[Rats] EAT material for Singapore

Laurence Lundblade <lgl@island-resort.com> Fri, 01 November 2019 14:46 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 7AF0C1201A3 for <rats@ietfa.amsl.com>; Fri, 1 Nov 2019 07:46:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id ApKOCsT64nBg for <rats@ietfa.amsl.com>; Fri, 1 Nov 2019 07:46:44 -0700 (PDT)
Received: from p3plsmtpa09-02.prod.phx3.secureserver.net (p3plsmtpa09-02.prod.phx3.secureserver.net []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C11D8120044 for <rats@ietf.org>; Fri, 1 Nov 2019 07:46:44 -0700 (PDT)
Received: from [] ([]) by :SMTPAUTH: with ESMTPA id QYCIiLHsEyg8JQYCJiNpCP; Fri, 01 Nov 2019 07:46:44 -0700
From: Laurence Lundblade <lgl@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_62C0D968-DC26-4060-AA27-041839C87AB7"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Message-Id: <EFDA5487-D231-4033-9795-D124BD5EF322@island-resort.com>
Date: Fri, 1 Nov 2019 07:46:42 -0700
To: rats@ietf.org
X-Mailer: Apple Mail (2.3445.104.11)
X-CMAE-Envelope: MS4wfCF0tEHsxm8fchlYK5AqPNAakATCa4toaPqdPftzY8wfdcuCP+IERDpHQnd2Z1Vh9s5+Lc/dg8Ebh96TDfkGLeQJR/G1L04hmzdOPdLlshm0rA1lkPD6 /QRX+e+YTpWeGtq0O+BDlDpPROtXP6y3Jh77yC2txRCjSwtguS2lvjmz
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/zM8oQl2I8FDs-QVLt8hAwcXRXeQ>
Subject: [Rats] EAT material for Singapore
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 14:46:47 -0000

Hi folks,

Rather than publish a new EAT draft for Singapore we have pull requests for you to review. The hope is for consensus on them in Singapore after which they will be integrated into a new EAT draft published after Singapore. Here’s the pull requests:

Submodules <https://github.com/ietf-rats-wg/eat/pull/43> — This update unifies submodules and nested EATs so they both occur in the “submods” part of a token. It clarifies inheritance (there is none), simplifies naming of submodules, and defines attachment type.

UEID <https://github.com/ietf-rats-wg/eat/pull/35> — This update includes a statistical analysis based on the birthday problem to justify upping the number of its bits required to 256.

OEMID <https://github.com/ietf-rats-wg/eat/pull/41> — This update fills in the details on the use IEEE MA-L and Company IDs to identify device manufacturers

Security Considerations <https://github.com/ietf-rats-wg/eat/pull/28> — This improves the security considerations section.

Boot state and debug <https://github.com/ietf-rats-wg/eat/pull/36> — This update makes the debug state description a 4-state variable rather than 4 Booleans.

Nonce <https://github.com/ietf-rats-wg/eat/pull/42> — This updates lines up the token identifiers and nonce from JWT, specifically clarifies that the nonce comes from the relying party.

General Claims Characteristics <https://github.com/ietf-rats-wg/eat/pull/7> — This describes some conventions and goals when defining new attestation claims.

If you click on the links above and then the “Files changed” tab, you can see the text of each. You can comment in email, but it is better if you comment in GitHub on the pull request itself so it is more easily tracked.