IETF Logo Mail Archive

Re: [sacm] [Rats] CoSWID and EAT and CWT

Laurence Lundblade <lgl@island-resort.com> Fri, 22 November 2019 00:47 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D1481200B7 for <sacm@ietfa.amsl.com>; Thu, 21 Nov 2019 16:47:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B86vnFFwQLrE for <sacm@ietfa.amsl.com>; Thu, 21 Nov 2019 16:47:36 -0800 (PST)
Received: from p3plsmtpa06-10.prod.phx3.secureserver.net (p3plsmtpa06-10.prod.phx3.secureserver.net [173.201.192.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55C351200B6 for <sacm@ietf.org>; Thu, 21 Nov 2019 16:47:36 -0800 (PST)
Received: from dhcp-9fd9.meeting.ietf.org ([31.133.159.217]) by :SMTPAUTH: with ESMTPA id Xx4XiWd8Fi6NuXx4ZiRC4S; Thu, 21 Nov 2019 17:45:20 -0700
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <3F39D986-5897-46A0-95F7-8735868AEB30@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_634E236D-2184-4AA9-BC25-A43E591AB1C1"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Fri, 22 Nov 2019 08:45:16 +0800
In-Reply-To: <CFA72C1A-3DEE-40D0-862E-EC0B512F733B@intel.com>
Cc: "Waltermire, David A. (Fed)" <david.waltermire=40nist.gov@dmarc.ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "rats@ietf.org" <rats@ietf.org>, Ira McDonald <blueroofmusic@gmail.com>, sacm <sacm@ietf.org>
To: "Smith, Ned" <ned.smith@intel.com>
References: <BN7PR09MB2819D797B89183218BEFA823F04E0@BN7PR09MB2819.namprd09.prod.outlook.com> <922EA164-FB96-4245-A46C-6520809E6311@gmail.com> <5r0dnrkillm4odhp4it9ejl8.1574342669212@email.android.com> <CFA72C1A-3DEE-40D0-862E-EC0B512F733B@intel.com>
X-Mailer: Apple Mail (2.3445.9.1)
X-CMAE-Envelope: MS4wfGcJxJH9Q8uHCf5eY48qwLU1vWd24hJBAtdYxbWVQVJpdFc+WGkcMBJUAGxDPpxvljmEzOD9eQHqnfd2cBn7rSUgxPfu7FL3NckHRUe3eEQ+hTk8JQW+ fSfSB0vECsMMFe46uafk+F53M4q4MLWV7cWyQYtHEtOdUOV27dnyaaezGqR4pLspJHczpYQ/F4Uy2wc2FeNSjeUAUkJb6M7zh4DYWO7k22Amn22JPOWMMPIP VhFdzqJswXNA3AGhLCR7cGXa4yGsGk60bZGCyD+WMVSRJoy8MwrCZX4CDDYiSV5rg6c2KRg0TADd6IQsK5npbXXudbysAqq8BjqVGW9g+qWkSAWKyfNYMM4R MkYg49aQx4VjYoAOdq+pYJcMkD82kg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/bNqy6x2hpARjr9-keTpICjxrr5Y>
Subject: Re: [sacm] [Rats] CoSWID and EAT and CWT
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2019 00:47:37 -0000

Hi Ned,

> On Nov 22, 2019, at 1:01 AM, Smith, Ned <ned.smith@intel.com> wrote:
> 
> It isn’t known yet if a token (CWT/JWT) realization makes sense for Endorsers.


This is probably far afield for SACM.

I think it is probably out of scope for RATS too. I assume the endorser is not a sub-part of the attester and it not on the device, but instead part of the device manufacturing infrastructure. I assume the endorser is not part of the verifier either. 

I believe the endorser is part of or all of the mechanism that facilitates the placing of the private key material in the attester and the corresponding public key material in the verifier. I believe these interactions are out of scope for RATS. In many cases they will be highly proprietary and highly dependent on the manufacturing system.

LL

v2.23.0 | Report a Bug | By Email