IETF Logo Mail Archive

Re: [Rats] Profile identifier (was Re: EAT Profiles)

Russ Housley <housley@vigilsec.com> Tue, 20 September 2022 21:31 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 895FFC14CE3C for <rats@ietfa.amsl.com>; Tue, 20 Sep 2022 14:31:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1m1gDy0WKx38 for <rats@ietfa.amsl.com>; Tue, 20 Sep 2022 14:31:01 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9956C14F692 for <rats@ietf.org>; Tue, 20 Sep 2022 14:31:01 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 9D0D91529AA; Tue, 20 Sep 2022 17:31:00 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (unknown [96.241.2.243]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 7F27015299F; Tue, 20 Sep 2022 17:31:00 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <657B200D-204D-411F-B1C4-5709CD794E7B@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_661F85C0-D5EE-403F-A5C9-CFF9BB3A2FFC"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Tue, 20 Sep 2022 17:31:00 -0400
In-Reply-To: <885ABB6E-FD98-45E2-84BE-5A3A3C37D3F8@island-resort.com>
Cc: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Thomas Fossati <tho.ietf@gmail.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
To: Laurence Lundblade <lgl@island-resort.com>
References: <71934.1663019954@dooku> <DBBPR08MB5915AC23726BF997EB9E44C4FA489@DBBPR08MB5915.eurprd08.prod.outlook.com> <19805.1663344806@dooku> <AS8PR08MB5911DB2FE9608541698983B0FA4D9@AS8PR08MB5911.eurprd08.prod.outlook.com> <ab4312d3-c35f-5e72-9658-ca88ba3523c2@sit.fraunhofer.de> <CAObGJnNjuTT+QqnSpp1abrX-1hHGzCkVkzrM8GArPs8sDu=W+g@mail.gmail.com> <f9f289ad-5f36-b781-7502-219778148491@sit.fraunhofer.de> <885ABB6E-FD98-45E2-84BE-5A3A3C37D3F8@island-resort.com>
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.09 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/hMXRAWanynBxrFOfN2RJrljEAk8>
Subject: Re: [Rats] Profile identifier (was Re: EAT Profiles)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Sep 2022 21:31:05 -0000

The OID can be a PEN, which is a prefix assigned by IANA, and then the party that owns the prefix can manage the rest by themselves.  I like the distributed nature of that approach.

Russ

> On Sep 20, 2022, at 4:09 PM, Laurence Lundblade <lgl@island-resort.com> wrote:
> 
> Here’s 3 ways to identify a profile. The first two are in EAT now. The last is not.
> 
> 1) OID
> 2) URI
> 3) IANA first-come-first-served integer. No text strings, just a simple monotonic integer, 0, 1, 2, 3, 4… A URI can be associated with the integer if the profile is published, but it isn’t required.
> 
> We can do any combo of the above (e.g., what’s in the doc now, just 2 and 3,…). I don’t have a strong opinion, but just 3 seems in the spirit of being small and simple to me.
> 
> The two issues with 3) I can see are:
> - Is it OK to consume more IANA resources here? I assume yes. It’s kind of their job and it isn’t hard to do this
> - The profile was pre-allocated by IANA as OID and URI and there probably some implementations
> 
> LL
> 
> 
> 
>> On Sep 19, 2022, at 9:51 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de <mailto:henk.birkholz@sit.fraunhofer.de>> wrote:
>> 
>> If it has to be specified in a stable document anyways, I cannot fathom the need for a URI. Just do a number and go to IANA?
>> 
>> On 19.09.22 17:42, Thomas Fossati wrote:
>>> hi Henk,
>>> On Mon, Sep 19, 2022 at 1:04 PM Henk Birkholz <henk.birkholz@sit.fraunhofer.de <mailto:henk.birkholz@sit.fraunhofer.de> <mailto:henk.birkholz@sit.fraunhofer.de <mailto:henk.birkholz@sit.fraunhofer.de>>> wrote:
>>>     >      > * Would it be useful to reference profiles by number
>>>    (rather than
>>>     >      > URLs)? Probably so.
>>>     >
>>>     > It seems like we ought to have an optional registry, and if
>>>    someone wants to use a URI, then fine.
>>>    Not sure on the URI part really, but if there is enough support for
>>>    it... How would EAT ensure interoperability, if we allow for 'any
>>>    URI as
>>>    profile identifier' use outside the 'custom/local/experimental' scope?
>>>    Or would that automatically imply that scope?
>>> I wouldn't be worried about that.  EAT profiles need to be specified in a stable document.  The visibility of that document is what determines the reach and interoperability of that profile.  A profile ID (URL or else) is an identifier for the document.
>>> cheers,
>>> -- 
>>> Thomas
>> 
>> _______________________________________________
>> RATS mailing list
>> RATS@ietf.org <mailto:RATS@ietf.org>
>> https://www.ietf.org/mailman/listinfo/rats
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email