Re: [Rats] Call for charter consensus
Benjamin Kaduk <kaduk@mit.edu> Fri, 18 January 2019 18:42 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9957B1312DB for <rats@ietfa.amsl.com>; Fri, 18 Jan 2019 10:42:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FBYKXAlmtVQm for <rats@ietfa.amsl.com>; Fri, 18 Jan 2019 10:42:26 -0800 (PST)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-eopbgr750132.outbound.protection.outlook.com [40.107.75.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECFF21312DC for <rats@ietf.org>; Fri, 18 Jan 2019 10:42:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mGqB7qR3YZDcLWSsahY5fkPQUW0TUlfwSF7nhlIy+Jg=; b=xVqLuTTyHhxXTYyEOnGWrKW8QpL8euBrjY8AlJzGq40kl2uxhM+Y6xiEsRf7fCpibMv6C/RG+smUNx7PRbCwSe2o1+i4qyQIRUwQhQNNhpdkgOLz8Jn88Uyjkh1kf3RlJoZCfXgOMgCiAOTkSuT4Jc/jjp7mC6fCU/aDiguFtTw=
Received: from SN2PR01CA0012.prod.exchangelabs.com (2603:10b6:804:2::22) by CY4PR0101MB2950.prod.exchangelabs.com (2603:10b6:910:3f::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1537.24; Fri, 18 Jan 2019 18:42:24 +0000
Received: from BY2NAM03FT055.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::201) by SN2PR01CA0012.outlook.office365.com (2603:10b6:804:2::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1537.24 via Frontend Transport; Fri, 18 Jan 2019 18:42:23 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by BY2NAM03FT055.mail.protection.outlook.com (10.152.85.245) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1471.13 via Frontend Transport; Fri, 18 Jan 2019 18:42:23 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x0IIgJS2015891 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 18 Jan 2019 13:42:21 -0500
Date: Fri, 18 Jan 2019 12:42:19 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Laurence Lundblade <lgl@island-resort.com>
CC: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "rats@ietf.org" <rats@ietf.org>
Message-ID: <20190118184219.GL81907@kduck.mit.edu>
References: <6C7E1E60-2507-4B1E-98DB-AB572C239ACD@cisco.com> <B60D5D8B-F434-45CD-9CB6-3C33E1EA91D3@island-resort.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <B60D5D8B-F434-45CD-9CB6-3C33E1EA91D3@island-resort.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(39860400002)(346002)(396003)(136003)(376002)(2980300002)(199004)(189003)(476003)(478600001)(8936002)(33656002)(229853002)(2870700001)(75432002)(1076003)(486006)(26005)(126002)(956004)(47776003)(88552002)(26826003)(55016002)(6246003)(11346002)(305945005)(356004)(106466001)(86362001)(58126008)(336012)(76176011)(36906005)(446003)(106002)(54906003)(786003)(316002)(8676002)(5660300001)(4326008)(104016004)(6916009)(50466002)(186003)(246002)(7696005)(53416004)(23676004)(14444005)(2486003)(426003)(2906002)(18370500001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR0101MB2950; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; A:1; MX:1;
X-Microsoft-Exchange-Diagnostics: 1; BY2NAM03FT055; 1:chrJEdylPUrRFoDis9SG3PyIGWp0omKZUXuuxC2WRTZqwBog4m1XFpXH5SlzEQPg1xBnqQiG/A3onH6a+4DsxW2YaUNlvXRQO+9DNz9nnYTfb8HEjTiV+raYGcVm+/kD
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c2d20d27-594e-4bc0-9624-08d67d74afa8
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4608076)(4709027)(2017052603328)(7153060); SRVR:CY4PR0101MB2950;
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2950; 3:sGk9Pwrhi9KZc79/OPVUUOzWNupdMiU/WvHd55TmiWLsl8vWLJueL5ElkC9iQDPK1j12gowJttny0PV0UQo6M5ApnWDIzo+9WyUAOrDu2WZwZAKQYizwl7uZQc/M/hSmvDJrdw5SONsD3xoqGC2UOt+GghRfKyp4wBlOqBsRnaOs5/JrlDalm5amo+xdmpWvZKujIdAnPUIV+NbG2clk1zPRQblL0e1PpUiDzilgwWT4M5y0ZOTi+G6lO4GMs8Q/j2xjQey8AInJXuGsE+t6odTSkqyVUTNdPUpizV8Q8m/iXTyf6CSOGbK6ab7l3EBXYU3tSFhU+xPsgF2N8vNM3K9iSaDOZR+0qAcmaHJE8K6PoZ52C90f6ZG+E77uf+aP; 25:Wu4Qow4UGJZWJSZ/qnL7xHd6LuYJsL2yAyQmyPfcFL1gV7BwamRUF74FDxVvSRNuq86zsPSCkYymcK6Bk1zAWhSIaqtRSQa6mXYnd0W5OeeSxqne03EhNj3qtPqgGwSH7o1R4Nhf6gLK8DhZlF0hKqVQrH3gtegWasVaygI/9mO3xkU1sYDrjflLxgXUkh1ov7WDxlSDl0rOT4Sptt6mihKoHLe1uoJ8KMYEmuAG78LP/xSEV+/X8zqdRoRpx/JcigvL0dVybz4KK68vH3OHw6JQWUrRwhIDUHpbMOaS6HIQrsDKIjY+nTQdBLxod1PXFT5IV9C51ZzXtq1sHvYzpw==
X-MS-TrafficTypeDiagnostic: CY4PR0101MB2950:
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2950; 31:eomubKcb1C/y+gpfsOo6v0FHRiIiL188iqPwH39QksvavCeSg367kHwhHb4eu/6h2WnBH4sxqXsCloabmsaPy937aX/KK+0sXbArfBPtBOttBAa/2s4YwIDr03KrDGuPIpxUwfMEKBF4ea86Gysl6sh2j4j6r92ZUZjC++vWixD2DTEM9lzpE0j2q9uZy4SQHEfkx1K3WdSikmMecRTCKobQBYgPMsCl0BBqFTOtMhk=; 20:uye6zGggXg4xDM4mHdN0SPbBUb1aJeArKA582Ccs9bOyrpb3NgCs7JTZPlXZc/sEcjS2sPjoZev0V+qh5JqFvg9h5nmoXhugfFL5TWTl5hRb4OBhwjzQvFrGz5wnfbYiY3msGfCUZzrExSBec6km0B8uMjFO181iiqiD924XH5BFpEWRNPcn4k25VgmFjRAZzRNKUrzSL5kU9Pv0FG+Cz6N1+WtBgncOq4r/r2A1gEyqZUaCX+2Cj6BnBEfydWIUZHMl3PIcM1VivgxfokqoNRiM/wKZ9riNTxcfs6w9CQWRwnPO/h+xHAlDiM1Wxxe4Z2UcYImvGroNr8M5XyIhpm/bPAxLdV47511guMbJtRFTQyope8JiQVKvf0Fz/oq2UzGn0yiATbedbKHHIYZO3LPoyxRNq9hVhfjmZQAm4GT3BdHs97lOyKlrH2KT8Yc8161bZoYPfRNzAOSWPeW3m5M0m81Vuh/32quLD474i+5AK1XO8BrSVb779lKn+Z0n9cxr9cyG1fBOgwGRp0DIYB71Pe1s3xmagjADOacOEs2YmuUDbp8P8QWPhXecMLZIyYrwv4aCdjv/jwRoPLaS/2aVjLME/Tek8CuImp7DdmI=
X-Microsoft-Antispam-PRVS: <CY4PR0101MB295001FE735A38A7290DF833A09C0@CY4PR0101MB2950.prod.exchangelabs.com>
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2950; 4:UnWmywUBFQvsW/s905pwzeYrvcQ5vGqdHWgkTyqNGQNHx9C7EXLq5pZta861AwH0xlhh8BJs6RwJvkLv78J996VHc2ZeWxn9RFiqmrcvdSSEFDz20PCCarjYUBH2ZDiaDmUCYA7I7WTJY56OFcyhjSGAYNT2hoEMnphyPem3d82WdLJCuFMkD17XKxFo8tv6l9HKXJLFtyM4gH9AyPbl27dyK5Z0XGjP8bAfreU/FovqC/J4/qGlfGmYXB9t7kMrP47m9kir9V93xU63gUFqyQCdvV82RrTd0zDyO4OkoKQ=
X-Forefront-PRVS: 0921D55E4F
X-Microsoft-Exchange-Diagnostics: 1;CY4PR0101MB2950;23:hsZcQR4mpOsORyOnym5DxSkgba4enf9xT73MWTGEi4ICTQNBC1mzKb8bGtyqOir9Lb44c7QSK33/mAlHEa3TToWGyfrZUIuz/exqOEYHxf3BokYVjCyeqmqIhiSLLaAImbYbaI2b2JHkRTk9Jt6kwSZpkesKI00Bsw7fKytI87dK1PeYF6ux5ORHv7Dou54b3dDSXao8nErM6wfaQmln5kSRj0r+vxWSZxfNcjHVVozE+CivJphogOxwwKuc67AXc/YHdJJOcUGwulLrxXhPJcesYF/TSgNHi+QTLC3dZNPIoaE5HBeeAojQGox69qLT1qLdfQAIGsCfzFwCNBWIHtwvpm7UQPoPCCpXUVbwxcE7Z7g0eVMGNgx1GvkKJgvjC0gC6CzEZnt4CLZCFhwwDQNdNdsPR0X9dxAzv8RnzrdYTgrMsIa65RPCj8NO8I+qR9nlQX3fgTBYGcpyGhwT2OOsNHl2j40wpN2+qbhxS3+FsJs2EWEMoYNUM3aFRy9GULqzeTI7j/rrD4Qj3q3mS9/m1uTUIfm4loMAlzFK4c3pcCMxtt5/VQe3NSRexKikAKdEsqFgIWHRkmVadJDiMiqlYGt9KGkFWVw026dKRG2vApwTDtE1PY9LNCGwD4rQVhctJMZptusf54knxmoZf+zhM5VzZKaAGQX+MhXISj/2qGA+UJz62F+rMyGSKq6XqFYbJOBDlpc8vY46gE9XBHwyEbR+fr/A1n2t5J03J6BysmgRF6AzPHCIhdK+9FwvrmLECADJp52GMP9oJvU6hJfxqKoF9XhgQJWEpk3CW/LIw66sExgkVzW9rqqNM3OpRY251mPV6L/b4r3x3LejOUnUinwhlhhRU148G0+6h4JcYHtaPTJ11BCSNuweIGLgMyy/c5oL/c46SWDGVj5dOx3jAV48jKkWXQFwEn0Dqm+l0ao5KD0tMwN9M9e5MFQ/3ekZTFNn17vgVmKGbzq1F7wFBCjg1Nrjl55jKipJEx1nIN48lymOk/mNxcmguS9GYOL8e4xFXmr2E0Od2dEtcLEQqbZyP5Rb/fa8sn1Vj89j2UhzblI3520afrLAvu6WZAkYg2oudqEAwlDQaL46qszT0S5ssZEXmbuG5Xqq0LBIUmPBvcb3TLEPDHbC035yqZ2Ym+xkaabR4gCk1Ycmwn7zl++r4Y0AooKuAn9nblGrhtMlaGYAWsrVFA6Y77aE
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 5lr/8DEWCAegJtFseMESHwWVxgUKS05RqoMJoSYJnq/AZg+G4cgQ7S22N5NqeSCPa4XNBjN5AAluZgyQ/hX4b/10wR+M70+pJXPAWUHc78wQ8EBaLMAapDjF5K0vz+P/+nTP1Quk07PVY2ngIgiDoMYSdmywGwfK8JJ65VNkPS3MlLuhCr4DDsfSJw8htlyp9/WWanpRKkO/p9/nC1fodfVTPQjKAFBmB9qNs2K65dbLHftdLe3iaAwb104e1n5gZeFbipbW/mV3sD943bvmX0dQaJXX57C/LJl66hYHlEgJCZXx833lPzZKTySg3vVBk6BYFhScm7bFnlBg2fh7A4UF8xv2c0K7WcR2XmJ0LZjqCKLCPGft1Dkeu3ovaSTqo9gllrdwiv6hsOR8DZ9n/XEnjtl0ExFReH7s+PK9FTY=
X-Microsoft-Exchange-Diagnostics: 1; CY4PR0101MB2950; 6:49m5upZggYYT0TzirRigquRbWZAfNV1UoAqoQKbaofESwdZ4XGrq4RcO9swx+ZAQy/r8nZ4eJKg7vXDkSpifFvUM/EYJNpfRJcW4GRo4/iGbsUxsqJReYLVcpTRJUzy6ccrz/g/R5t3DC8XlMFzSPYY6tm3kbEwbCiGZSOvlPR3x/jo83mHgFZzqj+XXrxoFEd57i+h2O6CmgJFScjW6aZlIBuF9L6SeaXYQW68b85kbbtwzOGoelQbMT9ChVTlU7+8RSrw9YUv2lNhzAQPgrZXJqfOE/uMujBdXCDWshsqBACdfHwINFBDI7qIR00751PvGKE3xltSPdirh3xSeKNP6rb0ujjT+6R8coRs9ZtluSMG5BxPWP5uWEPezVD9j0ubmSiAQwsQrqRX9so35A+rvSPpEMqp7ncZ2/vW1W7NSL8hDPHlCMfVO/iTcbuPQv/Ohsj7rQqk7cuvENWPJvg==; 5:3Y7OSmJViRwBuHKuf/7YgBGdV5lxDr4bMD2hFDxfwhBSN+EDM5e5G8Bor3gDAFIKk5TQSW2f4K8eAuei3CEKHh+Ik0Renae4cuhEUwnx11Wqfl/T0IdUqFZvitACPad1gedo4C3y27rFUNPAYcND/gD1V+1SGzy1tXO6FaxaqUmoe8x1/ttHkze3MIbKha+Lbkv7J4VgJJvRnzI8sNwcIg==; 7:ble7eV54tcaqo1I2nmxANpAwAphimecBeMM+g/56iNeYgI0wXHg0NwM5N4ufCR3yhH0VCOYiJdQ84Ph/xlkojFGbaUVc1ADh1I/fsrM3Ap+o3n+S9edngLfDxasD2P1qz8zzX+KI7qW8WeIl5Yk0Hw==
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Jan 2019 18:42:23.2337 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c2d20d27-594e-4bc0-9624-08d67d74afa8
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0101MB2950
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/qBxgsgz4ggiVL-RveZE3MloMjnw>
Subject: Re: [Rats] Call for charter consensus
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 18:42:29 -0000
Hi Laurence, On Thu, Jan 17, 2019 at 10:17:30PM -0800, Laurence Lundblade wrote: > Hi Nancy, > > The charter lists some types of claims/assertions in the introduction. That list does not include things like GPS Location, public part of key pairs generated on device, enforced conditions for use of that key, identity of an app requesting a token, and app/user defined claims. Most of these types of claims have been implemented already either by FIDO, Android attestation or other products. A vision here is that Android or other types of apps prove who they are to the server and pass a lot of data to the relying party via the token, often as input to authentication and financial transaction risk engines. > > > I assume it will continue to hold that anyone can add any proprietary claim they want, but a lot of the types of claims/assertions I just mentioned would be valuable as a standard. Some will be relatively easy to standardize. Some may not be. My first thought is that some of the easy obvious ones should be in scope, but we need to draw a line somewhere so we’re not creating claims forever. Not sure where that line is. Those are good points. I think it's probably premature to wire down a specific list of claims at charter time, so the list in the introduction should be treated as exemplary rather than normative, as is typical for charter introductions. Perhaps we want to add another bullet "other factors that could influence trust decisions" to make that more clear. -Ben
- [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)
- Re: [Rats] Call for charter consensus Laurence Lundblade
- Re: [Rats] Call for charter consensus Michael Richardson
- Re: [Rats] Call for charter consensus Hannes Tschofenig
- Re: [Rats] Call for charter consensus Giridhar Mandyam
- Re: [Rats] Call for charter consensus Carl Wallace
- Re: [Rats] Call for charter consensus Smith, Ned
- Re: [Rats] Call for charter consensus Eric Voit (evoit)
- Re: [Rats] Call for charter consensus Benjamin Kaduk
- Re: [Rats] Call for charter consensus Laurence Lundblade
- Re: [Rats] Call for charter consensus Henk Birkholz
- Re: [Rats] Call for charter consensus Ira McDonald
- Re: [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)
- Re: [Rats] Call for charter consensus Carl Wallace
- Re: [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)
- Re: [Rats] Call for charter consensus Benjamin Kaduk
- Re: [Rats] Call for charter consensus Carl Wallace
- Re: [Rats] Call for charter consensus Benjamin Kaduk
- Re: [Rats] Call for charter consensus Laurence Lundblade
- Re: [Rats] Call for charter consensus Daniel P. Smith
- Re: [Rats] Call for charter consensus Fuchs, Andreas
- Re: [Rats] Call for charter consensus Shwetha Bhandari (shwethab)
- Re: [Rats] Call for charter consensus Jessica Fitzgerald-McKay
- Re: [Rats] Call for charter consensus William Bellingrath
- [Rats] 答复: Call for charter consensus Xialiang (Frank, Network Standard & Patent Dept)
- Re: [Rats] Call for charter consensus Monty Wiseman
- Re: [Rats] Call for charter consensus Carsten Bormann
- Re: [Rats] Call for charter consensus Carsten Bormann
- Re: [Rats] Call for charter consensus Laurence Lundblade
- Re: [Rats] Call for charter consensus Frank MATTHIAS KOVATSCH
- Re: [Rats] Call for charter consensus Laffey, Tom (HPE Aruba)
- Re: [Rats] [EAT] FW: Call for charter consensus Mathias Brossard
- Re: [Rats] [EAT] FW: Call for charter consensus Diego R. Lopez
- Re: [Rats] Call for charter consensus Simon Frost
- Re: [Rats] [EAT] FW: Call for charter consensus Jeremy O'Donoghue
- Re: [Rats] Call for charter consensus Anthony Nadalin
- Re: [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)