Re: [Rats] Requesting a Nonce from a Verifier
hannes.tschofenig@gmx.net Sun, 03 March 2024 10:51 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94EFBC14CE33 for <rats@ietfa.amsl.com>; Sun, 3 Mar 2024 02:51:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.103
X-Spam-Level:
X-Spam-Status: No, score=-7.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qyhvbnenqZIa for <rats@ietfa.amsl.com>; Sun, 3 Mar 2024 02:51:40 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46506C14CEED for <rats@ietf.org>; Sun, 3 Mar 2024 02:51:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1709463098; x=1710067898; i=hannes.tschofenig@gmx.net; bh=PEnPYo5fR83rmIHwnNQ/BI+iuHxHPq2BOMMZpZBerCQ=; h=X-UI-Sender-Class:From:To:Cc:References:In-Reply-To:Subject: Date; b=kbG6wy7mQ9rN5UiEcCwo/b8ude9BhE0ucD6iWs/QPxw9Of+eGF3oKpCnYLUqgWov ii5/6YA3Dni5p+aE23/dpiWRQccwfam/s8m/el49gy92uO7KeN2sn9C1Dp3maZ6wt D8cEzIM4uMMl0ce7aR1RYINMHLaE+aMesTPADh9FiK8RJ/8AjeBhPA7hIJuBwOL8d fgmbMIesuEdn778JBPPi+R+YpjxYjESXmRTheX90M3fUnUC3OpsmjMpHH0plT2Hpq VhLZaN24+tP4O/FoUwgReux8p8mAof8oIQhWZ1BHrCSskbI95UGnul/KJMBhhnZKh LmkmarFfdnhexuORFA==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from Surface ([213.162.73.184]) by mail.gmx.net (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MNbp3-1rWTmU30A7-00P4xQ; Sun, 03 Mar 2024 11:51:38 +0100
From: hannes.tschofenig@gmx.net
To: 'Watson Ladd' <watsonbladd@gmail.com>
Cc: rats@ietf.org
References: <02c501da6987$d2d64490$7882cdb0$@gmx.net> <CACsn0c=0iogM_OD-=9DyLm4=o+kcViWfU-RsDAPVE0-h1R7xCg@mail.gmail.com>
In-Reply-To: <CACsn0c=0iogM_OD-=9DyLm4=o+kcViWfU-RsDAPVE0-h1R7xCg@mail.gmail.com>
Date: Sun, 03 Mar 2024 11:51:35 +0100
Message-ID: <00ee01da6d58$c44f9370$4ceeba50$@gmx.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQHkjc8NO12IKOZuXw2UILj14z9qVAJhx38hsP6C0pA=
Content-Language: de-at
X-Provags-ID: V03:K1:+qtGyUWzQk7k2H1vr/Pw/yjXuC/+gZwyDr1jYFx6y0fxemjFaTI u1F3Etj3lF/8r5VGGHNIbaQcavk5zA77zPfxjrb6rQYTFnGqFmVDBXcKz6IsTS5ftHrTb3i W53/Z9zBQxPtg6gqBHjUA+h7CNRlN/2GXMUZ9ezES98tWeUuJEcuQBXpcKO11NC/jh2LhkQ tFoDuv/BFNk32ojddFmtQ==
UI-OutboundReport: notjunk:1;M01:P0:NmRkoA5yAks=;8wP+8NWAAR1Ua8O+jETZAKn8W4L LitFTeAHhY6j/PrLNMT0g7j2xt2Bm7tb68eo8fVOzWQWZlyKoApYiWmTkFteu1q194w3FyYdI HSmPeqayZOrY4pQYy3/8wN3qX8l0C0mRU5Mv/yomThW8ei0YBvNkYgoz9Tkt4l9DP4l61/Dtp VgHwG34Ogxi1bIGvT1UcamzITPfi3ZUU5iMy1TGnfh7I3gwVr7CBFSKQvUOa8wAG87rmU2nzu Dbx9sup3LPU3paNwFdz8q2M+t2GwhtrGBC8a62doWYLampCxV16M+/KqWAobyoURE7Ww3AiUm ywd1VS9NqHNGKByLXAbiyW3c8H46XDGYpdXa7b+wVVP7BLQkupG3yGTQQMmy15e+YKUklbViE NwybE6XdFfd1MGna0k5fmfxqUSJFjvQBX/QsQaalothK4Nsrz7l7hLf0qUuZvJifI920aPm+Z bUdwDkIH5pWWeVqMic4Pn3HURTp99L/mq+UcQxdhmE8w0qPbEDTsn/w+utLxcoiu2ExmkBdgt h0SL+MNI8vzqsw0emMNOgMgtXJcB20a4bExTTLUpIq5UY8YUv3ko1hNECkLNRXbXaNgDyDscZ ATpLYy9MxuiWDN1FFC0xHATdTGUIcSXsGGHKhIqjkA9JGg805FetZWSY2GvkF/0FtIdAYrl7f EBatwumi8//lhvE2486wKK/YrJik+y2FLLXCs/sm4cn5wXMNdJwEc+STHGEObuGsmJmpo/t68 EC+Y3CGKjGvX1WWEFbYoiAb9DFPpdlPOinvn0LrVeY+m5LPBZyT3asB7RrIQerZsgJXZgtAWw c8xHnYpND/ejXY0C/sbmupyvRT/qKWVVOH+/xoCF4n0ZU=
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/e1sm6ajAvMZVGgMJ2-aDdrcUTDQ>
Subject: Re: [Rats] Requesting a Nonce from a Verifier
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Mar 2024 10:51:44 -0000
Hi Watson, the nonce concept and terminology have been defined in the RATS architecture (see RFC 9334) and it is used in various attestation technologies. The EAT specification provides a generic description in Section 4.1 of https://datatracker.ietf.org/doc/draft-ietf-rats-eat/ and there it says that the nonce claim in evidence must have at least 64 bits of entropy. This is also what attestation technologies do. For example, the PSA attestation token profiles EAT and demands in Section 4.1.1 of https://datatracker.ietf.org/doc/draft-tschofenig-rats-psa-token/ that the nonce is 32, 48, or 64 bytes in length. As such, I believe we are using the right terminology but I have added extra text to the CMP/EST nonce draft. Ciao Hannes -----Original Message----- From: Watson Ladd <watsonbladd@gmail.com> Sent: Mittwoch, 28. Februar 2024 03:12 To: hannes.tschofenig@gmx.net Cc: rats@ietf.org Subject: Re: [Rats] Requesting a Nonce from a Verifier On Tue, Feb 27, 2024 at 6:19 AM <hannes.tschofenig=40gmx.net@dmarc.ietf.org> wrote: > > Hi all, > > > > Hendrik and I have been working on an update of the CMP/EST extensions, which allow an Attester to request a nonce via the Relying Party (in the background check model). This “nonce draft”, see draft-tschofenig-lamps-nonce-cmp-est, aims to provide freshness for the CSR attestation draft (see draft-ietf-lamps-csr-attestation). A nonce is not what is needed. The challenge for freshness needs to be unpredictable: it needs to be a sufficiently long random value. The terminology used here is unfortunate, and at odds with the accepted definition in the cryptographic literature. Sincerely, Watson Ladd -- Astra mortemque praestare gradatim
- [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier Henk Birkholz
- Re: [Rats] Requesting a Nonce from a Verifier Smith, Ned
- Re: [Rats] Requesting a Nonce from a Verifier Smith, Ned
- Re: [Rats] Requesting a Nonce from a Verifier Orie Steele
- Re: [Rats] Requesting a Nonce from a Verifier Watson Ladd
- Re: [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier Orie Steele
- Re: [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier Michael Richardson
- Re: [Rats] Requesting a Nonce from a Verifier Henk Birkholz
- Re: [Rats] Requesting a Nonce from a Verifier Orie Steele
- Re: [Rats] Requesting a Nonce from a Verifier Michael Richardson
- Re: [Rats] Requesting a Nonce from a Verifier hannes.tschofenig
- Re: [Rats] Requesting a Nonce from a Verifier Henk Birkholz
- Re: [Rats] Requesting a Nonce from a Verifier Smith, Ned
- Re: [Rats] Requesting a Nonce from a Verifier Thomas Fossati
- Re: [Rats] Requesting a Nonce from a Verifier Carl Wallace
- Re: [Rats] Requesting a Nonce from a Verifier Smith, Ned
- [Rats] Scalability ... RE: Requesting a Nonce fro… Tschofenig, Hannes