Re: [SCITT] Internet-Draft draft-ietf-scitt-architecture-05.txt
Robin Bryce <robin.bryce@datatrails.ai> Tue, 13 February 2024 15:46 UTC
Return-Path: <robin.bryce@datatrails.ai>
X-Original-To: scitt@ietfa.amsl.com
Delivered-To: scitt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44ECDC15152D for <scitt@ietfa.amsl.com>; Tue, 13 Feb 2024 07:46:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jitsuin.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9owal9sE_y8T for <scitt@ietfa.amsl.com>; Tue, 13 Feb 2024 07:46:13 -0800 (PST)
Received: from GBR01-LO4-obe.outbound.protection.outlook.com (mail-lo4gbr01on20701.outbound.protection.outlook.com [IPv6:2a01:111:f403:261a::701]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98046C15153F for <scitt@ietf.org>; Tue, 13 Feb 2024 07:46:11 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KXRwAM9us0tUxpwqMRa8/DdKyG5ejf+KXUbrqlXu8fN59t3cCWWPRMaXWx8mDEXcckIERfBAxKeVcVNvE9PWp/e6ZwTuL/dbAIcJ9AcfOpd2p5+PaNLfYpu8UFe1qVq7Nj88sB8n10H+U0aMAjie6C8PnhhjUzhELwFVjAFEnf/0ynxEXNXJkvc/AEi3uAjKcjvCs2mtoBfl2IYeycH6YJmlyraEhw5GZs9Haq/Ajm0AC7I243q5OHpaiVm+6ZrDeqbffECoYiqETBNWfk53R5uDb1tpECmaULEVFcz1F8AqP133EEzmMJ4I5TYTJli4k0tzh2g6F6w/aVB7YFZM3w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GIoi9tWacLNRm9H/xNvqAOvZqFKY8HG0mlqFHQLe6sQ=; b=Vf3xAtIRnhBLz7t+Ih26vRyI+EPVxjFtIsto7E5ZCavVCPSqscJLpYytbmgokgFzIhC9jqmSk36MadCeBzGPKIvl35lxRcH+IFk6K5a6u5bBPTkRNFCH4XSkgZ5E938dFbnoZqhir1QiXu79/LGAZRr/SDHMrFaleCRoLnjz/8a/3DHwsXZfHLEXrWx+TaKlgCVSXm5CB8znU6eXbvaWTdKEqbIBim5/ORr03AsrgX4+g2nT2IQ62Fcs3cDOLKlVx1iYE7T3P1BPuX+QOakNjv7NGZ8Rcfe+ANmnzhkwVVqdcarHNCuLDTxLd4k009pdo8LGNM6bV7hy3yBC6luFtw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=datatrails.ai; dmarc=pass action=none header.from=datatrails.ai; dkim=pass header.d=datatrails.ai; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jitsuin.onmicrosoft.com; s=selector1-jitsuin-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GIoi9tWacLNRm9H/xNvqAOvZqFKY8HG0mlqFHQLe6sQ=; b=PbEATdLukJOuejWcmuxyugv2ck/DihbS5yu4i4EZR0DW/Eb3F/HNaq8ySviRrOj02jiDuWaxlj9LlMWlkb4Y6RcAZi4h8BISF1RoPwr2Nmpxc7chw47Wz0nV8QgX6/pLILNXbxNWNxM37MEnDYfZRvqPhtWVODgVSNh+fPiQbX4wRWAi/zrd1k/65ReUxyPNa0CWi7vuEHDcTW5bx1c2YI4g8ocr2Gaxmk5wwBoaYmHeFjpEfuxON305O/77ny2lk8fNYHaPPqJo8iODMd0cmXNCCx8gYKnxtORwfc+HU2eOC93yZW1wdqo695IoLcosNlRRPv/tJzt+YMk5GbSiQA==
Received: from LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:20a::5) by LO3P265MB2121.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:102::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7270.39; Tue, 13 Feb 2024 15:45:54 +0000
Received: from LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM ([fe80::26e5:8805:6bcb:61c7]) by LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM ([fe80::26e5:8805:6bcb:61c7%6]) with mapi id 15.20.7270.036; Tue, 13 Feb 2024 15:45:54 +0000
From: Robin Bryce <robin.bryce@datatrails.ai>
To: Orie Steele <orie@transmute.industries>
CC: "scitt@ietf.org" <scitt@ietf.org>
Thread-Topic: [SCITT] Internet-Draft draft-ietf-scitt-architecture-05.txt
Thread-Index: AQHaXYdajLumXH3NFUKn3nXCISdB0rEGwwsAgAF3FxSAACHNjw==
Date: Tue, 13 Feb 2024 15:45:54 +0000
Message-ID: <LO4P265MB424727604390532B433FC2EFE44F2@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM>
References: <LO4P265MB424709B41AC8D1146DDB7707E4482@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM> <CAN8C-_LkXS_TdUqVrhdUBA46fHotbdkaeoizt6o3mFdzyj_kGQ@mail.gmail.com> <LO4P265MB4247C6365E25F82B2310E611E44F2@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM>
In-Reply-To: <LO4P265MB4247C6365E25F82B2310E611E44F2@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=datatrails.ai;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LO4P265MB4247:EE_|LO3P265MB2121:EE_
x-ms-office365-filtering-correlation-id: f89c6cb7-3170-4ad3-cf16-08dc2caadd36
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6cNRo5ZBgR/glwaxlO8mWkx/96GfphyQp20x075ox9nw4ekyegTA95/3tmsCD2d1iwH0IjqDFJOWHFb+mZ5k3sV9gA0GdBxfRZOUnJkYWWIsnqQXzkHyL7Tt96npNpIedZc0f/sLK+0ZWVAPqukw9bmSC/9HXPyHm5/XayOe/U1+0kro93yst3CfvoDJ/B9mdk/igSkKvqzwrm/YaO2FX1WBlof5pKDjJFy89UptRdxT4cv8Baq5Y0HvwcpMt8W0xKOgGPyugVS6vC5qwed86Ac04cH9j76fLM5uXbnNkI3cUGZ6SBE9dAONPdg3GO70ZoIT8M0kfxqq9xhYD8ekOUsIVAstP8hFoZPlaTAc3DvDGZ7xG47YRKHWikt7wpbjig9aO4dH9lK4Pe/KVbHC5InyghSfJ3zmA2j8ycX54rvTiKlZerVXJDnovbrRexHQmOtgbm1Cx8RuEy0V6K3uQn8UCTswU/TU7of8k+DqSLKxdtKr4HkzoFxWZYxCrJasd4M6qGnuoSvLQe48x58N+VJJhe9C5IW6ZzWjJhvVQ2p2cHaMFk1RFtTuJoeEkFez4ERyauvBADg7pCuBMqsch5lwzXSiRfNNxBh47ZP8+Hk=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(346002)(136003)(376002)(396003)(39830400003)(366004)(230922051799003)(64100799003)(186009)(1800799012)(451199024)(55016003)(66946007)(966005)(76116006)(66899024)(41300700001)(30864003)(5660300002)(2906002)(316002)(44832011)(66556008)(6916009)(64756008)(66476007)(83380400001)(86362001)(66446008)(4326008)(33656002)(8676002)(8936002)(52536014)(6506007)(7696005)(2940100002)(9686003)(53546011)(38100700002)(478600001)(122000001)(166002)(71200400001)(38070700009)(66574015); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: g0LJ9YQ6yxJtSMqW4mPPFQVVitSe4GJXm72oEI1mkR1QFoVGC2hpuZGdgxbs7n15j8zKpF1UgtvZtPhPrKPs9Q/HhhS8yg3JxUMtIMCER5YMv3kKLyYaXMkLQf/A02zXi1nGFaB7Y+0SCdj/lQJCH4kJHK/sHHKdFuChJSPRuWy02G4HBFgsJ/kK+qp96Rqg+imM5nbsoqrYU05tFJEcFe123cv1dN3RDqUWKyO/5Tc0vcWffyb8eTQsRxkNYep07CWXl9LsUkRQjj+KRItv5hfaWmBPLQw2Lx7QO+al6k0aXGX7IHLB2cF+djTvqq6Jys9zKtVPYj12ZaDC5Q2FYreHr4+2NufT8B7Zeo1+3Aoaeejze6pY49CxiqNjiypr/EClwRyxpRLoAMDWSRNydwmoSIlAxkZQeBYnHx5ZhX/jxhnZl0DFePEHMokPaCY6AOJPE0A5gPtPYnjhWe4vWF1M9w/HsMD3ogsauzrb4IArb6ablF2zhfF7jb0pwIL9dcvkdgThgyAixGd+lA0GuffNSw/HjldtPauVdvphh5WufQGfNAqAvACnY3+NLfe9gNT9No/YvUgpfSFWaVyy4eIyvAeY9e6RLNKhjXf/vqMwqvKUXJAlgMJxtiNCmk9+f/LsbdLHId/098fubp+o9EL9iarnI63WbO0F/WtqL9YT2aFEtVlPe273t7+Eb6ERbIUR2YpRqwJ94N9P2DGgWPn4nmks7GLCOxlSn1cYQ/N45YGAYT1Aj70fcX4IK9s6q0RRX5WXvwGsd/1ENqH39xCQnf5z484p61b3ss9+OKwOIDhHx+FmD5jyzX67fd/n+Vnw5RwLCTWiKPgvd5jXykhrpt7m3qclONMCnYUvJWz+fU2nc8N8HQI2Kwj4v2VqroDlGDfPrc4W0/to4pN+3HQQVbAzuytY+1MhXd4Lu7UB2MrJheOEQo3EA7VczvdZBHNfR+7z0ZZ372f6KYJQY2Mtxa1V6iCqhVmixrdU2cdVMqZZkusBmECX/vA4u9pNV5K+0jfRuWWP9S6WxmarDCha0ZFq/HW3OtkP38RJgJScEKuqHfdEcMOYHh5t8F4+EzfnM4l1p/Z6S5QewjoSfXtGT0bFyKkWubCrHUIOakvOyeAJpwIGe6jetA6LcMzCWnlHB9KP+NyhDlyf8QC162G2KRmPpgccy4mVvoC+o0VUAeWgJf+G/hJ1E4SbyPTfSycwFbCLiHRkhMxEj3lgPMR2dOFcqD1MMwcymb7Sx+XkfiNmDOKN/zAuRkssutTCUJvyH/RNLDI1C0krO9ph0DfMKwVvTApAThpmYhYb6OyvrZ/WlUBQRWupW0OKO0B+1DAYaWqUZouZvOugP9Jr3mxJyBtfB+rAKcPEJ7oPW1bYyhMa21Dseb5fONtOcfIIc3auj3OvCPkAZBZ+GSOUfunwQT9Lmt1uvChPl7jU+pUY0pKG4Z3FnPh5mbtWuekrmV6u6FMlw5blNlhTyLbbyu86SkT5/lLTciQUJ2S8PI0XcyJwMNZubIUfMgnpsIWq+J5mDryx4PzX1/Yl8rzE70MoV6fDCA7uY/CJlhTwkLuMWutjgZ7p/wHqcTUOZB1XcU9PGmDi+aV4+yvyQyV6wfX1w5CMhH5OeMIILdIbgf9mA36clq6DC5kvyxvq05jU5fVYbGr589i1/82hAqWr2bkl/ud6ud8ITYe7p83Ik7k=
Content-Type: multipart/alternative; boundary="_000_LO4P265MB424727604390532B433FC2EFE44F2LO4P265MB4247GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: datatrails.ai
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: f89c6cb7-3170-4ad3-cf16-08dc2caadd36
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Feb 2024 15:45:54.7131 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e6cd7cbd-4331-4942-b28d-a327d99a088a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: SaREm15YrmpHhzBw/n/CfoYFLZOIzoVITnAyWcZcaYjl7OCNgaYVslbDRvW1VHSJ+VCUjFRt8ALwpfyqec07dbPbHKUXbARlxo01NvgNxZU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO3P265MB2121
Archived-At: <https://mailarchive.ietf.org/arch/msg/scitt/Kt-pVvELlY-a-dMW8xmDziUW7gI>
Subject: Re: [SCITT] Internet-Draft draft-ietf-scitt-architecture-05.txt
X-BeenThere: scitt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Supply Chain Integrity, Transparency, and Trust" <scitt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scitt>, <mailto:scitt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scitt/>
List-Post: <mailto:scitt@ietf.org>
List-Help: <mailto:scitt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scitt>, <mailto:scitt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Feb 2024 15:46:17 -0000
Just in case its actually useful I’ll run this up the flag pole In response to some of Ories’s remarks about id verification (above) and also the broader subjects of registration policies and “key before use” / “policy before application”, is there any value separating the what from the how ? For example, in the interim call yesterday and I think in ories post, there were at least 3 different kinds of identity auth checks in play with respect to registering a signed statement: api poster, issuer, issuer in relation to parts of the content. There are some involved implications for how those identities would need to interact with each other and with the transparency service that, to me at least, make specifying “how” pretty hard. There might be some easy consensus to be found just listing some of the common things that *could* be applied. Even if it is not required that any TS does them all ? Then ts implementations can just declare the ones they do in their own way. "key before use" or "policy before application" could be items in that list. This still leaves room for registration policies to be a useful thing in all implementations syntactically. And for specific implementations to be very specific in how they are applied. I think the alternative is to stay silent completely on both the what & the how. Thanks, Robin From: SCITT <scitt-bounces@ietf.org> on behalf of Robin Bryce <robin.bryce@datatrails.ai> Date: Tuesday, 13 February 2024 at 14:13 To: Orie Steele <orie@transmute.industries> Cc: scitt@ietf.org <scitt@ietf.org> Subject: Re: [SCITT] Internet-Draft draft-ietf-scitt-architecture-05.txt Thanks to both Dan and Orie for helpful & dramatic 😉 responses. Seeing the PR’s going in after yesterday’s call and listening to the explanations live have helped enormously. There are some things in both responses I would love to pick at for the benefit of my own understanding, but, to steal a fraze from Steve, I don’t want to “break into jail” Thanks all, Robin From: Orie Steele <orie@transmute.industries> Date: Monday, 12 February 2024 at 15:23 To: Robin Bryce <robin.bryce@datatrails.ai> Cc: scitt@ietf.org <scitt@ietf.org> Subject: Re: [SCITT] Internet-Draft draft-ietf-scitt-architecture-05.txt Hey Robin, I agree with much of what you wrote. As we try to get the draft to a publishable state, we will need to start cutting content where there is not rough consensus. Inline for the rest: On Mon, Feb 12, 2024 at 2:06 AM Robin Bryce <robin.bryce@datatrails.ai<mailto:robin.bryce@datatrails.ai>> wrote: Hi all, Thanks for all the work that went into the new draft. I have some feedback & questions. 4.1.1 Initialization This appears to prescribe the precise contents of the initial log entries in the name of solving a verification problem - that the statement verification requires a trust anchor in order that verification can be successful. I don't understand why the trust anchor needs to be in the log in a particular position. Verification is just contingent on is availability. I also don't understand why it needs to be in the same log or any particular log at all. It creates significant operational problems inserting these sorts of requirements, and it’s very intrusive with regards the log itself. I think this section implies that an Issuer can submit a Registration Policy to self-attest its keys and scope of use and that becomes the thing the Transparency Service later verifies against? If that really is desired, then I think the last paragraph "This specification leaves implementation, encoding and documentation of Registration Policies to the operator of the Transparency Service" leaves scope for implementors to support that. Precisely how registration policies are established ought to be the business of the individual log implementation. The purpose of this section is to establish how a registration policy is added to the log, since such a policy is required to start to accept anything. This section could say: A new empty log is created, and the transparency service can add whatever it likes, without performing any specific registration policy. Because we previously had text that said that the minimum registration policy requires the transparency service to __verify__ signed statements, it is logical to assume that the TS would at least have the keys to do that. Making those keys transparent, makes the log self authenticating, which is a valuable property for auditors, who might want to know the exact keys that have been used to make decisions to admit content. It sounds to me like your suggestion is to remove any requirement to include any specific content in the log, including keys or policies? (I would be ok with these being operator details). 4.1.2 Registration Re: 2. "Issuer Verification: The Transparency Service MUST perform resolution of the Issuer's identity. This step may require that the service retrieves the Issuer ID in real-time, or rely on a cache of recent resolutions. For auditing, during Registration, the Transparency Service MUST store evidence of the lookup, including if it was resolved from a cache." A requirement to verify issuer identities in real time does not guarantee that maliciously or mistakenly signed items will not reach the log. Compromise of the identity may be discovered after the statement has been accepted on the log, and then we are no better off than had we simply relied on cryptographic verification. It is always going to be down to auditors, verifiers, and log consumers in general, to use the attested data to reach their own conclusions. And those conclusions may well change over time. Having this as a requirement does not help solve these problems, it complicates the implementations, and it will be a significant performance bottle neck. Deferring id verification to the point at which a receipt is asynchronously requested could be a workable compromise. This would allow anonymous users to poison the log (which stores content forever), with content that is potentially toxic. As a general rule, we would expect to see write side requests gated by authorization, and read side requests gated by authorization. In addition to gating a client from registering content, the content itself could be gated, for example, only employees can add data to the log, and they can only add data that is signed by a trusted partner. Secondly, it is far from clear what "evidence of the lookup, including if it was resolved from a cache" would look like in the real world. I don't think it is feasible for SCITT to specify that in detail. So the requirement is very ambiguous. Strongly agree, its left over DIDs stuff, it should be removed. Re: 7 Receipts should be an optional part of the registration process. Agreed. There exist verifiable data structures which enable receipts to be generated in the future which are provably identical to the receipt that would be issued at the time of registration. Decoupling these allows for higher volume use cases where receipts aren’t desired for all statements, or at least not desired immediately. This rests on the ability of the log implementation to provide tamper evidence and provable log consistency. There are efficient ways to batch proof (and hence receipt generation), that would be un-usable if a receipt is a required part of the registration process. The wording in the Registration section isn't super clear about if and how this sort of batching is accommodated. I think that is ok for an architecture document, batch processing and asynchronous responses are probably more detailed than the architecture should cover. However if the text reads like this is forbidden, we should fix that. "A Transparency Service MUST ensure that a Signed Statement is registered before releasing its Receipt" this means the log entry for the signed statement must be committed to the log before the receipt can be created. It's debatable what this actually means... it could be interpreted as "the client got an HTTP 202". That log entry itself cannot be a transparent statement because the receipt is its inclusion proof in the log. I think this is probably obvious, but some of the wording could imply the transparent statement is a log entry. Any bytes that go into a log, can be cose-sign1 that have receipts in the unprotected header... Yes, that is recursive, but we need to address it, or we need to say you cannot include unprotected headers in the logs. A use case worth thinking about here, is vendor a, providing a receipt that proves vendor b had a receipt. The wording at the start of 4.3 is much clearer in this regard. 4.2 Signed statements "Support for x5t is mandatory to implement" Why is this helpful ? Anytime a standard offers "multiple ways to do something", there is a chance that a set of vendors will each choose a different way, and there will be no interoperability. We have this problem in the form of logs today, RFC9162 vs CCF vs Etherem vs etc. We have the same problem for cose-sign1, we can sign them with `iss` and `kid` or we can sign them with `x5t`. It's very common to have a single mandatory to implement, for cases like this. If I use a cnf claim and an iss to fetch an openid connect style well known document over https side note here, this is why the comment about "evidence of the lookup, including if it was resolved from a cache" exists. and then check the kid and public key match what is in the claim, don't I, as a transparency service implementor, get all the benefits of TLS certificates without exposing the implementation to the burden of x509 verification ? I would not say you get the benefits of certificates from that.... Signing keys rotate frequently in OpenID, and they can have certificate chains behind them (x5c /x5u), or not. And that TLS certificate & its verification may well be backed by a transparency service in the full ness of time, but it’s actually more robust if its independent and opaque. I assume this comment is about the https connection you used to pull keys? This is also why the comment about "evidence of the lookup" exists, it's a nod to aTLS... I tend to think we should leave those details out of scope for the architecture. Surely it is sufficient to say implementations MUST implement either x5t or kid/cnf ? See the comment above, assuming uniform random adoption, it would be a 50% coin flip to have interop with this as a normative requirement. Mandatory to implement also does not imply exclusivity, you could implement both. Is there a thread or reference somewhere I can read to catch up with the arguments either way on this ? https://mailarchive.ietf.org/arch/msg/spasm/YDqJA8xiolEsFngDnSyG1_Ej57w/ <https://mailarchive.ietf.org/arch/msg/spasm/YDqJA8xiolEsFngDnSyG1_Ej57w/> (You can also search the scitt archive for key words like "x5t" or "kid".) 4.3 Transparent Statements "Receipts are based on Signed Inclusion Proofs as described in COSE Signed Merkle Tree Proofs" I understood merkle based logs were one of the options and that the standard wasn't fixing on merkle based logs. Is this still the intent ? The draft is still called "COSE Signed Merkle Tree Proofs": https://datatracker.ietf.org/doc/draft-ietf-cose-merkle-tree-proofs/ The draft uses generic language now: "This document describes how to convey verifiable data structures, and associated proof types in COSE envelopes." 4.3.1 Validation "In order to verify the inclusion proof that is included in the Receipt, the verification process for the inclusion proof MUST be performed as described in the document that registers corresponding Verifiable Data Structure Parameters https://www.ietf.org/archive/id/draft-ietf-scitt-architecture-05.html#I-D.draft-steele-cose-merkle-tree-proofs" This is a useful and helpful draft, but it only contains RFC9162_SHA256 in its registry. That's correct, it establishes a registry, which cannot be updated with other content, until it exists... technically the registry won't exist at all until after the document is published (it blocks the architecture). What should implementations do in advance of being able to register here ? You can't do anything in advance... you could pick a number (like 2 or 5), and hope that it will not be taken by the time you are ready to follow the registration advice in section: https://datatracker.ietf.org/doc/html/draft-ietf-cose-merkle-tree-proofs-03#section-4.1 But as a general rule, I would never assume you can claim code points in a registry that is not yet established. We could add drafts to the initialization of the registry, but I am not a fan of doing that, because drafts expire, and are only meant to be cited as "work in progress"... This is a detailed topic, you may want to read: https://datatracker.ietf.org/doc/html/rfc8126#section-4.6 7.2.6 Impersonation "It is up to the Issuer to notify Transparency Services of credential revocation to stop Verifiers from accepting Signed Statements signed with compromised credentials" this means the guarantee isn't terribly useful. Security considerations are often written in a pleading tone : ) The alternative text would be to say nothing. From the point of compromise to the time at which a Transparency Service adds a new entry that addresses the compromise, is a window in time that is controlled by "disclosure". We would hope to see "responsible disclosure as soon as possible", but we may never see any disclosure at all. I would say this guidance should apply to "all timely information that could be essential to mitigate harm to a supply chain, and its consumers". It’s always going to require after the fact retrospective analysis to figure out which statements were recorded while the identity was unknowingly compromised. The guarantee is misleading. It is sufficient to guarantee that the identity presented at the time of the statement is evident in the log. Sorry for using a dramatic analogy, but I find drama can bring clarity to security and privacy issues. Saying a drivers license was valid when a firearm was purchased is one message to the log. Saying a driver's license was stolen and used to purchase a firearm (producing a valid receipt) by an entity that was not the subject of the credential (which is a driver's license) is another message. A third message could be the drivers license itself. I use credentials people are familiar with here to make the point, but in reality it is likely organization or machine identity credentials that would be stolen. Storing key material in the log would be like storing identity credentials in the log, an auditor might want to know which drivers license purchased which serial number. If all they can see in the log is that "the license was valid", that could be either a feature or a bug ( and regional laws would certainly apply to storing ANY PII in an append only log ). There is utility in storing information about the identity that is registering content, because it can help with investigations, and it can protect or harm the operator of the transparency service, in the case of x5t, iss, and kid, that could contain PII, because a certificate, JWK or COSE Key can contain PII.... consider KYC requirements vs the "right to be forgotten". The mDoc Digital Driver's license format uses COSE Keys to enable proof of possession for data subjects, and uses Certificates to identify issuers (State DMVs in US). Bringing the example back to software: Vendor A's signing keys were stolen, have you seen any attempts to publish binaries since we know they were stolen? You might find some transparency vendors stored just the messages with x5t pointing to that vendor's cert, and other transparency vendors decided to store all those messages, and a copy of the cert itself. The reason you might encounter both, is that it is an implementation and operator decision, of how much information about issuers to store in transparency logs. Hope this is useful and constructive. Thanks again for the great work! Thanks for all your thoughtful comments. If after hearing from the authors you feel there are essential changes that MUST be made, you should file issues, and keep complaining until they are fixed : ) -- SCITT mailing list SCITT@ietf.org<mailto:SCITT@ietf.org> https://www.ietf.org/mailman/listinfo/scitt -- ORIE STEELE Chief Technology Officer www.transmute.industries [Image removed by sender.]<https://transmute.industries/>
- Re: [SCITT] Internet-Draft draft-ietf-scitt-archi… Robin Bryce
- Re: [SCITT] Internet-Draft draft-ietf-scitt-archi… Dick Brooks
- Re: [SCITT] Internet-Draft draft-ietf-scitt-archi… Orie Steele
- Re: [SCITT] Internet-Draft draft-ietf-scitt-archi… Robin Bryce
- Re: [SCITT] Internet-Draft draft-ietf-scitt-archi… Robin Bryce
- Re: [SCITT] Internet-Draft draft-ietf-scitt-archi… Dick Brooks