IETF Logo Mail Archive

Re: [Rats] Call for charter consensus

Benjamin Kaduk <kaduk@mit.edu> Sat, 19 January 2019 15:25 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 079A1124BE5 for <rats@ietfa.amsl.com>; Sat, 19 Jan 2019 07:25:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NnhscbeUqjKm for <rats@ietfa.amsl.com>; Sat, 19 Jan 2019 07:25:18 -0800 (PST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0702.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe48::702]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9F3C1200D7 for <rats@ietf.org>; Sat, 19 Jan 2019 07:25:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ocMtAKrfHi87BdpsRPRe2OIYel/ytnt1/tL2L9JeOsI=; b=N/5pBLlvA4lWmGrfvTZroRn+MQMda4TrH16gDkNFtRPMkS/yHPCiUmXk1UqSIiPpOg8iB9okR/E+pXFBuYwrgbRrcBpglYWRx8u5/eLfsnhU7HOdRNA5yaar7T91Pmbf/aQMLov/c0B7GIXiujDmDE7x+fXoxfBSfOt3WQ5QLkM=
Received: from DM5PR0102CA0036.prod.exchangelabs.com (2603:10b6:4:9c::49) by CY4PR0101MB2951.prod.exchangelabs.com (2603:10b6:910:3f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1537.25; Sat, 19 Jan 2019 15:25:16 +0000
Received: from CO1NAM03FT004.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e48::206) by DM5PR0102CA0036.outlook.office365.com (2603:10b6:4:9c::49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1537.26 via Frontend Transport; Sat, 19 Jan 2019 15:25:16 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by CO1NAM03FT004.mail.protection.outlook.com (10.152.80.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.11 via Frontend Transport; Sat, 19 Jan 2019 15:25:15 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x0JFPBDf004395 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 19 Jan 2019 10:25:14 -0500
Date: Sat, 19 Jan 2019 09:25:11 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Carl Wallace <carl@redhoundsoftware.com>
CC: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "rats@ietf.org" <rats@ietf.org>
Message-ID: <20190119152511.GV81907@kduck.mit.edu>
References: <D86754B8.D099E%carl@redhoundsoftware.com> <C79C7D38-3544-4CDB-94C5-2F49FF0D7BE2@cisco.com> <AD9A3A3C-42FD-48A0-8B5B-A1F6644573DB@redhoundsoftware.com> <20190119012335.GT81907@kduck.mit.edu> <D8687BF3.D0B91%carl@redhoundsoftware.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <D8687BF3.D0B91%carl@redhoundsoftware.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(376002)(396003)(39860400002)(136003)(346002)(2980300002)(189003)(199004)(2906002)(88552002)(2870700001)(11346002)(53546011)(76176011)(23676004)(2486003)(36906005)(7696005)(336012)(53416004)(93886005)(486006)(4326008)(316002)(126002)(446003)(476003)(956004)(426003)(1076003)(356004)(106466001)(786003)(6666004)(47776003)(55016002)(6916009)(33656002)(8676002)(8936002)(478600001)(229853002)(305945005)(50466002)(26005)(186003)(5660300001)(54906003)(75432002)(14444005)(58126008)(106002)(86362001)(104016004)(246002)(6246003)(26826003)(18370500001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR0101MB2951; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1;
X-Microsoft-Exchange-Diagnostics: 1; CO1NAM03FT004; 1:zFXT4SIHkiFpYcgVb03X1sC5XFrHkg6InR8HT1hCCP4y+4f3S49NBoYfJGvEt5j7e8/W2xDSsYKPyD55HlzYkzOrk/U/4YpG6IS+cdEiK+twB7XrqHEY2TvWw3zetlnQgSnYGjnnxB6ZcEprApq1xsge1Yv8A2r6ehGZX/dUNFo=
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b175088c-3bf5-45b7-775d-08d67e225066
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4608076)(4709027)(2017052603328)(7153060); SRVR:CY4PR0101MB2951;
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2951; 3:0f+yugnJKbgDtvA3VT5ciwLMpA/VBnnKuuENcFyryjqjXHp7kE0OdfvPXqIsxzmwVxf68jhGFUkPwucA7xrWySENK6gpW7dL+NlANgTTjgvJR8CZbTiM0E9DzlL61ULgRcjSLr5XayNuQPEA/ondnWotD7OO5osWgWx5wD51n0PKu2ZUo0jHkg1FeUsT0WAmftWefgxP2LeVBVkqGtKPH+YdF2YTEp1tL1JW+s5ArCnuVNpOY3bqibJz+fwYgoYf4cKjkF9X49vomij7CG1xiMvMK3WhZrW1KOCoNsJJA7d3zm8gITQklX3c0VbgC6LV3exhCl2ZU7qtORpxJVfLObnquvzU5gmmsSkYvnWt6FYUCXFcSQH/n4Kfo+3v2z1p; 25:5aBbdhYFHN1RqcyLMqRRsSqqBezfRfC2u//qqJGFDEAUk2oOLgITcap/Q92JDJ/IkBUco6KqvIPFQx0+Eps96UPK72UyozquFIO3dXsIF3z7TYmAZa3tqj0diQaTiZVRSo3kZQVDL1Q6AN7mZSMrrgXCsy0SKNPp8pJMCOkx/UVsSg2Y5z73oFi17m04mxX6qqRSsGeRemEzvs5E61yC5HQSIUbs5Lnx36jcZuxRGCCTtrWgyHfxQQ5kabQPqLHE2X4ltIhT0k/Ah9dQqfsbsiuaaxITz7eU0IUz8LJU1eLFjKh8u+ugoqSPxN72rX2UMP5ZLQ7zrYZil3DhBMup1Q==
X-MS-TrafficTypeDiagnostic: CY4PR0101MB2951:
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2951; 31:MaBBNqK8nd9eQniQB2EGGKcl/J6ERC29LRvt5AxCV3ONS85uPIGoOjqNQeD/2A7Dz8cLBy95jM4fOD1wUc6Isf6Uu+ciz6oXAPxpAqX5+OTfrVbUvWWSZjD5Ygmm1XdnBd83JQkkfd0/vOpojZqTcNttMqEq3aoPjWCF+YVRnouE+o/viteRjKtbHxDLECoUNAJ1+8F1kYmhS9Ip+014wKpOYi0RpaDqUe9uc2bnfD0=; 20:UE6UepgwcywQfhnSCvaF+ZnRppWBThI0Elgy8NdJV6r+E0Rj74J+ja1q6okG6ZlaWp/sJ4lJtqGicc7mxRraAe3L+XE5pmcHmZsA46AVp7u/pb3kvXuD6E3wY+zzCL0El7k65Ff79dcvq+bcprrFNysU9sOB3Q5BHphST7FRcVtfjZkBXa0U49TsRDfhS1cqeXR2dRMTtLrCsZbEanl9Dxrr3/sCxcQOa81CiP/UpDc/pQ9rIfAEfC78pHdoXmvDveutJUA1EG0BBhunZryf4/ofX7IGB6bbKVp5ic4WJWiVjrH+DUvuxDTgZNbxHUlC2Dj/gZQnPeI/oyoXLeljNeKXewoG3VLN+A3F3StWwSznxCJ/pPT1Z8p/I8Y95VC2/4Ppe4sHGpeot0vHvAVyxsz8ibiwwruYV3DB67Q4v8WpHqrRXlPF8HXD1v6Hs+cKfT+N86rPOpxZXOkUKEG3RPNZHDcIs3jCHX+gIOPHuEwKahSNdZF+BLAYor5e1a1/8yJQ/X6NmPn0fbYB50pHs+TR4RaV58ZcT2KHZV6A+3NwGpzAYuAF5c7XBvT5E+Z1gMYVRqvGWhGS/ClYB3d6E9hrg9/rKYwL2QbvW/71CV4=
X-Microsoft-Antispam-PRVS: <CY4PR0101MB29519EF7849EDBB4C5C8BF8FA09D0@CY4PR0101MB2951.prod.exchangelabs.com>
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2951; 4:J+yA+PuAGXtpckX83W8KwyMvyJbXgrbrOmlalETuCA3/4KCx7QNQTnCDxk6Bli7BvvZ0U6KoEz7szqxGwws3UGP6WzYOaOJs8i6dYsA11zdluymIryUJnBl3cM2Q5hkDA+k8ftdWtk9vI5wtyoReLjyqlTT8XhSbG2z/KsVGlaAttdygT54ucKdXWbhVoNOjXFLQO/fIK90aCXmXF+aRGgCpMAAkSktH4aKBnrJJ3B5lLlsz2rxEphNbft/97heCO2uC5kNY5K/5Vf/Lsisf3FEVnunvTig/REZwcN/ZS8c=
X-Forefront-PRVS: 09222B39F5
X-Microsoft-Exchange-Diagnostics: 1;CY4PR0101MB2951;23:vKko6FXN6LcI2lHgfsqMrailIOPia6X53VdsIJVDa6CoLpJBCH7srgPt8N5XAv3AnUnIFxC+88eWOURzk3ostzf3EtSnJ7hZpHRdq4hOmDOyl3+dmcoTASEAV56l6PJJLNE+FSTeQZLeVX/8aMbCk3O1waMZGZGJVV1RQxjjNWxHXa3dW0l67LnakCtnKXi2AeSf5gwFRyXfyfOjdX/69Ff8zzxG2NR6CRry05Fiir3bGrZdp9nm8a3kwXC3Ow3HssQxtlSyu9lBY5OWmVRmrkZQ6rZQyv3UeKVflVUKe945/9EKDGTHm2oAG52UJZbvzRRjdFeZWpDMqPHyA8gZAmYBQaBaERBPw2NSV3MxGDxJabfRenvzL9cQ/SnatedfkLW/bQNikaZg24w3lRuvdB9BR+qqZRuYFCAyxgLXA1wvsZvzgFv79h1qprAdh8uDpgbz9xGSKkTzwn4WgNAoSfS4GzrnQZoYvi12OcAmXXBBSEga+kWo5JdcCqhQWrH3JAcK0yxQH9LXCNP3plyZATTyDDbDjzLng6S6Zb4YRbWkG6E81EfvsQkymLzeWbV/yRTt5KRchQJk61Hr9mrLodevT3+5VmL+shc+SBZFZn6t0+TkpOK2Hd3k45hBwjFm1rWKWsIKORSJ109MxDrDOs6tBj9TFvJBDAUKCXRluZY5sldnyXu13kg5h01pTmR9w/bMyjwlHOEKrXPMud7WuwKmO/qGtXmsEvlhcznTjlC7FR2V6llvPBjtg+0GY0oUKqo/BFbRs0fsJ9ywx4qaRSrwKAsH+h4b2VIqtnlkd8cvfnr8H7w5O5FaeFpI6ZnBIw+oamIpe8yJF1ntpyA9rrXb8OSiOstkh2Vh4Kwpy9yvpsX9MbYKXsIJQSmeF5DHG9C8acorAkLlOdxDvD1H9fK5ns2AMQCGCSLkI5AHb3fWVjQW0c29s9PTj+B0QgCmkjFDtAoxGbvyrINjBupIt4jCdf4BA+jiqr+z1bQLkcCiEAuI+grSVa7dqfNoYiW/GZ3sikGljEUo33gabn3zPqXCbLe/lw6B/YjPA9oFuNlao+kkr+PLNrZk17PGbHm2msgJheBm4LZ3NWIwa6xgf8MLimg6kawzBrzgsp6b69OtyE3K6FG4hP8J5rr9QgMH07HS1NimX0m5A/cj8nzaj9L4XhsNfqeo+W/TC6TcnYcTalUWUA8ikUx2jd3MqHwEitIHxBjtgBQWLeH0ac5ExYbFeqDRgoz7OAHmS7nuMUSSUYex1PkgBw0C79X6AU2Z
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: e5qgjX0AXqrDcYYfBn4gv6c4YjFcMHyl+VUYAOAR6qA94mmRPWwu+TMsTnfCtWIUfzE7pRmad5TVfw96k8DfxAnragLB7xvJeRWFljFSufShIm/mP1q235wPvelp6xsteuzdVUm+HBVQT34mgJzym7lrBplvXN8OxvC8K91rNGzh9kanuy3jP/50Ryv8wEZ8mDRB2aZd876+1i+0OpLNvRr/aOlItAyDGaLOzpQC6oZOA+e/9dYU+YsQuvOpb8LFy3r6qsY5Y0pJIIIAzpFg6qqGvDkDGolWe3f7x/97j/PIPZxFNzoPOkvsuoGNE0QwXR2hHMD2tnqELrRGuenvEeRN3Metf5/GhFm5XWK8VcHpYDzikUKFTkqx7q5FGBbkMDXOEktvDSpjqxbTyq+x4V8DdxfPUkDopQv7BtUV+Fc=
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2951; 6:jRaRWOQhlW7OAhKYLZ57KluPjCurbLhnF/FSKI7FDRToWQVsuOkB0ckQtroTs3inhTzrRkrPur8NdjjQACEoQ0BpVHdSRyyCWefJ9hO4+iv+iwBvCDb97kDzz/CfBEUJ68aNyBOIBZbRC4iOimxqyT0GDX79l+2jICys7JCSBrd5RYcR6/2g0S2qYymH/XjYDJMR8M9vMOgPPi95WMgciYehfcz0djrL21g/7EE7/osZBZN5hmlWXcw8bm2VVnl0nKsIEaCyw/oUMYIf7X7ZdkCDVuArS43V69RvrX3c8oI1psZdjnrs4/PsfOJpfqgIA3QXejkTV3ZZr5NtUxeYQaGb/dytoTMl8FpyKP1l8N8CqreLIoaYyzUn2kUTNvlvUVk5h2oO4PCw75BAVPodyprGpFrt9beoOWNc5G28F4kvOIow5Ek2Xoxx1jqzakCgVBsBUlPslrkUmfoCTpdHyw==; 5:dGscksEGOQnVZwCc8VjEnEYwVM8tMfeCyFIdBWWYnqOa9No0ekkZGMYh1nJiUtsaqPCpVJcHAZvKEqA9aZ0bZi4XUGesg9+2KvbOnSwv/2Yzc7nfiu4XjEtFE0C19WB/Gooz7KerdHOCbXiZBfPVeNA/yuecSAYH7J4DSBAxImEQMuW9LuHLhgcUSXpM12HodO07yv2x4gHsdQHMoMvyKA==; 7:8MP9d4PPA8FMek4wJiNyuF5ZhPJe+At4tP9rK5hsGhuscDXF/vlE6FhQ17rdvDRWyO/eJ2dsgSePygV4aOkNzSrf7yn+ABkl7DOh8muey1zEYPlbvBY+KOVNxaOU3JiPq9KzfM6WJrXxOtRYKkZlzw==
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jan 2019 15:25:15.8321 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b175088c-3bf5-45b7-775d-08d67e225066
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0101MB2951
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/fxsT9ITLs_mGp7mM1FBS08shfnE>
Subject: Re: [Rats] Call for charter consensus
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Jan 2019 15:25:22 -0000

On Sat, Jan 19, 2019 at 07:29:30AM -0500, Carl Wallace wrote:
> Inline...
> 
> 
> On 1/18/19, 8:23 PM, "Benjamin Kaduk" <kaduk@mit.edu> wrote:
> 
> >On Fri, Jan 18, 2019 at 06:54:44PM -0500, Carl Wallace wrote:
> >> Inline...
> >> 
> >> > On Jan 18, 2019, at 6:27 PM, Nancy Cam-Winget (ncamwing)
> >><ncamwing@cisco.com> wrote:
> >> > 
> >> > Hi Carl,
> >> > <Chair hat-off>
> >> > It is my experience in the IETF that we focus more in the definition
> >>of data models and transfer/transport mechanisms for information (e.g.
> >>yang, netconf, radius, nea) but how the information is applied is
> >>typically out of scope.
> >> 
> >> Many verifiable data models (e.g., X509, CMS, JOSE, COSE, etc.) include
> >>verification rules.
> >
> >I attempted (probably poorly) on the call to make a point that in some
> >sense there are two different types of thing in the RATS workflow we're
> >thinking about, that could be called "verification".  On the one hand,
> >there's the raw crypto bits of "this is what signature validation/MIC
> >verification/etc. you have to do in order to get the cryptographic
> >validation that key X generated data Y [at time Z]", but once you've done
> >that, the decision of verifying that Y and Z are something you find
> >trustworthy to perform action W is not really something we can
> >standardize.
> 
> [CW] Depending on where you are drawing the "decision" line, I don't
> disagree with any of this. However, as a relying party of several
> currently available attestation types, I can say that all I have
> encountered are broken in one or more ways related to verification,
> including: misapplication of security specifications, poor definition of
> trust establishment practices, misuse of structures relevant to trust
> establishment, misencoding of structures relevant for assessment of
> attestation contents, unstable structure definitions, "interesting" use of
> extensibility mechanisms. Each complicates interoperability and code reuse
> without even considering that each is different. Most of these issues are
> at the intersection of proprietary attestation structures and standard
> security layers, i.e., the procedures that appear to be missing in the
> charter goals.
> 
> While it may be fair to simply write this all off as implementation
> errors, my hope is that RATS will help greatly improve the landscape with
> a solid set of standards accompanied by sample artifacts for testing.
> 
> 
> >
> >My understanding is that we plan to talk about the crypto but not, at
> >least
> >at first, what you do after confirming that the crypto has not been
> >tampered with.
> 
> [CW] The relevance of what one does during/after crypto will vary with the
> nature of the claim and likely can't be avoided in all cases.
> 
> >
> >> >  
> >> > <Chair hat-on>
> >> > As to the consensus of the group and the charter during the call,
> >>there was no consensus to the last item (the assessment of claims).
> >>Additionally,
> >> > I don’t believe we have permanently omitted the “assessment” portion.
> >> > The understanding is that we need to charter to a scope that we can
> >>achieve and if and when in that process we need to recharter to include
> >>other work items we can certainly do so.
> >> >  
> >> OK. 
> >
> >Yup, we want to bite off a manageable chunk for the initial round, and add
> >on later as needed.
> 
> [CW] As noted, I don't think omitting procedures for verification and use
> of the structures is a good idea but won't belabor the point further as a
> charter point.

Understood, and thanks.

-Ben

v2.23.0 | Report a Bug | By Email