Re: [Rats] Call for adoption (after draft rename) for Yang module draft

[Michael Richardson <mcr+ietf@sandelman.ca>]

On 2019-11-11 5:57 p.m., Henk Birkholz wrote:
> Hi all,
>
> on one hand, we have to address the overlap between YANG and EAT
> information elements (statements & Claims) and how to deal with them
> (one obvious issue, for example, would be potential redundant
> information model content in two different drafts).

Can you give me an example, but I'm not getting the issue.
I think that we will be the first to attempt to use JOSE to sign a JSON
serialized YANG object, resulting in a JWT.  Well, technically, it's
probably not a JWT, because we aren't going to base64url it and put
periods between the pieces, I think.  It's just JOSE, but I don't mind
if we call it a JWT.

draft-ietf-anima-constrained-voucher does CBOR serialized YANG which is
signed with COSE.


> On the other hand, Laurence's original point was the payload of
> conveyance protocols used by RATS. Specializations of this topic are
> apparently:
>
> * Web Tokens via YANG Interfaces, and
> * YANG modeled data via other conveyance protocols (other than *CONF)
> that can transport Web Tokens.
>
> There are examples of how YANG modeled data is used outside of *CONF
> protocols, for example MUD. We have to understand and agree about:
>
> * this is possible on a technical level, and
> * this is useful wrt to protocol scope, intent & semantics, I think.
>

MUD (RFC8520) does it, but so does ANIMA vouchers (RFC8366).
Again, data-at-REST described by YANG.

But the document in question does not seem to be data-at-rest, but RPC
access via *CONF protocols to TPM 2.0 objects, so I feel that you are
further muddying this thread by asking the above question.