IETF Logo Mail Archive

[Rats] FW: [EXTERNAL] New Version Notification for draft-ounsworth-rats-x509-evidence-00.txt

Mike Ounsworth <Mike.Ounsworth@entrust.com> Mon, 23 October 2023 18:08 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 842B3C151542 for <rats@ietfa.amsl.com>; Mon, 23 Oct 2023 11:08:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.103
X-Spam-Level:
X-Spam-Status: No, score=-7.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qy1jJQlEVyA8 for <rats@ietfa.amsl.com>; Mon, 23 Oct 2023 11:08:33 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E677FC151530 for <rats@ietf.org>; Mon, 23 Oct 2023 11:08:32 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.22/8.17.1.22) with ESMTP id 39NBbfgB004689; Mon, 23 Oct 2023 13:08:26 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=mail1; bh=te4q7hfCIDxQ4CoaNmEKLdme 4/CzH3Dnt0EWOR0zJn0=; b=hfeEUqmFkKIxkHheMhZQ1yGQ7sH53aXnbBzh5FZu dQ+cJ05SwFajNZ+c6zrNdcPsbYgCCYuV9DNzGA17xixoFlTsHOW5VP0qnTJbB4RO 2uvQZtPa01acvo64xMyeOxq9pbNIXuj5bQjFMpB7LW462Kk79EUwuxzFXj85lcXf c4eVcTzKSbFRQCTNhqN+/dP6v7vA5Ji3OtQd0xf0RtE7yu8t2INn44PvVrCKq4aq C9ulxDRHWbj+N8LKWZyzX9r2Z30R4U1e7TSbicFVKek62FNEaXZZyDP2biztVdqN P9IL7tQq/WzHzh4W0XHXe/jqZFj9HRH16ehHqqO0DEHmSg==
Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2168.outbound.protection.outlook.com [104.47.58.168]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3tv9mkqk5x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 23 Oct 2023 13:08:26 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HJtqURwKARPy+j+HJrUIWkk2Uap9zjwy92TsNNCrRdjrW52umACxexPwM6y8iRibrxxvX6MzKzcnnt0zRmZqB6mvO0s1XiGckbHZpX/qdpBQsgpifm8W/poVx+0kVLPgVKGsY3Q4gGczN+VOOtSqIG+otUmwZN2/FRwPL96oofh8di1F8sgHsFNOccPEqKicS/BGQQ55XiouOpV7sWnwxTzuGZru/yQJItFHTzhenduS0dJXHH4xGhGWJc3vRp6I07K7c48GQVI8JwL8GL47nm1WxkIqBbNQf6/MW4R6CjrzQoDtiLXb3++q7CXWO4OnX/44wVhAjIsI4eApzlYdIg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+sG/TCMqLQeVmPkWmAYcsDULzWCOzaP5ZXh0CZglmcM=; b=EPtvzqfO4yEez5Sb4awAxjJAq9RjmqPIHtN9O/p6Vhp3aARZMxNK15U/tr+W8lbZy4/on4dqeKr+lDwXtkH3UCtTtig9R6VoXNu1tHMpMUuPykqzSIJElDkjXtwYxxaxtgCgTlP+VcLIvdvjmZbtw/QhhmOYvQ3W3VU3P2ABqeCn9yDlGLjhYaam6840Ie2P32WN4JF3nVX/Aago4uBwyd17WLO00r6r8AJiJE0but4kT99UG9nF7bh1UhCQbxitgLG/IJHsKA/U8xmU+EeE/8t07jtQT7dOP7nsjGjW9IW4ZRyHd89OKZKFxT2R34HvBDh5ElyjNDyqaiN6wIVcHQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by BN0PR11MB5694.namprd11.prod.outlook.com (2603:10b6:408:167::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.33; Mon, 23 Oct 2023 18:08:23 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::3aa3:a40c:984:49ff]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::3aa3:a40c:984:49ff%3]) with mapi id 15.20.6907.025; Mon, 23 Oct 2023 18:08:23 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: "rats@ietf.org" <rats@ietf.org>
CC: Russ Housley <housley@vigilsec.com>, Tim Hollebeek <tim.hollebeek@digicert.com>
Thread-Topic: [EXTERNAL] New Version Notification for draft-ounsworth-rats-x509-evidence-00.txt
Thread-Index: AQHaBdqcgicT4d3kykGxt/AXMqVjLLBXqalA
Date: Mon, 23 Oct 2023 18:08:23 +0000
Message-ID: <CH0PR11MB5739C064DCDBB1E5A56FB9519FD8A@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <169808393991.60097.7432201506662632770@ietfa.amsl.com>
In-Reply-To: <169808393991.60097.7432201506662632770@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|BN0PR11MB5694:EE_
x-ms-office365-filtering-correlation-id: 6b27f34e-84e9-4bda-ab7e-08dbd3f30bdf
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5CAsPQhRszPG/ONJJCD57OacQWmOOe4839fIXHHnZvp46M/HtR6QbFckN0GEylYNNdLoBQRZwoPOMNeOO08hGoJcc1gdx9LoeTuTgkBX+LosSfHt/NqyNCRCDqcekf1CEullelbuEmIoC63bkxF0AkTspr0/rvGcyjI6hu5pGKgcRsy67hfnRsdSeQU9eYbeLjj360tHFxRt4XE9aYFAfO7d1COqIv/0CuCpOhkhtULZrXbMhQm3xoAGQuU9IooqjeJSk+xc2imDEHk9EzyCPd7mweLK1iwmWVqX15/8hyRynzNP8SgdmL9tpIC+pB0s1px2njkhTd9iGn0YekiQVKVWRNWxuHdWBCdY34LypNmTd960IS0go0APY54Hkj7hUflta5W+d3hXQgSoWYDPot8PWGYtI9DmVUrcs/b5SEbT/B02NtItdedK1D0qTrwTo7Z9wclLNBLk7rqpPuiglweuGYykFQLrfHPcx/HcF5q/+g0hhX8FsuhMUDASpuAvOZ2rQgKNF3BAZV4hGiln3mcvoPplAG9El0CK3eIKb+SFnu0UDpKiRc2VpQNJXtNBW2Az7MIKbWuTHBLGsWFxnp6bEQG6P5j7URDU6/pSfJs=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376002)(366004)(396003)(346002)(39860400002)(136003)(230922051799003)(186009)(1800799009)(64100799003)(451199024)(83380400001)(4326008)(8676002)(122000001)(7696005)(6506007)(5660300002)(26005)(41300700001)(66574015)(52536014)(8936002)(38070700009)(66476007)(66446008)(66556008)(9686003)(55016003)(316002)(54906003)(6916009)(64756008)(66946007)(76116006)(38100700002)(53546011)(71200400001)(166002)(33656002)(2906002)(478600001)(15650500001)(966005)(86362001)(4001150100001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: FBRyb3sV9px4NVYdYjtOs8mO5Cwy621DVTNKAH0HY8amwbNVJ0m5UK8X4p3IkFSCUnQEnRHZ46QngeYu1R7v6S3hJOKgMNn/LxTJiIav7n0Yn5ndYJpDX5mzNfeIOVleEta8O4KBg5dpDamTzRC5Jvw24XMOJIGmKTW3zUvV7h2wH8k9nma8uoEjohZA1XfQ/mcaA168CPvDslBXHrn6b7gPyc4WWF8tIUQPzLpv+aPOpSDG6QDtdcXH5AYDRhcB0UNd/t5aFJ22/EwnpAJCpo/rFkit/yAvhMqlHw2Kcq5f1UR6uhbVohMtpqKqey5/Za22vMHb5rx+KH0/A4B0WVJKEv5bGckHw7T/ahXbaaLcrCeVHtN6s7coh5ARub5KfErGMLCJr5UBjhKVrgv58tEWY1lgKTegboeSw9zZGfDyreeR0/OTkEfOFxrNWSPOXTHPSzCtqcW5wi5I5CTX7J1ll6Juu+P6NRSe5Pc3yvxF0vEinFWsZHFZe/poMDDGHllG78AZujpC3jc1bky2HWyK3Oadzhp19jvZf/+sHHe6J6s5liCB3pm5z7BNWSQBrwY6+zdeR1MbrkxMhlViDjMe1n0aYp84kp5OuK6SlovO+pQzAsam8QMWosfBB7sFjnIs+2Cs5VKiVRjLRsNdrkxAv/tmYZsHp8zqpX2lO9PCq1oIi7wRFxMEoHuWzfAXJZccbMZGB4YRCuzY48yxPKTvIEuRYx++9PhVf/4T7WHwIGRezBUGCLNx127JfEtFAUyoi5qHkwMLeWidXC58ZSj+pJrpVglfU75PkXGh2aE3vXfkXLnp5XpsUQsKOtP/8JKyLW1uH+drvjhpgerC4QdjbidNaSU8IvSoqbTsj2F1FvfF3egMf6vxncPoXpDs02FC7+psv6emoqF6reLuEhZfbfpjEz6Bq14a0v4OqC59JnWrH7o5UNDxC1W6Vp1Jhry2bLe+OyRIc0oXoNuQeNBCBj0wwmuHxxyVsnLkFSuX8uoRwz7LCxKtB3hO0wrwcQBAkuk1JbD5dztbnlwgias2wZ3ieYYFeW1TnRFinl2BjfVD5/lhRxOaXYvOSDCtGXtPu6X+ECgrknhnhc6huHRZDXN2nSFfYRNgSLZNmYgi3loeO3TtnbmCoAng46fwGEX21l8Bqo228xf+H85YJ0TNbniEBF1pcbD7nArlnRY8+IRyRctpiGwQ4oT/5KyUxg1Cls8q9hJoTn1/hTh7wB8NYG5IG6P54DF+Bn5PC4YIs6iOMk4a86HBCDkos2b2RRcZuKnCUv55RPma92KPmOz2yZb5xgneWOcIXjmo+907ktXYSn44Z0LKTSrolUwn7bls+tNrgPeqglQaUkD4+so2rfK/Aqh7BI32WeLiU5IeSrBcQQen1zuKYA7JFX2O5dewpswmZiA2UCsjPaGFp6BjLtCvWP3B+SaSwpvznbNP8b1AuYbo1daCGyolTxI6CF6rDbFDsBtbTYrHS3AuKteQO3B89DtUhW4igN0glaDz4Fw+Y7iKNJ0a2/+3Nu51qyIeVw1widzhBYq7Uy22NrVB+M5Ey2eYAyOk7qTm52Vcc+p7jeB8t5Uf162tT+zj
Content-Type: multipart/alternative; boundary="_000_CH0PR11MB5739C064DCDBB1E5A56FB9519FD8ACH0PR11MB5739namp_"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6b27f34e-84e9-4bda-ab7e-08dbd3f30bdf
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Oct 2023 18:08:23.2752 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: j4PV9DnKej7ZVZotwZGysRNGGsFfONgFAjUBfDJtsTgI0OcYdTky1p/uiru5fRth0rl7nlo1YFPhOf4Ddbou/iDGb8cgSgZw/h1uD0D3IC8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0PR11MB5694
X-Proofpoint-ORIG-GUID: q80H4pD3zvw-t9BikRqNLJF1It4V-OCp
X-Proofpoint-GUID: q80H4pD3zvw-t9BikRqNLJF1It4V-OCp
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-23_17,2023-10-19_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 impostorscore=0 lowpriorityscore=0 phishscore=0 spamscore=0 bulkscore=0 malwarescore=0 priorityscore=1501 clxscore=1011 mlxscore=0 adultscore=0 mlxlogscore=884 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2310170000 definitions=main-2310230158
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/jjBy6RNfzy1rvZWfTHSlxjA1rHk>
Subject: [Rats] FW: [EXTERNAL] New Version Notification for draft-ounsworth-rats-x509-evidence-00.txt
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Oct 2023 18:08:37 -0000

Hi RATS!
(he-he-he)

This is both an -00 announcement and a request for a speaking slot at 118.


This is work emerging from the LAMPS design team that has also produced draft-ietf-lamps-csr-attestation.

This draft is an EAT profile (sortof) targed at FIPS and Common Criteria certified HSMs. This draft encodes EAT claims, plus a few HSM-specific claims, into X.509 certificate extensions – ie we’re using X.509 as the evidence statement format because the HSM vendor community represented in our design group unanimously decided that staying within X.509 ASN.1 is preferable from an implementation perspective compared with CBOR / CMW which would be entirely new code within HSM firmware boundaries.

We imagine that the publication path for this document is RATS with Russ Housley as the expert reviewer for all the X.509 certificate extensions that this draft will register with IANA.


PS sorry for the weird urldefense links. That’s my corp email filter.
---
Mike Ounsworth

From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Sent: Monday, October 23, 2023 12:59 PM
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>; Hannes Tschofenig <hannes.tschofenig@gmx.net>; Mike Ounsworth <Mike.Ounsworth@entrust.com>
Subject: [EXTERNAL] New Version Notification for draft-ounsworth-rats-x509-evidence-00.txt

A new version of Internet-Draft draft-ounsworth-rats-x509-evidence-00. txt has been successfully submitted by Mike Ounsworth and posted to the IETF repository. Name: draft-ounsworth-rats-x509-evidence Revision: 00 Title: X. 509-based Attestation


A new version of Internet-Draft draft-ounsworth-rats-x509-evidence-00.txt has

been successfully submitted by Mike Ounsworth and posted to the

IETF repository.



Name:     draft-ounsworth-rats-x509-evidence

Revision: 00

Title:    X.509-based Attestation Evidence

Date:     2023-10-23

Group:    Individual Submission

Pages:    12

URL:      https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-ounsworth-rats-x509-evidence-00.txt__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4oJBcSCNA$<https://urldefense.com/v3/__https:/www.ietf.org/archive/id/draft-ounsworth-rats-x509-evidence-00.txt__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4oJBcSCNA$>

Status:   https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ounsworth-rats-x509-evidence/__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4pDgrQ81w$<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-ounsworth-rats-x509-evidence/__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4pDgrQ81w$>

HTML:     https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-ounsworth-rats-x509-evidence-00.html__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4qbFzD2wg$<https://urldefense.com/v3/__https:/www.ietf.org/archive/id/draft-ounsworth-rats-x509-evidence-00.html__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4qbFzD2wg$>

HTMLized: https://urldefense.com/v3/__https://datatracker.ietf.org/doc/html/draft-ounsworth-rats-x509-evidence__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4qEwXIktQ$<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-ounsworth-rats-x509-evidence__;!!FJ-Y8qCqXTj2!YKUosO2y-QX6kn5tveLLlnGkD8zrTz-OVSkntiWXewmDFxQYnAQOeZ-QprQMmFwa6UM08hYguj0vX9FcqnvjD4qEwXIktQ$>





Abstract:



   This document specifies Claims for use within X.509 certificates.

   These X.509 certificates are produced by an Attester as part of the

   remote attestation procedures and consitute Evidence.



   This document follows the Remote ATtestation procedureS (RATS)

   architecture where Evidence is sent by an Attester and processed by a

   Verifier.







The IETF Secretariat





Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email