IETF Logo Mail Archive

Re: [Rats] Same claim in Evidence and Results (was Re: Second attempt at early allocation of CWT Labels (PR #152))

"Eric Voit (evoit)" <evoit@cisco.com> Wed, 23 February 2022 21:59 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 234B63A0E81 for <rats@ietfa.amsl.com>; Wed, 23 Feb 2022 13:59:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.596
X-Spam-Level:
X-Spam-Status: No, score=-9.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=ahGNWx9L; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=idXChzgH
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SJEmowaoHgWD for <rats@ietfa.amsl.com>; Wed, 23 Feb 2022 13:59:08 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E36363A07D7 for <rats@ietf.org>; Wed, 23 Feb 2022 13:59:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12535; q=dns/txt; s=iport; t=1645653547; x=1646863147; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=rtmYGF3uSTd8uB18YqMqIjl/eI/1F9FpMsWy4/TjyjI=; b=ahGNWx9L4bXhOJ55flJRYcDhDusXJrR+5o3K563CibZ6c9mAbUjR7A/4 4fsrhJuhWbeP5jeSVGhvn2EnCZxCINKj2f7vbxmxGMxfuYnnplMymLM3J au3DbAE5jtWqK1OC/7j97wVIR5lPUIuQF33Plw4io7c09gDC2YA92hV1T E=;
X-Files: smime.p7s : 3975
IronPort-PHdr: A9a23:Nq1FgBPELeaWNZNHji8l6ncDWUAX0o4cdiYZ6Zsi3rRJdKnrv5HvJ1fW6vgliljVFZ7a5PRJh6uz0ejgVGUM7IzHvCUEd5pBBBMAgN8dygonBsPNAEbnLfnsOio9GskKVFJs83yhd0ZPH8OrbFzJqXr05jkXSX3C
IronPort-Data: A9a23:XlRG0K4GIEzkIXhXjhLc7QxRtGLGchMFZxGqfqrLsTDasI4Tp2RHjj5GCjjCY6DUfSKuKJpxdc7vohRX/dOXm+bXenIv8HBoQjRS9tGt6b+xd0r5YH7JdZOcHBM/tc5EO9SdfcltHyeErBn0a+G48ihxjf6DSuWlArCYZ3EqH184Q3h50U9tkuRgiIdk29bjCmth1T+cT5r3Yw76hlZJD440106igB41t6qv5z5H4FZgOKAW5VaGySMZXJxFLKu9InWlSNYPN+PrHOyrIJNVUY/6E7bBMj4u+1rCWhViroX6YE7e2hK6Z4D42kIY/nZqi/5iXBYhQR4/ZwuhzogZJOpl7fRceS9xVkH9sLx1vytwSkmSDoUekFPzGkVThOTIp6Hwn9QA9N01ZK0+FdVwFu+amgii/9RAQNwGRkjra+5bXNuGpudQasQLdKEHPasFsX1miDreF/tjH9bIQr7B4plT2zJYasJmRKmFIZFGL2s0Kk2dPHWjOX9PYH46tOq2gXjjWzZZs1mS46Ew5gA/ySQgj+S0b4OMKoLiqcJ92xzwSnj9137wHgoyNdGDx3yC6H3Eru/CmyC9UoMIF72/8uxCm1yPgGIJAQAQVVy1rOP/hkPWc9RSJwoP/ysyrYAz8lCmSp/2WBjQiHqLujYdQN5ZFeF/8gyWzbDIpQ2eAwA5opRpADA9nNU9STpv3ViTkpa3Qzduq7aSD3ma89+pQfqJEXB9BQc/ieUsFFFtDwHfnbwO
IronPort-HdrOrdr: A9a23:eeIxKKkOMqZ1l9IfYt8/dq5aXILpDfOaimdD5ihNYBxZY6Wkfp+V/cjzhCWbtN9OYh4dcIi7Sda9qXO1z+8T3WBjB8bdYOCGghrmEGgG1+vfKlLbalbDH4JmpMJdmu1FeaHN5DtB/IjHCWuDYqwdKbC8mcjC74qzvhQdLz2CKZsQkjuRYTzrdHGeMTM2fabRY6Dsn/avyQDQHUg/X4CePD0oTuLDr9rEmNbNehgdHSMq7wGIkHeB9KP6OwLw5GZebxp/hZMZtUTVmQ3w4auu99uhzAXH6mPV55NK3PP819p4AtCWgMR9EESttu/oXvUjZ1SxhkFxnAid0idvrDAKmWZmAy1H0QKSQohym2qq5+Cv6kd215ao8y7ovZKqm72IeNt9MbsYuWqcGSGpsXbJe7pHofl2NiuixulqJAKFkyLn69fSURZ20kKyvHo5iOYWy2dSSI0EddZq3MYiFW5uYd899RjBmcsa+ShVfbbhzecTdUnfY2HSv2FpztDpVnMvHg2eSkxHvsCOyTBZkH1w0kNdnaUk7zs93YN4T4MB6/XPM6xumr0LRsgKbbhlDONERcesEGTCTR/FLWrXK1X6E6MMPW7LtvfMkfgIzfDvfIZNwIo5mZzHXl8dvWkue1j2AcnLx5FP+gClehT1Yd0s8LAp23FUgMyIeFOwC1zwdLkHqbrVn8ki
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AJAAByHvlh/51dJa1RCRoBAQEBAQEBAQEBAwEBAQESAQEBAQICAQEBAYIGBQEBAQELAYFRVgd3LC43MYRJg0cDhFlghQ6DAgObJIEuFIERA1QEBwEBAQoDAQEqCwwEAQGFBQKDXwIlNAkOAQIEAQEBEgEBBQEBAQIBBgSBCROFOwYnDYZCAQEBAQIBAQEQER0BASUHAQoBBAcEAgEIDgMEAQEBIwQDAgICJQsUCQgCBA4FCAYLCYJjgg5XAw0REAEOoisBgToCih96gTGBAYIIAQEGBASFDRiCMAcDBoE6AYFTgTqEHocHFxAcgUlEgRVDgjcwPoJjAQGBNBIcFYMBN4IukTYQWwgGYBgrEFQHPQcBPoEBBwGRai6DR6hzgS4Kg0aBOYQtgxuWehWDcpJ2kR+WSqZCAgQCBAUCDgEBBoFhPDmBIHAVO4JpURkPh0WGWwwWFYM6hRSFSnQCNgIGAQoBAQMJjUwBAQ
X-IronPort-AV: E=Sophos;i="5.88,333,1635206400"; d="p7s'?scan'208";a="974171186"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 23 Feb 2022 21:59:05 +0000
Received: from mail.cisco.com (xbe-aln-004.cisco.com [173.36.7.19]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id 21NLx4mC013951 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Wed, 23 Feb 2022 21:59:05 GMT
Received: from xfe-aln-001.cisco.com (173.37.135.121) by xbe-aln-004.cisco.com (173.36.7.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Wed, 23 Feb 2022 15:58:54 -0600
Received: from xfe-rtp-002.cisco.com (64.101.210.232) by xfe-aln-001.cisco.com (173.37.135.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Wed, 23 Feb 2022 15:58:53 -0600
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-002.cisco.com (64.101.210.232) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14 via Frontend Transport; Wed, 23 Feb 2022 16:58:53 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jPX2yVa4Z+Pi2KlP1suTD7FYlyUgAwFgmSlDUJ7AlRXXIryjXPsO72YK0cX+lM1+KGGKVQwjPMcSIfOz1GPoL6o8y62oq+PpAtwGQlAxQfWvZhlYXDHFn/+fuiK1y8F5kHWCQYWBcsK3rmLfBNYemRMPkmAFQcQNR3Cc0gSHZJZME8WxV32N7C2FaxvbZvJjR6PKpcYFzPjc0eDCo7U3A10u3s5A6nkwcniMJ4oqcuSYKLYZMrinDH3pmXFE1qRmUYD+AU9xFfDN8tLX4o9whJoj2HxuDG8sP3vMtjc4nmM+asEkrjQmzQBYntSCr5rJdIyeWBvMZyL+8E5fx14xig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kAC1UwigWJdY9R+3KK40QaFBXaP8BPgCb6HbaMUesfo=; b=g7dEzjstLuyECQxqGBVP8b+iNVMtBiwz6yGcu/fnDmN7ze0m6iA6oSc9F/q4cvP/qFjn985Ku/d1+/c5qRYDjPyPIbYV/KcP4mPYaITqp0yZnlmvYb3IzkrcVT2fyY5DQMi6B47FA5jMCvWKwmyAJRMYKe4FA54ZeAsJw+UaPDACYdx3tnfsweQ6I41gjUc4VspwjOxl/zXqf/IH1oJSXweOJ8JWH0IpygUFntXLqUCzjMYZcNs8olc+msgSTx+rWwhSMPuACMeEGB65BVbxTw/GHyHQM0mV/Ov3I5RtkE4mPT2pfxET16S7m6U3PHqtsFxGoN1GzhQBa5yyYStUhw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kAC1UwigWJdY9R+3KK40QaFBXaP8BPgCb6HbaMUesfo=; b=idXChzgHAApvKlPc5eCzlW4J/BFndhsAiGtc8j2uXAqDPqptIfuG2W5xeYYewqI9ceX3st6ToWcsU2cwqKUpsSTpIcrmA0yX11qR/aZTsMmMzEbT4FRsGGOZkuJKppsWHSIsla/F4oW4A1Ruw2mKHdm6EfjOpf2dKF7I1AKTAbU=
Received: from BL0PR11MB3122.namprd11.prod.outlook.com (2603:10b6:208:75::32) by DM6PR11MB2604.namprd11.prod.outlook.com (2603:10b6:5:c8::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.21; Wed, 23 Feb 2022 21:58:51 +0000
Received: from BL0PR11MB3122.namprd11.prod.outlook.com ([fe80::4da6:3e0:50f4:9897]) by BL0PR11MB3122.namprd11.prod.outlook.com ([fe80::4da6:3e0:50f4:9897%6]) with mapi id 15.20.4995.027; Wed, 23 Feb 2022 21:58:51 +0000
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: "Smith, Ned" <ned.smith@intel.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Same claim in Evidence and Results (was Re: Second attempt at early allocation of CWT Labels (PR #152))
Thread-Index: AQHYKCsPJoy/kO3DQU6P3QYZiEN2b6ygBkTggAGVdACAAA1kYIAAAJwg
Date: Wed, 23 Feb 2022 21:58:51 +0000
Message-ID: <BL0PR11MB3122BB4F48E69D23DFCC26E0A13C9@BL0PR11MB3122.namprd11.prod.outlook.com>
References: <AM6PR08MB43254A236E44B49C1DCD9F8C8E369@AM6PR08MB4325.eurprd08.prod.outlook.com> <4706A62A-DA9F-4FA7-9E65-B27748D3F408@island-resort.com> <c2ea51c0-baeb-14cf-1d32-40b2995bd1ce@sit.fraunhofer.de> <4DABED4B-01F0-4678-8974-DC914BC170C5@island-resort.com> <e8b0895b-e3d9-0e33-e4a2-7d5e8b5ecc5e@sit.fraunhofer.de> <F1D075F6-1704-4B04-B127-9BB590C38004@intel.com> <a2c808b6-e8e9-ff73-b834-8772c5d0c365@sit.fraunhofer.de> <543A724D-C060-43AC-82C6-489D57A898D2@island-resort.com> <C50E82F7-B9FE-48F3-9BF2-2BC05B2A9D51@intel.com> <38794864-746D-43B2-A707-CB992AC197C2@island-resort.com> <61D2495E-E070-4C26-AF02-BE2ABCAAE897@intel.com> <E42B0CEB-2778-4AAF-ABCB-CCDC86286C94@island-resort.com> <5173ED99-D220-4D1A-9E26-7DCA39180A7D@intel.com> <ae5bb667-79f8-469e-09de-12df104d697f@sit.fraunhofer.de> <F5868DD0-D8BC-41EE-9DE8-9E3608F5137E@island-resort.com> <7CFE7304-4F9B-47D2-A899-29AFBF6FD82A@intel.com> <BL0PR11MB3122F140CCF9C13BB6D1D888A13B9@BL0PR11MB3122.namprd11.prod.outlook.com> <EC701CF2-2FC4-4299-8F3E-850CA5370A0C@island-resort.com> <BL0PR11MB31224F33490E87AD88E0F2A2A13C9@BL0PR11MB3122.namprd11.prod.outlook.com>
In-Reply-To: <BL0PR11MB31224F33490E87AD88E0F2A2A13C9@BL0PR11MB3122.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2a99842b-6451-4832-2543-08d9f717ada0
x-ms-traffictypediagnostic: DM6PR11MB2604:EE_
x-microsoft-antispam-prvs: <DM6PR11MB2604285C99D395AC9AFDD314A13C9@DM6PR11MB2604.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Kk4605cu50U33Q2TCgDB7SY3HlXo8FcG3ArDrXI1XWMY1C/xFvWErkc6Td7INKuNedHIOQzeNBfLjOZ27uwKmecSQi2uRGCebWh9OIeTxYGTFREWFsNOZcU9+rJvGGiYbcJI556WhBe4loxFNYcXVP8JiBQqoyiFztYkR96bRLXBiwk6z/djw7IMWQwu0/biIdZmURwO4Ak/jH8vaHV23cCLKf997fCJHblzwzLirIr8RBjrrsAiBNP1/PksR76MHFg2XEYmZN7yZdjyXdMpUR96Bi3D/K/XF5/+KRW7UIhpNKquaOHH0r2KUm+D9YoboFgc47u2fCvnoSxMs+vlKg6yCzXL0Ld7E8XlW7rh3rdk7k4hx074m4Vr9lUOfMcR2ZmbFzFfgmBwAKggNYm7Czw7WaNShGoHyz9732MCcNpsCZFOAiohfxnW9PgVc2TdFBTKmiRFT+aJqxJi4hlYMVcLalr9V5J7Yo9QZFOn/i0TUzPrteJ53C+h/dZHxXaEqm02SFeLlDoZ7IIwxLygd45lTYHewFmgpMgLm3zcqxha8iV6SsIEG9QyxOgUGAeQJFoI5/7XWXhQCJcReMUfKzupUf7uSdOd7Sb6e/o5SPk3dSHbjFvItt85ZENd6A+bYCByl3nKF3mChyYHTQraXZUYID1nfJwxp3tG53OEhPfTtREQD72AUZ2gxl8ii4hKABedk3Ua8RS1ok7G8S7pgjO0Xc8cPfMAaacp8DTBL8kvtj3rf185lfsNQKaxdyIol3V/So026CVzzjpDXS5/wbGXvs5Oec/11VB1Le6sY34=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR11MB3122.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(86362001)(7696005)(2940100002)(2906002)(83380400001)(38070700005)(9686003)(186003)(122000001)(8936002)(53546011)(52536014)(5660300002)(71200400001)(6506007)(76116006)(64756008)(66476007)(26005)(6916009)(54906003)(66446008)(33656002)(55016003)(99936003)(66556008)(508600001)(38100700002)(4326008)(966005)(8676002)(316002)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: H5J8Y7J/1SEmMROdDAvWkxOlU1TIgy/pBDB+tBNWLGSVBNuSHH2sZW/3IegLhZN1GEgRCkRNvpOu4iHrCJFj6QjnJ8ZV1aa+18JOzjAB4ZoSt34ItKiQ/YkvVmxgGQqPeyWn7ls1RZXRtYbDNU1G8leGNyMHd3GnF4DpNBT8ZWenuJT6sn8GWxWDeDvGS7sg+2ZSMqS4UUg/qNYuwlViURRu/ITro4/tmGKt36B2KC3f/zL3kbntth4DkX5cluS/E3Y6Zn3SL/7ux1fbbb+kswS/OFICyzF0S9AEvV9nqaxb7MmJ1eB0KlRqwPXaKtJy1IfwqLkYz8/L4XZe9ryPRIckINiLd/isjzQD+xYGMX8VCZw+27UuobfElzkQq0Rdke9ggE1Gz2rUpYY1Nl4n3D3s/sDj/ylkKcbk+foOLIM/NtXq3XBSzLhwPhRCe0zOcUv3wOWksUuV5wUg3b8ze0SAAnd8KKKfLAXI/HPGJZXXMVWT1gGPuynTR/0aVgHWJ2aGlI6zQ4tfNjveqh2oV30kZ7PKWADFmah8Ci24EuQNz0aQXCV19BbDvbojUMEba7M17AfR6FmX9ESeTfJP48zRrVXSXFBdK1w/9LUwoTljy6yhOBB/0+eM/pXnX6mP9juRpYqRnw4ERJ5RdDzSY4hyS7WUWdqjszRw1wlXeWxo7iia1TuneHep104MbPFX4MmTMHWGGWucQ2TpBlSJsolXkSKOHX/UgV1Oujz05uZf18MGa/B1CWtCuPyac4VMeNXjuOYfdUXirNvBL/15RcV9XvYRGAEvbLGN6PJKj54OjXMXOLah5kLTtb0XuSzTBdAqAxdb9m3VNGBwWVIagLXM3NlDmy7naHoaFyldUps8V/jmrGftRmpFrrKw9jwP1h15S+2qgbgDJmmN6tm4EQ9yhj3/LSqe2gn2yLEGljLWVReqMYL8ZxsNMxQyByvo6x/L9QoOfk0kNT/2BAMgIrQ+nkBeLV3y8HgY7MaK7rA/0cWJbDpTMSeluMkE+k5W/0aQhzAryozMk4zpFGJvzbNXbbnuLeVluNUXCh3tq81HZEHhXLc5LdJi0XPOGngm4E8zX6dTvyRqAPZOrxfcbdDmizuBya+mP0JNlRee3SYUBHCFvOFG6Q/XREBjn5uR8RPKNQMMWvw4dOjfYP+TBsq0n/qgYUIfMqvXrc6GIAyWuCXJHnUXD3d+bD6QA0GIM4y5PKKKbNBUoNllqVMdYrncE3/mk+q0YrOQkMkt92De06yTkzD6AJzh7JnZIX+O4AwT5RuxvVlAmuaB0ZYNjPPponkUvShiZXzYAx5DzQAyqTCHns3ajl2ZJI7GMgfNwcCD0G98JMTP6qVlJbnGIgaCq9Gj+4huSDVZfwFQuN6+g2V4j1lYI49D0SKxhqhoW1NPTjWN/S4ynA0+nAD04vuDorb5sKnXEaWZx4VzPZEovoASnKxU7x67JuC8LPlJTMAhP+PuTw7k84sZqpMsnqcHBbzPcKEaeqnWdQj43600WGVOr3fB+8WIcM94+8fu2WmbF9cXOiotNpA1aXc/8t8S1QeEaZR9BOByUHqZgPE=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_049B_01D828D6.A06E3880"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL0PR11MB3122.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2a99842b-6451-4832-2543-08d9f717ada0
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Feb 2022 21:58:51.8273 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: m46UMiSU131RoRqTelPBu2BfJ9Jvz2c9vw0xct6leXbAs8M7KIpZtsT/0LIYN6fz
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB2604
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.19, xbe-aln-004.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/iF1TMc9JnxZVj48RmAFhJXpeXnM>
Subject: Re: [Rats] Same claim in Evidence and Results (was Re: Second attempt at early allocation of CWT Labels (PR #152))
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Feb 2022 21:59:14 -0000

 Hi Laurence,
 
> From: Laurence Lundblade, February 23, 2022 3:44 PM
> 
> On Feb 22, 2022, at 1:00 PM, Eric Voit (evoit) <mailto:evoit@cisco.com> wrote:
> 
> <snip>
> 
> So we need to minimize Relying Party policy language ambiguity.
> 
> I don’t quite understand this comment. Maybe my last few paragraphs address
> this? Maybe my answer is that creating broad general unambiguous RP policy
> language is a rat hole we don’t want to address in the IETF?

Building an entire policy language is the IETF is not necessary.  But if we can agree to unambiguous object names, life is easier.

>  For me, I like separating the names of claims which might come from different
> architectural roles.   Things are easier for Policy programming on the Relying
> Party this way.
> And we won't suddenly find a claim from a Verifier which now can also come
> from an Attester.
> 
> Using string labels, would you want something like this?
> 
>    “evidence.location”
>    “results.location”
>    “evidence.ueid”
>    “results.ueid"
> 
> to separate the location and UEID claims in evidence from results?
> 
> Then maybe when “evidence.location” occurs in an attestation results token you
> know it was passed through?

This is a reasonable way to build things bottoms up.  But being unambiguous can be hard -- this is one reason why namespaces are defined top down.  (E.g., what if you have two Verifiers for different aspects of the appraisal.  Should objects be able to prepend each claim with a (maskable) uuid for a specific asserting identity?)
 
> In this idea, the structure (e.g., the CDDL) for evidence.location and
> results.location would be identical.

I think by structure you mean that ".location" is strongly typed, and the domain of assignable values is consistent between Attester and Verifier.  And I like this approach as it enables interworking/portability of data object definitions.
 
> I’m pretty sure I’m not in favor of this. I’m just given an example to try to
> understand.
> 
> 
> Where this rat holes for me is that the behaviors of the Attester and the Verifier
> are so widely varying here that it seems not possible to pin them down in an IETF
> standard. Instead you as an RP must understand on a case by case basis what
> the Attester and Verifier are doing to know how to trust it.

This is exactly the case.  The RP needs to understand what claims it might trust from a specific Verifier, and what claims it might trust from a type of Attester.  If we can't agree on *some* generalized unambiguously named claims across the domain of RATS use cases, there is little reason for RATS to be a single WG.

> For example,
> 
>  — The location evidence could come from a US satellite, a Russian satellite,
> WiFi location maps created by Google, Cellular triangulation from Verizon
> and/or combinations of the above
>  — The Verifier could just verify the signature and pass it on, could cross check
> the location against the IP address based location service, could ask the carrier
> for triangulation based on the IMEI,...
> 
> There’s no way we here in RATS can sort this variation in trustworthiness for
> location, nor for most other claims. Maybe there are a few claims we can lock
> this down for, but in general we shouldn’t even try.

Agree.  It is up to the RP to determine which objects it accepts as trustworthy from a specific Verifier.

> As an RP you have to go read the marketing description, service agreements and
> such for a verifier service to know what it is going to do for you, not the IETF
> standard.

The object names can be consistent.  It is the identity of a specific Verifier which drives you to trust it or not.

Eric

> LL
> 
> 
> 
> 
> 
> 
> There are alternatives to doing this with namespaces.  But we no proposals
> going down this path yet.
> 
> Eric
> 
> > -----Original Message-----
> > From: RATS <mailto:rats-bounces@ietf.org> On Behalf Of Smith, Ned
> > Sent: Tuesday, February 22, 2022 3:31 PM
> > To: Laurence Lundblade <mailto:lgl@island-resort.com>; Henk Birkholz
> > <mailto:henk.birkholz@sit.fraunhofer.de>
> > Cc: mailto:rats@ietf.org
> > Subject: Re: [Rats] Same claim in Evidence and Results (was Re: Second
> attempt
> > at early allocation of CWT Labels (PR #152))
> >
> > I asked for clarification about what attestation roles' perspectives were
> > assumed when describing the various claims. This was because there is
> language
> > that suggests Endorser / RVP roles were considered. There is language that
> > suggests RP, Verifier and Attester roles are considered too. But it isn't clear
> that
> > all roles are considered for all claims.
> >
> > I suggested that if the goal was not to consider all roles for all claims, that the
> > claims be described based on a least common denominator assumption. That
> is,
> > only wording that is true for all roles would be included. It is a bit of a trick
> > question in that you have to consider all roles in order to know what attributes
> > will be common. It also means anything that is specific to a role or nuanced
> > would not be included so as to avoid special case descriptions.
> >
> > That means, terminology that is aimed at manufacturers, relying party,
> verifier,
> > attester should be removed or clearly identified as informative. My guess is the
> > result will be that the CDDL most closely captures normative expression and
> > most everything else is informative.
> >
> > On 2/22/22, 11:51 AM, "Laurence Lundblade" <mailto:lgl@island-resort.com>
> wrote:
> >
> >     Absolutely do not want to expand the EAT doc to cover Endorsement and
> > Reference Values in any way, but maybe another draft might make use of
> some
> > stuff that is in EAT.
> >
> >     Ned suggested it, not me. :-)
> >
> >     LL
> >
> >
> >     > On Feb 22, 2022, at 11:19 AM, Henk Birkholz
> > <mailto:henk.birkholz@sit.fraunhofer.de> wrote:
> >     >
> >     > You are kidding, right?
> >     >
> >     > On 22.02.22 20:12, Smith, Ned wrote:
> >     >> Maybe that’s a good idea. Maybe it’s not. Not sure yet. :-)
> >
> >
> > _______________________________________________
> > RATS mailing list
> > mailto:RATS@ietf.org
> > https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email