Re: [Rats] Review of draft-ietf-rats-eat-01
Carl Wallace <carl@redhoundsoftware.com> Tue, 16 July 2019 18:22 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9957F120CEB for <rats@ietfa.amsl.com>; Tue, 16 Jul 2019 11:22:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gh-lJaAGT9xD for <rats@ietfa.amsl.com>; Tue, 16 Jul 2019 11:22:52 -0700 (PDT)
Received: from mail-qk1-x736.google.com (mail-qk1-x736.google.com [IPv6:2607:f8b0:4864:20::736]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E3EC120CE2 for <rats@ietf.org>; Tue, 16 Jul 2019 11:22:52 -0700 (PDT)
Received: by mail-qk1-x736.google.com with SMTP id 201so15362230qkm.9 for <rats@ietf.org>; Tue, 16 Jul 2019 11:22:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:cc:message-id:thread-topic :references:in-reply-to:mime-version; bh=be13bGVB/4v3XSQy27Z+Y2BN/ENuP+V7jwMevOHk1i4=; b=ab5wQTWNLeGbqV65yg0Ws6mhKJUZWrjQE+kyixeuOGFiLZK4RD3+t3pr48LyTLnya6 h5UKwGz8fUWhSRyiEHQ9Rb4+4Bpa17E70rS0ILPi56Ts+2LRDhfJGWR6ttNCnRO3EOB/ 85VUPAH3shW+ApC4GO9vht+TktwshxWPXnDOI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:cc:message-id :thread-topic:references:in-reply-to:mime-version; bh=be13bGVB/4v3XSQy27Z+Y2BN/ENuP+V7jwMevOHk1i4=; b=r2eJv7AuhZM6BxH7F1Q8oC7H9gZS6/+TDkY8gUqa3ww3W90gqWSjVHjoArh2FVhZvE 7ycBCoxaX5NQJ4Y7g2WokP2aY0njUptxAbTPrg15TNqZ2On8udRGxmTD2p+nx4RIjn9K NdtzMQn/8dWBFDpYXcoAdG7aEO4CI1L1VZYF7zrIJyBISdoP8VofEWBmuZaAAeMyvEnH 7PAu7w+jJPUC5bQtsG6nLnwBd4cQazcASqa9BFPA8kndSeuQ2KUn0HgXyGahSbPuhqlh gOng9Xf7nPTxJc+zMXUJd/t98LUYZBwj5f03xUzyxhfM0/qxi+/p3RrhhaG1iVKBL9bd IE1A==
X-Gm-Message-State: APjAAAWj5gR/qoT9UDsiq/b9qdMhlV56DmWQnFMS6fKdyA3+Qfl+rZJ4 Vj6LAlhOnq//vAb2jfQgJVP9X1re
X-Google-Smtp-Source: APXvYqzoSyOce1kZI2MSShedFhh3DLZ5b2GX3LpxKa5TI/I9qRgHyxal+OB9/H74eyKMAorhvdvTsQ==
X-Received: by 2002:a37:91c2:: with SMTP id t185mr22484686qkd.193.1563301371350; Tue, 16 Jul 2019 11:22:51 -0700 (PDT)
Received: from [192.168.2.105] (pool-96-255-231-27.washdc.fios.verizon.net. [96.255.231.27]) by smtp.googlemail.com with ESMTPSA id p3sm14671080qta.12.2019.07.16.11.22.47 (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 16 Jul 2019 11:22:50 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/14.7.6.170621
Date: Tue, 16 Jul 2019 14:22:43 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: "rats@ietf.org" <rats@ietf.org>
Message-ID: <D9538DB1.E2F9F%carl@redhoundsoftware.com>
Thread-Topic: [Rats] Review of draft-ietf-rats-eat-01
References: <D95268DC.E2D3B%carl@redhoundsoftware.com> <5CBB3ED3-0CD6-443D-B80F-EE426F7905C3@island-resort.com> <D95316BE.E2E33%carl@redhoundsoftware.com> <D8B4A43F-8654-468F-8A93-9D8E44236784@island-resort.com>
In-Reply-To: <D8B4A43F-8654-468F-8A93-9D8E44236784@island-resort.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3646131769_942115"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/_NTAVsVF2iHUy2Fe7nZpqH9SF-o>
Subject: Re: [Rats] Review of draft-ietf-rats-eat-01
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2019 18:22:55 -0000
> > <snip> >>>> Should 3.11 be 'nested EATs' or 'aggregated EATs'. In other words, are >>>> these really nested (like signed then encrypted or signed then >>>> countersigned) or are they aggregated into an array then signed? Should >>>> these be wrapped as a bstr (at least for CBOR)? >>> >>> They really are nested. It says: >>> >>> The contents of the "eat" claim must be a fully signed, optionally >>> encrypted, EAT token. >>> >>> The nesting is really powerful as it allows multiple subsystems to make EAT >>> tokens (a modern cell phone has lots of CPUs, often well isolated from each >>> other) and for them to be combined and bound to each other. >> >> I understand that nesting is powerful and that encryption or other signatures >> can be applied later. However, the language here reads like aggregation of >> EATs from various subsystems into a larger composition. Is nesting really >> what we want there (vs nesting where additional cryptographic services are >> applied)? Even if nesting is appropriate here, is aggregation something we >> also want in the toolbox? > > I think we want both aggregation and nesting. > > To be sure it is clear, nesting means you take a fully formed and signed EAT > token and put it in another fully formed and signed EAT token. One of the > reasons this might happen is that a device (e.g. a car) is assembled out of > multiple components that can’t be modified by the end manufacturer. > Subcomponents are capable of generating EATs. Some final component (controlled > by the car maker) puts them all together in one token for the car the > signature of which binds all the sub tokens together. > > The submods claim is the proposed way to do aggregation of claims where the > subcomponent set of claims is not separately signed. So that leaves the question of aggregation of signed EATs. There's enough flexibility that can be added later if it's not viewed as necessary now but turns out to be useful later. The CMS ContentCollection is what I was thinking of. > > <snip> >
- [Rats] Review of draft-ietf-rats-eat-01 Carl Wallace
- Re: [Rats] Review of draft-ietf-rats-eat-01 Laurence Lundblade
- Re: [Rats] Review of draft-ietf-rats-eat-01 Carl Wallace
- Re: [Rats] Review of draft-ietf-rats-eat-01 Carl Wallace
- Re: [Rats] Review of draft-ietf-rats-eat-01 Laurence Lundblade
- Re: [Rats] Review of draft-ietf-rats-eat-01 Smith, Ned
- Re: [Rats] Review of draft-ietf-rats-eat-01 Laurence Lundblade
- Re: [Rats] Review of draft-ietf-rats-eat-01 Smith, Ned
- Re: [Rats] Review of draft-ietf-rats-eat-01 Smith, Ned
- Re: [Rats] Review of draft-ietf-rats-eat-01 Michael Richardson