IETF Logo Mail Archive

Re: [Rats] Call for adoption (after draft rename) for Yang module draft

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Mon, 11 November 2019 05:40 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 086C71200E9 for <rats@ietfa.amsl.com>; Sun, 10 Nov 2019 21:40:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=GFhNMq/J; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=oWQ74M2c
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YhljpkllqlKI for <rats@ietfa.amsl.com>; Sun, 10 Nov 2019 21:40:06 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4F99120018 for <rats@ietf.org>; Sun, 10 Nov 2019 21:40:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3178; q=dns/txt; s=iport; t=1573450805; x=1574660405; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=cfkitWjqOvA5SvRzbL/hW3Qsap0lVgxlOiNv2kj2eTw=; b=GFhNMq/Jv09aojPqPS7OUg2TrEVnimHObSCiKLM4K/+Ac0FqVuVA9p7j 0SxQ+jJ2zaOHfMlkJINi+zZhxpYlAqJ7rnSrFEh1fCU6vP1s2VGhwJJLg BJ68j9rA+ABFhr1Atf68tHHEiA+QMSoAEifLkbSxqUoZnWsu3UVD8xewT 8=;
IronPort-PHdr: 9a23:+XHnTx/Yo4a+lv9uRHGN82YQeigqvan1NQcJ650hzqhDabmn44+8ZR7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUERoMiMEYhQslVciOAEjkLfjlRyc7B89FElRi+iLzPA==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BzAADb88hd/5ldJa1lGwEBAQEBAQEFAQEBEQEBAwMBAQGBawUBAQELAYFKUAWBRCAECyqEKYNGA4psToFrJZgAgS6BJANUCQEBAQwBAS0CAQGEQAIXg3kkNQgOAgMLAQEEAQEBAgEFBG2FNwyFUQEBAQECARILBhEMAQE4DwIBCBgCAiMDAgICMBQBEAIEARIigwCCRwMOIAGecAKBOIhgdYEygn4BAQWCSYJCGIIXCYEOKAGMBA8YgX+BEScME4JMPoRFF4J5MoIskAyFZ5ghCoIllUQbmXmOR5l2AgQCBAUCDgEBBYFUAzSBWHAVZQGCQVARFJA2DBeDUIpTdIEojW0BAQ
X-IronPort-AV: E=Sophos;i="5.68,291,1569283200"; d="scan'208";a="361031547"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 11 Nov 2019 05:40:03 +0000
Received: from XCH-ALN-014.cisco.com (xch-aln-014.cisco.com [173.36.7.24]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id xAB5e1lu018827 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 11 Nov 2019 05:40:02 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-014.cisco.com (173.36.7.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sun, 10 Nov 2019 23:40:00 -0600
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sun, 10 Nov 2019 23:40:00 -0600
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Sun, 10 Nov 2019 23:40:00 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CagMkdqNw2rEyeCswLkyD5VDLIjTekD1XsxhkS/5RSABsZ08KP6l1hZ0/0w6Feh9zHEuwLkBpdRyIJWkFF48mytJGSD6jUCYvozdIb6CBpYjRVgQfhFRKcTSHOlCUZoYAkf70XiRLtrOUvEy6kUGjVdsmnfkT+QkIGQaCPAECtBHh2BIAW7BLbe0j01nz8rntDpeaCX4LPHAdSuAFDH2lRJv7uT5HYfSmyA22TuUDv7GxE4INmDv4QM2ODa7ZG6422dXlHsqzLl2C+aW0F3xG2W90dWQ2eabL+NitVICMBo91xieXflWn8oo3SRlcCWeJnkqImxqZNmJBmAXUCur1Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cfkitWjqOvA5SvRzbL/hW3Qsap0lVgxlOiNv2kj2eTw=; b=l5soqJ2ndnTS97MvA0B6afIMN1Hr5ypehG66VFqSeKJbLH7lzxZaWzWH4Xv0b0tu2QoUreRbzSJaoSfIhVZymYyXWiKz2nP+RXegn0cyGBPUIyUPrqWq+k3UIefp4WcqFeiuWoxzyFcfGP9wEiIT10AqacEQ740Bu523zMAz3pHCQA7BYLt1ExqtU6BqS7keGwRpxfDUORrnR6WWrb54FLDET+Y+qHnRsUIJchA8ODf7eHzGVXMUs4zJKpF5FrnZGF7RFsyb7lGj13CAnt8g7li2qqUtqkw+FrDdVcrTtha8e58qXQIez6YTo6YFkvZmovlyERrUatCNd0qT45HK/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cfkitWjqOvA5SvRzbL/hW3Qsap0lVgxlOiNv2kj2eTw=; b=oWQ74M2ce2jJtORQCyTpm8MFYNkiNRJWq7nVeYxodnFdveLaEQXcN0aRHUqqMpBX3b9U1Bgdn946W2Q3Ew891hUSaMXC4mp2WMbRvSTPg0lnPzgPn7lSnyzKx/cifoGhp69zTtGem0KnBl7mpT2r+/AGrz28VpP7EnU38AzbQUE=
Received: from MWHPR11MB1791.namprd11.prod.outlook.com (10.175.53.138) by MWHPR11MB0045.namprd11.prod.outlook.com (10.164.204.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.26; Mon, 11 Nov 2019 05:39:59 +0000
Received: from MWHPR11MB1791.namprd11.prod.outlook.com ([fe80::c92f:7001:f28:fa7a]) by MWHPR11MB1791.namprd11.prod.outlook.com ([fe80::c92f:7001:f28:fa7a%10]) with mapi id 15.20.2430.027; Mon, 11 Nov 2019 05:39:59 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Call for adoption (after draft rename) for Yang module draft
Thread-Index: AQHVlCwI8/lytau3hU+AhCwtIdg/0ad+jL2AgAAHhQCAAAO1AIAF46wAgACM2YCAAG6hAP//f1YA
Date: Mon, 11 Nov 2019 05:39:58 +0000
Message-ID: <1DFA7D52-7294-4705-9407-C34F5BC82EA6@cisco.com>
References: <8B173958-FC2A-4D1D-A81C-F324AB632CD7@cisco.com> <147F9159-6055-4E55-ABDC-43DFE3498BF1@island-resort.com> <ce5f8206-74dc-36bb-0093-a93045d5c67f@sit.fraunhofer.de> <0A7E3A4F-8534-4E98-BCB7-1454E07699F4@island-resort.com> <C3AE2645-49C8-4313-BCED-02FEB576B614@cisco.com> <1C8A1884-A37D-45E3-8C11-2FC5A083B245@island-resort.com> <ba12a686-1b34-21a3-388c-bbe01c01a408@sandelman.ca>
In-Reply-To: <ba12a686-1b34-21a3-388c-bbe01c01a408@sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.f.191014
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ncamwing@cisco.com;
x-originating-ip: [2001:420:c0c8:1005::43a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fb0b8218-823f-4214-9ce9-08d76669972b
x-ms-traffictypediagnostic: MWHPR11MB0045:
x-microsoft-antispam-prvs: <MWHPR11MB00454E65B6521980E3B5E76AD6740@MWHPR11MB0045.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0218A015FA
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(396003)(376002)(136003)(39860400002)(346002)(51444003)(189003)(199004)(4001150100001)(46003)(99286004)(102836004)(76176011)(6506007)(186003)(110136005)(53546011)(58126008)(2906002)(66476007)(316002)(6116002)(2501003)(7736002)(305945005)(91956017)(76116006)(66946007)(33656002)(71190400001)(71200400001)(25786009)(256004)(6246003)(14454004)(8676002)(8936002)(81156014)(81166006)(6436002)(86362001)(478600001)(6486002)(5660300002)(66556008)(64756008)(446003)(66446008)(11346002)(486006)(476003)(2616005)(229853002)(36756003)(6512007); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB0045; H:MWHPR11MB1791.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: sStiVLiI45PEcY2KxbeJpLmFLQwMbBDbsjmfRbLTuEHm9/XeTiQrVRcevXtjZv8055yOT7DSkKky4W/sYAjH9IYniSg50M8LKMYiOmdyliT83Xkh9VPWs5M7WN/+pOezSZxsC18AzbhHhJ5lOJCAuBWx+VobbinctN5gkzq9IW7457y659EnxFiQH/YfnI+PFglmK6jI3G+vuvCw2VQ6gYGGAvVNRJFRIBoi0lMALkc3sbqs/AOcyu/gSKg08fUHXark0z+iZuCFyZQq0SoOnUJ/u8eG+WkG5DmxvqVNWT1sNmAHPbFi4ZgwzoLFVIdw/ZS7cihBzS/cdTXD5CXDbK7cJuv3B/pIF1jSLQ5QrtHuK+LrF3I7VK9jKTx3z+gM8ERGrQ9veV4BhCxm7p2M47/p2bCQJlGCiwE48eCwrI2wDzhv4fQ/cXHecc5MOFqE
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <7C5F6586C0F55D45A9ADF785BA9D20DA@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: fb0b8218-823f-4214-9ce9-08d76669972b
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Nov 2019 05:39:58.8842 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Cr2EfXCHLlk/hZGVwJWrcAzXnuH+QdCbzhFarACBuaLtua5QMe7QlVa3ZwOiB+DI0iMrt1b1Sl/uC8XI3iMvMA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB0045
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.24, xch-aln-014.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/tpb4a2KuM2dZRlWOQM4ZoASbgCA>
Subject: Re: [Rats] Call for adoption (after draft rename) for Yang module draft
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Nov 2019 05:40:08 -0000

Hi Michael,
See comments below:

On 11/10/19, 9:21 PM, "RATS on behalf of Michael Richardson" <rats-bounces@ietf.org on behalf of mcr+ietf@sandelman.ca> wrote:

    
    
    On 2019-11-11 6:44 a.m., Laurence Lundblade wrote:
    >
    >> On Nov 10, 2019, at 2:20 PM, Nancy Cam-Winget (ncamwing)
    >> <ncamwing@cisco.com <mailto:ncamwing@cisco.com>> wrote:
    >>
    >> So, Laurence, are you still OK with the adoption of the current draft
    >> with a rename for now?
    >> Thanks, Nancy
    
    You suggested the name:
    
    “Yang Module for TPM based Remote Attestations”
    
    But, I think that it should say instead, "Yang Interface to TPM 2.0"
[NCW] That is a fair point.....my point is that it should be named to reflect core of description which is based around TPMs.
    
    >
    > I think the value add to the larger RATS effort of adding EAT support
    > to this YANG protocol is really high. It a core thing to do that helps
    > bring together the two attestation worlds and make the TPM and EAT
    > work here less like ships in the night.
    
    Can you explain what it would mean to add EAT support for a YANG module?
    Maybe I'm daft here.
[NCW]. Hmmm, I did NOT state that?  I think that was Laurence.  I view EAT as defining claims that use  JWT/CWT data structures.
If there are claims (not format) that can be represented in Yang, then yes (and I think some can).  But the "general EAT", I'm not
sure how those structures map to the TPM interfaces...but they certainly could be represented in YANG.
    
    The current document is essentially a YANG wrapper around the TPM 2.0
    specification.  It's RPC, data in motion.
    
    While EAT is primary a JWT/CWT object, which is data-at-rest.
    I think that you are looking for a way to express non-TCG defined
    evidence containers.
[NCW] I'm not sure why these object would be data-at-rest?  I view them as claims represented in specific structures, e.g. JWT/CWT
But can be transported using any transport (e.g. TLS, et al)....similar to YANG?  
While it is true that the YANG draft also exposes the TPM interface, it also contains the claims albeit that are TPM specific.
So perhaps you are referring to the interface aspect?

Best, Nancy

v2.23.0 | Report a Bug | By Email