IETF Logo Mail Archive

Re: [Rats] EAT document (was Re: CDDL for CWT, JWT, UCCS and UJCS)

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Wed, 27 October 2021 22:14 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 416653A1566 for <rats@ietfa.amsl.com>; Wed, 27 Oct 2021 15:14:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.228
X-Spam-Level:
X-Spam-Status: No, score=-5.228 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-3.33, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ddFaRYLC4nOX for <rats@ietfa.amsl.com>; Wed, 27 Oct 2021 15:14:52 -0700 (PDT)
Received: from mail-edgeKA27.fraunhofer.de (mail-edgeka27.fraunhofer.de [153.96.1.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A44573A1565 for <rats@ietf.org>; Wed, 27 Oct 2021 15:14:50 -0700 (PDT)
IronPort-SDR: /qCSxah3C2A+M2ARb/fYxhmQS5VgD4eWqy3GxuF00OZEiVeOkmzM/RYb8mb3nHoElQ56fH6/kd olI0xklX27XC7SM06/aNnBa509W9BGjBk21ILiCnlKj8+hE+rEfA2of1eM+J1253/6ixfHcxB9 080FO/bHshn+RBJsGEtRI7SE7Tv/4TGPD76Nfizs1L/P3PXUpbsv8mzr9NnbeHjoyyHqfaUQQ+ bjntSzz/KWfE7ZM0VJ47SvOifSzTMisBzvpj5bnaQicE7rI1NSV/aSTE18m5WulKe5oCJ9+YIM tls=
X-IPAS-Result: A2G7AgB2znlh/xoBYJlQChwBAQEBAQEHAQESAQEEBAEBQIFIBAEBCwEBgU9RfoFChEiDSAEBhTmFC4JULgOadYJTAxgzCQsBAQEBAQEBAQEIASoLCgIEAQEDBIR5AjWCHwElNwYOAQIEAQEBAQMCAwEBAQEFAQEGAQEBAQEBBQQCAoEghS85DUABEAGDAU07AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBBQJBRwwyAQEBAwEBEBEPAQUIAQEsCwEPCQIOCgICJgICJwslBg0BBQIBAR6CTwGCVQMuAgMLkWSPNgGBOgKKH3qBMYEBgggBAQYEBIJRgjkYW4FaAwYJAYEGKgGDBYsQFxAQgVVEgRUnDAOCdD6CYwEBgTODRYJDIo0rawYID0ILBDsYW3INBCU6CxcJD5ILq24zB4IJgSyBMwYLnSAGFC2DapIEBi+QfZYMoHiFBQIEAgQFAg4BAQaBd4F/TSRPgmlRGQ+OIINyhRSFTHICNgIGAQoBAQMJhUmEa4g7AQE
IronPort-PHdr: A9a23:lgbZDhLGDJYqprYtbNmcuWkyDhhOgF28FgIW659yjbVIf+zj+pn5J 0XQ6L1ri0OBRoTU7f9Iyo+0+6DtUGAN+9CN5XYFdpEfWxoMk85DmQsmDYaMAlH6K/i/aSs8E YxCWVZp8mv9P1JSHZPlZkGUrGe78DgSHRvyL0x5K7edJw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.87,188,1631570400"; d="scan'208";a="36822668"
Received: from mail-mtaka26.fraunhofer.de ([153.96.1.26]) by mail-edgeKA27.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2021 00:14:47 +0200
IronPort-SDR: vmKHqaFLyGo4ZVqJlwnTE10N0ag7WC3QVKHdqGi1R8Al35VcnywD70gTkLWDKo1WiKiN8Y7Igd hMC8zNegGJr/JtxtF1i6qBCGN1bGUH9fA=
X-IPAS-Result: A0AKAQCtznlhlz6wYZlQChwBAQEBAQEHAQESAQEEBAEBQAmBPwQBAQsBAYFPUX5ZJkOER4NIAQGFOYULXoF2LgM4AZo8glMDVAsBAwEBAQEBCAEqCwkBAgQBAYUAAjWCHAImNwYOAQIEAQEBAQMCAwEBAQEFAQEFAQEBAgEBBQQUAQEBAQEBAQGBHAZeBmiBT4FhEws0DUABEAGFcQEBAQMBARARDwEFCAEBFBgLAQ8JAg4KAgImAgInCwceBg0BBQIBAR6CTwGCVQMuAgMLkWWPNgGBOgKKH3qBMYEBgggBAQYEBIJRgjkYW4FaAwYJAYEGKgGDBYsQFyCBVUSBFScMA4J0PoJjAQGBM4NFgkMijStrBggPQgsEOxhbcg0EJToLFwkPkgurbjMHggmBLIEzBgudIAYULYNqkgQGL5B9lgygeIUFAgQCBAUCDgEBBoF3I4FbTSRPgmlOAQIBAg0BAgIDAQIBAgkBAQKOHRmDWYUUhUxBMQI2AgYBCgEBAwmFRwEBhGuIOwEB
IronPort-PHdr: A9a23:LR3eRhN2Qlt0Y1YDORgl6ncLWUAX0o4cdiYZ6Zsi3rRJdKnrv5HvJ 1fW6vgliljVFZ7a5PRJh6uz0ejgVGUM7IzHvCUEd5pBBBMAgN8dygonBsPNAEbnLfnsOio9G skKVFJs83yhd0ZPH8OrfFzO5HOo5CMUGhLxOBAzKummcrM=
IronPort-Data: A9a23:D0zNvqlM9Xl/yhx7iHZ26lro5gz7IERdPkR7XQ2eYbSJt1+Wr1Gzt xIeW2uCaP/fY2fyftxxYI/nox8G7Z6HzoVjGVFpqyA3EVtH+JHPbTi7wugcHM8ywunrFh8PA xA2M4GYRCwMZiaH4ErrbtANlFEkvU2ybuOU5NXsZ2YhGmeIdA970Ug6wrZj3dYz6TSEK1rlV e3a85W31GCNhmYc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pDTU2FFEYUd6EPdgKMq 0Yv+5nilo/R109F5tpICd8XeGVSKlLZFVDmZna7x8FOjzAazhHe3JrXO9IRR2RtmgnYvep0z dpwtYDvRj0sZIzDzbF1vxlwS0mSPIVD/7XGJXX5vNyYzwvIaXLxxfVpAkwse4EVkgp1KTgTr rpJd3ZUMU7F2bjeLLGTEoGAguwjIc/oeokeoHJgyjXLJe0nXdbNWazX499f0joqwMxDdRrbT 5BHNWQ/NU6ojxtnPlMSJKgEvPqUvGT+fxdhpXyNlJFsyj2GpOB2+OK0a4OOKo3iqd9utlyRu nnu/mnlDFcdLtP34T+O6DGti/PBtTjyXo4fELix8LhhiTW7wmMXIBwNUVK9rbyjh1W5Qc4ZI EsRkhfCtoBrqRfuH4a4BkLm5SDe+AAZHdEWHfcz9QeNzaTZ+UCVCwDoUwKtdvQrmuwMVAB79 GWMmtzUBSAwv4eQE1OSo+L8QSyJBQAZKmoLZCkhRAQD4sX+rIxbsv4pZoo9eEJSpoCtcQwc0 wxmvwBj3u9C3JVjO7GTrAyW2mrESo3hFFZtjjg7SF5J+StVSeaYi2GAsAWAqKcfad/GEBzf5 j4ano6Vqu4UBIyLlCuDTf9LELzBCxe53N/03wIH83oJrW/FF5ufkWZ4u28WyKBBbpxsRNMRS BWP0T69HbcKVJdQUYd5YpiqF+MhxrX6GNLuW5j8N4QVP8MsJVPfpX43PCZ8OlwBdmBzycnT3 r/EK66R4YoyU/s3pNZLb7dEiuR7lnBWKZ37Gcinn07PPUWiiI69E+5eaQDeP4jVHYuIrRjJ6 N1fOtDCxRJFS+b+fy/Y6ogeMUJiEJTILc+eliCjTcbaelAOMDh4U5f5mOp9E6Q4z/U9vrqZp RmVBx4HoHKh3ievAVvRNRhehEbHAM8XQYQTZnd3Yz5FGhELPO6S0UvoX8BmIOd9rLY6ka4co jtsU5zoP8mjgw/vo1w1BaQRZqQ4HPhyrQ7RbSejfhYleJtsG17A9tP+J1S97ygSSCStvNY4o 7qu2xmdTZdaH1ZuC8PfafSOyVKtvCFBybwoABaSeoFeKBf27YxnCy3tlftpccsCHhX0wGfI3 QihBxpF9/LGpJU48YWSiK3d99WpHuJyE1B0BW7e6brqZyDW8nD6nt1bUfrOcyrUSWX0/6uvf 6NZwqikYvEAmV9Ltat6EqpqlP5vuYGw+uUClgk9RSfFdVWmDL9kM0Kq58gXu/0f3KJdtCu3R lmLpItQN4KJD8W5QlQfEwwoM7aY3vYOlziOtvk4LRmo5CJz+7bbA0xeMwPW1X5YK7F0NI5jz PcquIgY8QWijBotPNucyCxZrjzeInsFWqQhl5cbHI6y1lt1kA4fO8SEB3+k+oyLZvVNLlIuf m2eip3EiukO3UHFaXcySSXA0LYPn5gIoxwWnlYOK07SwIic26RyjUIUqGtpC1oPiAtClek1N HJiKkt1IquD5XFkiZEbDWyrHghAAjyf+1DwkgdYyjeGEhPwDmGdfncgPeut/VwC9z4OdDZs+ rzFmn3uViznfZ2s0yY/MaK/RycPkTCsGtX+pf2a
IronPort-HdrOrdr: A9a23:BWInPqv6SY8cbVTQ9I7yAZTJ7skC5oMji2hC6mlwRA09TyXGra +TdaUguSMc1gx9ZJhBo7G90KnpewK5yXcH2/hsAV7EZniYhILIFvAe0WKG+VPd8kLFh5ZgPM tbAs5D4ZjLfCJHZKXBkXmF+rQbsaC6GcmT7I+0pRcdLnAYV0gj1XYfNu/yKDwGeOAsP+taKH Pz3Lsjm9PtQwVtUiztbUN1IdQr6ue72a7OUFojPVoK+QOOhTSn5PrTFAWZ5A4XV3dqza05+W bIvgTl7uH72svLhSP05iv21dB7idHhwtxMCIiljdUUECzljkKNaJ56U7OPkTgpqKWE6Uoskv PLvxA8Vv4Dp0/5TyWQm1/AygPg2DEh5zvLzkKZu2LqpYjDSDczG6N69MpkWyqcz3BlkMB30a pN0W7cnYFQFwn8kCP04MWNfw12l2KvyEBS0dI7vjh6a88zebVRpYsQ8Ad+C5EbBh/374ghDa 1HENzc3vBLalmXBkqp/1WH+ObcHEjbIy32B3Tr4qeuonxrdTFCvgUlLfUk7zQ9HMlXcegC2w zGWp4Y3Y2mAPVmK56VP91xNPdfPFa9Ny4kAFjiU2gPK5t3T04li6SHq4ndt9vaMqDh8vMJ6e P8uRVjxDcPR34=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.87,188,1631570400"; d="scan'208";a="2646812"
Received: from 153-97-176-62.vm.c.fraunhofer.de (HELO mobile.exch.fraunhofer.de) ([153.97.176.62]) by mail-mtaKA26.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2021 00:14:44 +0200
Received: from XCH-HYBRID-01.ads.fraunhofer.de (10.225.8.57) by XCH-HYBRID-02.ads.fraunhofer.de (10.225.8.59) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.858.15; Thu, 28 Oct 2021 00:14:43 +0200
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (10.225.8.37) by XCH-HYBRID-01.ads.fraunhofer.de (10.225.8.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.858.15 via Frontend Transport; Thu, 28 Oct 2021 00:14:43 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dPwYyhbYpIepcMM5jB9RgbBaXFx7iwl1vhxfTbbhy4b0VZSZgLa+2A5MenVvC0qkzLM8rR7Ua0Zsje5Ae4uTRGZqhG55o6mzS6Zf8G8ShpaRLam0weO3BWTeELNAHPhZx4utrgnbtTKYzO23RBRY/zxXOTEXZJbuBBD2R6KvK3b50i+n42yKtT+wK6neB6mYN8xB9p2B4hKrT8Xzz2747UKOCviWPuT1soA2ypAL6a80bYqTJk/NdEVf5ZvoJdJov0kfmZXN1FV5tdhpwGxUhbDsP9FErWDaAUVnUL1pR2YaspzksOg+QsFooUBLQ3aOSJG0VlQHzETpZaP1p/4mcw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TIsNwG4kUNlQaKP+QFxUDE05dZxENCHbgdEu58IzOW8=; b=GU5rYM3oSjni5kt8cfIM1MYyfKTOBsqITXCbKuVQs9K9ZWhd/kCI9smFsS+Tfk3Q2fH74GlFKFj6HVGonIpIYPeEZGLjJff0BfnLe6xjUiKiOgINa9y0qO518OAa2Gn9BHSyGac7MJ9n8dBsSO0eUeqg1m0PHbK36DTVHDBi9hDs4pO8P8Ekw7b3IZtUBuy3QK7y/0l45K2hIMm8I3/txEZEyMd26//nDJGoGAFQit4wY/e2w4C6OeUbN67W2TsGaPg0k8I9yNj1997xqG7xDFXdFLlK5sKTh0TpL8NiL241y0sjbvuQuXsOY4H3KPliUfHxNrrCb+KruA4U+LrE6A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.fraunhofer.de; dmarc=pass action=none header.from=sit.fraunhofer.de; dkim=pass header.d=sit.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TIsNwG4kUNlQaKP+QFxUDE05dZxENCHbgdEu58IzOW8=; b=L2KLuiDF63C3QY8ZRcu6TnX6JNHxQBPHg+p9D99h9ZryZeS9OTpNYfuwY7BXDpSrpvcQoOpViYPFrK3Y7VthdZeL0l5BV1CVnuxhjsD8ZxkC3AFyJGtWHFG9yma81Dm0tLCyiPrHrxBeglHvHFmccxF4fjr5q9pWafFv/L+CQgE=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=sit.fraunhofer.de;
Received: from DU2P194MB1709.EURP194.PROD.OUTLOOK.COM (2603:10a6:10:276::9) by DB7P194MB0329.EURP194.PROD.OUTLOOK.COM (2603:10a6:5:18::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.20; Wed, 27 Oct 2021 22:14:42 +0000
Received: from DU2P194MB1709.EURP194.PROD.OUTLOOK.COM ([fe80::6886:56ac:1f26:7706]) by DU2P194MB1709.EURP194.PROD.OUTLOOK.COM ([fe80::6886:56ac:1f26:7706%8]) with mapi id 15.20.4628.020; Wed, 27 Oct 2021 22:14:42 +0000
To: Laurence Lundblade <lgl@island-resort.com>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, rats <rats@ietf.org>
References: <DF92CC30-A84C-4474-AF2B-C51C9856534D@island-resort.com> <19047.1635268801@localhost> <19539.1635348327@localhost> <04884B13-AF2B-4C77-830D-2DBEC6EA2777@island-resort.com> <655a5819-0428-5f3e-1b40-b0680f4cdabf@sit.fraunhofer.de> <36DC4FB2-F83A-48AA-9A8B-CEE493944770@island-resort.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <e265e5f9-8912-7bd4-25fe-fc9bd2368c60@sit.fraunhofer.de>
Date: Thu, 28 Oct 2021 00:14:40 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0
In-Reply-To: <36DC4FB2-F83A-48AA-9A8B-CEE493944770@island-resort.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: AM5PR0602CA0001.eurprd06.prod.outlook.com (2603:10a6:203:a3::11) To DU2P194MB1709.EURP194.PROD.OUTLOOK.COM (2603:10a6:10:276::9)
MIME-Version: 1.0
Received: from [192.168.16.50] (79.206.148.28) by AM5PR0602CA0001.eurprd06.prod.outlook.com (2603:10a6:203:a3::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4649.14 via Frontend Transport; Wed, 27 Oct 2021 22:14:41 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3a79f25d-860c-4af9-9ea2-08d999972cc7
X-MS-TrafficTypeDiagnostic: DB7P194MB0329:
X-Microsoft-Antispam-PRVS: <DB7P194MB0329AA2BA934A8624D7A78F7A8859@DB7P194MB0329.EURP194.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:6430;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: dPpXgKJPnq9UAJQK6cbMOGQwgLzhzZSIl/xmpym9QnRrgF1WyZ+/S0oR7A19WdEIb/CvvQzV83V/VN2MLQhbbx9LNpSuPiAbKVXnYIIAlDnYMskUnmRbdem7qtLMXOs6/mANZdukTRWps7nluaDWzUNDZg0Oskag3uPE2VpWyJ6TP+ni3L4vvfhJBpjkm4KyLnhN6DYfD2VbYS6oZTAybcuY8zaD16wh4odNJscQ53NTvd/KPMKY4ql6G9PLLNI1PXyoiNtE8dyBlRGfrQj2G3aX3JMDhnkXiu4qf07T4fEbLdfWuIayw882CwjUsF0Y7Fwh4WGKpz0csdERC1GyFlO3xbQ3l+MEWIYKCnbGhjnw92XJjwIuWZZKdcZUTtof2PkabNQQrin0ck5NA1xtMMD0MXIxtg3JpntbmbxI9ui5UCzLSFIj0tL1O15vNETRpJiQ12yoCjJFve7XyGc/Gj5/0X1xBVSz3JB628T/eYgCbsrzaX7lGNL8weT929cL+fU/3cDzFNKWkI46Y1tYfBKfcjBcHAn72hBiXqehlzpVPe3O4ugdJZr1oWQ7hw0aVBPhqTbcuPJDnyS8sZ2qsw8gZ2DLyQWXRCiqaK9WHacaDg4OhKd6gzB60+JooDgCHkAzjeVU1Lt85078B1SAexWCt22SZ+5upcpC2Gm4mVojNHDT90zsQwIR4sIbbALbvVh8qtCeUah/4oY4n/luYMEAWvdxNtXNH99bl+HYqQhdJTITCih3fzOZDofS1BObEQOIOx6jsDRTX3ZGhhucHJx7UKlfWZ/Z19UqPbsvSS/EVVtpq0Y5QG8QIAOFjUrpbBuHyMylylvXLSK2otpurg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU2P194MB1709.EURP194.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(966005)(6486002)(66556008)(316002)(86362001)(956004)(16576012)(83380400001)(31696002)(8936002)(66946007)(26005)(2906002)(6916009)(186003)(508600001)(52116002)(44832011)(54906003)(38350700002)(38100700002)(8676002)(2616005)(4326008)(66476007)(53546011)(82960400001)(5660300002)(31686004)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: IEl6Xg52ASaHS9SqZ3S18eoWdrkXjrSwAebYJGFFvr05407JaUJzpTfyEbcsPs36ezX6iQmadtCowa6QzohAbnKdE6q6ZeA8pnegsQoUPRAwl0EAyJ+0Hr2K7El/hwTOsgDQ29BxOjUxsej37dLSBElbw78FP0Qy0Fh+V3BXbnDYTBDv56Icq+t0up97B/nCcF/ObiifwJ4mg4MVcbjJxKVLYl2bmjxMHwPtdz75hKLZ5qngWXi5mFoRaPOMuHjBu1OW+HRWYPrkB2j22WhYUyV5cV4rV6hF/GQ1tZFjtNmUyOd2eY9+xNKHnmL/AKXhJQHx3nSbIGW2pGkkJw5cAGKB6Udmr98IvIlRkLdtj+BtMyAMnIBC/qhB9h/zSkFEkm0igxJN9uVSUVJLGVOYKaoY2U1WS1QhRvXx9HicL3N/IJyWUw4Szd3ppWA7wfMD+nGxiBPGenHxtH5SGVU0qNFy8EYUt+duM1q/mB/5h0qavWX4ndtnvwiTh9lV1VlnTV1DAMTJi0P+k9lMHFd1eBvgU7nGGAltY6ZAR344LU/WM2V8nknAdKirUXb3of+u2PHfCIxC65UnVBS1De+hiOkrXZtiaCQs03cK91UxRmeB4WGebPVbplzLnFNbqZ0r8nea3mFO9KoGFt7jecaM8eLIZ2zpsq9woSKlVg4V0vSdmDyZWPLlBwQ8eCG3r1XTJhaQT8f0Me0+AENeRrPzez/Vb7L0k7nAIBiazEAiDYT7fJ9+KJUoR86Igh8nEz8k93mtY0HDN268zh+Ru+aAoygN6XKrgV9F3l/40tlZvM8OuNtnLA/kPqAZhadO2cI/YEM1H8VyqzFDtYbOTggLhmwyH91qUyzam3EgZKA4SD22rnYsuyd03ZWlfAHojz3I4qBZjizQkJ7SXBcCTglnro62zaMkfOdYJAwsBp62ajrxYmGPxLPCMKuLQhh7oGwa6vwM48i48l0WwH5+mis46DT3ptuRC/LpUdHyXnlb8UOE4JsTURanKdxTZIZXIFu3R97QFpyx3Rh66hIHqQ/noH0Cz16tcUScJCeTJRm2oDt5amY6f4RjvRAw0Vn8fb/ucgEzRGK2IcP3hR6lwXU9AiFLT+qS04gGLAkf+Yjwhf80URCASNZ7n4OxIZ8MFTRKEaRbv/IO8Srl42O27xYJxFENirPr6zpjD5rLLkP22Te8+lLshO2+ftpXWxx0QYGDxdl5jPIIF6EJdwLIPEI4PJPQLfqtB9q5br6QWVXBeEckPOHkKxPpiyo3+38eUrmPJm+2fW9ytpzkTuRyGcpg4XDsi693Rb+NXsDzBDn5BY8ULvuFaXSi1EEEd6I1PS/sQFUZfFuFUQ0rbdwrOyoxEdl5sxcJu9GWmVTe/vGZTibZzDJQ+MZFNa/cxFEhKcqxEytVvpkBIfMWR0npiH8yJE+oFbloK1N+/0Wn2rSkRGDse9n++rVI4AmA62zbFju1MxIrpu9IOFe0ubkXvVS707X89Id6fNKuQ0VYXZB7bHuU97wAW1JBIlSz5DOMmaPr4QPwbReovQAjdlULOouE/JZyqC5dg+H5XQbLd0LAGhVQwat/JljOAT7od1HSqBhQB8xaZrzIA2WhU1XqwfMzrciWttAW9r0gKhTj2jQaViv1KIto+E4wZD6S7wvYBmF1pPTl8IyL5cPo9hmqDytyDw==
X-MS-Exchange-CrossTenant-Network-Message-Id: 3a79f25d-860c-4af9-9ea2-08d999972cc7
X-MS-Exchange-CrossTenant-AuthSource: DU2P194MB1709.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Oct 2021 22:14:42.1181 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: qmVXVuFmvzVGbBK6QjBuk2YIrl0r2/B53Vjm8MtvTgQChjAuDLIrQPnDDYGCbkJnAlxOKu5Hzpfg3rYMporFJAuzfdQab3tH5W5R3VPLwnk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7P194MB0329
X-OriginatorOrg: sit.fraunhofer.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/upqSstgeVg4WznsTY2ZEACkQaf4>
Subject: Re: [Rats] EAT document (was Re: CDDL for CWT, JWT, UCCS and UJCS)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Oct 2021 22:14:57 -0000

Hi Laurence,

one step towards answering the question "what will a person implementing 
RATS use if they are not using yang?" is of course > 
draft-ietf-rats-reference-interaction-models

But of course that work does not provide you with a set of protocols 
(aka the complete answer), but only with a set of models to chose from 
in order to build the acutal protocol.

Now - I've been holding back on that one - TUDA is of course a very 
exact protocol how to convey evidence and that would be one candiate> 
draft-birkholz-rats-tuda

Alas, that protocol does not require EAT, as well as YANG TPM CHARRA 
does not. In consequence, I like the notion to align EAT more to TUDA or 
to YANG of course, but I am not certain that that is actually possible. 
I'd really appreciate proposals that illustrate how to do that.

EAT brings a lot of flexibility to the table, especially if the layout 
of an attesting environment is under your design control. Mix in some 
simple component hierarchy that is also under your direct control, such 
as with cell phones, and EAT is an excellent fit.

There are other evidence representations that are more difficult to fit 
into EAT (as we have learned here in RATS), because they already existed 
for a long time, have stable and intentionally (relatively "strict 
defined") interfaces, such as a TPM. That does not seem to be a bad 
thing, but simply is accepted as a different way how to phrase evidence, 
in the end.

In summary, today there are a few distinct ways how to represent 
evidence. Some representations are based on existing technology, some 
representations are based on the appraisal process (e.g. IMA logs in 
support of indeterministic user space environments), and some 
representations are tailored to match other conceptual message formats.

On the one hand, I think EAT should be the first goto candidate, if you 
want to implement RATS and are free to chose how to do it. On the other 
hand, I also think that EAT should not be an MTI or a mandatory data 
model to be incorporated in a protocol.

The most important thing EAT brings to the table - from my point of view 
- is actually the information model. The information elements defined 
(and registered as CWT Claim definitions in the end) are the real treat. 
No evidence format should conflict with these definitions! That would be 
really really bad for semantic interoperability and would be in conflict 
with the RATS WG's goals. If there is overlap, the WG process should 
identify that and address that (although I am not taking a stance on the 
"how", maybe sometimes a change to EAT might be warranted, but that case 
would have to be presented very thoroughly).

In general, I'd like to see EAT as "the first candidate in line", but 
also other options next to it next in line.

Viele Grüße,

Henk




On 27.10.21 20:53, Laurence Lundblade wrote:
> Hi Henk,
> 
> Right. As a data model, the question seems mostly the same.  What will a person implementing RATS use if they are not using yang?
> 
> Yang is not particularly suitable for small IoT devices, and those devices need attestation too, right? Claims in a UCCS sent over DTLS is EAT, right?
> 
> And maybe we should we be aligning EAT closer to all the stuff defined for yang?
> 
> LL
> 
> 
>> On Oct 27, 2021, at 10:38 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote:
>>
>> Hi Laurence,
>>
>> EAT is not a protocol, it is a data model for CWT (and I guess now also for JWT) to represent remote attestation evidence (where evidence is the conceptual message generated by an Attester and appraised by a Verifier).
>>
>> The data model proposed can include information elements that are useful for protocols - most prominently, a nonce - but that does not render it a protocol, it probably makes it "convenient payload" that also "puts constraints on most protocols that want to use EAT".
>>
>> Viele Grüße,
>>
>> Henk
>>
>>
>>
>> On 27.10.21 18:40, Laurence Lundblade wrote:
>>> On Oct 27, 2021, at 8:25 AM, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>>>>
>>>>
>>>> Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>>>>> To me, the document looks done to me.
>>>>> I think that there are wording fixes that would make it a little easier to
>>>>> read, but it sure looks finished to me.
>>>>
>>>> Is EAT core work for the RATS document set?
>>>> I thought it was.  But it does not seem like the document is actually that important.
>>> R in RATS is for “remote” which means there’s a protocol to convey Attestation Evidence.
>>> If you want to do remote attestation that is not conveyed via YANG, would not EAT be the protocol?
>>> What’s your vision of the protocols used in remote attestation that doesn’t need EAT?
>>> LL
>>> _______________________________________________
>>> RATS mailing list
>>> RATS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/rats
>

v2.23.0 | Report a Bug | By Email