouNo/nMevzuFk5kGqfXKlgGM+SBfyQure03x9o7ixKNfbTY clfYzt1bxTHZw9nIVYLTpwklfquhn7xficepF/9Sa8fvTWCnFYpj+SF3Nz9U92zXvsPrnuh/ m/W5m6kAykTBtid8G/Qmp6rrqqV9c/hY6oZHae83uRnjF2U22ofExoYSUSyu/T/gUm7M/pFI lAP0isjsaZ081akJuQRRDXh/SXB70FZAoUBVrRgt0eTz+zfpQiDD3UCTjlPZcZguMJeqSEW6 2JlVujBXFRHmLOPQG+b9rCaoCn0Pi4QLGQYYjQDQxdD6N7myLzfRDqTJjq6OPft1oenKiK62 D2Qsik1ipMaiMNBhe3x/knKj3jo7tLFRxI8rFefFG+0zBJLVKj8bayR6H/f8alhKqSdRQK/p 3QqoZWVw90PKpCvrxazZtsxMoun3Nu/Cw2Es2VTR8Eg0x+P50+ceZth5WAiBUVxbecBVzzbQ G7SngJz9pZjBWaYa413b73sDM5w/6zrFInmZMv1dftLWIB6LyWczRFtZGmR/mHjq1ctmqcBI qWmcd6gIHIZKKZ/xh+kbr45/Z5y4Q5m3kLVZ5Tw7yr/4IqkfHTPFIs0agqfXN42/IavgVvz8 e8GE+Co1h8Gcun1QhePwL4pNVpQcEQKX8Hnmfd2KNyGDBFtQlw6KvnrxrgkRYxpsoJVmsrM/ VC/QkVo80X+t1KWNTS1bm1fV523UaZdtX4bOQkeDWSs0VUnYqet6/47XLkzdr8F6udi7KBVS 98oRsa+OclMGw/3o2klUZrArYJZZEuKgyCKNHGbezQRRcNraDHI3d7GRTHR0hcyIBC5j/Zjn I345DjnGcICYy9AEPfpbOmeygLtnHoFx8N3cUj6AvhSX0TO4oFaEjHDiN03L/5RLh+Z9D+R1 luVMyw5vsjImZc+q/PStJCHrqCoMupwJVVbFG/l9oSLNTHW026g4I1YWsOaVGn5eEKt34v6f sRT7fX3EMNfrWZwq4AmTopal/Mv1eXgt5px71pCHkySS3+JF7k5AH2N/fcXh5133rUD5DeHA BOeyOJ7Z4eMFtjuSmMKBQwfae+G6/EYtx/S4dkxI2T4/CVHx6WGY2oDIyizjDFhE5UtPLMH2 esBvOsk2z67gDcuMfeEiXlw3EaIJXoiTa4ml887BKnGtwkV8WxBMKfsUnLO3JKyatt3IhYLJ B2Qj/H8nLhy/BfJXEcyMnnv5tBjo6oylipE93I8AmiYu8Hkg6Y31SJB8D5sQQVyyA5G4t1JO WNqFhNUI4OS8xdBmfpzX2KlMFxEDxi3o0b0y0U7kVPIa0ySUk3MM2wPFuKf928J829nX2Z6/ ZPJ7E3HQDrVbMXK8S9qYnFcqtvnVs1Xyg3OvOuFDva1NcA2ThS9i5D/eFdSjQXsBP0AoXHup M5ozb5WUrL6PytBmJ8LIdCW+ppIQS/VOVEYZ+9q+Z4IOmTueDuS/zyqAGLpc+NvI836y2OJO /ZMFOluCSvnjD2vqwoFD5EiO7V3xf4lxOQTc4PReFIpjeGtkSpLgrnxqA7Fm24Zc/d/m50cK 6TQVQ64PE6+uH92o1LJ/e54YjeWQN9daAPFibX/tK1DEp8Yq+hjfH0jyrb+7T3fLAJj+AnSp w/ZIbPfy+t504l3go/wCeN5Ch6pLc/oHvG9mOxpXw+isfuUWSsWiz4olw==
IronPort-HdrOrdr: A9a23:Br/Qrq7VezCwk69sdQPXwDbXdLJyesId70hD6qkRc3xomq7xra qTdZEguCMc5wxhPE3I9ertBEDjex3hHPdOiOF7AV7IZmjbUQWTQ71K3M/L2D3qE2nS6vVU3q JtX6x3CNi1MENzh8T3+ym0euxQpeWvweSBnufUxzNKVgFla6Zp8gd/BEKyC1RyRANPGJo+E/ Onl6h6jgvlUW8WZcz+IGIEUejFr8DKk5yjWhIPAhpP0njssQ+V
X-Talos-CUID: 9a23:QDVrAGs9+Sx3FWCOKLmGfZXp6It+MXDY8k+XJXWBMm11R5qESE6T1/tNxp8=
X-Talos-MUID: 9a23:JNRiBAaDZRtfA+BTnj7Vnw84BPpRu6m+EUpQkK0Pic2GDHkl
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.03,289,1694728800"; d="scan'208";a="65982074"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA29.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Nov 2023 15:05:50 +0100
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.27; Thu, 9 Nov 2023 15:05:50 +0100
Received: from DEU01-BE0-obe.outbound.protection.outlook.com (104.47.7.168) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.27 via Frontend Transport; Thu, 9 Nov 2023 15:05:50 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HD/4S0RL69pzB8auWydnJEfTtJxdJtKjwW1pIQ4wpHvmoHegZEnqt1XCUh/shNHdRFZhIWs/qvBUu26WSF9EWQUBRCrxFOxjWAcgRrv+IyCIWAvMgR9D8qASgXjJq246mAHAE18Kk8jWTCWdsSHC/BEvHke8pGH/FDAFqrB5CFesX3O5VDjEK2UqLhim+O6K9JFu0EUVU87ubaX2cP5E4UOWRcNQsPgqyMIb2nE4ACZuEw8WvXPqXzn7jzE84ffnfr+E4FGYvXBjlJnAbI8HfwHth6XKnna6ztlrXkMH4806rpajflF5IURUD/WWObFsfODp6PaZ/XuEqNuIj9xSjw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lD3aCD0Pc+D66GWFssI6G5DQhq8fdtQR4pwFzzJFo54=; b=PSVzdean670sXP/so8jyk/EPAwl9oVl/6d5rSwAv2wmEtZgK9a48wICGRWnq6jXxwbdp0fY6p2kIQRGbhNzeG2pUZbTrIB6cziDL/nkH8zaAUr6ZclzNJ/DsjYHym1Rby8myi9mURazhZnmqQP+f54+q7gXlPcjXRWmr/hInyfCbjeKsodI42KEvkuiw4VQDKYjwU2ZdG4woBcEZUkZrmWJIY5LpXU96G6cM19FvCqxAh4c3BFfrR9OZkzrRNc4zsOdLofnXdhgk1ZU16bq4SYPxgn3DfakbQKrB6Ikn0VmjbG4Xo9eneWRQMrZWw75PKWRz1s4tvmpUm/0D7CKUBw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.fraunhofer.de; dmarc=pass action=none header.from=sit.fraunhofer.de; dkim=pass header.d=sit.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lD3aCD0Pc+D66GWFssI6G5DQhq8fdtQR4pwFzzJFo54=; b=Dd39VJV+FsOlo4/cAiB5EMMLPmKz1H97kUq1J70BWEQEBBRiCavhcsY5zMitda95E6txE6aL+cgp6fyMKfLsD6tvtU1McFvUUb2zwKiVR9dcrqu+B4Q7eyVJHMQZk+NF/R5cVdXg99/vsq1jvL1pWWHnqzvR8x14ULyRccmAnh8=
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8) by BEZP281MB3254.DEUP281.PROD.OUTLOOK.COM (2603:10a6:b10:24::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6977.18; Thu, 9 Nov 2023 14:05:47 +0000
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::30a4:de38:a6f2:252a]) by FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::30a4:de38:a6f2:252a%4]) with mapi id 15.20.6977.018; Thu, 9 Nov 2023 14:05:42 +0000
Message-ID: <cbcc5d8c-31e6-a56d-3933-5462fbf8ffbc@sit.fraunhofer.de>
Date: Thu, 09 Nov 2023 15:05:36 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: Carl Wallace <carl@redhoundsoftware.com>, rats@ietf.org
References: <6FCC00F5-1FAE-4CCD-9ED2-DA2BA923E7F7@island-resort.com> <011801da130d$74579390$5d06bab0$@gmx.net> <66c6191b-c393-69da-a849-f44da369917a@sit.fraunhofer.de> <7DC2D9E1-F052-48A1-B5A8-978D52275EE5@redhoundsoftware.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
In-Reply-To: <7DC2D9E1-F052-48A1-B5A8-978D52275EE5@redhoundsoftware.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: FR4P281CA0310.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:f6::15) To FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: FR0P281MB2879:EE_|BEZP281MB3254:EE_
X-MS-Office365-Filtering-Correlation-Id: 5dbd6395-a591-4a7a-497a-08dbe12cf5e2
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: K6coiGP0VxNKqmkwycCgkcq2UoHfzRUCypnLKCYrDPOJ7K5U3WKiUsEVgvf0pDzrkCKXX1t3NaBa4qAo3R8NmBXAYr90qqZObGLM0FsPCs/eucAl+FuBj5mHP2yeqvu/qMJHEK398EwDZS3HyX1lzCdI3MEsYW1+A4eVj/tVtX9Jz119Vumv7Q8ZSLtQskNhyrQOhOaXzjY1XBAA0ANgAFvtZwD//e1gtrUFC3RQG5Z+6r3TG4wCwd219TfhcSC3aF66D13k2BdFsW/7AYJqcpkUJ0JdeYf4Ycq7h8vXW+5FVtaX6MPWGAXeBKy/oyXPthIVkbJ03QOYTBrgMB8gZDA6uho/Rxt19e00/anHSs+O+iqGnORDSPreaOSEGaAOXmeknSIaeuGgjMww8U07AsuW8C2qKhlS7IUwj68ycu3bpnalwAi2JaHsjlWXJyu0DLXs5I3ehTj7lXdcH+aQZlJ3cAhYrqNLyxGgQ+6jjyN5onkCb9e2L+WUSDd1WgplZzZPHi68IAtyusVj0kLKbcxz+3lBavZxiThVlJEIXh43m4zRfwtJddRlDpkUqjfdDK5bndHEA4+7tC/HxyPcjPWilwEjtZHllyQgmFy7w9oIoxEb48AZS2WQQF5F+FyWXufO3V949E/oxb3jiV8OMbEz161A997AeDNrIAB0iQIak3BNH3ThWtGuFQ7PyAf0
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(366004)(346002)(396003)(136003)(39860400002)(376002)(230922051799003)(64100799003)(451199024)(1800799009)(186009)(8676002)(8936002)(83380400001)(31686004)(38100700002)(82960400001)(31696002)(2616005)(316002)(6512007)(6666004)(53546011)(6506007)(66946007)(66556008)(66476007)(41300700001)(86362001)(44832011)(966005)(6486002)(2906002)(26005)(5660300002)(478600001)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: bjxwnC7fGNbO+2G8a+OcABvh/RR0jk4J490SG2+2e4Xf5fQw9v237WvvViU3bRiLh4jAk4rU37km3FHPmVNfg6WPOYbdxze15P2AxwjIg6q7Wy23p5ebJNPbGxAa73M931SNB5nK0Nb5l1C31Gn+DHoUyMQ+nT1n3wpfVDYba7vCQpcz6zkYxT9VCmJj0NYve2sU+iP7eKYogaYoMJptQTZyS63NZb6pw6Ef97/mkc7bM9FD4sxoMDS71/f9DehdEKRvk+Bf9VpX6wRWs2jES6i9n+DvEH661qTVQdE5XxBME+CNpdhBqH647I1QwjNE7Ovm5RM2eYt7AkOVnjEx23ObpMMhktaYX7RWj8XmAuFQGm107re7omveLBe2K8TsCuEKReFj0jV44VOIvJUpUlum+eo1GaYtH8RQFI+vfvXEzXUM+J2e+xSE1BtdWrjC/QUoISgOmi/Jb1/7/tYXwgoUQixmJfSx3c+9u2GP7irgdki8n3SSsrj9NDHsyvRPQlIRCNasgFPOLr8Pm4R4zNAzDcGd/QatMOxM3gEYTIfptpNYdF8o3iiwyHDAv90kfBssBZSYksBk7p2qMvR22B7vs7QS1nxpMxryKoZBlygU/m46nyCh+s11TcmI88cEF0YZ8oybgVKWRgJof+YtaMEGiSzej0oMKlZ2rS+CqXe0sJYP85gkIxBLqHlGCDUbBidGDyIsIF9h8YeNSg4itNbXYGfePlZAswQVpPkH2DIRLpIy7613pFII/wy1KW07UAoVx98G4tOauNKcFttXp45GO2cPwb+8G+eSd3ef0Kd/V0RsvQHKRZJfzN6bES8+9O+/kxD5+tRDE7ZAO2h+pOHLYE0cmUjaUkIydgQhlD1IZUg/y7qBVhkTU7Q/yPMLFlWZ+sfq/d2THRNHkHjrBJDmpJEFcZbhCDijhjN0+BMn1dzKqkQRV0g2II56HMiRujQHno4h6s/EBasCni9kulgMTbII40iHwgSXwEqS3yguov9wFZrCKamrS8Sjvw8FSwyIKlHZZ5wnlJoGouTUlVZ46xDc4XRAcv1khrdv4EK+r+E1RI2M4vsujwA1tLkdmX7Plnz2ejcpF3On/Ggge4vMxlNRij8+JO41IbcNXnAnbRT0oUx1ka9mk6X06/OcauURvgyeRRyFV+8iHnauhz+5qdF0ebcKliLW4NODK9HuJdjvnDU4lvHY/2ADeZbKF8gNxoe7tSFjwr2UaoJXs0SKvaUwgqBpqjduy+ADuivJ0xT/9ttVi+lFow9kzlkickMwUGUKHzoRYke8ZBygTWZZWhLhPKhVr7tU1Yip87uGr0dEfXxAUHUUMbxiJmc+ul6PSvuByP9xWkh/El26wmBFrYzkN23kYRTexA549syT+X2yfS1W+d4Dpd9Tj+OzGtG+uz3iBtS6ePNLO0CWiOUkpt8Jv+2a/7qML17sVnby8Cfw5eY9zP0O04NO0QlcgAP/Q+FavH9wS5ian9D0xPU/VJ2SZ6uKTP2cdUop7Vka65a9VziJ+ApJK2PCpKAQ1E0fgQ6P1pQsMJ2HRp+LoepTKR2/fIIa6LxEeuJ69FrFr4hgGX9y3hQMLp3g+IDuBh5f660tKWzHh2dCghUqSRemDRgjLvvY06MNO4L8XJA=
X-MS-Exchange-CrossTenant-Network-Message-Id: 5dbd6395-a591-4a7a-497a-08dbe12cf5e2
X-MS-Exchange-CrossTenant-AuthSource: FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Nov 2023 14:05:42.4689 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 7frUAK0rkiWSarygB1IMxZNS0HVNeAlh11/9VRSUkOPocnVz/K36jI95FnjrNRvdofJpq1amQzB+Z+JEcMbFtdgQkSemkcrrAj3SuYMWu58=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BEZP281MB3254
X-OriginatorOrg: sit.fraunhofer.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/StIlhyqL8JRel3Aksvnou-RB71c>
Subject: Re: [Rats] draft-ounsworth-rats-x509-evidence-00
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Nov 2023 14:06:54 -0000

Hi Carl,

my individual opinion:

1.) I am obviously leaning towards one document and less text 
referencing/cloning. Splitting documents would just create a more 
confusing spread of documents, I think. The combined content will remain 
the same. If the WGs really want one document that does one half in 
LAMPS and one document that does the other half in RATS... okay.

2.) We most poselutely must sync semantics across any "bow-tie formats" 
(or documents split across WGs).

> There was an exchange between Mike and Laurence during the presentation yesterday that highlights a potential difference of opinion between I-D author(s) and participants in the working group that could impact the adoption question.

What was that about again? Carl, could you help me here, please?


Viele Grüße,

Henk

p.s. to Brendan's point: SUIT is build as a modern set of building 
blocks that will work elegantly for years to come and is luckily is not 
burdened with the esoteric laden history that are X.509 extensions. 
Evidence Attributes for X.509 artifacts still make sense as it will take 
some time before these requirements go away.

On 09.11.23 14:45, Carl Wallace wrote:
> 
> On 11/9/23, 8:09 AM, "RATS on behalf of Henk Birkholz" <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org> on behalf of henk.birkholz@sit.fraunhofer.de <mailto:henk.birkholz@sit.fraunhofer.de>> wrote:
> 
> 
> I think this discussion is mood as was pointed out in the meeting
> already. Please see:
> 
> 
> https://www.rfc-editor.org/rfc/rfc9334.html#figure-9 <https://www.rfc-editor.org/rfc/rfc9334.html#figure-9>
> 
> [CW] I don't think that diagram renders this discussion moot. X.509 certificate-based attestations have existed since before RATS (and before we called attestation evidence). There's not even much question about potential for including claims in an X.509 certificate within current RATS documents (see section C.3 of EAT). I think the questions are: 1) do we want to provide ASN.1 definitions for claims and 2) do we want to keep claim definitions (roughly) in sync across ASN.1/CBOR/JSON. Re: 1), there's seems to be general acceptance of defining claims in ASN.1 for the most part (though no one really answered Brendan's question regarding why ASN.1 was disallowed for SUIT but is allowed here). Question 2) needs some more discussion. There was an exchange between Mike and Laurence during the presentation yesterday that highlights a potential difference of opinion between I-D author(s) and participants in the working group that could impact the adoption question.
> 
> On 09.11.23 14:05, hannes.tschofenig@gmx.net <mailto:hannes.tschofenig@gmx.net> wrote:
>> Hi Laurence,
>>
>> The charter says:
>>
>> “
>>
>> Standardize data models that implement and secure the defined
>> information model (e.g., CBOR Web Token structures [RFC8392
>> <https://datatracker.ietf.org/doc/rfc8392/> <https://datatracker.ietf.org/doc/rfc8392/&gt;>], JSON Web Token structures
>> [RFC7519 <https://datatracker.ietf.org/doc/rfc7519/> <https://datatracker.ietf.org/doc/rfc7519/&gt;>]).
>>
>> “
>>
>> CWT and JWT are mentioned as examples. The group already works on
>> another evidence format, namely the TPM-based stuff.
>>
>> I would say that the document fits nicely within the scope of the charter.
>>
>> Regarding the document split. I am open to discussions about your
>> suggestion, which assumes adoption in the group.
>>
>> Ciao
>>
>> Hannes
>>
>> *From:*RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org>> *On Behalf Of *lgl island-resort.com
>> *Sent:* Donnerstag, 9. November 2023 13:59
>> *To:* rats <rats@ietf.org <mailto:rats@ietf.org>>
>> *Subject:* [Rats] draft-ounsworth-rats-x509-evidence-00
>>
>> I think it might be better to split this into two drafts.
>>
>> First, define how to put CWT/JWT claims into ASN.1 and make an X.509
>> attestation token.
>>
>> Second, define the FIPS and CC status claims for CBOR, JSON and ASN.1.
>>
>> I wish we didn’t have to do the first, but understand that we might.
>> Note that the RATS charter says we work on CBOR and JSON. There was a
>> little discussion about ASN.1 back in the early days and we certainly
>> put it off back then. There was also YANG discussion. Search the RATS
>> mail archive for ASN.1.
>>
>> I’m much more interested in the FIPS and CC status claims. I would like
>> to define them for CBOR, JSON and ASN.1. If they are booleans this is
>> trivial. The would get registered in the CWT and JWT IANA registries.
>>
>> One of the reasons I’d like to define them for CBOR and JSON is so
>> there’s a known and accepted way to translate their ASN.1 claims into JSON.
>>
>> Also, the X.509 definition should be for Attestation Results as well as
>> Evidence. There’s no reason to restrict it and there’s no work to allow
>> use as Attestation Results.
>>
>> LL
>>
>> (sent incorrectly the first time only to the rats-chairs; meant it for
>> the list)
>>
>>
>> _______________________________________________
>> RATS mailing list
>> RATS@ietf.org <mailto:RATS@ietf.org>
>> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>
> 
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org <mailto:RATS@ietf.org>
> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>
> 
> 
> 
>

v2.23.0 | Report a Bug | By Email