Re: [Rats] Call for adoption (after draft rename) for Yang module draft

Dave Thaler <dthaler@microsoft.com> Mon, 18 November 2019 11:06 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40BA212091C for <rats@ietfa.amsl.com>; Mon, 18 Nov 2019 03:06:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5POcPcAHBZ7q for <rats@ietfa.amsl.com>; Mon, 18 Nov 2019 03:06:42 -0800 (PST)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-eopbgr770119.outbound.protection.outlook.com [40.107.77.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 434C7120919 for <rats@ietf.org>; Mon, 18 Nov 2019 03:06:42 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=knGgz7GmI0TzALg78bMcLxeSaku2BSjQL9E9zOMbw9rpGub4UGwYWw5E6dbkCLVDjqSmOTxLt7mxszWmSqNtvgdXIwp3W0bAeH7DNVRCV2fTj8dEze4Cka/eCernHYVcmVw1QHklEJ5ZNqYZvxQjGPCUEkYbWKCQcnOHQgrjtO1mXFa82rbfVMDrv9l7Wphuri3EhWEGJ0HA0HAokDey0SoxvL/9Oh+wIdRQAAMuk3qQquYmz+aAhsQzVNovjY41j1JeF/xwMVW9jTaBAiskFaX6ISVzBTyucyVWijx8lS3bJVDBJz6XPTiVc6kNY9Z6H5IoZKn5L40DsEnIGsWECQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ax+XKkcjNfYD4ny/Mw3G49LNiVz7uCQYXgSgxw/rkig=; b=XcN2DgGUAmNxp6m6Dx1Xj8MJ5OAtVtnvUXTQ+StJUO+s+yNVpWpQ4sU3bYwEhLnCxf2FlC+dv5BAk8qCXgEYFOVXkIzXWaJutoRKevnKxRwRMY7/R1BLiwfSbl7IC1ZueNJdve6mcqNAtFpM6lpgpjwMLviEOeWvW4b8gk2TdKvnAx5+UXPkMAs+GxNsU7RCALqBfvEadulVUmbfRC39R7foaTCoGeDLGcR1ZP9l4Y6qNszQv2gw0yU11FONQwuJX/BjE/lJMPvkWbZ91AQ/RQe04QVoHYgvittQUq5XUCDMeJqvVZJZtqj62+oHAKOKUzj/2oLpZe1Y81TyyKKfpw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ax+XKkcjNfYD4ny/Mw3G49LNiVz7uCQYXgSgxw/rkig=; b=ibOmgj4h1QiqMwzkN64gX2lp7WO3FLftREX82QSYOEyqI4X9u6kiGyJV56AoX2XmpbjGnCq2FoNwV2/CtNrFzPn5RuqKqOoYGq4I0VW8VFxBaW3ghDqJFcFUV+MHK+WrRQzRZ29+gLpkrw7Pn3F75i3rIGcpj0CnLmcBUtolhkw=
Received: from MWHPR21MB0784.namprd21.prod.outlook.com (10.173.51.150) by MWHPR21MB0638.namprd21.prod.outlook.com (10.175.141.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.4; Mon, 18 Nov 2019 11:06:40 +0000
Received: from MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::8d41:8f86:8654:8439]) by MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::8d41:8f86:8654:8439%12]) with mapi id 15.20.2495.004; Mon, 18 Nov 2019 11:06:40 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, =?utf-8?B?U2Now7Zud8OkbGRlciwgSsO8cmdlbg==?= <J.Schoenwaelder@jacobs-university.de>
CC: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com>, "Smith, Ned" <ned.smith@intel.com>, Laurence Lundblade <lgl@island-resort.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Call for adoption (after draft rename) for Yang module draft
Thread-Index: AQHVlCwI8/lytau3hU+AhCwtIdg/0ad+jL2AgAAHhQCAAAO1AIAF46wAgACM2YCAAJAzgIAAtdsAgAB9XUCAAqYNAIABt5oQgARYS4CAAS4Y4IAAFISAgAATJEA=
Date: Mon, 18 Nov 2019 11:06:40 +0000
Message-ID: <MWHPR21MB078443CED0091DC1F089E3BEA34D0@MWHPR21MB0784.namprd21.prod.outlook.com>
References: <147F9159-6055-4E55-ABDC-43DFE3498BF1@island-resort.com> <ce5f8206-74dc-36bb-0093-a93045d5c67f@sit.fraunhofer.de> <0A7E3A4F-8534-4E98-BCB7-1454E07699F4@island-resort.com> <C3AE2645-49C8-4313-BCED-02FEB576B614@cisco.com> <1C8A1884-A37D-45E3-8C11-2FC5A083B245@island-resort.com> <HE1PR0702MB375366C5F7FE5C497C35D73B8F740@HE1PR0702MB3753.eurprd07.prod.outlook.com> <7106C9D3-8ED1-419E-81F8-4CDA799BEDAE@intel.com> <MWHPR21MB07844F61BEFAE03F9E7DD290A3770@MWHPR21MB0784.namprd21.prod.outlook.com> <6E7D64B4-2049-4D0A-ADC5-CA3F0647779B@island-resort.com> <MWHPR21MB07840B6CF7BEE0A11ABE54BFA3700@MWHPR21MB0784.namprd21.prod.outlook.com> <20191117144129.llvg7fsrqgaqtgkn@anna.jacobs.jacobs-university.de> <MWHPR21MB0784B0111EADA4A9A6C766D0A34D0@MWHPR21MB0784.namprd21.prod.outlook.com> <8744b6ab-8fa5-ee13-6cbf-ccc4d8aea999@sit.fraunhofer.de>
In-Reply-To: <8744b6ab-8fa5-ee13-6cbf-ccc4d8aea999@sit.fraunhofer.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=dthaler@ntdev.microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-11-18T11:06:39.0126392Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=70429ec1-7083-45f3-b710-53eb27380a30; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com;
x-originating-ip: [31.133.156.163]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: cd3a8b4a-8515-4922-bc09-08d76c176392
x-ms-traffictypediagnostic: MWHPR21MB0638:
x-microsoft-antispam-prvs: <MWHPR21MB06383638FF71D6626FE7CC98A34D0@MWHPR21MB0638.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0225B0D5BC
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(396003)(39860400002)(136003)(366004)(346002)(13464003)(199004)(189003)(9686003)(8936002)(8676002)(86362001)(81166006)(81156014)(6436002)(4326008)(8990500004)(99286004)(33656002)(10090500001)(6246003)(66066001)(256004)(966005)(316002)(14454004)(305945005)(7736002)(71200400001)(10290500003)(52536014)(71190400001)(66946007)(66556008)(2906002)(66476007)(76116006)(54906003)(74316002)(64756008)(66446008)(5660300002)(478600001)(110136005)(3846002)(76176011)(6506007)(446003)(486006)(476003)(11346002)(186003)(25786009)(26005)(229853002)(22452003)(7696005)(102836004)(6116002)(53546011)(6306002)(55016002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0638; H:MWHPR21MB0784.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /5Fw+ycTIP7ohsaqYNfdaN+vwsu0B/FS+N4j+P2MZ6bg2CBn6881BMT3C679QjYkwTX0qcH/+4Tg4Kregrv1GTMCxss+V8vemXhJahQ7g9e5jFpUpOPBwu3R/Eu87xuFLFRQeom+dj6zK94zrP5zs/c/cwSxK/F6LgNK/JkXYDwVVUw2sFYAljp0EQeJ0iWq9pKYf2ybbdJ+ycHv9gR7wpAYBqJ7t8vX0GiMDk3+IP4rm2uYe78tUYUS9rv7DjWg864JezhlgVb8Gn0UzHNeJiAQ6IzUHtwkykkgSdDPpdkvFtpq+JuNswrIecbX3Xx/BgowwK+4/fK4R2bBITRmGVq+mnOMws+FB3pQfBStcz4IR4GjpkgxNZsvgvxFr/hvEhHUKJLU8qgDVd03RtMil/nTUabY4QH1VF0ULfeKf2PGyKHiWaK64TmMf5m2oC7J2YjSRn2uUbRu5x5vNHbTfRhYPwUDZRme1IvEnHBSgSg=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cd3a8b4a-8515-4922-bc09-08d76c176392
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Nov 2019 11:06:40.5863 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8Ry+lmtP88/ynYUbVC0q583ubUZ5eevrUoU5nyQ7bPP9BSJInVmlNvFNxjCWgCvq6MBpj2OCn6VN3enBF/aPKsImM/A11wspLBZkJxaxbkk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0638
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/aqAsjePGEV5zEHei10MiL8yDL34>
Subject: Re: [Rats] Call for adoption (after draft rename) for Yang module draft
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2019 11:06:44 -0000

There are many ways, and we shouldn't constrain then in the architecture, if we want existing protocols to be usable.

But for example, a 3-way handshake:
1) Device sends message to other side (Relying party or Verifier)
2) Other side responds with a nonce
3) Device sends attestation that includes the nonce

Dave

-----Original Message-----
From: RATS <rats-bounces@ietf.org>; On Behalf Of Henk Birkholz
Sent: Monday, November 18, 2019 5:56 PM
To: Dave Thaler <dthaler@microsoft.com>;; Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de>;
Cc: Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com>;; Oliver, Ian (Nokia - FI/Espoo) <ian.oliver@nokia-bell-labs.com>;; Smith, Ned <ned.smith@intel.com>;; Laurence Lundblade <lgl@island-resort.com>;; rats@ietf.org
Subject: Re: [Rats] Call for adoption (after draft rename) for Yang module draft

How is a nonce included as a proof of freshness in this scenario=

Viele Grüße,

Henk

On 18.11.19 09:52, Dave Thaler wrote:
> Challenge response can be done in a protocol initiated by the Attester,

_______________________________________________
RATS mailing list
RATS@ietf.org
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Frats&amp;data=02%7C01%7Cdthaler%40microsoft.com%7Cd029262a3f6b46eeb0f208d76c0d998a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637096677988223749&amp;sdata=e3ek1ou8kKErdV7SJ7ryb4yMmsERZL19%2Bf%2Be4aUyGQo%3D&amp;reserved=0