Re: [Rats] New RATS

Thomas Fossati <Thomas.Fossati@arm.com> Thu, 02 June 2022 13:12 UTC

Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BABBC15AAE2 for <rats@ietfa.amsl.com>; Thu, 2 Jun 2022 06:12:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=dJptu8/i; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=dJptu8/i
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nl0UvKo6XUyS for <rats@ietfa.amsl.com>; Thu, 2 Jun 2022 06:12:34 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20613.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::613]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0D1AC15AAC1 for <rats@ietf.org>; Thu, 2 Jun 2022 06:12:33 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=QeLaFDdOKouLPj/786owuCPpwEz7oSQP1ig1eMUPr7VTJclcDEPO33E1SFFp2lWj2uKG4JraSoYsG00/iLS2IXf4UBnPO9KMWPv/Wv0Hqk4p+GRM8V5/OCP/RkuL+BcUqqHp6ilRUkFNJ+pTcPV0M87EG0U58ifUYaGjuIK7ZLNZV0q7IH01zYKiS0oUwFnfp/2Ojz8OIPZ3xE11MqrRdOhx0QxEuwwp9gbPqWO+4GO0eM6e7d3sXwpPATg/PriXcfiYzDGHgfSlO2Yfe4HKTNFDL7fI3M1Eb1HPuU7t1nPGGyfX1PHdiMeAnxavuF+mi7AHvo5BCM6/Fi788x1Log==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pHclIYczonjFUgycTeh+7G+RgYqwJRtT14yNG/SfIW0=; b=WaWgR0F/LFBZtqSVYPfXBw0qyLRb6OaEsYiLAznXqzLFWNZCW2HrcfLvV5UY4w2LtcC2gC0hXqJ9nP/VKDqTtjrcpe+VA2jK+BCMZUQO5SClMyePIyjEheub+hiQc1pVs6JTEMJzEnjZHAiBuY6JWW2BGAZaFPtD6E1OMSbtD4JOMRcD+1/VDEmPpl0UNLvd2tjb7j0IJYs1cVknxjURlgfZsYwRVkoN7oWe3hgFKuKFissoT0hLNyDzsUnjbSHjkXMgenONPinETQAzw0yvWOO67vQuPBoSkNXd1vmoqr6D/oW9XIsZHKgM0Ur6w06hkxA+dNXkBv2iiRF1BkaYVg==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=ietf.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pHclIYczonjFUgycTeh+7G+RgYqwJRtT14yNG/SfIW0=; b=dJptu8/imOPXHVQik8HOA8LEdu6JprSUgWazS9un3T6RLogynVEJOt4HnGqbUpl7eN2yUVAXASC1CAu4Ix7ppkCxoz+v/btownOZzq0eScvJ6hdqy3tR2o7tztUOdpqYNg4iCd+N84Fp/+kryHtj8aPZ81qjFtOIK9JfP9qnOSU=
Received: from AM6P194CA0028.EURP194.PROD.OUTLOOK.COM (2603:10a6:209:90::41) by DU0PR08MB7416.eurprd08.prod.outlook.com (2603:10a6:10:354::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.13; Thu, 2 Jun 2022 13:12:26 +0000
Received: from AM5EUR03FT027.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:90:cafe::3) by AM6P194CA0028.outlook.office365.com (2603:10a6:209:90::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.12 via Frontend Transport; Thu, 2 Jun 2022 13:12:26 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT027.mail.protection.outlook.com (10.152.16.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.12 via Frontend Transport; Thu, 2 Jun 2022 13:12:25 +0000
Received: ("Tessian outbound 5b5a41c043d3:v120"); Thu, 02 Jun 2022 13:12:25 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: bc659cd4ab2d2029
X-CR-MTA-TID: 64aa7808
Received: from 0aa21a601c99.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 0873F7C7-00D3-48F3-B117-4739DD904B42.1; Thu, 02 Jun 2022 13:12:18 +0000
Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 0aa21a601c99.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 02 Jun 2022 13:12:18 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gFdPqUyBk2kV871OsBE+qknlRi++8COaYzDYz158T1CmRdxkGKC1IdaXvbNFWyDHE5zvH9g+uX4ueBTkCTUWjtrqfAtxPugSQzgnb8o2AQlsJUtp7RxdYBX0rk4PiOO4e5JpFldtJhR2urcEDHBd66tO351FV/Btan/Rsh5/QMexTdiZIUXl/N9paczS8B8uuYllEBysvkdCz094X2SV+22A9P7JchudXch0/zmywV+x2x9Bddeb7wMDq3N7OCwh/sE5C/WX1TEELiCR+UDpC+dup89pWZt85awRBCbD3Acnu4tN/iZ4JqD4OJDWCIe0K/EFT7HiGCv5b9gI7L1ZWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pHclIYczonjFUgycTeh+7G+RgYqwJRtT14yNG/SfIW0=; b=ZwRv6cct9xn2Da+Fbavn6U6atmhAqBZiLua/8jR0tqlnfEDEAS/IaC9qWOy5JdycezMEec2zLHZtTdo9Li657huL8/mtxDnyDFQleEz2eejIranbUy5cECZgdp7PG3DPTA88RV2ABCUcVecFal0ud4frB7U+O0olMaheKLNLo7/MPh9YyOIX3jGmAziA5disu9YX3A4moA582jntxra20BemrrmoLuPZep28RVK3BmZIdFBHiq9Kj5hU45LMIi9Z/ZsuSQBvDKSGH9uD5Rr5OywwTAq8pwIuKQHrz6hoUQlLQ0vt/jaMp6jt7Yj3N3i3W9eGbP7ySxylq8IS0qNKcQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pHclIYczonjFUgycTeh+7G+RgYqwJRtT14yNG/SfIW0=; b=dJptu8/imOPXHVQik8HOA8LEdu6JprSUgWazS9un3T6RLogynVEJOt4HnGqbUpl7eN2yUVAXASC1CAu4Ix7ppkCxoz+v/btownOZzq0eScvJ6hdqy3tR2o7tztUOdpqYNg4iCd+N84Fp/+kryHtj8aPZ81qjFtOIK9JfP9qnOSU=
Received: from DB9PR08MB6524.eurprd08.prod.outlook.com (2603:10a6:10:251::8) by VE1PR08MB5280.eurprd08.prod.outlook.com (2603:10a6:803:10d::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.13; Thu, 2 Jun 2022 13:12:15 +0000
Received: from DB9PR08MB6524.eurprd08.prod.outlook.com ([fe80::adc5:f2d3:1920:7e3c]) by DB9PR08MB6524.eurprd08.prod.outlook.com ([fe80::adc5:f2d3:1920:7e3c%9]) with mapi id 15.20.5314.013; Thu, 2 Jun 2022 13:12:14 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: Simon Frost <Simon.Frost@arm.com>, "Smith, Ned" <ned.smith@intel.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] New RATS
Thread-Index: Adh0GG2wOl1fGdhXSJ+DJzH62+JLawAvzhYAACx/bnAACOqfgAAZVTngABvSVfc=
Date: Thu, 02 Jun 2022 13:12:14 +0000
Message-ID: <DB9PR08MB6524C38D3D2F72DC10FED4539CDE9@DB9PR08MB6524.eurprd08.prod.outlook.com>
References: <AS8PR08MB6392C7D0CC195B30CBC789CBEFDD9@AS8PR08MB6392.eurprd08.prod.outlook.com> <974C4ABC-20AC-4858-AEEA-5822ABA0DD78@intel.com> <AS8PR08MB6392C365BB06F62FA8A087D0EFDF9@AS8PR08MB6392.eurprd08.prod.outlook.com> <8DEE55C1-1658-40C6-9EFA-9BA55C0664EC@intel.com> <AS8PR08MB63928A0E621B6FF56E25B62EEFDE9@AS8PR08MB6392.eurprd08.prod.outlook.com>
In-Reply-To: <AS8PR08MB63928A0E621B6FF56E25B62EEFDE9@AS8PR08MB6392.eurprd08.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-MS-Office365-Filtering-Correlation-Id: 92a40baa-5403-4cef-b2ae-08da449989be
x-ms-traffictypediagnostic: VE1PR08MB5280:EE_|AM5EUR03FT027:EE_|DU0PR08MB7416:EE_
X-Microsoft-Antispam-PRVS: <DU0PR08MB74163843027010401E188A209CDE9@DU0PR08MB7416.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: mYLIOHoN6BYg/HBQlNNrwFEKbXALsE6ONvMDvw9b7ed36Lbe9uwb1HWtbd9DDXPeCcBllKxwwBpCW/k1ymNAMpma1OGxHjC2AqyXaQ7ehqHNyJQPP4b+ghxMHFsIM4di/FBdElHNcKFHlbrbsdwIVE0eRJXtK5CNlbf1z4TA2NK12qhRhhomcKubuyy/ifVe6uwamTIkRy81+57y8jaB0+mdRxnn9MZac8pMcwae0WCh/XMq0/wPZPv8vV0lgBgA6HhiudUHpbnmlrWJXZDUckV9q3WBwOAgOt42kmLv1HtVX/oNu9nukL/lYAynKHxZgIkSh0Peci0r52k8/EA8NlOCWQ41JYngUzWBetTZwbn32Ram6GtAoKh3jGiO/MN8uqgdXwtOSqe13UvnCne6n2it/TBnen/fp2EHjiUGoQNgBs7tDNqXKy7o+mJbJX/4eBF/Az9n8z8+ni643uV40UPc4YZvcxLzKeZ+sLKWs2B5iSB0tM3CrxhXjFYkGO9qlUOSldwXQV2DFuZpHTnf2+n8ZR4oePWNEkPxTvo2GZ+rlc+lVEUGlKsnknOdbxop2yhzpKJiBp4mSg1to03KEiBNkCn3GRo3finAXhWhIsTWDuL7zDY2FFYTj002MX6XLqtVxBDPUO/7h6dcHqWWHuBf9uSS0j5ODLUgrINTvuL+xPAudZkNmRaawwv5VWvNdfWZnIpmttnoyT3Ga54n1w==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR08MB6524.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(122000001)(55016003)(76116006)(8676002)(86362001)(38070700005)(2906002)(71200400001)(110136005)(38100700002)(186003)(83380400001)(7696005)(26005)(6506007)(9686003)(508600001)(316002)(8936002)(66946007)(64756008)(5660300002)(52536014)(66476007)(66556008)(33656002)(91956017)(66446008); DIR:OUT; SFP:1101;
Content-Type: multipart/alternative; boundary="_000_DB9PR08MB6524C38D3D2F72DC10FED4539CDE9DB9PR08MB6524eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1PR08MB5280
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT027.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 6376dcfe-caa8-4ea6-1642-08da449982e5
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ttowkUbNHfHsFWqsfwwRBeC3UvlxnaDsei23Fubdboyc2PnyoWPZErHJ+DRyV2B7EPdR5yBpMj8EAqbremEwtxJH3AikNkMUeIQIcgOVlRAPbRzgDzQWQutU44k2/TrWFP50LU7/w9ui8TZT61cWqalEEhY+310xR5qOJHJIsrcg1OgtvL7J5bDgSIHuvVoQ8ABu31RSx+1u8Kp817wH5wG9dp5wIfdUSIFsKLvSVKmSH6MGGXAh2stnIavAW5mXADoxPQ0LF9krnBBCD8O1JOiGit75CSdD9PrlbmWyi2Iy8pKN3WptlW2TBWVKnVHD7zjTaI5XTuy0kVGy5qP/dWxPeHiyPpo/+FMs8jd8nLlVZ/k4YxHDBZqW3s6lnjJW0KGYWo0tLreQHU+CqrRc+HZY8i+HiyXyKlJo2/F+MgnNBJhYjMoeFlfcYD/wqpiTCw5kpivFl2RXt8FLtP5q0XjWV9Zx7KWCX8zpmGHt6JgmZ8hO6V/c6lQiiDMT0gH8AGb11NlGIER+wXxxHPTgHBKln2i0sThfnPEHtzf/tUEZU2DxBtdPZmvLeHp9tNX1cJ9KebcSM5MYppBNRFpUmYTTjEsdaJDFDdUyG35eWbo0GhXo0GewJHXpf21Zv81DpEIVk1OmCl2UplPMBURCeCqsbbzuTqmmhAB7r5wj/pWpsARCJfkKYumG8qSaaxCe
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(26005)(6506007)(8676002)(9686003)(7696005)(2906002)(83380400001)(110136005)(186003)(336012)(70206006)(316002)(82310400005)(70586007)(47076005)(33656002)(40460700003)(86362001)(5660300002)(55016003)(36860700001)(356005)(81166007)(8936002)(508600001)(52536014); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jun 2022 13:12:25.7070 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 92a40baa-5403-4cef-b2ae-08da449989be
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT027.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR08MB7416
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/MPYrNk_DWowlgsMLnG-Ssz_uOMc>
Subject: Re: [Rats] New RATS
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2022 13:12:36 -0000

Hi Ned, Simon,

I agree on making the extensions to the EAT type system standards-track
only, as suggested by Laurence.  I also agree on your point of clearly
stating the requirements for registration.

On this specific point:

> Simon Frost <Simon.Frost@arm.com> wrote:
> > Smith, Ned <ned.smith@intel.com> wrote:
> > It seems there should be conventions for how to extend at a top
> > level socket? For example, MUST/MUST NOT an extension begin with a
> > CBOR global tag and MUST there be a registered content type
> > definition? And should global tagging disambiguate the content that
> > is intended to be used as Evidence (or some other conceptual message
> > type envisaged by the RATS Architecture)?
>
> It would be a sensible rule that a top level socket extension MUST
> start with a global tag & be relatable to an expected content type
> (provided that doesn’t complicate the identification of the normal
> CWT/JWT use case). This should only be a precursor to subsequent
> access to evidence claim set(s).

Just noting a couple of things WRT requiring tagging:
* tagging does not work with JSON-based
* making CBOR-based extensions tag-only would go counter the current
  definition of EAT-CBOR-Token, which also has untagged variants
* when using an outer media type / content format tagging is redundant

cheers, t




IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.