Re: [Rats] Call for charter consensus

Benjamin Kaduk <kaduk@mit.edu> Fri, 18 January 2019 18:42 UTC

Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Date: Fri, 18 Jan 2019 12:42:19 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Laurence Lundblade <lgl@island-resort.com>
CC: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "rats@ietf.org" <rats@ietf.org>
Message-ID: <20190118184219.GL81907@kduck.mit.edu>
References: <6C7E1E60-2507-4B1E-98DB-AB572C239ACD@cisco.com> <B60D5D8B-F434-45CD-9CB6-3C33E1EA91D3@island-resort.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <B60D5D8B-F434-45CD-9CB6-3C33E1EA91D3@island-resort.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Jan 2019 18:42:23.2337 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c2d20d27-594e-4bc0-9624-08d67d74afa8
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0101MB2950
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/qBxgsgz4ggiVL-RveZE3MloMjnw>
Subject: Re: [Rats] Call for charter consensus
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2019 18:42:29 -0000

Hi Laurence,

On Thu, Jan 17, 2019 at 10:17:30PM -0800, Laurence Lundblade wrote:
> Hi Nancy,
> 
> The charter lists some types of claims/assertions in the introduction.  That list does not include things like GPS Location, public part of key pairs generated on device, enforced conditions for use of that key, identity of an app requesting a token, and app/user defined claims. Most of these types of claims have been implemented already either by FIDO, Android attestation or other products.  A vision here is that Android or other types of apps prove who they are to the server and pass a lot of data to the relying party via the token, often as input to authentication and financial transaction risk engines. 
> 
> 
> I assume it will continue to hold that anyone can add any proprietary claim they want, but a lot of the types of claims/assertions I just mentioned would be valuable as a standard. Some will be relatively easy to standardize. Some may not be. My first thought is that some of the easy obvious ones should be in scope, but we need to draw a line somewhere so we’re not creating claims forever. Not sure where that line is.

Those are good points.  I think it's probably premature to wire down a
specific list of claims at charter time, so the list in the introduction
should be treated as exemplary rather than normative, as is typical for
charter introductions.  Perhaps we want to add another bullet "other
factors that could influence trust decisions" to make that more clear.

-Ben

[Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)
Re: [Rats] Call for charter consensus Laurence Lundblade
Re: [Rats] Call for charter consensus Michael Richardson
Re: [Rats] Call for charter consensus Hannes Tschofenig
Re: [Rats] Call for charter consensus Giridhar Mandyam
Re: [Rats] Call for charter consensus Carl Wallace
Re: [Rats] Call for charter consensus Smith, Ned
Re: [Rats] Call for charter consensus Eric Voit (evoit)
Re: [Rats] Call for charter consensus Benjamin Kaduk
Re: [Rats] Call for charter consensus Laurence Lundblade
Re: [Rats] Call for charter consensus Henk Birkholz
Re: [Rats] Call for charter consensus Ira McDonald
Re: [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)
Re: [Rats] Call for charter consensus Carl Wallace
Re: [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)
Re: [Rats] Call for charter consensus Benjamin Kaduk
Re: [Rats] Call for charter consensus Carl Wallace
Re: [Rats] Call for charter consensus Benjamin Kaduk
Re: [Rats] Call for charter consensus Laurence Lundblade
Re: [Rats] Call for charter consensus Daniel P. Smith
Re: [Rats] Call for charter consensus Fuchs, Andreas
Re: [Rats] Call for charter consensus Shwetha Bhandari (shwethab)
Re: [Rats] Call for charter consensus Jessica Fitzgerald-McKay
Re: [Rats] Call for charter consensus William Bellingrath
[Rats] 答复: Call for charter consensus Xialiang (Frank, Network Standard & Patent Dept)
Re: [Rats] Call for charter consensus Monty Wiseman
Re: [Rats] Call for charter consensus Carsten Bormann
Re: [Rats] Call for charter consensus Carsten Bormann
Re: [Rats] Call for charter consensus Laurence Lundblade
Re: [Rats] Call for charter consensus Frank MATTHIAS KOVATSCH
Re: [Rats] Call for charter consensus Laffey, Tom (HPE Aruba)
Re: [Rats] [EAT] FW: Call for charter consensus Mathias Brossard
Re: [Rats] [EAT] FW: Call for charter consensus Diego R. Lopez
Re: [Rats] Call for charter consensus Simon Frost
Re: [Rats] [EAT] FW: Call for charter consensus Jeremy O'Donoghue
Re: [Rats] Call for charter consensus Anthony Nadalin
Re: [Rats] Call for charter consensus Nancy Cam-Winget (ncamwing)