IETF Logo Mail Archive

Re: [Rats] Should we remove submods from EAT? (was Re: EAT Review Comments)

"Smith, Ned" <ned.smith@intel.com> Mon, 20 December 2021 21:45 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF21E3A09D8 for <rats@ietfa.amsl.com>; Mon, 20 Dec 2021 13:45:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.796
X-Spam-Level:
X-Spam-Status: No, score=-2.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSVHch0zIE6E for <rats@ietfa.amsl.com>; Mon, 20 Dec 2021 13:45:14 -0800 (PST)
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6ED23A09D4 for <rats@ietf.org>; Mon, 20 Dec 2021 13:45:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1640036714; x=1671572714; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=wFeZPaxxg9dvvGEpERbx71ClDQfP4BpSFVyBWuxxZVY=; b=e7TESbpOOUwYem9SlGHFiTziMscRz9njsNOYhrsY6PdnhLhomSOCYW5Z L9eJgDc7f1kj76btCCZYtUNoPjlXF4tMPPjtMApPKvIdqylRjo3G9mavy /UGtFDYBHM6SEkpT9nciksgY9rCflKBUcoKU/Id3BuXO7aQWR4oP32xRu 8Xhp4hGhUf0SU1rQfqJBbtXOlDV70gjah8gQXHgj//M6A0ejBh6MHH2J/ cHIfo+7p8GAzgDzzwZpsWb4Lyd6fOxBOPfzwRhhk7cWjYj23E5LsVGzLD 2oR1bnV/0b8raA5Y5kqeiw3tpfLzCs1NOg4s4U4jED5vsKfVDlXkFtlvj Q==;
X-IronPort-AV: E=McAfee;i="6200,9189,10204"; a="264460382"
X-IronPort-AV: E=Sophos;i="5.88,221,1635231600"; d="scan'208";a="264460382"
Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Dec 2021 13:45:14 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.88,221,1635231600"; d="scan'208";a="663743886"
Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by fmsmga001.fm.intel.com with ESMTP; 20 Dec 2021 13:45:13 -0800
Received: from orsmsx602.amr.corp.intel.com (10.22.229.15) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Mon, 20 Dec 2021 13:45:12 -0800
Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Mon, 20 Dec 2021 13:45:12 -0800
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.57.48) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Mon, 20 Dec 2021 13:45:12 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bbzEJoXR6uGFngZmHED8FOcUwe/dv98rVqiwCv8rggmKvCMnR1W/Qq5fqqluo/h+qNKzkqbTIANsCJmzsLczr/N9QDIi6PUdIcxHWnFjVfY2BzePGwLEGLFvQzcnS+m+YPgCttvROsJJXRq5lBfpKvWCzFvdRHhCqU3rsbDGdepxZmH79P5DPdY72NYFEcGIBVoE9OTuj5C3WigC1a0RXCGJ4CcCJGynzUw9yq2NXI2DwfbyRC5OwMhPMEk1VsszMOJi9hrJ8FpMzXw+fM2b94jjUTqEeFj/MRLBH0yhwIqAN0WaIfghgyfsurtlXMw9RAWLEzomgCTYo3Yeotloaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wFeZPaxxg9dvvGEpERbx71ClDQfP4BpSFVyBWuxxZVY=; b=LhEcXB8+OHB4zkR9pqlq3ieStGgbtRTtUdvCIgVo6FVA9CQjX+baZyoH5biXg4UWG/Bwi2ZTy2whGPdL41I41ZHGIZ02cI9kUHSB5V4JRtaZeAtP0JHQGnyua5bzLLbj1EaL6+p+N8W85VMgit76mgyB3u4ahseLUQR7+DTTcyaAijVqRSUxdEpE5Kn8DYftVjQKTu/HnUQc2gez6tCJC2WKm8yjkzY1LP295ACzTXvSLh3f+NkZLTSSrESrJB35s8z8xTl3HexRPCMUrp7C4Jgph5+tLkt+w33KRu3b6YUCK00tqWpJhMrlW9iiNqcozDtMPbmaAdFyZfcXiT2rsA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by MWHPR11MB1485.namprd11.prod.outlook.com (2603:10b6:301:d::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14; Mon, 20 Dec 2021 21:45:11 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::e8b9:8f6d:8519:72ca]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::e8b9:8f6d:8519:72ca%8]) with mapi id 15.20.4801.020; Mon, 20 Dec 2021 21:45:11 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Should we remove submods from EAT? (was Re: EAT Review Comments)
Thread-Index: AQHX8eY1q3i7vVhlu0yw2fWJcgZhSawznm4AgAGcI4CAAdl1gP//wX+AgAHK+QCAAstSAA==
Date: Mon, 20 Dec 2021 21:45:10 +0000
Message-ID: <5FBD35D3-36B1-4B6E-AAC6-E01E48D89406@intel.com>
References: <DBBPR08MB59150EEE386E675005A52124FA6E9@DBBPR08MB5915.eurprd08.prod.outlook.com> <B81765CF-8515-440B-A021-977FCD59D5E2@island-resort.com> <DBBPR08MB5915DD8BAA394E7D665E4C7DFA709@DBBPR08MB5915.eurprd08.prod.outlook.com> <E6E179AD-23AA-4B22-A0CE-26BED6BB2862@island-resort.com> <ABD665F5-777E-4A9C-8920-0135FA91FC7B@intel.com> <10720.1639667481@localhost> <6CBC3D74-7963-4127-A510-C6A0C54E5EFA@island-resort.com> <6FE2B11E-2290-4CD3-AF92-547F2A205547@intel.com> <9E9FAFDA-B892-47CF-8375-58AFE6313F3C@island-resort.com>
In-Reply-To: <9E9FAFDA-B892-47CF-8375-58AFE6313F3C@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.56.21121100
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8b823cbe-fade-49a0-8e62-08d9c401ff8b
x-ms-traffictypediagnostic: MWHPR11MB1485:EE_
x-microsoft-antispam-prvs: <MWHPR11MB14852431593443F843C7E6FAE57B9@MWHPR11MB1485.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3968;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rTXVr4w2xWUWxNcYJ5p5goFpMU2VcAqDsmDELIGgMwRTLrv78yN99PDV+vPaoW0efjXyoWDc9J9wiFLqH2IuTG9BOse3oDv6nXSSJ0rb1dVYVp3un8c96QbgDnOB1nKMHMgCO2dt9UUSkg+pJQ1pRcumr3UeTLE66XtRAWD0OzbSS28YdjZlTl74h506whqYiG98B4VnNddoHtr13Yl9xSujBjqTP2sHAXnTC4WW+Y8jJvz56knMCDp2wAnUY0A+csDZS3zyHPGNZTvgDY3NNVvOqB88WgnIeHgs9lDgWkVUVj8iVXMIKpQhk0m6EKcWRL3TQ3QWsgJWYtbgm0+Qetp2IcZQ3u1/hwyk3vLFu2aS5Da6b3Xr0GPaTwBRfCh2UB6u33oZjB5t7qvIiExV4kElVOuwwg2JobwC9N4kyQ/GcChEWbLc3vl2tBA4W1tZm3EUmFtoRwgiOQ/wSFJyw+6PBYciKW2OS5eO+Tclwpinw25UVHx/cFNr4iZrJr3DQsWdkBb22rARC+AtnT2yaMokmdMI8c+NwXbWokHdCAMms46M/DvD/QUvOApelLD8cZc9h84jA9Ues8jrcjATChAPKuzo3Wwb1oc3/xz8H5Iq7MWYLd2ofBYdhKbY7D2VhI7OWZqnu3hsRiyfymNZ+OwM3VU5jf7WGN/GqCbd+1yfCi+ECp5jbz2kQU8tnmmTL9fSSrQ8uRqgsavKrx8t4k7a/MMdjJ9c5KPIwqtqUBU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(508600001)(38100700002)(66446008)(316002)(8676002)(66556008)(64756008)(6486002)(33656002)(53546011)(38070700005)(4326008)(36756003)(71200400001)(6506007)(5660300002)(54906003)(8936002)(122000001)(4744005)(186003)(26005)(86362001)(6512007)(2906002)(82960400001)(6916009)(2616005)(66946007)(76116006)(66476007)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: BhK5Pd3cOkcxlh2ExHCSeNJOvolGub/hKCBYgZOZmNDO5eZRmDM7vLGd2p8NVXne4oFFJBDGIjgevU18yTyTr+NolkWbZdMW4nuph02FENFxI4gFEa/ps6XIscJifhy99HcdbMg8wxiMXEN8ohHI9fIEXzZxPs/BTDHg5Q5nO5reZngBTQsjK19urTsyAGq119J+Uq02e2I+Wpkl7plP9BXfvndETQRGLRwUNUA+iYEPFTGc3/d/W/h5mgRIk6Y8QQHciss2keHSJ6ACriCTUXdYs7m8sWUZGGoMHU6YCiMsdwtUU+Y28xjqDBd17KNEVUEqYkn5qeoGWLCtWid9SufNF/oNPHIIvesi0hQmy7f8QbdLPRbNac3iCT+9dLwm5mdKR0YBXTIDPN6svB4TshFaFtCg5P8697XWUvSvkbX/pyWN1bUGzgElkKqfhNbCn73mJTd4zmncY7C9wkj9nO2TjEQvWET+7M8rUsXnAA00fmW6GJtFqwcBC4iI9kKU2ihzI9KBwoeBuHdK8DCxFjZUFljb2/siolBH4SFdnCZOt0OI3Q0OnalzrB2CmiVtOu1bBIEN3zaFnphSUDZQypA5zLY9uPjJlRfKDFZo0LCv3rRxSvEp9Ncp66V60ShLA9CJhM2tOp6uKNAUpmPK50p8CSNlZNy3u026FaoxDSoS3gnotaLsS6AY4adXeA2KFXgPq1OQxZOaJTX8xsU4abcrtKsl1fEcwk5VtPfuP4eTeWkTFrnm3kRU3JDr0PvuHjrkdn1lsYL/huwhQzLK5d6ku8eSnJZDimqe6Gbexl4toxSkrkR4utHOc7T95evXEUr0mcM1ej1BigxULQizj+PFg3F9P1PaF3is29hxcdPe/FwuoHh/eAwAlUi1sgUIwzQ/ECTZxaLs3mTx8wKZjA+W0A+3cwDCJFV4wHKo2WjcGjJhlNT5FV4QoZsW6VEUiwNJkcmdDr6ZSZk3mCb0OiGj+Sc3WaUpnRZztv6TdFrcfMA0ETPe1pKYljpuHhfMakAxsgS6cFbMtYMwk+3kQaQK5Xdc5gz3Bv/aNPpvmJ9DRoRe7Xvs+pDx5LduY+Kqfzv2h/gRhne+EWg8gMaJhedqI3Xzs1aP5rWLcEapEEPDew15Ym9BSo4ND4qZbfnD+4px8sTLE5tEa0aXDgeTG6KqGheB+Jf6i/5Uuzi64jJhWRt/utfARyd+5bTenoKQaYfYyPgtKEpMpmBDcNKVW1PtNBiSB4xO1y+6BoePXByybJ2eREu8QYhgN/7fRA7nVJZDNaMz/4Kj/cQ8F0ALbQzGp7GZMuWkapeBys7B/JPGMSH93ucN9JG4XQFGGeAyC3ju/qKpV3zUYoryMBM1BtB86oaQx9hRlV0g3gDNBxQNv9ghWPU+aC6gSECv+ggwXU04TG8DARRilwNBIfi5mHUJuFcOr7xIhD01+z51dT3vVNTGEd4C2gkVstLHEJZ0YqQTMEKxFUhtLU1ASiyihqx10VBy/BgoUxYaDWMPi6EUsGuHTGfTp26Jiqsqn07sWv46KnsCeHv1k5VS29Gekjsv77EJZbJPd7TPP5vPYoFY6osT8nO2DCBtHDUgSHMuvagl7wurbXmD0MWlLBVUV0QaAHUwcTvz2M4UsbOSXzE=
Content-Type: text/plain; charset="utf-8"
Content-ID: <39D7852116582E4C8C4AA7585D0929FD@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8b823cbe-fade-49a0-8e62-08d9c401ff8b
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Dec 2021 21:45:10.6592 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OFy1LGq2Rdc9ty7ERjkT1WKTn13uDT+wxE7oAHscxSlk3xS/ztX8/WryoIw67NTO7hyOwQG826Y/aHhBuAahDw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1485
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/gGzElpJcJWmG-f9HGsvbc6nEQHM>
Subject: Re: [Rats] Should we remove submods from EAT? (was Re: EAT Review Comments)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Dec 2021 21:45:20 -0000

I think its needed. 

On 12/18/21, 11:05 AM, "Laurence Lundblade" <lgl@island-resort.com> wrote:

    On Dec 17, 2021, at 3:42 PM, Smith, Ned <ned.smith@intel.com> wrote:
    > 
    > (speaking not as chair)
    > If submods claim is Evidence, then there is an expected Reference Values expression that matches it.

    Note that a submod might be a whole other EAT token. Maybe the Verifier knows how to look into it, maybe the Verifier just knows to send it to another Verifier. For example, it might be for Secure Element that is soldered on to the circuit board and you might send it to a service that Verifies Secure Element attestations.

    We could support both bstr and tstr for the submod name if it is really needed.

    LL

v2.39.1 | Report a Bug | By Email | System Status