IETF Logo Mail Archive

Re: [Rats] Profile identifier (was Re: EAT Profiles)

Giridhar Mandyam <mandyam@qti.qualcomm.com> Wed, 21 September 2022 14:22 UTC

Return-Path: <mandyam@qti.qualcomm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D4EDC15EB3A for <rats@ietfa.amsl.com>; Wed, 21 Sep 2022 07:22:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.707
X-Spam-Level:
X-Spam-Status: No, score=-2.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=qualcomm.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NGW48Oj_ufjv for <rats@ietfa.amsl.com>; Wed, 21 Sep 2022 07:22:49 -0700 (PDT)
Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75DFFC14EB1E for <rats@ietf.org>; Wed, 21 Sep 2022 07:22:49 -0700 (PDT)
Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28LEGGae001655; Wed, 21 Sep 2022 14:22:49 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=qcppdkim1; bh=WOrjCTehnGckbr0NAcotXn78GBhsHnhyXQvAz13zj0s=; b=LUIDEWOZQIZcS2ftlolNtnVzfsT1Wf+iE35Hrr2ul7ild9plixAej9ZMg1optjEAj9G1 yG7ICQCzHSDh97IsNTnUyoi7GwGMzhp+jHnfmQoe/Y8ffVZiqlTTXGEXCk+RbVNncDYH mbW0EEke/JOGSbRqD3dWZPLLNaT4yWP800Ii5L/jQMSscIHVkak1l8wF5ZMWMSzttklX z+euQ1asdgqST0uK5o2fv6fQDYMbnFfOLrd6dbrxOEEA0Nt1sClkwoiiA+/HQk6J5USg vnU7uv8kRkC5QlQLKoLaK8apO7R6CUB7fMwheW0pQvzYWHcIc6L0J3mfZG0LJL1i6zOl QA==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2103.outbound.protection.outlook.com [104.47.58.103]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3jr1acgkxs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Sep 2022 14:22:48 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eO9+r5xIMmYe379dkjdlPoA9D9CQ/1oz4/bViQjL64uWkC65LuRImYIAw0J5uaC4WAzKhhgK25vX8pnbRWqBow8aPQF5/2IxKffBPdBMANhUo+3ZrH2umWZGbrbUN8tzq2pYnDoCE1iT+fyu0OcCXKjM1Gsu1FAaAH1Qdlbx3vyA5/Xis0oXmuhupgIZloQpNP2PuHEqs9UYotiDH5GJg5cF1RFlWoC1WkPrFZ9udvr6z32brmGEoM7L7kGd5VxUS9LdfUjV7LZhWeFEdnNgvDjlJj8iIU/mOXwBcS3pb31pUp67fSvg9MgTu+jcVe1pMxgVZb99DJ7AT8IBXmmdDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WOrjCTehnGckbr0NAcotXn78GBhsHnhyXQvAz13zj0s=; b=gCZK7FkVNFoPsrPLb4NFl8GmKZVNjUpc5IFVn4rUeJr6osZPujbOZUnRH22Q9uaW10hKQrsebb8y0bHjRGyj/DLUu8zq3pAkpBfzzbNA4pRK/tuazmGhmxdAqTkrt51NdH1+4yMdPkU7EdCcFJGCgUzRPOKuTkqsx6YeklUiBJPQ7t2RNsS9mpptkrw2ecP4fvpehmV8e1CrWiPfaMR8TERMQuOOU7nQ2mgnAeyVvv06q8XimxDn7MALp/PFkHgK8UT1x+pEtA+jAmtpPsURjqX71EALgnyBZNpM4FoOOxhKTIy+gk8yuyWDvQ9GxsBzefsFy0RNidg27bQ0DxhaWA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from SJ0PR02MB8353.namprd02.prod.outlook.com (2603:10b6:a03:3e4::7) by CH0PR02MB8043.namprd02.prod.outlook.com (2603:10b6:610:108::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.14; Wed, 21 Sep 2022 14:22:46 +0000
Received: from SJ0PR02MB8353.namprd02.prod.outlook.com ([fe80::e199:3741:f31:a3a1]) by SJ0PR02MB8353.namprd02.prod.outlook.com ([fe80::e199:3741:f31:a3a1%9]) with mapi id 15.20.5654.016; Wed, 21 Sep 2022 14:22:45 +0000
From: Giridhar Mandyam <mandyam@qti.qualcomm.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Michael Richardson <mcr+ietf@sandelman.ca>, "Smith, Ned" <ned.smith@intel.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Profile identifier (was Re: EAT Profiles)
Thread-Index: AQHYza2u8QhQajMJY0KEsEWpPQ6nt63p5XHggAAEWICAAABAEIAABBKAgAAAL7A=
Date: Wed, 21 Sep 2022 14:22:45 +0000
Message-ID: <SJ0PR02MB8353435EAD5F0D7727DBD840814F9@SJ0PR02MB8353.namprd02.prod.outlook.com>
References: <71934.1663019954@dooku> <DBBPR08MB5915AC23726BF997EB9E44C4FA489@DBBPR08MB5915.eurprd08.prod.outlook.com> <19805.1663344806@dooku> <AS8PR08MB5911DB2FE9608541698983B0FA4D9@AS8PR08MB5911.eurprd08.prod.outlook.com> <ab4312d3-c35f-5e72-9658-ca88ba3523c2@sit.fraunhofer.de> <CAObGJnNjuTT+QqnSpp1abrX-1hHGzCkVkzrM8GArPs8sDu=W+g@mail.gmail.com> <f9f289ad-5f36-b781-7502-219778148491@sit.fraunhofer.de> <885ABB6E-FD98-45E2-84BE-5A3A3C37D3F8@island-resort.com> <ABB7105F-6B5F-47AA-886C-8490024C3D47@intel.com> <46605.1663756035@dooku> <SJ0PR02MB835323B33E4FFA04DB96FECB814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <2f371cdb-38b1-f042-27e7-86afb91a38a2@sit.fraunhofer.de> <SJ0PR02MB835310DBD2C9CE9B3EB7424B814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <e251b4bc-7757-a681-f408-4309942fad53@sit.fraunhofer.de>
In-Reply-To: <e251b4bc-7757-a681-f408-4309942fad53@sit.fraunhofer.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR02MB8353:EE_|CH0PR02MB8043:EE_
x-ms-office365-filtering-correlation-id: 796873c4-2303-4bf6-3c29-08da9bdcc0d3
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: UFU4NfUtdLzohrRLyngyAekemcN0optxstpQUrRae9n3KBSumpkimI7XKJIruzhJP8B9iCs5i0Sq84OFJYCwDegtwgrSitjs957hcSDv14JDmfj8cBk5shNFOn2jJUhDUuw/2kaqQo89WdZUGCp2uh0WS/M5M5IMU1v6AZ0GgkKdvRtXBAOW6NMcDUPdBykjYyJdR5W7f2YqHSg7DPxbE0tKgBsevCJrkHMPsufyAxC+r8dPofFwYeAHN0svAB0HK527bi8XjUH/GN5DkXn9sPlELAxIXUlDcZMGi4SUh0jNSsaS1ZgA2iN+cLrzEfteQSPqOTJAY0JSxEE4WbDQ0oU/vEIy3Yh6wEUmaaRa4gSdkCuxD+mmoZ/uDredHRuhx77vjhiQKDkFwMdryu77BwHE4t2xRNmRXEA24OvQva4ld221vpLBkFjPGIINgSbMD5Velpm6dNwJqblXR9uGWZp9MHj0+CwGHs3iqdQI++deuLXBjtZ7MN4uSE3MVAhcxJPa7YYdoHCVzCYk+8LANJ7l1mx2BxNAnB/3RCgj8RjtAdFfULZE2F8B1BpKOwnBRZLA/Z1Pec65XlhitI7qjl2TtQ3d5zXT4S6ZOX3DhfJZmtpz/aORb96KyubXiz+klGcM6xOmuk1fVqfynAno8hcvWjSVRZI2OU1rc1SnrMW0Oc3cGrMloHv1KzZg03XqTzoTeSp+y74c+okDpZCtfTEe/UbzAIqMzIY1EsotwLnHXQSSoZFatBrTNKGYC2KNancWvTkbPFWNNpzb5dKyspHexwYt0PUfoNMrl7H5drEAOh5CuYRCUzyAJ0+CqEdyhS6P4QkM+S+m4Z1FCMvDbQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR02MB8353.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(376002)(136003)(366004)(346002)(39860400002)(396003)(451199015)(478600001)(66556008)(110136005)(33656002)(66446008)(76116006)(66946007)(71200400001)(966005)(41300700001)(64756008)(86362001)(6506007)(7696005)(53546011)(316002)(55016003)(66476007)(8936002)(8676002)(26005)(52536014)(186003)(122000001)(38100700002)(83380400001)(5660300002)(9686003)(38070700005)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: NL1DbCyEiNZPlDFz9IamdvT3YKJYA5MBqnfosydrvyWoksnhl+W6SfJh/0TYeJX+RAaaSlRl8T3wyeuBxygarVAOQlkfvJMgWE1qgsLuYxKO0UFtmnlXIoSuM8/ul6OD46Nl1RZNQOCuMD0PNDecOE4xvu7WdOE4xtTJD+IRd915izXRs/hgGtRyrqu6NyEfAvwO8jUh5LAHEneUqQ26lLz8tuwWmtn28f2JyoUdYXlp0hcdRv5Xf0pyy5jgVB1VvxP11omSHdz5c5yGBHrfq29jIddDFwc3OhoAYkSjfbA3qPh9so/NAKHiY+kTRW94nqz0aoI+BjuBKD12bp8Yu6jVKIaWznnE7cTdfRF05V91xOGlhGzlQm34PaLTdsF87ReripjUT3/fxS08QDcgGcu5170H0dxCRjD+fTZAwJYUlcOE5Ep2KrBIC2/VmYr6Z8tv7PbJVzwDB+Tobw4S8f2abglaB2qm6umD8CPHIgtv3i6/mI1Fo3n1sKXsejjAbU8iHBz+zapX3amF9RhtVBi5Vd6cpjv2L5vccMDGYvFYh7OJDNaeT9uLxGyaXqoybKbE147bg8QwKjgY9ngW+XlVWOCFoeFlMaCs1rudlhU4Ps2Q8G3BKSdiFbywygq1MkZyIz3EX3D4dE4r5KhMxyAZBYgdZmW7QdxiSDMg3yw9YC9NWkQ8p76evoxN54l9e8XtXKMSa9N9Tsj6lhkNKCZTfrHD36d/ZNGSxIsJlE7Ir/LbDsbpf49HjNb5MBCVCmy82fkY7dKTouuPTqDxni4pSr/vSw8pOZYaFfImNkcin3DBwklFcx+oljkpdAJIlcxktFyGoGj7kVV7jCCzCvVI5sTqD2bE56w4DOKLvPC0RPjN5Vt69KccGuz7HQBANKJKWrkBKoECjCQnbzcFre54udwmBrqg9IS+5wx7ANslVDCIKudJ7vPXdZRo6itz1fS8kypFopApyWnMVsfWI7sIgXaM7ayElCFMnddV83dAj2T6SP1IYJ/4U0oHjd4JhbnoVIktyCil46t9qUkJYkWv60zz+X/bu5FgLU/5Y9+MSWqojclZIYxN8lZko9jV1DsGjXx/iaM925efXv/FPueuS+BsVoAnjAOPXEdr7+BuI0AUBNwYyl5VuwRJrDHJLMaBREiSAi8NP7u+sMKKVDIDYYShj/3GqUoZSN9WbyStgQXGW92E9JXOnPyYy6L0mwy10KBTQc14RIPnfeMBskzXx9c7kDdp0Pr3T/JF6Grl5SQM58tB8CmvA61vl9wsnnVah+GNKuiKk1GdZMGNHMRH5KvpfKQigI3NcIR57VjKXePNcZQAUdQsPkEPVHqrOyiMzOV2lEQL1KNyc1WHPR5GvnmKHwcznx24slMjbzjhbuCfFhiczlg6QQyOvN34TR9hETHsMX/Tmz86N7lZXp6EhVtgAjeq/EROk2a+OmpkYZLby57e0MJ9pjLp5FJQEuNxRw8dogFvhGg+iR49h4EYKQk/81+DPz10mAZ9rBqDpUKZI7mEQznl+wTf6kuGQgAtE4NXo4OQl2y1Yru0ILiiK9wryTzz0Q3XcWyhUFO8xFKM5fp6RJslkZd9r0U67ai+QXtUK3W/WAMaO3Lzlg==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB8353.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 796873c4-2303-4bf6-3c29-08da9bdcc0d3
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2022 14:22:45.6057 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: RMvNazcj1VnWzni3Imj1AnJf1RTHc+BQy+YgEhfMLubOvC3DYL/kkIWuoett7l1D3FXiN/za1C9oiwHpjGCcZmw8zhSU0Lbx8cMItMagf+Y=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR02MB8043
X-Proofpoint-GUID: Csm518u5Vp9FRXfNcC6SreGkdw7IMZDn
X-Proofpoint-ORIG-GUID: Csm518u5Vp9FRXfNcC6SreGkdw7IMZDn
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-21_08,2022-09-20_02,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 mlxscore=0 adultscore=0 impostorscore=0 suspectscore=0 phishscore=0 lowpriorityscore=0 mlxlogscore=965 malwarescore=0 spamscore=0 clxscore=1015 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2209210097
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/ULhqXxyf--ZyRvAKcOXwLDAHIzU>
Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2022 14:22:54 -0000

> So "The EAT Framework" document could come with both a definition of the profile claim for the IANA CBOR Web Token (CWT) Claims registry, as well as... a profile '0' (the first set of Claims that will be included in the final EAT framework document) for an IANA EAT Profile registry?

I did not say the above.

Let me try again.  It is not necessary to have an "IANA EAT Profile registry".  The FIDO example demonstrates that this it is possible to deliver "running code" without it.  The CWT claims registry is sufficient.

BTW, RFC 9200 is the precedent in my opinion.  https://www.rfc-editor.org/rfc/rfc9200.html#name-ace-profiles does not require the creation of a new IANA ACE-Profile registry either as far as I can tell.  The reservation of the CWT claim appears to have been sufficient.

-Giri

-----Original Message-----
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de> 
Sent: Wednesday, September 21, 2022 7:16 AM
To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; rats@ietf.org
Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)

WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.

Hi Giri,

thanks for clarifying. So "The EAT Framework" document could come with both a definition of the profile claim for the IANA CBOR Web Token (CWT) Claims registry, as well as... a profile '0' (the first set of Claims that will be included in the final EAT framework document) for an IANA EAT Profile registry?

Viele Grüße,

Henk

On 21.09.22 16:06, Giridhar Mandyam wrote:
> Both.
>
> In the case of FIDO, the profile claim value was not registered.  That did not stop us from achieving the "rough consensus and running code" goal.
>
> -Giri
>
> -----Original Message-----
> From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
> Sent: Wednesday, September 21, 2022 7:01 AM
> To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson 
> <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; 
> rats@ietf.org
> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
>
> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
>
> Hi Ned, Michael, Giri,
>
> are you talking about the values of the profile claim (I am assuming numbers for now) to be registered in an IANA registry or are you talking about new claims defined by a profile specification to be registered in the IANA CBOR Web Token (CWT) Claims registry? I am really not sure anymore.
>
> Viele Grüße,
>
> Henk
>
> On 21.09.22 15:51, Giridhar Mandyam wrote:
>> This was not required for the FIDO implementation of EAT.  As per https://www.iana.org/assignments/cwt/cwt.xhtml, the FIDO EAT claims have been registered and the profile has been verified in interop events.  The profile itself was not registered.
>>
>>> The IANA registry would point to some RFC that described the semantics.
>>
>> Why only RFC's?  Are other standards body documents not suitable?  At least for FIDO, this didn't seem to be a requirement for IANA registry.
>>
>> -Giri
>>
>> -----Original Message-----
>> From: RATS <rats-bounces@ietf.org> On Behalf Of Michael Richardson
>> Sent: Wednesday, September 21, 2022 3:27 AM
>> To: Smith, Ned <ned.smith@intel.com>; rats@ietf.org
>> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
>>
>> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
>>
>> Smith, Ned <ned.smith@intel.com> wrote:
>>       > @Laurence Lundblade<mailto:lgl@island-resort.com> What semantics are
>>       > associated with a profile that appears on an IANA registry?
>>
>> The IANA registry would point to some RFC that described the semantics.
>>
>> --
>> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works 
>> -= IPv6 IoT consulting =-
>>
>>
>>
>> _______________________________________________
>> RATS mailing list
>> RATS@ietf.org
>> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email