Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

Giridhar Mandyam <mandyam@qti.qualcomm.com> Tue, 31 May 2022 19:55 UTC

Return-Path: <mandyam@qti.qualcomm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD098C15AAF6 for <rats@ietfa.amsl.com>; Tue, 31 May 2022 12:55:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.008
X-Spam-Level:
X-Spam-Status: No, score=-2.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LXQAphfz2WoG for <rats@ietfa.amsl.com>; Tue, 31 May 2022 12:55:21 -0700 (PDT)
Received: from esa.hc3962-90.iphmx.com (esa.hc3962-90.iphmx.com [216.71.140.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42CBCC157B54 for <rats@ietf.org>; Tue, 31 May 2022 12:55:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qccesdkim1; t=1654026920; x=1654631720; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=jBXEvm3ewkveZeXm3U3hNBzN1I6AShH6UxxDGKEy5Z4=; b=1mdAAr40cHhuv5PgsiQnZyKAEuR1/YqrNybdZH8w6nzjQBTBLp/6WvO8 Dexkz2fMsQNXo7kTpDLYSLPY8X6d1z8efhCVrE4vSiwukexfpRtd+Avpg FsPntaodqmayD4vMOQLS+JnTdnt9tTwYhlxnmn4FCU83dC3TJyyGwOvX+ 4=;
Received: from mail-bn7nam10lp2106.outbound.protection.outlook.com (HELO NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.106]) by ob1.hc3962-90.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2022 19:55:19 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gnvpIfQ34YQBtKmSr6lTbHXwfiK7VzASm160K3Tf6LcASjqqsl+fM13tVlfrt5VMJlp1d9KAYEXctWeUdojhr8QUqaG7i6SDbDtR0lymsdOKZkpw1nqKqfzhecdlLkfGAUNI2RU4mM37xbxfr02FShWkL6EUT4jRXE+vPy8sPzv0633Js9BtVuEJsps4HfoOL8XTclJAKR/ZOb4fu/KpCeT4N2FhDieOtbVZmdaF3eCdKP8CiQ6Zt3Oyu7Rhk5O3wdFmeUcHrlh3g1FQ4Kj/q+OtQKOKjTWTjFzJBjvmqivPTtCok1BUtCG+SG76mxflgOj2hHmg3maGpugkNVmJBg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jBXEvm3ewkveZeXm3U3hNBzN1I6AShH6UxxDGKEy5Z4=; b=YxzVpKTccwl1MOTYqIxY3Nrxgf0tZNv+M1LLlYQ+2TS7uUTfJB5sA1Dwe1g9P9b6ISQ7xhWV96WyyQBiPJlL8ksBMmR3g7wLCNk+uq6jLHKyg19/p9FfletpR7jIOz7X9m/ef+ZUH216Tz611ej8ClB4iQSNUH/ZeTtJ/+RYHqoPBRh5GOlUjBfbWkdEFXpyouPIPtg3T9R60Na80TMmHttDvgI1XpVpmkKbYxlTgYkxk+1L/2yswC77QYTEYVYKlp8qV2+ySdF7QdHywu4Ozh216breN15bjMkuVMFNqohB0nzv07lQWg1V9VP2AojxPehIASCHq1lkMrRyX5nJRw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from SJ0PR02MB8353.namprd02.prod.outlook.com (2603:10b6:a03:3e4::7) by SN4PR0201MB8710.namprd02.prod.outlook.com (2603:10b6:806:1e9::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Tue, 31 May 2022 19:55:07 +0000
Received: from SJ0PR02MB8353.namprd02.prod.outlook.com ([fe80::416:c75d:6a2a:9e19]) by SJ0PR02MB8353.namprd02.prod.outlook.com ([fe80::416:c75d:6a2a:9e19%4]) with mapi id 15.20.5293.019; Tue, 31 May 2022 19:55:07 +0000
From: Giridhar Mandyam <mandyam@qti.qualcomm.com>
To: Laurence Lundblade <lgl@island-resort.com>, Thomas Fossati <Thomas.Fossati@arm.com>
CC: "Nancy Cam-Winget (ncamwing)" <ncamwing=40cisco.com@dmarc.ietf.org>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
Thread-Index: AQHYdNVRnQv5QhI8fk6S4mzhbTb46a05NHiAgAAvSJA=
Date: Tue, 31 May 2022 19:55:06 +0000
Message-ID: <SJ0PR02MB83533D9FAAA5C935EFFE2BED81DC9@SJ0PR02MB8353.namprd02.prod.outlook.com>
References: <45618431-7329-4F31-941F-A39BBC9D575F@cisco.com> <DB9PR08MB65241E9E259EBBD532480E469CDC9@DB9PR08MB6524.eurprd08.prod.outlook.com> <30BB98D4-8CC0-4EA3-BB89-9F95DC6F2CA8@island-resort.com>
In-Reply-To: <30BB98D4-8CC0-4EA3-BB89-9F95DC6F2CA8@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=qti.qualcomm.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a07957a1-ec51-438d-9850-08da433f7612
x-ms-traffictypediagnostic: SN4PR0201MB8710:EE_
x-microsoft-antispam-prvs: <SN4PR0201MB87103C4686B90E5E555E1E9181DC9@SN4PR0201MB8710.namprd02.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jtJdh+Z70K3Aug0/M8GhTYd52w5K1p2VHUpcyAEd2Iv9Fuwnzu5j7TarWDoqWTv6O/Pq0aGBWIWvp5snWhv7VA1kU6ouaxEOzDWhS7Oa2+WeB69kM4zy6f0v4I+krgO4H56BEJu3vXVzKAYZCfrLutJt7+/mHA9zVao4HApY70A+3fzwco8zeerEPL5d75zgAaTCnFpNMs5tShwy1vzwDb7MoFRiVTpzug3q6OMYzoRBQ2lvK19MmJLSPlRqIhxo26yApzigah2izeZMUrD+1z2s2SrsFZqR/WjvBU9JIrnpQ4EAAfLSywlk2xSf0TV3tZsE8q559+skKUmDDxCTr9lCzJxDjvEUkbEaifB+aZjcjaWSso/+xL00rnsrMdD0k9gjc8ALwyxsdwkodZabmGPywEXf3DbJkErGtywwS9Hb8WlUZZZ3JshZCrKU1fverHqcnYthtJ0V0ZekNVtAsoY641BTfKiXm60csFvYrrufUQ4JOIlPN8aIUtAjStNEKfYg4feZNfa/E4qqNcwtDzbmURJkFiwPeyG45VaI1Lqh6vUhUwsyvt4onlS3GBcaNxdf2yWjuaNwFKhjkTpYZa3f/Gq5jYdWtiizYVa/wMlsQCmkiXvGp8LpEKFSRK/PpEqUA8qvS2NV+a2Aju+QoMwGOHuuaNMBWHeeyltKZ8heFGTNXjsscfsZZZgi4L4alckX8ozu21rWDi9+gXzqHZ+rkXLcLu14WcMUnbupi8VWvWy32vmUJq8mom1SuVywMBALK5uxKU1SVr5tcre0FTSc1KNzJ3sOy26gA4wQno/e+DWOxbTLW+6k2OFCmyIP
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR02MB8353.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(66476007)(66556008)(110136005)(64756008)(66574015)(83380400001)(66446008)(52536014)(54906003)(66946007)(55016003)(6506007)(186003)(8936002)(2906002)(38100700002)(71200400001)(9686003)(8676002)(4326008)(38070700005)(53546011)(7696005)(26005)(86362001)(508600001)(966005)(76116006)(122000001)(316002)(5660300002)(166002)(33656002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: pM3gTbffate5Gy5AfFIjEtjR2AaVVqSdxNP5scWF+v/quvXX2sDBUpkOfI1ciycdBpwMOxSoupdAhX/eItrZOlHKguY1l8IPrHxTWrQMm9bXyXkTbefZ66nrB2K2Ea+eRfr8CBG4ZUYBD5RGDpZHS6jh8k66sY/hS2fowFPzn8o1jo2NmO4EFz0PBcKcaJDdxIML1MCmX7ZUah/17MsaPk/HhTsptf1AikS9t3IUNxZdz2OI5BZbPIh0tOCwb6s8jio8pLKhb4rii0/4YRL86Oi6NN8XZSyNE+W3SfRIF/cwUx1zhXa8mTHXxn42uiSSZqGdDd85L3Cu2GzK4/Ha1yTMxKg1tvvEzXCkhGzgXuExdmSXlwwQDRDBtitor4LyxlDZ//80z6h5bMOqpKBScoC4LnkAg7WZj/zj0knwjdordLa0um85QJy52Z6inz67gzbKtHNXCexk5M305av2t1shGZyJ+LkDlEIJkp9mAE4+LcCJS6hh00sWTyVhIQUG0dr7e7uPKouWS4vbs/2YDzw+wZnRAGRMaLsSjg9qw/YnX7j/OLDsfnsddp1Zt7MdnzBUiOVTGch24Inum1nYncVHXY5QM1DfaaX58DpH3Vu6a1y+maKNBtfqOxpSrc7U5iPiqlE7oDoNq8h72ZZ/QqU/m8bGwzJBKJsa6Ef7aDvw1zRGQp3QwctqZHQivtL18PEJj71ZT/VkSv6vT33sGaj84BWz/SQHTxX8AGW0ou5K7FVmLHuZXFvtJdyHSBiAQh11zKOxk13u87c2Mgaz+szczAllQwFxIllKuXbc0mVjoBufrBzK7V47FVYQDwHs6L4E1MLysZDZQUfjk0Pe7OYmaZYmdENJUpGdgIO4bikcEsuZ4SY7Z4q3a8dN9ON4o42HN4onPMcIYHlmWdMXGx2DquS4VFC7KDpYMVp7g2R55g+gyjZzvRF2VtHIZsCzjrXXewsw8WtJAzMxbUR9+dWYJGhTgF83ySWIwlZUR7MlJHOZYkqMGtfi9BcKMx9nLTnh3HV4o0CCQN7YgHQ3nUoOsU5UA0xPuSm7SshU51dBpp/G9l0mseU6kjicA3OWp2+UqkmRG4Y7GeNWJ+UJjbjOXOv1f0V/JkTycdRgaGNE7zSXVURnsNoG3v3RiuUjrN5LBadPuL5DgthGHDfBk4p34zKX+f1nGxX7ceo3OeG0YRe8ohzOWH5fnl+GTlRzdJl8xAauPz3fgXA7eaiL28ZSdpgcqKcfZSFzDCJhDd0meFUB+hJf+YESxFfmwTcbPXUIbPW4UjT6hgnj3vCv5c8PgNLA+U+n70X7eqXfcE/8Oq2PahukYUXGrSm2aYZncnXzMFx4l71BYkbF2wUvLkdfK3FPl4M8IJFLZ5prP6rgZF3kIpHGG1aoQk2WrprONBBMaSC/MdMcdgODAKFVIAuLxpHkxIHZ4KOvvFMvzbHKCpbpgO+HC3Ztc7c08hEio22hUjLjd45mCKZrY/J/WsFJtbsMRk41UHoHuE6JmYeJdr3ilFbe+OkOt9h3JvNh5HkdmftSzzLxe7MWzTpXWzoZNlU3YOExtXEzj7GlwMXYTfQhdKYyCYmbqbh6dDppiXbvQhXFgOLyLdXq4s498o2uny50fV5ii3tFelelUGcx83sd9jNBP/vF1JPyXw1RjfNF+IrIZYU4kjCeLFLhDXaoWAyl1iO9+4rNbRmZmFR142cdzpIXBO18ggHyy40gqNTb4Q+bG28ozq8pG3p826fZPMDxDoaerKampLKC1c0=
Content-Type: multipart/alternative; boundary="_000_SJ0PR02MB83533D9FAAA5C935EFFE2BED81DC9SJ0PR02MB8353namp_"
MIME-Version: 1.0
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB8353.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a07957a1-ec51-438d-9850-08da433f7612
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 May 2022 19:55:06.8964 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DpjQPkCWAbPq0v16eQyRprnh1PWrM1RP6Nyj56iwfQaQAzEoXq3BgbPHxZ5YXaMxu1vyHlAYFvVnGyoxxne3YnTuPnOIP/ZcOfyO9t8S9XI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR0201MB8710
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/-x3ndBPV7cC9bMZGFTF5dUDpUFk>
Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2022 19:55:25 -0000

I am not sure I understand what is being suggested in this email chain.  As far as I can tell (focusing on the CBOR option for EAT alone):


  1.  EAT inherits from CWT, and CWT’s are ultimately CBOR objects.
  2.  There is no prohibition against defining a CBOR array with CWT’s/EAT’s as entries, and those can be of indeterminate length – see https://datatracker.ietf.org/doc/html/rfc7049#section-2.2.1.
  3.  In addition, as per https://datatracker.ietf.org/doc/html/rfc7049#section-2.1 an array can contain entries from multiple data types.  An array could contain UCCS’s, EAT’s, and standard (RFC 7049-defined) CBOR data types for example.

Is the suggestion for the EAT document prohibit (or at least limit) the above?  If so, what would be the justification for such a limitation?

-Giri

From: RATS <rats-bounces@ietf.org> On Behalf Of Laurence Lundblade
Sent: Tuesday, May 31, 2022 9:54 AM
To: Thomas Fossati <Thomas.Fossati@arm.com>
Cc: Nancy Cam-Winget (ncamwing) <ncamwing=40cisco.com@dmarc.ietf.org>; rats@ietf.org
Subject: Re: [Rats] Where does a EAT end? (was: Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

I am definitely not a fan of unconstrained fan out here. Probably the right thing to do is require any additional token type be an IETF standard.

One reason I made these sockets is so that UCCS/UJCS will plug in and be part of a submod Nested-Token and part of a DEB. It is important that UCCS and UJCS be brought into EAT this way.

Personally, I think it would probably be good if this never went beyond UJCS/UCCS.

I’m still digesting Simon’s collection proposal…

Thanks for point that out, Thomas.

LL




On May 31, 2022, at 3:00 AM, Thomas Fossati <Thomas.Fossati@arm.com<mailto:Thomas.Fossati@arm.com>> wrote:

{Lemaître hat on}

"where does a EAT end?"

The CDDL has:

$$EAT-{CBOR,JSON}-{Unt,T}agged-Token /= ...

which says it is theoretically possible to extend a EAT to cover
anything, as long as it looks like a CBOR or JSON stream.

The EAT I-D defines the CWT, JWT and DEB types.

But UCCS will have to plug into the same CDDL socket soon.

And Simon's proposal to add the "EAT collection" type [1] uses the same
mechanism to extend the semantics of a EAT in the same direction as DEB
- i.e., by providing an aggregation primitive.

My observation is that unless the EAT I-D contains clear criteria for
scoping its type system its governance can become quite tricky down the
line.

cheers, thanks

[1] https://datatracker.ietf.org/doc/draft-frost-rats-eat-collection/



IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats