IETF Logo Mail Archive

Re: [Rats] Where does a EAT end? - consensus?

Laurence Lundblade <lgl@island-resort.com> Fri, 03 June 2022 19:36 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6F22C14F745 for <rats@ietfa.amsl.com>; Fri, 3 Jun 2022 12:36:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1P2UBgqWvgsr for <rats@ietfa.amsl.com>; Fri, 3 Jun 2022 12:36:16 -0700 (PDT)
Received: from p3plsmtpa12-01.prod.phx3.secureserver.net (p3plsmtpa12-01.prod.phx3.secureserver.net [68.178.252.230]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A605C14F719 for <rats@ietf.org>; Fri, 3 Jun 2022 12:36:15 -0700 (PDT)
Received: from [172.20.10.7] ([174.195.142.217]) by :SMTPAUTH: with ESMTPSA id xD5hn1SY2lcHjxD5hn69xP; Fri, 03 Jun 2022 12:36:15 -0700
X-CMAE-Analysis: v=2.4 cv=MMqlJOVl c=1 sm=1 tr=0 ts=629a62af a=2BXSf6tuxc4hvZKyeMgoqw==:117 a=2BXSf6tuxc4hvZKyeMgoqw==:17 a=NEAV23lmAAAA:8 a=QyXUC8HyAAAA:8 a=48vgC7mUAAAA:8 a=EUspDBNiAAAA:8 a=7CQSdrXTAAAA:8 a=dghLgVKExXj24KOYSG4A:9 a=QEXdDO2ut3YA:10 a=R8j2FhWJnN1b276Csp8A:9 a=E1tVkZ4A0_RSo1Sb:21 a=_W_S_7VecoQA:10 a=w1C3t2QeGrPiZgrLijVG:22 a=rMCfJy6NHDicN4J276Yl:22 a=a-qgeE7W1pNrGK8U0ZQC:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <C857641A-8673-4F81-8D9B-D99D6529A836@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_ADCA8B4A-659A-46B3-B858-67E3F3B5FF8E"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Fri, 03 Jun 2022 12:36:12 -0700
In-Reply-To: <5CCD6415-B43B-4BB5-BD05-E7A2B7839B3A@intel.com>
Cc: Giridhar Mandyam <mandyam@qti.qualcomm.com>, Thomas Fossati <Thomas.Fossati@arm.com>, "rats@ietf.org" <rats@ietf.org>
To: "Smith, Ned" <ned.smith@intel.com>
References: <5CCD6415-B43B-4BB5-BD05-E7A2B7839B3A@intel.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-CMAE-Envelope: MS4xfHzZtFwOvRXPC8MlxPHRoy/tgA3eYmSzrvkwfv2wRT6lFsxjZ8wkKUIU5eop3TPX8GpPIoE2L75tN8g0WTDXpyCszHRo3WDpAUl2l91SpniLe9+WVbk2 7B7oyHReR9TAkuBFVagut0f0IwP7zyvn7XVpFv/ljuO9d50Zwxfi8loEEXijfRt7Re/1v4ElR6uh3hioZIFDk0q9ug3pgGh6wxIxR/JYhnIYggCUImcPU78i 7pFFRd6fCJ5PgwLXFM0R782+pEHvqf19vKk60WnGVieGd93ip2Wh42n/8y1IQVQC
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/X3bqiwEU9mp6d2hHo6Z-dhlFGyA>
Subject: Re: [Rats] Where does a EAT end? - consensus?
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jun 2022 19:36:20 -0000

Didn’t think this was an interoperability issue. It is an extensibility issue. How much extension to other formats are allowed.

My question is whether there is consensus or objections around this PR <https://github.com/ietf-rats-wg/eat/pull/194>. 

It simply adds the sentence "Any new format that plugs into this socket MUST be defined in a IETF standards track document."

LL


> On Jun 3, 2022, at 11:38 AM, Smith, Ned <ned.smith@intel.com> wrote:
> 
> To summarize, it appears the way to address the issue of a potential for non-interoperability of “top-level” statements in the EAT draft is to acknowledge that this potential exists, and that it can be accommodated in a variety of ways that don’t need to be discussed within the EAT draft.
>  
> Does anyone disagree that this addresses the issue?
>  
> -Ned
>  
> From: RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org>> on behalf of Giridhar Mandyam <mandyam@qti.qualcomm.com <mailto:mandyam@qti.qualcomm.com>>
> Date: Thursday, June 2, 2022 at 1:40 PM
> To: Thomas Fossati <Thomas.Fossati@arm.com <mailto:Thomas.Fossati@arm.com>>, "rats@ietf.org <mailto:rats@ietf.org>" <rats@ietf.org <mailto:rats@ietf.org>>
> Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat <https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat>)
>  
> > Not sure I follow: profiles are type constraints that apply to *existing* top-level EAT types.  They can't be used to extend the number and shape of base EAT types.
>  
> I was commenting on interop, not on extension of top-level EAT types.  I don’t think we need to provide a mechanism to extend the base EAT types within the EAT specification itself.  I’ve already mentioned with the example of JWT’s that the underlying specifications such as JS allow for that today.
>  
> If someone has identified a new field that must be added at the top-level of an EAT, they are welcome to come up with their own specification, as described in https://github.com/ietf-rats-wg/eat/pull/194 <https://github.com/ietf-rats-wg/eat/pull/194>.  I personally don’t think we should call it an EAT at that point, but that is a minor point.
>  
> -Giri
>  
> From: Thomas Fossati <Thomas.Fossati@arm.com <mailto:Thomas.Fossati@arm.com>> 
> Sent: Thursday, June 2, 2022 1:30 PM
> To: Giridhar Mandyam <mandyam@qti.qualcomm.com <mailto:mandyam@qti.qualcomm.com>>; rats@ietf.org <mailto:rats@ietf.org>
> Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat <https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat>)
>  
> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
> 
> > Giridhar Mandyam <mandyam@qti.qualcomm.com <mailto:mandyam@qti.qualcomm.com>> wrote:
> > > > I think the underlying data structures make it extensible,
> > > > independent of the CDDL notation.  However if an implementor
> > > > chooses to extend EAT without an accompanying standard as a
> > > > result, then interoperability may not be assured.  Therefore it is
> > > > in an implementor’s interest to define a standard if they are
> > > > seeking interop.
> >  
> > > The core difference is the extensibility story for the claims-set is
> > > governed by the CWT Claims registry, whilst the EAT type system has
> > > no such mechanism (yet).
> >  
> > I don’t agree:  the profile definition addresses interop – see
> > https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat#section-7 <https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat#section-7>.
> > Up to this point, no-one has objected to the way profiles are defined
> > in the specification, nor the lack of a registry.
>  
> Not sure I follow: profiles are type constraints that apply to
> *existing* top-level EAT types.  They can't be used to extend the number
> and shape of base EAT types.
>  
> FWIW, I'm a big fan of profiles.
>  
>  
>  
>  
>  
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
> _______________________________________________
> RATS mailing list
> RATS@ietf.org <mailto:RATS@ietf.org>
> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>

v2.23.0 | Report a Bug | By Email