Re: [Rats] [sacm] CoSWID and EAT and CWT
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 22 November 2019 18:27 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB2BC120096; Fri, 22 Nov 2019 10:27:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.997
X-Spam-Level:
X-Spam-Status: No, score=-0.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1OmV4wsbPlqd; Fri, 22 Nov 2019 10:27:31 -0800 (PST)
Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com [IPv6:2607:f8b0:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBE9412004F; Fri, 22 Nov 2019 10:27:30 -0800 (PST)
Received: by mail-oi1-x22d.google.com with SMTP id l20so7319825oie.10; Fri, 22 Nov 2019 10:27:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ACRYRSFaq33uUhELKClxGpNSiBU3gcO1TGnaysLekM0=; b=AP6pHGXyBJISgjHe2UHvTVx8/iACld5HWZv6AKUxj06f7hs8/9g2GimW5g44L2M6km BKA5hwZeMn7aC8rIcuGF7dfmV6/Bi+VP6NiYkptxAGsKl7jDjQgzCV9YfxLNiwbwzykX EpAE0chPcIy3sTWxPi6wb6Q4V8PNuJDnGzzHv9essoTaLpYtBZbyJk7iSodEpQAw8s10 Ja8Vx0NMf3CcrwG6EdZMYZv15i1YIJZTuIj4LlJ3Org8kHJxYw/TM/gybsOC07DTp9l6 RbJI8zSkacMjFPVwkN9NgW/l5SO6Z132KvsHp9+wKi2a8mlsbcApK1jLaXApEEzInff0 1COA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ACRYRSFaq33uUhELKClxGpNSiBU3gcO1TGnaysLekM0=; b=Z042UL1wrBSyFri0CxVn7GQ/k4EMiF3X6oZgiCvG6PAYtNYT2bKbE1ENUPzYLbIz5/ PNgdWchyr2y4OgfWj+bQBIni0JPp93xSZnJaDdi8RRd6X6rncu/Ms7bA5lYMZ3Um/S3h DlIPde9Rd4d1/Q9I5T/RipdZsx9frpYRhCbfGNrcarG0UyvcwEuTsLGktR1Pgryh8/3E Ga2qe1b5d41KGoghEgiEl3z6pGBIQJ/xHkpEYm+Mw+fmI9XfdfBCC58FWGHs4f/h2Xye e9z4rFL1eEx+Y81wPrVuysBOIyQmrRZBVY+bk4z4eu5hq4fLtJXg2m1X66Uzx6JQfX5X 9q7Q==
X-Gm-Message-State: APjAAAVqbLzHu5pj6teDtInHEBPaYQmGuDtsJd6I/FbumDf7wnA3LWDe u8/HdyIaNMsSn3ogzzbVeaGEl7I7IO/oE1FLZfQ=
X-Google-Smtp-Source: APXvYqxGZpgZxDE3+pBBTPNWuQeN/i6Ldbb03B8584atj5M22EVz24EuvALpmNTYYdX8I+KSaXxAMIbGmfenENIyOfs=
X-Received: by 2002:aca:3044:: with SMTP id w65mr9876535oiw.158.1574447250070; Fri, 22 Nov 2019 10:27:30 -0800 (PST)
MIME-Version: 1.0
References: <BN7PR09MB2819D797B89183218BEFA823F04E0@BN7PR09MB2819.namprd09.prod.outlook.com> <922EA164-FB96-4245-A46C-6520809E6311@gmail.com> <01f09bc9-bd79-89da-243d-cd766f297a5b@sit.fraunhofer.de>
In-Reply-To: <01f09bc9-bd79-89da-243d-cd766f297a5b@sit.fraunhofer.de>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Fri, 22 Nov 2019 13:26:54 -0500
Message-ID: <CAHbuEH7uEjYK8obQ78B4paaB426Xrhuh+E7SJGsXNi_cRDYYAg@mail.gmail.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Cc: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>, "rats@ietf.org" <rats@ietf.org>, Ira McDonald <blueroofmusic@gmail.com>, sacm <sacm@ietf.org>, Laurence Lundblade <lgl@island-resort.com>, "suit@ietf.org" <suit@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000ee1220597f391cd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/sc52bAECLxZjlU4CZACMuDWZBEQ>
Subject: Re: [Rats] [sacm] CoSWID and EAT and CWT
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2019 18:27:33 -0000
Hi Henk, I am not entirely following you, so I am not stating agreement yet. On Fri, Nov 22, 2019 at 12:06 PM Henk Birkholz < henk.birkholz@sit.fraunhofer.de> wrote: > Hi Kathleen, > hi SACM, SUIT & RATS list, > > the corresponding *SWID authors discussed this issue and are proposing: > > > https://github.com/ietf-rats-wg/eat/issues/46 > > This includes an extended scope to include the option of SUIT Manifest > related Claim values, next to various *SWID Claim values. We permutated > "signed" & "not-signed" as well as "payload tags" and "evidence tags" > for *SWID tags in this proposal. The authors are convinced that the > "not-signed" variants are of essence (as CWT does not allow "not-signed > CBOR items", but also do not imply any implications to the SUIT Manifest > Claim definition (although there are strong similarities and there could > be some). > Can you write the above again? Are you saying this in terms of a CWT? Wouldn't the claims and the text value in a CWT be represented as-is, then signed, so you'd get what you are saying is needed? > > The current *SWID contributors prefer this contribution as a parallel > effort to the EAT I-D, SUIT Manifest I-D, the CoSWID I-D and existing > ISO XML SWID standard. This proposal includes the primitive to not delay > corresponding IETG I-D in their respective WGs. > Are you saying you don't want to add text stating the use of a CWT is a possible alternative, as that is what was requested. I offered to write a separate document to put the CoSWID in a CWT in SACM as I think that's the right home, referencing EAT work. > > Having said that, we would like to get feedback for the proposal > references above. > > If there is no dissent or push-back on either the SUIT, SACM, and RATS > lists, our proposed way forward is a unified creation of EAT Claim Sets > in the RATS WG that enables the use of various *SWID variants & the SUIT > Manifest as payloads for RATS via the RATS EAT I-D. > I think this should be in SACM. And I've offered to help. I do think that a little text saying it's possible should be in the CoSWID draft and will provide that soon as not to delay progress of the CoSWID document. Best regards, Kathleen > > In summary, we would like to create this interop I-D in concert and > welcome every joint effort in this domain. > > Viele Grüße, > > Henk > > On 21.11.19 12:37, Kathleen Moriarty wrote: > > > > > > Sent from my mobile device > > > >> On Nov 20, 2019, at 11:29 PM, Waltermire, David A. (Fed) > >> <david.waltermire@nist.gov> wrote: > >> > >> > >> It sounds like having a CWT claim that contains an entire CoSWID is a > >> path forward. It may also make sense to do something similar for ISO > >> SWID tags. > >> > >> Am I right in thinking that this CWT work can be done in RATS, > >> referencing CoSWID once it is published as a normative reference? This > >> would allow CoSWID to go forward to the IESG, while the CoSWID CWT > >> claim is worked in parallel in RATS. > >> > >> Kathleen, if this is true, does this way forward address your > >> CWT-related comments? > > > > Hi Dave, > > > > I think the signature may have to be on the CWT as opposed to on the > > claim that is the CoSWID or SWID. We can define it fully in another > > draft, but should state it here so that option is understood. It’s a > > simple write up, I think. > > > > Thank you, > > Kathleen > >> > >> Regards, > >> Dave > >> > >> > >> > >> > >> > >> ------------------------------------------------------------------------ > >> *From:* sacm <sacm-bounces@ietf.org> on behalf of Kathleen Moriarty > >> <kathleen.moriarty.ietf@gmail.com> > >> *Sent:* Wednesday, November 20, 2019 9:10 PM > >> *To:* Ira McDonald <blueroofmusic@gmail.com> > >> *Cc:* rats@ietf.org <rats@ietf.org>; sacm <sacm@ietf.org>; Laurence > >> Lundblade <lgl@island-resort.com> > >> *Subject:* Re: [sacm] [Rats] CoSWID and EAT and CWT > >> Great, thanks Laurence. If that's easier I think having the CoSWID in > >> one claim should be ok and would have the same result as the > >> suggestion I made. Changing the CoSWID format is a big enough process > >> that it shouldn't happen very often. > >> > >> Best regards, > >> Kathleen > >> > >> On Wed, Nov 20, 2019 at 8:00 PM Ira McDonald <blueroofmusic@gmail.com > >> <mailto:blueroofmusic@gmail.com>> wrote: > >> > >> Hi Laurence, > >> > >> That seems like a good suggestion for a simple way to integrate > >> CoSWID content > >> into EAT. > >> > >> Cheers, > >> - Ira > >> > >> Ira McDonald (Musician / Software Architect) > >> Co-Chair - TCG Trusted Mobility Solutions WG > >> Co-Chair - TCG Metadata Access Protocol SG > >> Chair - Linux Foundation Open Printing WG > >> Secretary - IEEE-ISTO Printer Working Group > >> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG > >> IETF Designated Expert - IPP & Printer MIB > >> Blue Roof Music / High North Inc > >> http://sites.google.com/site/blueroofmusic > >> < > https://gcc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsites.google.com%2Fsite%2Fblueroofmusic&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C92a2dcbadd8d47661b9608d76e282847%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637098991070417006&sdata=GDIVVIesvqqXnuU6TtLbK7GJ4eI1b1EcYSPoXsHlj04%3D&reserved=0 > > > >> http://sites.google.com/site/highnorthinc > >> <https://gcc01.safelinks.protection.. > outlook.com/?url=http%3A%2F%2Fsites.google.com%2Fsite%2Fhighnorthinc&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C92a2dcbadd8d47661b9608d76e282847%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637098991070417006&sdata=7z%2BoMcYSSFD8hAYHmELqNoyGAxTBE9gknbV6kAzKWX8%3D&reserved=0 > > > >> mailto: blueroofmusic@gmail.com <mailto:blueroofmusic@gmail.com> > >> PO Box 221 Grand Marais, MI 49839 906-494-2434 > >> > >> > >> > >> On Wed, Nov 20, 2019 at 7:35 PM Laurence Lundblade > >> <lgl@island-resort.com <mailto:lgl@island-resort.com>> wrote: > >> > >> Hi, > >> > >> I’m not on the SACM list, but did look at the archive. > >> Hopefully I’m not out of sync. > >> > >> My thought is to register one claim for CWT that is an entire > >> CoSWID (in CDDL the concise-swid-tag). > >> > >> That way CoSWID can grow and develop on its own without lots > >> of adds and subtracts to the CWT registry. It has its own IANA > >> registry with its own experts and such. Seems like the > >> coupling / factoring is about right. > >> > >> This would also be the way I’d like to have it in EAT > >> attestation. We’ve done a mini version of this with the > >> location claim > >> < > https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-rats-eat-01%23section-3.8&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C92a2dcbadd8d47661b9608d76e282847%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637098991070426961&sdata=%2Fhi008Am2dlY6tBQHdPVVGZzEcWNmqd5MvgPOM14jE8%3D&reserved=0 > >. > >> > >> Then if you just want to sign a CoSWID CWT style, this works > >> pretty well too. It has a slight overhead compared to having > >> all the CoSWID data items as direct CWT claims in that it will > >> have an additional map layer, but that is only about three > bytes. > >> > >> LL > >> > >> _______________________________________________ > >> RATS mailing list > >> RATS@ietf.org <mailto:RATS@ietf.org> > >> https://www.ietf.org/mailman/listinfo/rats > >> < > https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Frats&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C92a2dcbadd8d47661b9608d76e282847%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637098991070426961&sdata=fdpXMIU%2BNkMSn3RJ4X5AsSuMU7pbokHXltsX8ZYP9E0%3D&reserved=0 > > > >> > >> _______________________________________________ > >> sacm mailing list > >> sacm@ietf.org <mailto:sacm@ietf.org> > >> https://www.ietf.org/mailman/listinfo/sacm > >> < > https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cdavid.waltermire%40nist.gov%7C92a2dcbadd8d47661b9608d76e282847%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637098991070436893&sdata=okSPAqVHj9KBxPtViQdnffsfhlMF4t0%2F87PXXY78fA0%3D&reserved=0 > > > >> > >> > >> > >> -- > >> > >> Best regards, > >> Kathleen > > > > _______________________________________________ > > sacm mailing list > > sacm@ietf.org > > https://www.ietf.org/mailman/listinfo/sacm > > > -- Best regards, Kathleen
- [Rats] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] CoSWID and EAT and CWT Ira McDonald
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Waltermire, David A. (Fed)
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Waltermire, David A. (Fed)
- Re: [Rats] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] CoSWID and EAT and CWT Hannes Tschofenig
- Re: [Rats] [sacm] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] [sacm] CoSWID and EAT and CWT Adrian Shaw
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Adrian Shaw
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Thomas Fossati
- Re: [Rats] [sacm] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] [sacm] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Brendan Moran
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Kathleen Moriarty
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Laurence Lundblade
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [sacm] [Suit] CoSWID and EAT and CWT Henk Birkholz
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Smith, Ned
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Michael Richardson
- Re: [Rats] [Suit] [sacm] CoSWID and EAT and CWT Smith, Ned
- [Rats] Review of draft-birkholz-rats-uccs-01 Russ Housley
- Re: [Rats] Review of draft-birkholz-rats-uccs-01 Henk Birkholz