Re: [Rats] [ietf-rats-wg/eat] Definition and usage of the term 'entity' (#16)
"Smith, Ned" <ned.smith@intel.com> Fri, 04 October 2019 17:56 UTC
Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B839912095E for <rats@ietfa.amsl.com>; Fri, 4 Oct 2019 10:56:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OJo9cWhQ9e8H for <rats@ietfa.amsl.com>; Fri, 4 Oct 2019 10:56:37 -0700 (PDT)
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FB33120902 for <rats@ietf.org>; Fri, 4 Oct 2019 10:56:37 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Oct 2019 10:56:37 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.67,257,1566889200"; d="scan'208,217";a="191660326"
Received: from orsmsx103.amr.corp.intel.com ([10.22.225.130]) by fmsmga008.fm.intel.com with ESMTP; 04 Oct 2019 10:56:37 -0700
Received: from orsmsx109.amr.corp.intel.com ([169.254.11.122]) by ORSMSX103.amr.corp.intel.com ([169.254.5.5]) with mapi id 14.03.0439.000; Fri, 4 Oct 2019 10:56:37 -0700
From: "Smith, Ned" <ned.smith@intel.com>
To: ietf-rats-wg/eat <reply+ABPMCSFS3MJKQGCWIELN36V3UTAZLEVBNHHBX3OMDM@reply.github.com>, ietf-rats-wg/eat <eat@noreply.github.com>, "rats@ietf.org" <rats@ietf.org>
CC: Comment <comment@noreply.github.com>
Thread-Topic: [ietf-rats-wg/eat] Definition and usage of the term 'entity' (#16)
Thread-Index: AQHVetkBfNNVei6RdUGYFkMEDIesFKdKxG4A
Date: Fri, 04 Oct 2019 17:56:36 +0000
Message-ID: <E4998B54-DD72-46BA-8022-38F95F46021A@intel.com>
References: <ietf-rats-wg/eat/issues/16@github.com> <ietf-rats-wg/eat/issues/16/538489003@github.com>
In-Reply-To: <ietf-rats-wg/eat/issues/16/538489003@github.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1d.0.190908
x-originating-ip: [10.24.10.171]
Content-Type: multipart/alternative; boundary="_000_E4998B54DD7246BA802238F95F46021Aintelcom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/nfnwnujBnnvSsi_BuXvbnPMVbfA>
Subject: Re: [Rats] [ietf-rats-wg/eat] Definition and usage of the term 'entity' (#16)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Oct 2019 17:56:42 -0000
The architecture defines: * Entity: a user, organization, device or computing environment. * Principal: an Entity that implements RATS Roles and creates provable Claims or Attestation Results (see [ABLP] and [Lampson2007]). * Attesting Computing Environment: a Computing Environment capable of monitoring and attesting a target Computing Environment. * Attested Computing Environment: a target Computing Environment that is monitored and attested by an Attesting Computing Environment. The attested computing environment is the subject of attestation which clearly is creating provable claims. The ‘attested’ environment may be less clearly a Principal. At one point the list suggested the architecture should define a term “target of attestation” or “attestation target” (or something similar). The term “attested computing environment” seems close to this. Do we think the attested environment is semantically the same as “subject of the attestation”? Using Lampson’s definition of Principal, an expression of attributes (aka claims) is itself a principal. There are lots of cases where ‘entity’ is used to refer to organizations and users (see https://csrc.nist.gov/glossary/term/entity ). Given the broad use of the term to mean: a “user, organization, device or process” it might not make sense for RATs to change its scope. The RATS Arch used the term “computing environment” instead of process because not every computing environment has an operating system. An “attested computing environment” is clearly intended to be a “computing environment” and hence is an Entity according to the arch draft. If the EAT draft’s use of entity is semantically equal to the architecture draft use of “attested computing environment” then possibly it makes sense for the EAT draft to begin using this term instead? The architecture draft potentially could be more clear as to whether an “Attested computing environment” is both an entity and a principal or just an entity. It seems clear that an “attesting computing environment” is a Principal. Ned On 10/4/19, 10:27 AM, "Laurence Lundblade" <notifications@github.com<mailto:notifications@github.com>> wrote: EAT and Architecture are absolutely NOT aligned on the term entity. See my recent email comments on the architecture document. My basis for closure is that the architecture document will define some term that is the is used to refer to the subject of the attestation. Maybe we shouldn't close this until the architecture doc starts tracking issues formally. — You are receiving this because you commented. Reply to this email directly, view it on GitHub<https://github.com/ietf-rats-wg/eat/issues/16?email_source=notifications&email_token=ABPMCSG6S47KPNKHPDRK3TDQM54ILA5CNFSM4ID7KXSKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAMLBKY#issuecomment-538489003>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ABPMCSAPK5BFFBWNGO2SLZTQM54ILANCNFSM4ID7KXSA>.
- Re: [Rats] [ietf-rats-wg/eat] Definition and usag… Smith, Ned
- Re: [Rats] [ietf-rats-wg/eat] Definition and usag… Kathleen Moriarty
- Re: [Rats] [ietf-rats-wg/eat] Definition and usag… Smith, Ned
- Re: [Rats] [ietf-rats-wg/eat] Definition and usag… Kathleen Moriarty
- Re: [Rats] [ietf-rats-wg/eat] Definition and usag… Henk Birkholz
- Re: [Rats] [ietf-rats-wg/eat] Definition and usag… Laurence Lundblade