Re: [Rats] UEID where an instance is a group member
Laurence Lundblade <lgl@island-resort.com> Fri, 27 March 2020 17:17 UTC
Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5E0D3A0F66 for <rats@ietfa.amsl.com>; Fri, 27 Mar 2020 10:17:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eyNnkZ1ZCnPe for <rats@ietfa.amsl.com>; Fri, 27 Mar 2020 10:17:28 -0700 (PDT)
Received: from p3plsmtpa11-02.prod.phx3.secureserver.net (p3plsmtpa11-02.prod.phx3.secureserver.net [68.178.252.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07B333A077C for <rats@ietf.org>; Fri, 27 Mar 2020 10:17:05 -0700 (PDT)
Received: from [192.168.1.78] ([76.167.193.86]) by :SMTPAUTH: with ESMTPA id HsbQjClnkkOmBHsbQjXbx8; Fri, 27 Mar 2020 10:17:04 -0700
X-CMAE-Analysis: v=2.3 cv=AsaQI91P c=1 sm=1 tr=0 a=t2DvPg6iSvRzsOFYbaV4uQ==:117 a=t2DvPg6iSvRzsOFYbaV4uQ==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=L97wbllJkXa3PSeA2XIA:9 a=eDA45425UaKvb9L2:21 a=b4mr-LZL2n72H3Jp:21 a=QEXdDO2ut3YA:10 a=vHhHNS7PYnovbnBSJsoA:9 a=9PS5hea6avUt03PI:21 a=0UJkncUQ4U1agrLE:21 a=ciXb7wzBf4nBbwD-:21 a=_W_S_7VecoQA:10
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <91F8C267-3ED9-4B5A-A404-284EEE524251@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_AA2DCD8B-1271-4C0F-97B3-C1A3C4B03ACE"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 27 Mar 2020 10:17:04 -0700
In-Reply-To: <9ebe1653-c590-eb4f-343c-10147e7fb5f0@sit.fraunhofer.de>
Cc: "Smith, Ned" <ned.smith@intel.com>, "rats@ietf.org" <rats@ietf.org>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
References: <C205FBA7-71A7-4987-AE82-DA855BF86B84@intel.com> <C3A707FF-4AF1-4E0A-BABB-8EE2F52A2D2B@island-resort.com> <33f462bb-979e-80cc-9c27-af1e3b77d5e6@sit.fraunhofer.de> <7C94FAC2-AADB-4397-A50D-4FBB11EFCABA@intel.com> <A4C4246B-400F-4C38-839C-6747620C35C2@island-resort.com> <4F616CB6-6F42-43CE-94A6-ADD155900535@intel.com> <5F7158C8-F937-4769-A53B-B864D3010FBF@island-resort.com> <9ebe1653-c590-eb4f-343c-10147e7fb5f0@sit.fraunhofer.de>
X-Mailer: Apple Mail (2.3445.104.11)
X-CMAE-Envelope: MS4wfGOGgZCqZmz+2eKsVi0y1u4POQwJqHijMr2eqBvKqhs4GYrHAIp6rXhyjVYkCPz11tWfrLXhfP78hAX22AEQr682MHUMIfee5LUDgDQz9uALHvvYKjOE auEKfiMu7zILRC/sPT7VQ0fO0bUaI2Of2fF4b3ko3ZjQr3xdihmYGRwougZMXuFAvSPD/RdCsZ4cWonwKyV2T+WZu1sjc33ZV1l6riyIAWWFeMcuRwiftFkp vaEc2u+pxQ+iUuq5sbehsg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/bx5lsaPjllsi5i3QA1u1PycLbjw>
Subject: Re: [Rats] UEID where an instance is a group member
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2020 17:17:30 -0000
> On Mar 27, 2020, at 2:06 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote: > > I am having a hard time to follow the discussion. What does "secured attestation" mean in this context, an EAT that is Evidence or something else? I am really not sure, because I cannot parse your first paragraph. secured attestation evidence / results examples: — EAT that is signed like a normal CWT — Unprotected CWT Claims Set (UCCS) is transferred by TLS — Unprotected CWT Claims Set (UCCS) signed by a TPM (seems to be on the radar in the bow-tie diagram) unsecured attestation evidence / results examples: — Unprotected CWT Claims Set (UCCS) — Unprotected JWT Claims Set (UJCS) (I just made this up) There is a layer that is the claim set (UCCS) and a layer that secure it (COSE, TLS…). They should be independent so you don’t have to fiddle with your claim set when you change the layer that secures it. LL
- [Rats] UEID where an instance is a group member Simon Frost
- Re: [Rats] UEID where an instance is a group memb… Smith, Ned
- Re: [Rats] UEID where an instance is a group memb… Laurence Lundblade
- Re: [Rats] UEID where an instance is a group memb… Henk Birkholz
- Re: [Rats] UEID where an instance is a group memb… Thomas Fossati
- Re: [Rats] UEID where an instance is a group memb… Simon Frost
- Re: [Rats] UEID where an instance is a group memb… Smith, Ned
- Re: [Rats] UEID where an instance is a group memb… Laurence Lundblade
- Re: [Rats] UEID where an instance is a group memb… Smith, Ned
- Re: [Rats] UEID where an instance is a group memb… Laurence Lundblade
- Re: [Rats] UEID where an instance is a group memb… Smith, Ned
- Re: [Rats] UEID where an instance is a group memb… Henk Birkholz
- Re: [Rats] UEID where an instance is a group memb… Simon Frost
- Re: [Rats] UEID where an instance is a group memb… Thomas Fossati
- Re: [Rats] UEID where an instance is a group memb… Laurence Lundblade
- Re: [Rats] UEID where an instance is a group memb… Laurence Lundblade
- Re: [Rats] UEID where an instance is a group memb… Laurence Lundblade
- Re: [Rats] UEID where an instance is a group memb… Smith, Ned