IETF Logo Mail Archive

Re: [Rats] UJCS standardization (relates to UCCS WG last call)

"Smith, Ned" <ned.smith@intel.com> Wed, 13 September 2023 19:49 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3398DC1524B4 for <rats@ietfa.amsl.com>; Wed, 13 Sep 2023 12:49:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.405
X-Spam-Level:
X-Spam-Status: No, score=-4.405 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rRx4tEMKVM1o for <rats@ietfa.amsl.com>; Wed, 13 Sep 2023 12:49:03 -0700 (PDT)
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BA0CC152564 for <rats@ietf.org>; Wed, 13 Sep 2023 12:49:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1694634543; x=1726170543; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=ga/0gBAzTNfju9QcqxaJ/wVRx/TP6zy5l9dGgsl60SE=; b=i62xmTourTDQW9q5b0Ex3ohEV21fybVlsj7VsqyFNqhjIcRv+J3Igq/I 5jEdWA9xPO6oODZ6n3CkkrvYq6YEEVXJ7w6Slz31t7T5KQSdfkemTEx77 xcHLZErWGudTPx4WNVfh2wXisjrDjBfCXJMPlAeAhnfCOgqE/dun86t3l Iu0dJaY/HTdbL1ECNu3VcKH97hhe3jTITi6g78gIhgTYkkjnJYphipM4q MM2BkFoFUV8LS0tuvgnvyqDQx6tD3AAZAz0zSm6Cv7TL205MV7DkBLDmk j2+DSeJV1W4ZXQIN4xDvrKxP0rL64q2RTy08C9OFabgcCY4AbTwV5coEK w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="442796060"
X-IronPort-AV: E=Sophos;i="6.02,144,1688454000"; d="scan'208";a="442796060"
Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Sep 2023 12:48:34 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="720929715"
X-IronPort-AV: E=Sophos;i="6.02,144,1688454000"; d="scan'208";a="720929715"
Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orsmga006.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 13 Sep 2023 12:48:34 -0700
Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Wed, 13 Sep 2023 12:48:34 -0700
Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Wed, 13 Sep 2023 12:48:33 -0700
Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32 via Frontend Transport; Wed, 13 Sep 2023 12:48:33 -0700
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.170) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.32; Wed, 13 Sep 2023 12:48:33 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mQEcCi5PCSM3n1BWqkFueOld5P2Om0B025sZznOZ32L8FOVd3JjBlJzD3JlU9PBTHzfIU0tKjfAc4Vs8q4fqpIwOu3dQJ2nvdsKVbXNEHbAlQUaBn4s56qBx2PnWi+5X0OpMTjoVnLKC0r80nlf9CoRcDEi0yB1qMfC1EPhjBwobmrg9OxFzYgGEoZSSJ9XTM1gsaPSUpxY60rYPNkuUMljooBpUhUBlZGSSFybali/ldSLfJHOQCk99IqnItF7F3MCcNG7YS8+HTROz5yKtTsy/lU7ewzSkyeJGcqlXwWRP9EY7lylw2ahbg4pbQ0r3dXYsnOmhpQuGbpHS6EF1zg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ga/0gBAzTNfju9QcqxaJ/wVRx/TP6zy5l9dGgsl60SE=; b=ZWDwj7UvfTErUx9SSLN0S+EeiU1zCKAFsOypYDGyfLhPzBbA96SJfG8ja01rPzsnatxoTVRh+bjbNIDGBsBuiDgPY1cH/k4YH6/E0GMY6p8Sb7RRV9a7Sn78vTR2viiYep9q5krxXl7u4Uvwrtyw+CYBgWBzvF2MCjfERgSFfXI9Vh6t/NInTArPk6ecGozQyY5PCnAu/RXIQ7E5gzVUqsDgjMm2fZGxrr87nliFnrc+jJ/9nPxpOQBybxxVZt/ys4nFD89OXbiAyeZOmq5eZJ71fIajFxn8DPX0rrpYv+oDecO/8IGjA3W6uzcKDzSOj7AaX91kimA4sF49JcskLA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by PH7PR11MB6883.namprd11.prod.outlook.com (2603:10b6:510:202::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.33; Wed, 13 Sep 2023 19:48:31 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5fb6:7200:97a4:b7e9]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5fb6:7200:97a4:b7e9%7]) with mapi id 15.20.6792.019; Wed, 13 Sep 2023 19:48:31 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: "lgl island-resort.com" <lgl@island-resort.com>, rats <rats@ietf.org>
CC: Roman Danyliw <rdd@cert.org>
Thread-Topic: [Rats] UJCS standardization (relates to UCCS WG last call)
Thread-Index: AQHZ5nHbxOx1dK64ok2bPf07tcoBGLAZGyyA//+ZI4A=
Date: Wed, 13 Sep 2023 19:48:31 +0000
Message-ID: <8E87AA28-60BF-4852-8E5A-0E78861299D1@intel.com>
References: <1E84D504-0FA7-4947-A8C0-42F094C15CA2@intel.com> <E1E529B6-E1AA-4FC3-8C10-69952EE9B218@island-resort.com>
In-Reply-To: <E1E529B6-E1AA-4FC3-8C10-69952EE9B218@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.77.23091003
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO1PR11MB5169:EE_|PH7PR11MB6883:EE_
x-ms-office365-filtering-correlation-id: 107af230-ba67-444f-dad3-08dbb492688b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 84V2lBZOC9K5On64d59Vj2xzsKWWsOd0aJf2GQtVuKWkV1zDCLlVQc1H0Afwc+o2rzmhG4V4LEW5beviU5OY2dZ/IfrtbD+B64j8FMTXb2fAvETgGxFDXm+oFa9OInAub2XxgbhuyCXMLYtv7kQP2I7fnfejc7LQIjfXzGplZDpfanB6T0G8wuDaJ7jwcq7nmh/RJOS5FVqUVxGuOyxRB8e1DK0ihKFD7SqMgzGAP0zr5IqJxxhYUOJ/g5ubkIX3zmk9ISML/Ai5+d87L7HFw7r+Omdn6nptVnyJ1ZR5IA364HMqV48NBuGE/o/+hFOOQkz6J9qNS9L9A36XJKtGpFJLQDNyKWUWEnzrrdpOKddErUsmFp1q1PxDQJFs3wTmR5OTv65eWrFAsmC19Ri/X8ANIQro5XzFMwbe+QoZB+71S0+7KLusu8xRxfaGD2OYn0srooi2OLxMFbSSulohTPY3ju/08NDlGGMLSn5YFTXazfvoZsRoqlBLFdh2z9WV93MxRt9S3Zjo0mQJhJVTNN/aEurhewzvLJfmtL2Kh2FhvBlgtOs9NhEEAzK1wslgIJxvvF9k1iXnJaP5Q7xloIznJW0OaWylgxPeAkYVbP4dLG9MjlLOyQlrx8pvaTPw/eUrb89KM0abzb4bQLq+rORizUL2/OrKPSeHL/Mizzw=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(366004)(136003)(39860400002)(396003)(376002)(186009)(1800799009)(451199024)(6506007)(6486002)(53546011)(6512007)(38100700002)(71200400001)(83380400001)(86362001)(122000001)(82960400001)(33656002)(38070700005)(36756003)(2616005)(966005)(26005)(41300700001)(316002)(66476007)(4326008)(8676002)(66446008)(76116006)(64756008)(110136005)(478600001)(5660300002)(66946007)(2906002)(8936002)(66556008)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: zzJy2gNBikV9dCEvEHkTWbvimS9XXhnzfya/VrSdp92Dzf7gVP82vvqbGIkSKYZHl2E1p9QKBzms9APd1iDGe+265FLype6eZnO6mVCJPh143dJS+2TM9319tXLgDecaG1hq+xivLPNw7h9ah06CQbTwyOQm5Te6dhMgYAj7UtuVLlKSWrnxeCFm3JLATFtmA+eXcAlR6bOFgPMYZ3oVfVT8kQRiAI2tk6Kunk6WPnREbLsp/xWqzlXJYKJWdDS+LnAxHq1EAM0XQsJBlxOLeqIKhqNRO6no7/q1OqbLM2qNPduhTCAkbiqekXyB7zc9GVNNqOh2cp2RFIiglAzuJvKLj+m0HBpB1Ys1NME3m8or4AJ7R8OAjC1nS4MVSdAySX7g5ywe0HVTHuLBXzt+9zhyagAW5jkHnj2mMU1o6A93/j/HLhH4J0EmDu+KvVYn+cSoaDwhosPVcb7tbPV6yDqz5xhh3KLPEVQyxDfT+4qoAIFIgteOrjrOk9h1WQXb9yNYMPOK+JGZjN25wQM+Iju+LtbUQARzv3PeHxXNuMICQlbWq0IylcvVrzc1Rt7uSWM2627EfMTClEDG87ja/p5l1FFymqJCoNMxqfw/CPrVBijhrdhI+6pCJ3tfCT05owjSL/fppwUGrir9g4QxdHURQU4oiGXSHytkvPURJ+N7N+x5Cx+bkb9faqZpPlZVldKUahEm2tm5ezMD4EoGSikYFDbl/P/kW6K+OloskGfMEO3FjfavOnQ5xCM54J+OqrHXWsW8xRCJ/cnbwTDpSzIDcx+DKb3odoU4T0RNictF6tiIYWZrDDDKlmUPz7XJZtka2NXYBnpdvSYdSl/7qW+9c2zx7/nc4n2Q1bPGtnWpXwIvO15QDrrMMDhkGjGdegn6Mkg6cjMMkXUsBRp2lDsLelNLifgwl99Qb3y6MeZ+k6+uLtClKyG6YTt/+GAdYx1K7lW8dcX9RhMG7sVeo4FNWd0HeQGtxQkXwoLpHGbA50PRF+IKkoeYRVFBvtGStsvVL1V/3bSZ0HOHuP9MD/I/tCLSAomLbuYGBLp2xOUd5qCXyESbdO6YG6MSIVfRr+vbF3Ap/ICBE5E7V2booySNyKZcImJFevmAw4SMAVxwGXvGTMjFKBzADdHW43YBhZt72icRsde+GujNvgfpwgI2LjWKbotA8ySxzVaHfdgIC5hmXJoYkGzVLQPNRa+RYu+JqdYiCw86gKwb8Yv1wEFPiqnLnoy6OzH4NmXhn6F6S33lB+m+ET+Xpi8dENuv2k4taIaEX5LKsBJ8hLu3MtiEc3VSyX9odSGvOLwLDri34dnO88L0WI34rgWXw01THgC17ROCVfDaCciPAgPgXoOkHq14tghlYRQldAFNBBGtQ4MFa6Pzj6o+nym01z3Hc8elmn3BRnqwuaYcTag8PLdQQ9r7SvdK36BlcS/ZcLoz62ildQzDagnCfDfE7q9uM510Mm3XFIhCRPNJAJRecbYR0GoAbDoQzQJTTHAStdMNt67P43W1foxFNFUs103/bG+dULvNW8QI6RrRTuRmvWKcGAPmaYItPnyUlhFXpu0gMzwDBqRNM9DsEjuYB/Or+N9I6X1jIinGSVPsT/JShw==
Content-Type: text/plain; charset="utf-8"
Content-ID: <24CE3D766313F946B16104E6E9427E6B@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 107af230-ba67-444f-dad3-08dbb492688b
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Sep 2023 19:48:31.4875 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O8kQq1t/RhB4hTiLLp996QRObYu01jAcknU+iE2f2CkBAMj1mjUA7zEid8yelVrQHll7PlZlPEoCtdQk12DN/Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB6883
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/qjz2H21XKP0GTKmGxATEm8ARIJk>
Subject: Re: [Rats] UJCS standardization (relates to UCCS WG last call)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Sep 2023 19:49:08 -0000

> (EAT allows nesting of a UCCS EAT in a JWT-format EAT or a UJCS EAT in a CWT-format EAT, but that is whole-token nesting defined by EAT and a different thing).
But I think it's worth some discussion since CWT/JWT RFCs didn't (apparently) anticipate use cases for embedding tokens within tokens and whether doing so constitutes violation of the normative language they contain. 

UCCS contains this:
"Effectively, the COSE envelope of a CWT (or a nested EAT) shields the CWT Claims Set from the endorsement of the secure channel. (Note that EAT might add a nested UCCS Claim, and this statement does not apply to UCCS nested into UCCS, only to fully formed CWTs.)"

This text seems to say that its incorrect to ascribe counter-signing semantics to nested tokens. 
The parenthetical seems to say that unsigned nested tokens remain unsigned - which seems obvious.
But I wonder if more semantics are implied, namely, that the content requirements of a top level token somehow don't apply if the nested token isn't signed?

I struggle to find the use case context to help ground the nesting possibilities. Superficially, UCCS is saying if the CWT isn't a CWT simply because the surrounding signature block is replaced by channel security, then it still should be treated like a valid CWT. If a UCCS contains another UCCS (due to recursion or whatever) is this object just one token (since the issuer of the inner UCCS is effectively the same signer as the outer UCCS) or is there meaning in a "token" that is truly unsigned?

The EAT draft says "An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with
   attestation-oriented claims." which implies the goal of EAT isn't to modify the content requirements laid down by CWT and JWT. If a CWT is instead expressed in terms of a channel protected UCCS (or JWT in terms of a channel protected UJCS), would anyone expect to find a UCCS inside a UJCS or UJCS inside a UCCS based on the language of CWT/JWT?

I think these are interesting questions that I wonder if others have considered and if there is consensus over their answers.
-Ned

On 9/13/23, 11:57 AM, "RATS on behalf of lgl island-resort.com" <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org> on behalf of lgl@island-resort.com <mailto:lgl@island-resort.com>> wrote:






> On Sep 13, 2023, at 11:41 AM, Smith, Ned <ned.smith@intel.com <mailto:ned.smith@intel.com>> wrote:
> 
> Note also that draft-ietf-rats-eat-media-type mentions "UJCS" but doesn't reference the spec that defines it. 
> 
> Additionally, RFC8392 requires the contents of a CWT to contain CBOR. I don't think UCCS (which defines both CBOR and JSON) clearly explains whether it modifies the RFC8392 content requirements. In other words, is a UCCS (not UJCS) the same as a CWT minus the signature?
> 
> RFC7519 places similar constraints on the JWT payload (that it contains JSON). Does a UJCS expect to preserve the JWT content requirements minus the signature?


Ahh, now your previous comments make sense to me, Ned.


I don’t think we want to use COSE to sign JSON-format claims sets or use JOSE to sign CBOR-format claim sets even though I we could. That seems like unnecessary complexity and flexibility to me and I don’t think anyone is asking for that. Definitely not me!


(EAT allows nesting of a UCCS EAT in a JWT-format EAT or a UJCS EAT in a CWT-format EAT, but that is whole-token nesting defined by EAT and a different thing).


> 
> If draft-ietf-rats-uccs is intended to define "UJCS" then it probably is not named properly.
> 


Yes, I’m using UCCS to refer to an unsigned CBOR-format claims set and UJCS to refer to an unsigned JSON-format claims set. If the draft covered both we’d have to rename the draft to UCS or UTCS or such.


LL






> -Ned
> 
> On 9/13/23, 11:03 AM, "RATS on behalf of lgl island-resort.com" <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org> <mailto:rats-bounces@ietf.org <mailto:rats-bounces@ietf.org>> on behalf of lgl@island-resort.com <mailto:lgl@island-resort.com> <mailto:lgl@island-resort.com <mailto:lgl@island-resort.com>>> wrote:
> 
> 
> It was noticed during WG last call that UCCS does standardize an unsigned claims set in JSON format, only CBOR (even though it provides a CDDL definition for JSON).
> 
> 
> Here’s a few comments/reasons for standardizing UJCS:
> 
> 
> - EATs carrying attestation results are often B2B/server-server interactions where JSON+TLS is very common and the JWT signing overhead would be redundant.
> 
> 
> - Lack of UJCS standard sticks out a a missing piece in the document set of EAT, UCCS and EAT media types. It’s like we painted all the doors and windows of a house a pretty color except one. It’s a gap in the set of EAT, EAT Nesting, EAT Bundles and EAT collections.
> 
> 
> - It’s true that the original motivating use cases were only for UCCS, but EAT grew up and filled in to support JSON.
> 
> 
> - Beyond attestation, sending JSON claim sets secured with TLS seems like it would get a lot of use. Not my area, but I suspect lots are doing it in some form now and there might be some broader benefit.
> 
> 
> - JWT does have the NULL-cipher option, but its use is awkward, discouraged, a bit complex and wasteful.
> 
> 
> 
> 
> Here’s the document options I can see for UJCS:
> - Add it to UCCS now.
> - A new RATS standards track document. It will be a small document, but it will have to go through the whole process.
> 
> 
> I haven’t heard anyone opposing UJCS, just a preference that we get UCCS done soon. If we don’t put it in the UCCS draft, I will probably write up new document myself and push it through RATS. I feel like EAT is not done without it.
> 
> 
> I feel for the reader of the complicated document set of JWT, CWT, EAT, EAT media types and UCCS (plus COSE and CBOR). One more document adds to this.
> 
> 
> I did look at what it would take to add it to the UCCS raft and it doesn’t seem too difficult. The biggest disruption is seems like the name change. The CDDL is already there. I will try to help with the authorship in UCCS.
> 
> 
> Also, sorry I didn’t notice until now. I had years.
> 
> 
> LL
> 
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org <mailto:RATS@ietf.org> <mailto:RATS@ietf.org <mailto:RATS@ietf.org>>
> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats> <https://www.ietf.org/mailman/listinfo/rats> <https://www.ietf.org/mailman/listinfo/rats&gt;>
> 
> 
> 


_______________________________________________
RATS mailing list
RATS@ietf.org <mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>

v2.23.0 | Report a Bug | By Email