Re: [Rats] RATS use cases review
Jessica Fitzgerald-McKay <jmfmckay@gmail.com> Fri, 11 October 2019 14:49 UTC
Return-Path: <jmfmckay@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FE82120052 for <rats@ietfa.amsl.com>; Fri, 11 Oct 2019 07:49:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.998
X-Spam-Level:
X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ezoKTZoOs29 for <rats@ietfa.amsl.com>; Fri, 11 Oct 2019 07:49:23 -0700 (PDT)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 684B812003F for <rats@ietf.org>; Fri, 11 Oct 2019 07:49:23 -0700 (PDT)
Received: by mail-ed1-x534.google.com with SMTP id c4so8941011edl.0 for <rats@ietf.org>; Fri, 11 Oct 2019 07:49:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gKMk4zJIK07IYVNkJf+BKv0ikRPclTL+du+51WafQN0=; b=XhVfxqZ9+c6lUY0roa1jqgl5WmfvEHKSiILWhrF1bhYfcrbtziwGG0kXS/IRCz3pFo 3OKD6kBpXQJWLNI94cGXHfSzsMQZ3eaOFK+T2l0Drp9T6MIeLnKAMimM85/gNNphhYnS HjzgqPl1DwLZA1AvbJMwNeLFD0URWhx6+1PS0ECUN0jURIpsdOGD9xxZMiKyIEOLlvbr sAQjX62TAvRda+5Fv6JII51jP/ghVA0IG/LpukCFg8ycC97P0vMOK2dwnyP0NphmbmQU xWPZWqqgFmhU/YbreVnzn2y3F2JGerb65oaOd85FHTYASja2gdM5Wwe46UPwhNulldPL 5SDQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gKMk4zJIK07IYVNkJf+BKv0ikRPclTL+du+51WafQN0=; b=t/EL5Mim/yBA66ziPFIPkvVISy9B3h0YPDod20b0mpqr8Wbk4SKvfPddgY9K1aF+0s WPoFJYVdz/zZgW0EcWvTy14wtmlSdVqT/NVw6vza68LJi5+SQknJf2zQjDiW89uuExQ5 iKU0I+YZD2EAdvwvR7nWriORdrnehQGneEK/opXGK4kyrhdl8JB2WioDZjhsC0HB9aUt BDN/A4NAVDBghRZVlzn5R6qIKRDr0Vf8h+pC7WRfXIL5IVO2PmDMtBwX16BADWuHZK4K AMtxImTBvqSILRO6OEiJnMYvxVBejDJW6miOAfQqYQMoJuynsIO8WsAuaDH+uq9on966 Ia8g==
X-Gm-Message-State: APjAAAVeKlk7mLvBIyat9+QbEAbxIZyHMBNzUsYeZFyJAkANmjvJrBSY pDJXKc3v4OBR4M8wXDTdqZ1+ZTyjZ3MzQ/FcQys=
X-Google-Smtp-Source: APXvYqwlZpGWY1AF2A6iwyWP3o78g19wE2CWlkph6Q06at2/GWaTgVxjAVUkklHglTFxvpa8Q3VLawR/bIWAWEUv+ME=
X-Received: by 2002:a17:907:426f:: with SMTP id nx23mr14908738ejb.43.1570805361780; Fri, 11 Oct 2019 07:49:21 -0700 (PDT)
MIME-Version: 1.0
References: <CAM+R6NW1KSf3ziAp8TqnTNwS+a7Y+4TuTDTPVZC8Ae32noXMYA@mail.gmail.com> <30566.1570446100@dooku.sandelman.ca>
In-Reply-To: <30566.1570446100@dooku.sandelman.ca>
From: Jessica Fitzgerald-McKay <jmfmckay@gmail.com>
Date: Fri, 11 Oct 2019 10:49:10 -0400
Message-ID: <CAM+R6NUa3_Co-NVv7+SpGJU34dhv=tofVKnpPy1BF1AogTLf5Q@mail.gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: rats@ietf.org
Content-Type: multipart/alternative; boundary="00000000000099ac770594a39fce"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/_5mrkV82xiv-z78w_81I1YxH2HA>
Subject: Re: [Rats] RATS use cases review
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2019 14:49:25 -0000
Michael, That's fine, we can back-burner my suggestions until we a) finish collecting all the use cases we want to include, and b) are ready to address what claims are necessary to fulfill each use case. As a potential "end user" of attestation standards, I want RATS to be able to answer the question of whether or not I can trust a device on my network. And, the answer to that question will depend a lot on what kind of claims I can get and verify from the device. But I can see that being outside the scope of the style use case document we are writing right now. Thanks, Jess On Mon, Oct 7, 2019 at 8:35 AM Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > Jessica Fitzgerald-McKay <jmfmckay@gmail.com> wrote: > > I took a careful read of the use cases document. I notices that > > Sections 5.1 - 5.6.2 each are variations on the themes of attesting > to > > a device's: > > ... > > > In this light, the right approach is to organize the document around > > the information that is being attested (the above list, plus end-user > > information (section 5.6.3), geographic attestation (section 5.7), > and > > connectivity attestation (section 5.8)), with perhaps additional > > information on how these types of attestation can be combined in > > support of things like, say, critical infrastructure security, etc. > > > What does the work group think? > > This thread didn't go very far, unfortunately. > I've spent quite a few hours since thinking about your suggestion. > In many ways, the Thursday morning side-meeting went in the other > direction, > providing new situations which differed from existing use cases only in the > severity. > > As I explain in another email, I have added a set of attributes to each use > case, being; > - Who will use it: > - Attestation type: (passport or background check) > - Attesting Party > - Relying Party > - Claims used > > The claims used are all TBD at this point. > > As I said at the meeting in March, I don't want to do ontology up-front, > but > rather to just collect all sorts of things, even if they seem to overlap. > Some of Guy's suggestions (in a PDF he sent me) also related to refactoring > some use cases, and while I actually agree with his suggestion, I still > want > to avoid that. > > -- > ] Never tell me the odds! | ipv6 mesh > networks [ > ] Michael Richardson, Sandelman Software Works | network > architect [ > ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on > rails [ > > >
- [Rats] RATS use cases review Jessica Fitzgerald-McKay
- [Rats] 答复: RATS use cases review Xialiang (Frank, Network Standard & Patent Dept)
- Re: [Rats] RATS use cases review Panwei (William)
- Re: [Rats] RATS use cases review Michael Richardson
- Re: [Rats] RATS use cases review Jessica Fitzgerald-McKay
- Re: [Rats] RATS use cases review Michael Richardson
- [Rats] Claims for to device trust (was Re: RATS u… Laurence Lundblade