IETF Logo Mail Archive

Re: [saag] Call for consensus on SPICE charter

Ira McDonald <blueroofmusic@gmail.com> Fri, 23 February 2024 15:10 UTC

Return-Path: <blueroofmusic@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0196C151088; Fri, 23 Feb 2024 07:10:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7pxgOwUUfoGn; Fri, 23 Feb 2024 07:10:19 -0800 (PST)
Received: from mail-vk1-xa35.google.com (mail-vk1-xa35.google.com [IPv6:2607:f8b0:4864:20::a35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7E05C14F68C; Fri, 23 Feb 2024 07:10:18 -0800 (PST)
Received: by mail-vk1-xa35.google.com with SMTP id 71dfb90a1353d-4c01076b9faso572376e0c.2; Fri, 23 Feb 2024 07:10:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708701018; x=1709305818; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=c2LlRCQp1YMwPk3mn26iG5yZwt0zr1FkQLtxWKQF9jc=; b=KvuVVMX72CTMqxTtMM0qcNVCPYsFfVlylqIi7pPuwUhCZjgHtT2cQ5aTA7WswIFGCC j9EUph4w+B91DzVk8pXNeRSuPApY/ochSEcTrWOtE1AbtqNJ4YRI+j+YV89WVF5Bh18d 4icYBMwctaCWuWX4ogovb84LPdOWzfjwi0Evgex4ShDpoqwYDVk3Ls9i7QYcYDSVH60R TO2B3VM6MsU4urHw+wItxkfOIuFykjOoZmLUfwykxe5iQv9kNeFJwx9530I5P9pnrKNx izfP3uL7KtWSARepzYFkIfbzH7R8246W4bT5ihbTMk8aQR3wFpH5WRrjJOOCPJoe3uvR 7zqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708701018; x=1709305818; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=c2LlRCQp1YMwPk3mn26iG5yZwt0zr1FkQLtxWKQF9jc=; b=uh9lCvsBiQKDUU4fmEHterwUWxUw6JsumulH8QvXInZ2mtLaFcDmkWvgIMegXdy622 bfj3pgDhiMBpBjsGdmNtHhM/x3RoXIaNrZPmQp+in7jSH2GZGKk22X9NTKXGLSE6W7dD TKrjhKiKlGVo4jSwIuBCecw/RKWCc7WZoYEOeT717fq+i0QlnUnJpubtbzBNYFQKb3HM QSz1XaeBj/W5u1B6vJwB/i5BLm78S8GlO1MQJzu7GA/AGC6Pg9Xqch7RgGp/z77HAF6r /iHjopYPgow02GO+9+hGvijNsq5uaBL9N6S46LlqPC+HumCvb+Of7hnpDaHpuHRAZhD2 H6oA==
X-Forwarded-Encrypted: i=1; AJvYcCXTLrqwqC8k4ItKuPbc54J59+V+78U1tr1PEs+JniyhNaTy8yoSSedmePxYnJH/SDnMqwaiohCItsHNiEla
X-Gm-Message-State: AOJu0YzyuAB5KBIKyltzJOZ++YejLAd7GRXxFEX2VFsGT7q6Aq6Tx+wJ 7uhTVZU/ECbq7bbBEEAvZ1zSgFZSjwYJl7SXPoVw6R+9J4cQjkVezKAiJWYaeepzwdCuEeyLYhF Q2JsuwCkY3WhYS4T/ZMdkqVtE+bdtb8pjtv4=
X-Google-Smtp-Source: AGHT+IHLeGUJjE4ASD5aJKPEUBAKtLXTAQdvFAC0k7GXRB6BWA1dxjFxCptJcv8rcUx4ICAeAu8NTaakrYYXRwNMnNI=
X-Received: by 2002:a1f:d403:0:b0:4c8:8d45:5325 with SMTP id l3-20020a1fd403000000b004c88d455325mr133031vkg.7.1708701017698; Fri, 23 Feb 2024 07:10:17 -0800 (PST)
MIME-Version: 1.0
References: <SJ0PR02MB74391502B5451B27457FE12DB74E2@SJ0PR02MB7439.namprd02.prod.outlook.com> <B85451AF-814D-4FFE-A593-E733572FA3EB@gmail.com> <e68d0218-82d0-b21a-a048-8cd7ad38e0cf@free.fr> <CAN40gSuU94OEKdueKd48oMsycLk2e3g2RTgpNPbRKpR8DitDeg@mail.gmail.com> <94765b81-2285-fa3c-4ab0-27a777725807@free.fr> <CAN40gSvNjOGELBn0_mmDXbJ5kxdfE0ZNJ6s8oPtQdyStmG8Tig@mail.gmail.com> <c21e1627-3ae2-3b2f-eedb-0091fb88c5d7@free.fr>
In-Reply-To: <c21e1627-3ae2-3b2f-eedb-0091fb88c5d7@free.fr>
From: Ira McDonald <blueroofmusic@gmail.com>
Date: Fri, 23 Feb 2024 10:09:59 -0500
Message-ID: <CAN40gSsn3F2iTnoD2VmoDYj1nyB4SjYBCb_4xY17YTu8yTdNMA@mail.gmail.com>
To: Denis <denis.ietf@free.fr>, Ira McDonald <blueroofmusic@gmail.com>
Cc: spice@ietf.org, saag <saag@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002ff84e06120df5f7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/8QSYru9FGAN4GQnovTG8_vIFUC8>
Subject: Re: [saag] Call for consensus on SPICE charter
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Feb 2024 15:10:22 -0000

Hi Denis,

Yes I would support the TEEP addition to the charter.

Cheers,
- Ira


On Fri, Feb 23, 2024 at 10:07 AM Denis <denis.ietf@free.fr> wrote:

> Hi Ira,
>
> As a regular participant to the SPICE BoF video conferences each weak, I
> am aware of RATS and of the EAT I-D,
> and so are the other participants.
>
> Henk, the main editor of RFC 9334, is an active participant of the SPICE
> BoF and hence we don't need to "inform ourselves" once more.
>
> The liaison with RATS is currently included in the draft charter, but not
> the liaison with TEEP. Take a look at the following change proposal:
>
> Below the two bullets, there is the following sentence:
>
> The SPICE WG, coordinates with *RATS*, OAuth, JOSE, COSE and SCITT
> working groups that develop documents related to the identity and
> credential space.
>
> The TEEP (Trusted Execution Environment Provisioning) WG has been omitted,
> and should be added since "Trusted Application Managers" are important.
> In particular, the following document should be considered:
> draft-ietf-teep-protocol-17
>
> Change into:
>
> The SPICE WG, coordinates with *RATS, **TEEP*, OAuth, JOSE, COSE and
> SCITT working groups that develop documents related to the identity and
> credential space.
>
> I suppose that you would support this addition.
>
> Denis
>
> Hi Denis,
>
> Thanks.  I stand corrected.
>
> I still suggest that SPICE folks inform themselves about IETF RATS WG
> activities and documents,
> including of course EAT (Entity Attestation Token) in the RFC Editor queue
> since December 2023.
> https://datatracker.ietf.org/doc/draft-ietf-rats-eat/
>
> RATS operations, terminology, and architecture are already in use in IETF
> SUIT WG (S/W Update),
> IETF TEEP WG (TEE Provisioning, spanning several CPU architectures), and
> others, for claims
> that include identity and evidence about validity.
>
> Cheers,
> - Ira
>
> *Ira McDonald (Musician / Software Architect)*
>
> *Chair - SAE Trust Anchors and Authentication TF *
> *Co-Chair - TCG Trusted Mobility Solutions WG*
>
> *Co-Chair - TCG Metadata Access Protocol SG *
>
>
> On Fri, Feb 23, 2024 at 9:31 AM Denis <denis.ietf@free.fr> wrote:
>
>> Hi Ira,
>>
>> FYI, the word "Verifier" as used in RFC 9334 does not map to the
>> "Verifier" role as currently used in the three roles model:
>> i.e., Holder, Issuer and Verifier, e.g., in VCDM 2.0 from W3C.
>>
>> You wrote:
>>
>> "A Verifier who never verifies anything is not a useful term".
>>
>> A verifier never verifies, nor validates, digital *credentials*, since it
>> only verifies digital *presentations*.
>>
>> Please read again the following sentence:
>>
>> A "verifier", an application running in a trusted environment that *verifies
>> digital presentations* received from a holder.
>>
>> This sentence does use the verb "verify".
>> Denis
>>
>> Hi Denis,
>>
>> Conflating verification with validation is not helpful.  A Verifier who
>> never verifies anything is not
>> a useful term.
>>
>> It would be appropriate, given the five years of prior work quite close
>> to the apparent topic of
>> SPICE, if people read and thought about the terminology already widely
>> used in IETF working
>>  drafts from RATS Architecture (RFC 9334).
>>
>> Cheers,
>> - Ira
>>
>>
>> On Fri, Feb 23, 2024 at 6:37 AM Denis <denis.ietf@free.fr> wrote:
>>
>>> Margaret,
>>>
>>> I have the same problem as yourself, .... and many more. See my email
>>> from yesterday.
>>> https://mailarchive.ietf.org/arch/msg/spice/eRxcl2xXJEgIYiKWPATZKPuBVcI/
>>>
>>> I wrote:
>>>
>>> Furthermore, there is a confusion in the proposed text between "digital
>>> credentials" and "digital presentations".
>>>
>>> Replace by:
>>>
>>> An "issuer", an application running in a trusted environment that issues
>>> digital credentials to its *subscribers **and takes care of their
>>> validity statu*s.
>>>
>>> A "holder", an application running in a trusted environment under the
>>> control of a user that requests digital credentials to one or more issuers,
>>> store them and builds from them digital presentations that are then
>>> communicated to a verifier.
>>>
>>> A "verifier", an application running in a trusted environment that
>>> verifies digital presentations received from a holder.
>>>
>>> When the digital credential issuer sends back to the holder a digital
>>> credential (after a digital credential request),
>>> the holder needs to verify that the digital credential it receives
>>> matches with its request.
>>>
>>> A verifier never verifies, nor validates, digital credentials.
>>>
>>> A verifier receives a digital *presentation* (derived from a digital
>>> credential) that he needs to validate.
>>>
>>> There is no need to introduce a "validator".
>>>
>>>
>>> IMO, in order to be approved, the charter will need to be corrected in
>>> several places.
>>>
>>>
>>> Denis
>>>
>>> I strongly support the creation of this WG, and my answers to the formal
>>> consensus questions are listed below.
>>>
>>> However, I do have one comment on the charter text….
>>>
>>> > A "verifier", an entity (person, device, organization,
>>> > or software agent) that verifies and validates secured
>>> > digital credentials.
>>>
>>> I question the assumption that the credential will be verified and
>>> validated by the same entity.  I would prefer to see these broken out into
>>> separate roles.  I think that in some cases a credential may be issued and
>>> verified by the same entity and verified by another entity. Or in some
>>> cases, all three roles could be separate.
>>>
>>> For instance, a student at a university could present a digital
>>> University ID.  The credential could be issued by, and perhaps even
>>> verified by, the university.  However, if the holder needed to validate
>>> that the issuer was a properly-accredited, US university, a third-party
>>> validation could be needed to confirm that fact.
>>>
>>> So, I would prefer to see the verifier and the validator listed as
>>> separate roles.
>>>
>>> However, this is a comment on the text, not an objection to WG formation.
>>>
>>> Margaret
>>>
>>>
>>> (1) Do you support the charter text? Or do you have objections or
>>> blocking concerns (please describe what they might be and how you would
>>> propose addressing the concern)?
>>>
>>> mrc> Yes, with one comment, above.
>>>
>>> If you do support the charter text:
>>> (2) Are you willing to author or participate in the developed of the WG
>>> drafts?
>>>
>>> mrc> Yes
>>>
>>> (3) Are you willing to review the WG drafts?
>>>
>>> mrc> Yes
>>>
>>> (4) Are you interested in implementing the WG drafts?
>>>
>>> mrc> interested? Yes!  But as consultants and operators, we’d be more
>>> likely to deploy and operate an open source implementation of this
>>> technology for someone else, which we would be eager to do.
>>>
>>> _______________________________________________
>>> saag mailing listsaag@ietf.orghttps://www.ietf.org/mailman/listinfo/saag
>>>
>>>
>>> _______________________________________________
>>> saag mailing list
>>> saag@ietf.org
>>> https://www.ietf.org/mailman/listinfo/saag
>>>
>>
>>
>

v2.23.0 | Report a Bug | By Email