IETF Logo Mail Archive

Re: [Rats] Profile identifier (was Re: EAT Profiles)

"Smith, Ned" <ned.smith@intel.com> Wed, 21 September 2022 16:30 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B672C14F746 for <rats@ietfa.amsl.com>; Wed, 21 Sep 2022 09:30:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.676
X-Spam-Level:
X-Spam-Status: No, score=-7.676 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CF999h8jjMj7 for <rats@ietfa.amsl.com>; Wed, 21 Sep 2022 09:30:21 -0700 (PDT)
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 774CEC14F732 for <rats@ietf.org>; Wed, 21 Sep 2022 09:30:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1663777821; x=1695313821; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=r/VwvV1aLKaCFxAWLY0uEoGdXLgW8yhyKSDAjMV2eag=; b=CPSkHOq+7dYpThViks7p9Yoo4Gb+VpksKc2P72hO/lvLEDsYR2sTYpYd cs0FVPR1l6pqySqTMBEDcgSshzANTCvreOAROwg2FBVotaCh+UV1ffq2W YjOmFi9GVfzXFKawLas4eW0NM5l4FKUwWposMXzHTfdM2bh5ETbmBLPDR 9N68mtQZnDDjDxslq8tt5LzjvwdaRNxoXD+TVkf/PXuCf2526nJ79JbHH J8oqSCyf9IMUkWABJxqh6UBQRDtMRV+uZLyqS6bd9U3+3DXdG7X+Dg2En uLQwYCQOyCRqHtvfs3UxgffgsmwaM4UlVzKTC/ojP/Azxg2fjCNJrT7tU g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10477"; a="279778691"
X-IronPort-AV: E=Sophos;i="5.93,333,1654585200"; d="scan'208";a="279778691"
Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Sep 2022 09:30:16 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.93,333,1654585200"; d="scan'208";a="745035315"
Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga004.jf.intel.com with ESMTP; 21 Sep 2022 09:30:16 -0700
Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Wed, 21 Sep 2022 09:30:15 -0700
Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Wed, 21 Sep 2022 09:30:15 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Wed, 21 Sep 2022 09:30:15 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k43p3dVcl7hRfe8gXeI4fWHBalcts6dA3ADMQDZ9Ax3kgPeJSbmAuYmVkbD3VffUIjm9vcB7W5FLHu47Grfqdux56vxmo+FtlGDiCQxm9+I05QLScG1MqUBJmYpsJIC60I0q+7RTuYcd2svL1Lo53kP2XtJj16iiHe7s7B5Z9R3QStSMTwjyjA2ofi9NoXcyDEs1UktipaV11ampNKK8C79nIJJizCfB+QiXjRb3uOq8jjwEhFZR8lPplAMLeAcnQrTsdm8+RSB4wWAJ0ie6tIfVXmWLvXWpGpBUaFFn6pfgIaFGFTyWcXjmwFOrs8d+RsLZLxE3nxMz+eiSe7C2WA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=r/VwvV1aLKaCFxAWLY0uEoGdXLgW8yhyKSDAjMV2eag=; b=iylo3NsAu58KtYffqxRrs5PDhw8YAn7PUyhbtm05VYNy06sU8CoQT9iDHvDDeP0xUZu7tiXDYDcaV1bZMzeslvDQSzNgDnvO7XFWPmGuLVslkv8Z5fvx7RTIA+okhyS3JB/SUWkDut9RTdqyHAWmZOG9xOtlU8hfpVD6GAp5pjk+BFUGeMwhTp4dbuaqygGhlzENSYGyw6dNU4AMdvFlJlaavCIRKzqD95s1lHvYol0+pgbwcOnKQI4F4KRzAPIxkwMXdPUXpDEh60bAqev5OWduSSg3cBEJm8qroJ1UZy/7v8Fv+f8qiGfMB8jvR3r4NSJIj8QyUsN0NNMBAoWUOQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by PH8PR11MB7094.namprd11.prod.outlook.com (2603:10b6:510:216::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.16; Wed, 21 Sep 2022 16:30:12 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::7056:c22:10bd:3da]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::7056:c22:10bd:3da%5]) with mapi id 15.20.5632.021; Wed, 21 Sep 2022 16:30:12 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: Giridhar Mandyam <mandyam@qti.qualcomm.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Profile identifier (was Re: EAT Profiles)
Thread-Index: AQHYzaTCcYlnkCwomE+WobaQOUjYAa3p502AgAACjoCAAAFwAIAAAuKAgAABxYCAAAQ5AIAAFOyA//+VHgA=
Date: Wed, 21 Sep 2022 16:30:12 +0000
Message-ID: <4B5A2D51-7F18-43E6-8322-FE93CD4C30B5@intel.com>
References: <71934.1663019954@dooku> <DBBPR08MB5915AC23726BF997EB9E44C4FA489@DBBPR08MB5915.eurprd08.prod.outlook.com> <19805.1663344806@dooku> <AS8PR08MB5911DB2FE9608541698983B0FA4D9@AS8PR08MB5911.eurprd08.prod.outlook.com> <ab4312d3-c35f-5e72-9658-ca88ba3523c2@sit.fraunhofer.de> <CAObGJnNjuTT+QqnSpp1abrX-1hHGzCkVkzrM8GArPs8sDu=W+g@mail.gmail.com> <f9f289ad-5f36-b781-7502-219778148491@sit.fraunhofer.de> <885ABB6E-FD98-45E2-84BE-5A3A3C37D3F8@island-resort.com> <ABB7105F-6B5F-47AA-886C-8490024C3D47@intel.com> <46605.1663756035@dooku> <SJ0PR02MB835323B33E4FFA04DB96FECB814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <2f371cdb-38b1-f042-27e7-86afb91a38a2@sit.fraunhofer.de> <SJ0PR02MB835310DBD2C9CE9B3EB7424B814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <e251b4bc-7757-a681-f408-4309942fad53@sit.fraunhofer.de> <SJ0PR02MB8353435EAD5F0D7727DBD840814F9@SJ0PR02MB8353.namprd02.prod.outlook.com> <9dc8f783-49f1-ef9b-14ba-c9f9b775e5cd@sit.fraunhofer.de> <SJ0PR02MB83534E072B04BF8DF4BAA284814F9@SJ0PR02MB8353.namprd02.prod.outlook.com>
In-Reply-To: <SJ0PR02MB83534E072B04BF8DF4BAA284814F9@SJ0PR02MB8353.namprd02.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.65.22091101
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO1PR11MB5169:EE_|PH8PR11MB7094:EE_
x-ms-office365-filtering-correlation-id: 33de549d-6e96-4808-d922-08da9bee8eda
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BKe4ldOv+y7kM473ImwljG46vyrWpc8dmfSMhD+2W4khxcXHkwXyyucBHHCcInLC1NbbEfB0dxqJfrVt6TS/FCqv+sjMER5vsuROKBwreOOgCFXduekBpUcnfsy6Bzexi5des33QyRuyRkPXdvAwJjxt/pOlWIX1JA5C4Lzhvj3DfGNsv/LkqO3nyMdSTcV6SkLfR2TwGGu4BrfJiGW6GfcpKD8hwW2tu/+McVz48OkgLUdH22y4kai0ei5e8NhfNZI5RXqRyFtekMSlLnuBNFvlB999aq13NO949ddVQdp3rDhL71cjOLTAR4KVPPQgRqFNtBcGdzov5/YSH0P7bWtZaVrGw7WHtmBRSGieS2VLZoqzGN9iwDEtcG56pEMqvF9/XnHUc/BN+AwV7x0V+EC68if/8yGlGpibapv/RF+KgJaPQ6ZyK+6+XdgJZEZysqpYbeS2QVY+j+E6fa9k3HhvY+qd9PPh0bqKYLevjI87cNSwrOeQSC4AGCEnYMXtvgqp5BkbQPQhzckbGm8XfJruMegZ3kNs/VVvVxpUK5ptSges8iJf8azQIFXUOAKLth7vEuubNOGDTKptRYMw61zD7iPZy58aYDncXClc+TkXZ5okg+y2jYN2CHM89GAHn9UJnVkvhH518uP5QpIEhWUnLbGAvbmNwlm1hz/8ZJ+qwmgsH6z0r7Tsq9buaQbBkhrE6n8zhDGhpq5ielps02+KMAy+Zwb0f2/Vr8HXfxsGt2aeTC4vvyJQObtu7XDNVgf5XEesNKD16o/Qk9B0uD93vu6CtvGCabjKMIHhNWheX4r7An5ZOIuhsGdzeCBz0xVbI3kAAIT/kHmL90QtxxHk5hb7tRjKbFbk82A/yaY=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(136003)(376002)(39860400002)(346002)(366004)(396003)(451199015)(83380400001)(2906002)(8676002)(33656002)(316002)(110136005)(76116006)(91956017)(478600001)(66446008)(66476007)(66946007)(64756008)(66556008)(71200400001)(966005)(5660300002)(6486002)(86362001)(41300700001)(8936002)(38070700005)(26005)(53546011)(6506007)(36756003)(2616005)(6512007)(186003)(38100700002)(82960400001)(122000001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: aEd6b0G7QLJBd8rwocjBPAvQQVfMRsipZ9yB5PT9siJjr4p5Twp6MiKhijqMNGZ96YGuUcK6ZKHUMSTOuFh0kwEdQXhqm2KfVaFgkOMib3ewH53RPPmNnhpLVY9VZi/lwR/4s0Tbg5vUxvk7pBPB4D1Cv5mmZHnvdCQYovcYuyuPVeSfBl3gm1CLayCh5Qxcn05JG10xsx299cDUR2jF0WCSUfWyU/adpv3Sw4N3KKw88/XYEnTNwie8ygXVh5H8FdBfNA3S93yr6tGObHXRdHkMBhmkx1ed9l/qR3rbpkyISHdV0mmvhz8pLUngpFNfcIwPAUWRKxRHhx2Aatric1YjxY8uOyQ+05VnQxm55zz6EmqUy4MlAH1ym95gDp6nWrvYnHLzLKEzH+DZxclEeAeqJDRIZY/kOfazUfnqz/G4g9SzoqzaiWoAybcT5J2JRiU0o7hZG1Ekn9si6RAcK339tzRDcCVakc2KTvBLWONvc4SHB314ZMJZ8CbkoDpKHYmtS1pNoda4lRNg3ItBK/PMsrcRyAr09eV4Va10F/OWNWtwimaXVPcqvbKtZr5JJL79Gtdg+dPCK9+zJppUprbGG1Nz+Bqa9HU6970PMJtKu+adz7QWSX2RTe4OOr1/EOV9Er/YB9GxQ7n2f7oVUjuNH4MxgOZSZ9SnnHs6tMuUoaelzFgAlSExHd+ekfKsSLsuFSRGVpImQFO5PbFIU4+eSOxwwKl3HDAUUBwzv/PAHALLOD8S8NFppzkFOKazrVGi4NrzBdmXK1BqTRuOZosEog574C/vhsnHPUHgc3onILd7kS41q3KPXriF8yv2KHrUVh1JIm0sNAU8143byfDHNcf1IDgWDLLcr/6pcIep86yWqUAqRuIrfgW2BTfCaJCHZj2dA/YirP7CXp+z4gfNw8moNsK5blPHYFhBOK/SPkvsze+IdtDNHyjhFMhSc2XugEVHJaydxl2gJiEQKj1fdktzW8E3J1xpyMJykzmfYRbxQdHU1kVH1RqWuxP8lexGr4WUxFw2/8v38K1yJFCYqkLLGaR3UD7aVZLz/y+cFBoAgbFfT/d4ffBmqG3jRMxToKStVvK2/IFCMWYVcRhhihYZ5gc9fn9aa4I2MiKs7ff2dSB0s2SWUA6sja08W15nXykL2lhmGa46/etKqy69vlQbM2wlbC23VlGnJ8nxtOtPXg+4XGoX8teZ9rGZxlzkfyFKjLya5fSFvJMpdZDMwdcMHiKla6XvOdpLsxldM1OoXx7UGejUHvc2yFAbxhafSleySoWSeUHIw7UTzsT/JHOvjeDHiGBnRSBLZc5bLi4HUaWnT4WDQP10VOTxbod+6lbXip+YsNlNsYkv/bMjDpFc9q77JyPsxP0epXHgshprtkmvgNk+GykgF8NyVyluC3hHNZajHJELuLz8pTeWQUywLsk52JjOSs1sTV8bx7g7cLf2QUdQZrG17boFR0XYkluhKu5/Qfa9F1NRAYZleGRklUpfJ4NYitce3JrnXWlXJx+rVcYxQhvSdif6V7l6R/EpIGvkJ28T9GzszXKff8NmqjB8K7+/9At3iNo8Q1vwpA40p4kR3NbwTS4c9p2fMX6Yi3V2tc7Ofu7kZQ==
Content-Type: text/plain; charset="utf-8"
Content-ID: <8D19287A52A76C42A132CB1165046F43@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 33de549d-6e96-4808-d922-08da9bee8eda
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2022 16:30:12.6794 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4O3OO4l4qDkv/1JGKaA2+LdysOPbhQu4xNpNm9Ky9qxGEtSjsGCd2Akz5wrcooQdTTx6+3tBimVpL4Zj+/aqBg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR11MB7094
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/h3AOiqh4vNJ2cOh9jnZkYCZrSOk>
Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2022 16:30:26 -0000

I agree that lack of clarity around profiles should not be a blocker for EAT draft moving forward. But capturing issues surrounding profiles is important IMO as these questions will come up again. 

Responding to Henk's original question below but restated here:
 "    >> are you talking about the values of the profile claim (I am assuming numbers for now) to be registered in an IANA registry or are you talking about new claims defined by a profile specification to be registered in the IANA CBOR Web Token (CWT) Claims registry? I am really not sure anymore."

It wasn't (isn't) clear to me which IANA registry is most appropriate for registering profiles. It could be reasonable that a new IANA registry is created for that purpose. This thread also observes that there isn't necessarily a need to register a profile as there could be other ways to publish profile existence and allowing vendors flexibility to use a PEN and manage profiles locally. 

It is still ambiguous to me what value is realized by placing a profile ID on a registry (given the properties of profile lifecycle are adhered to).

-Ned


On 9/21/22, 8:53 AM, "Giridhar Mandyam" <mandyam@qti.qualcomm.com> wrote:

    > While it is not necessary to register a profile in a registry to achieve the "rough consensus and running code" goal, that should not stop us establish and use an IANA "EAT Profile" registry, right? (specification required + expert review)

    In my opinion, the establishment of such a registry should not be a blocker to moving the EAT spec forward.  If there are interested persons who feel a profile registry is an absolute necessity, then they could put out an I.-D. that establishes such a registry along with the mechanics for proposing profiles and administering the registry.

    I personally feel the value of profiles is not solely in the unique claim value, but the CBOR canonicalization that the profile defines.  EAT in this regards inherits the application-specific COSE considerations (https://datatracker.ietf.org/doc/html/rfc8152#section-15).  

    -Giri

    -----Original Message-----
    From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de> 
    Sent: Wednesday, September 21, 2022 7:38 AM
    To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; rats@ietf.org
    Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)

    WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.

    Hi Giri,

    the ACE profile example is giving me a lot of more context! And the approach seems to be fine. An EAT analog could be:

    The claims defined in the EAT framework (including the profile claim), then could simply be registered in the IANA CBOR Web Token (CWT) Claims registry and profiles making use of the EAT framework would be registered in an IANA "EAT Profile" registry, analogous to https://www.rfc-editor.org/rfc/rfc9200.html#name-ace-profiles

    While it is not necessary to register a profile in a registry to achieve the "rough consensus and running code" goal, that should not stop us establish and use an IANA "EAT Profile" registry, right? (specification required + expert review)

    Viele Grüße,

    Henk

    On 21.09.22 16:22, Giridhar Mandyam wrote:
    >> So "The EAT Framework" document could come with both a definition of the profile claim for the IANA CBOR Web Token (CWT) Claims registry, as well as... a profile '0' (the first set of Claims that will be included in the final EAT framework document) for an IANA EAT Profile registry?
    >
    > I did not say the above.
    >
    > Let me try again.  It is not necessary to have an "IANA EAT Profile registry".  The FIDO example demonstrates that this it is possible to deliver "running code" without it.  The CWT claims registry is sufficient.
    >
    > BTW, RFC 9200 is the precedent in my opinion.  https://www.rfc-editor.org/rfc/rfc9200.html#name-ace-profiles does not require the creation of a new IANA ACE-Profile registry either as far as I can tell.  The reservation of the CWT claim appears to have been sufficient.
    >
    > -Giri
    >
    > -----Original Message-----
    > From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
    > Sent: Wednesday, September 21, 2022 7:16 AM
    > To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson 
    > <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; 
    > rats@ietf.org
    > Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
    >
    > WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
    >
    > Hi Giri,
    >
    > thanks for clarifying. So "The EAT Framework" document could come with both a definition of the profile claim for the IANA CBOR Web Token (CWT) Claims registry, as well as... a profile '0' (the first set of Claims that will be included in the final EAT framework document) for an IANA EAT Profile registry?
    >
    > Viele Grüße,
    >
    > Henk
    >
    > On 21.09.22 16:06, Giridhar Mandyam wrote:
    >> Both.
    >>
    >> In the case of FIDO, the profile claim value was not registered.  That did not stop us from achieving the "rough consensus and running code" goal.
    >>
    >> -Giri
    >>
    >> -----Original Message-----
    >> From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
    >> Sent: Wednesday, September 21, 2022 7:01 AM
    >> To: Giridhar Mandyam <mandyam@qti.qualcomm.com>; Michael Richardson 
    >> <mcr+ietf@sandelman.ca>; Smith, Ned <ned.smith@intel.com>; 
    >> rats@ietf.org
    >> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
    >>
    >> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
    >>
    >> Hi Ned, Michael, Giri,
    >>
    >> are you talking about the values of the profile claim (I am assuming numbers for now) to be registered in an IANA registry or are you talking about new claims defined by a profile specification to be registered in the IANA CBOR Web Token (CWT) Claims registry? I am really not sure anymore.
    >>
    >> Viele Grüße,
    >>
    >> Henk
    >>
    >> On 21.09.22 15:51, Giridhar Mandyam wrote:
    >>> This was not required for the FIDO implementation of EAT.  As per https://www.iana.org/assignments/cwt/cwt.xhtml, the FIDO EAT claims have been registered and the profile has been verified in interop events.  The profile itself was not registered.
    >>>
    >>>> The IANA registry would point to some RFC that described the semantics.
    >>>
    >>> Why only RFC's?  Are other standards body documents not suitable?  At least for FIDO, this didn't seem to be a requirement for IANA registry.
    >>>
    >>> -Giri
    >>>
    >>> -----Original Message-----
    >>> From: RATS <rats-bounces@ietf.org> On Behalf Of Michael Richardson
    >>> Sent: Wednesday, September 21, 2022 3:27 AM
    >>> To: Smith, Ned <ned.smith@intel.com>; rats@ietf.org
    >>> Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
    >>>
    >>> WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.
    >>>
    >>> Smith, Ned <ned.smith@intel.com> wrote:
    >>>        > @Laurence Lundblade<mailto:lgl@island-resort.com> What semantics are
    >>>        > associated with a profile that appears on an IANA registry?
    >>>
    >>> The IANA registry would point to some RFC that described the semantics.
    >>>
    >>> --
    >>> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works 
    >>> -= IPv6 IoT consulting =-
    >>>
    >>>
    >>>
    >>> _______________________________________________
    >>> RATS mailing list
    >>> RATS@ietf.org
    >>> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email