[Secdispatch] Requesting agenda time for draft-halen-fed-tls-auth

Stefan Halen <stefan.halen@internetstiftelsen.se> Wed, 06 July 2022 13:28 UTC

Return-Path: <stefan.halen@internetstiftelsen.se>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4F33C14F73D for <secdispatch@ietfa.amsl.com>; Wed, 6 Jul 2022 06:28:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=internetstiftelsen.se header.b=P+OBGNs5; dkim=pass (1024-bit key) header.d=internetstiftelsenisverige.onmicrosoft.com header.b=aj/5hfHq
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jt_jedsDCr3d for <secdispatch@ietfa.amsl.com>; Wed, 6 Jul 2022 06:28:40 -0700 (PDT)
Received: from relay2.iis.se (relay2.iis.se [IPv6:2001:67c:124c:7317::16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E73A5C14F74E for <secdispatch@ietf.org>; Wed, 6 Jul 2022 06:28:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=internetstiftelsen.se; s=iis2015; h=mime-version:content-transfer-encoding:content-id:content-type:message-id: date:subject:cc:to:from:from; bh=P1QOnETVJEAX77B1EEleLG5lMaeavFyR55/KZy7YAeo=; b=P+OBGNs5vg29ueUmdJ9T4oo9kzXzHMjVXyc/o149V+1NJlR32K83YGGQa6hWtmxGIFlTIPtIdcDZ7 5BDoF7LEcpQsNL7wMu4MJrR6Ijk4B1zdRSiXTVQIuvjVgSBTUu3mmlUxgp/d8Lw+hZhr8NHy/FhYUa C1xT9ElhUo+KYgZ0=
Received: from emea01-obe.outbound.protection.outlook.com (mail-swedencentralazlp170120004.outbound.protection.outlook.com [2a01:111:f403:c202::4]) by relay2.iis.se (Halon) with ESMTPS id 8868a403-fd2f-11ec-a12f-00505682e997; Wed, 06 Jul 2022 13:28:33 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QHlcsFiawJJ2Z/rdUKpaBN+g6Yx395QGod56xe+R5HGmGAjwKIUptJNLhj5EH3C0FlH3Zj9MplGP2BDtKr8k5JPqO1tUM+MSZAudpUbRsO2GCwZ8LfbcVxUltOYnbcC/yzI+WxFUyKmTIlNzEonfyLmcY64zk+yYnUjuBS5oWtLcAz9aFJoXuqbFVQD0pcg5FIjEEHBEMX8N61g+RGCbAsiZwK3ggjgzMJfMPsEK3Vfw/gNZf7oTZJqEjcFAGJG06juLHNCGPyD50qkHZnRUMhw74f6pXOKJEo5dF+Zmf4S2dRQrLdqu/3gCG8CxT+tB0uswDTTrvULv7jMmz4cV8g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P1QOnETVJEAX77B1EEleLG5lMaeavFyR55/KZy7YAeo=; b=nb053n5Tlj0M8yEgGc4X2AJcfhLykgs7E0QGDMIgGKZNmFkQvjDYDcNsiyTeaFEXiq+GDpqoJ7kg23EhuKBvfEAPFztKxuasPEkg3juoV0x0cCYLQUcaUrol9ZXSy8WmF0qhneRfXVIAM8fyLNzEez4cdXyBReD7zi4BZxhkKvM9F3pUPSwY+7OLryz404yV0GqtXKSnZYrHa/siYr+tDOs2Byy1deVFxVELfDNNEpmwBhs3vW70IVg6pOOW3pBEwgZuGsigfcOjGXEXPyqIuMFNnkyXy6dckH6Ch4illDZ+/2jzKczCgnqH5DJBFMFKenOodq5dch9LYNtR5QKxGg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internetstiftelsen.se; dmarc=pass action=none header.from=internetstiftelsen.se; dkim=pass header.d=internetstiftelsen.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=internetstiftelsenisverige.onmicrosoft.com; s=selector1-internetstiftelsenisverige-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P1QOnETVJEAX77B1EEleLG5lMaeavFyR55/KZy7YAeo=; b=aj/5hfHqiDasL+Py+S45L9JSx+O2Fi6lEK5zel4OltNEc3xb+K5rFFV94vfB4JmNCzbNfG1+vVSBgdbU78ECrOJaE6JPsPW4d6pUCq3NA4xK5rIVPssIeS+pG5opGVq+abGsA5YsISXJSHB9zvk9DQ86zkHf0kbp7ndcBV5OfGA=
Received: from GVZP280MB0427.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:46::13) by GVZP280MB0299.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:46::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5417.16; Wed, 6 Jul 2022 13:28:32 +0000
Received: from GVZP280MB0427.SWEP280.PROD.OUTLOOK.COM ([fe80::f000:a535:a77b:62bd]) by GVZP280MB0427.SWEP280.PROD.OUTLOOK.COM ([fe80::f000:a535:a77b:62bd%6]) with mapi id 15.20.5395.021; Wed, 6 Jul 2022 13:28:32 +0000
From: Stefan Halen <stefan.halen@internetstiftelsen.se>
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
CC: "secdispatch-chairs@ietf.org" <secdispatch-chairs@ietf.org>
Thread-Topic: Requesting agenda time for draft-halen-fed-tls-auth
Thread-Index: AQHYkTxJZh+3w1CapU6UncoT060w2w==
Date: Wed, 06 Jul 2022 13:28:32 +0000
Message-ID: <e5685a29-f8b6-f44a-ad8a-cda5da1c1e75@internetstiftelsen.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=internetstiftelsen.se;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cb641a0f-0f43-4498-bf40-08da5f536c00
x-ms-traffictypediagnostic: GVZP280MB0299:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yZC1kdWbz/+fjAG+WezvTpKz7K+6ET+L1uH8yn2adho7DLElu6nHNqfiJSD/z6ZilOXFhqV84R44QCfyf625r9kcPOxO3yt7hObZpAEYeYHEZcHzy/K6X49BALRX2Z4PwqV6ykMf6ebsa9vyQVVo/Fm9Mb2+evDc3Nz/8hB8qcLLoOcSNGShlnWyVNGeNnebxXkieLnjNIwckTBxeOmjPBQ4zmYcjp0NBAyyvNtYbA/rOGin5+ODTR8wkCDXwaL0niYEf0OtW4XR809yyeL1vEbyomfSclwGI73H2ii0jDYBgSmPTh8Glo3q7aDlYEnYdL4XaCr6xjvZXrtYuN3clF/PcxhsK9OWU5+Z62JsHa70ZQp22UATsg72YtyVukWEiRF3zPTe3MAog1V07j9R1Uu4NM8f1qBScLjmwD22WSUB5iLiocduAVZekLRpA30INWd3YjVtUdwEEFKZgwASLjE7Ief2nvcZ9Ua1g5c1WV3yCHAsuaco/VGUaGnobVcudjc6Skg05y/ljG3o5K7M84ydN3J5WIBEmTPjRfLrDRrFBEpsuh+OtrchuJdDqLXs4tIqZlUKMCoI2mqJBHXw0fw/CTgTNhItRAT53TGdcIVCZWeyxyLKPG3cxCpRJIeF1IV6Xx4mLF2tiUQ9CTchXnjoS5IQr6IISdK3K4c9yf0kjWu1L+3eEYxauBQ9lPZQsXeOoWupXwpxEYMSVHknwT+YY/ozD4XV4AhT3Ei5LjHiz7vVoWDMYhhHnO075rxFEk5Fg9NOdlV/zdd+fzpSxOSjVCN3tTiKF1NG1tBq6c7urgE0+X0I89tFaOM2WO8BVkFXCz2xRc614r9BUabUJrbV0k5GttR0gdVM5IqsvDXTqe+ykttD5eHw+XiubB2fbLtU2SyNoGu6TFkWDA7lWw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVZP280MB0427.SWEP280.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(366004)(396003)(136003)(39840400004)(346002)(5660300002)(41300700001)(4326008)(8676002)(66556008)(66946007)(76116006)(66476007)(64756008)(66446008)(186003)(6506007)(478600001)(316002)(6486002)(2906002)(966005)(8936002)(44832011)(122000001)(38070700005)(2616005)(38100700002)(86362001)(6512007)(26005)(83380400001)(71200400001)(66574015)(31696002)(31686004)(36756003)(6916009)(450100002)(45980500001)(43740500002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ATPKF2Rxlwp2nWa2u8I9PniRf0sE8ztBS5rAehWfsjkD24orOOHtsfJMw/4SJUG+x8y578uJOZFsDzL49LDR3JEXBxekcxZh2tFk0GKSnqhl2BOVA7C+tdv0uyiy5gxw2OIIlow5DCneViLi1b6kl5m/lCI7gW0vhyBg7UxF6H4kVfLyvijZ6ZDeNgXLRUfKLD8apYavvrfAzqdR9ahduYVfkXGSfvn9KqvLKWAG9mwSH9jkScP7VZ0hIwlBRdKC5kVIclvFXvfda9z7vnYM5Vt6RTKqCx3fAeUFx/X+P+HW/JdF+u8GlbSSuRtQ3XbWSqOQ6aP9lVgz3hvRpCNO1P5G9qCYN6+AASVk0movj2MK1ygVbzdfp3ugmVN+wiN+9yAaYmGlCDOz0dzKFhcgrkHO1YCmzbVQr183a8Lhx5IGDGcYtwY25RL1e0Iw9GEQJU94aFkh3QWsszNqLf04ccX3tkUSuM013Fkd3gVpAHxmz9mvq9lqWBnro+NCk7HN/0oteCPwpfnpW+kTuZWz5Fjn++RU1H9KCcsELzN+ZskBJyPPiN0EmfolP6XW1JvVbfgyvxzz5QxtCO/oOXGO1cGZP3KEXP+B7Hm8xhGrbrTl4+290oAu8zyiJgFVpidBYBQ16H66sGk2uf7hbFi30NL7s2yuU4MEZuyi7du3jLxh5tMQZRLy8x0AapPs8MiqkyfUAl0onjgNZElE1H+uNPM9CugGy8Z6o0sBFkPLTiX13Gp5nFEOvzz+8yS4pS12CEZ7VG+Rixx8sNo9yBTWtPSO983O1faKtF7UDKwrahccviNI15M1Z6D2stqLDbFtWMf/edtlA1jIh+LgNdw5DXI5zaA8xkOoY1tZvDHdG/F5GLv9K1Qm9bKclQyKlcXFnG442dkxEz4NQZNCKJAw+NCRQQoiSYqpNqpc75puRzbz9DU5FEjRzQiBt9AeIrliXopBCAe0Tnt6Jc5rYDU05US2Xae0zDgvUsgI+PqB79qMaz59GDRjB7/DIb/lofeJTxPVujR0Vc0LoRwvOGvPtsiLVKq98XAMvQ4IPQo5fgiv+6GB4rGK73ZmFhaovRmfcB0E2d1y+rLe5AIxr3h9IF+2JPi2Bin4mx2Ucrt6GL926n5Vgi58EHZQAk96i1hn5KxuBqNgNl0REH2HJEgfK6//HhfkpjEW0+PGsd00YKhl0jEWGw26GyAO5JmAFSjLl+lKV7HucVsh/FFLEL7gWtJFaRwgFuOH07Q9+ZBTPpIY5VyQGi73SsQU2PLSoSr4fjZJGp+FlyDORsQ8dE9xaJwuYJnS/YvLCJ2ZcwLGsrJEKhZ8BOyef72tE96/BVWXZsp/VelzoFgM2/vfw4u6x9fLr/TP/qqxvgcSE24srLpf//wIjuu8DfSVDLxbJbQ12nUKiuSd0QcstjQkYktG4W735ZIbEY6iRGf2ajR/O5bwItYOScG384bXok8nnwqgJuBrehtyNcmeDZwglEZm59uFxE0LTrx1f+rQSqqlbUeRaR1LSe3yUgoYVWY1gksl4iOERyXkN0vvx2Z+dHR/F1jVKrANmvvYKgxZ8sraqGIR2l9YqWrPFn2f4HZd7FgHamfhAVVfYHssYGaFezCV0Q==
Content-Type: text/plain; charset="utf-8"
Content-ID: <62E34D99ABF31D42AFA11825F4D61DF1@SWEP280.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: internetstiftelsen.se
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVZP280MB0427.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: cb641a0f-0f43-4498-bf40-08da5f536c00
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jul 2022 13:28:32.5103 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c2aa68f8-18f3-48ae-81ba-02301d121d9a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Z4iVqbKfxLE32eC/Cr5yPu+Llu9GVvWsd0UQO1NEznxOozxy2nsV5632NnpDClJ8UpFujzLZXCi4wqvM33uOLgSq8dlBGDmxoHnqGoRBuz0dONH3qiRQZj+NmXdieLch
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVZP280MB0299
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/AKuwAZTiwfhIE0qfHUhngGw6F3w>
Subject: [Secdispatch] Requesting agenda time for draft-halen-fed-tls-auth
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jul 2022 13:28:44 -0000

Hi Secdispatch,

I would like to request agenda time at IETF 114 for dispatching
draft-halen-fed-tls-auth
https://datatracker.ietf.org/doc/draft-halen-fed-tls-auth

Time: 15 min

The draft describes how to federate machine-to-machine authentication
using already well-established protocols. Federated TLS Authentication
(FedTLS) is a simple layer on top of TLS utilizing mutual TLS and public
key pinning to establish a secure end-to-end channel. Information about
the peers (e.g., organization, certificate issuers, pins) are aggregated
and published by a federation as a JWS.

Background

In Sweden we are running a SAML federation and a FedTLS federation for
the school sector. The school's administrative processes are digitized
and automated. There is also a standardized protocol that enables
schools to automate the User Lifecycle Management (ULM) for remote
services. One of the stakeholders is the National Agency for Education.
They will use the FedTLS federation to secure the ULM API for the
digital national tests. FedTLS is also used for license management and
for ordering digital teaching material and more to come. We are also
considering providing FedTLS as a service in the federation for the
Swedish health care sector.

Open Source implementations:
https://github.com/Sambruk/EgilSCIM
https://github.com/joesiltberg/bowness
https://github.com/Sambruk/windermere

Feedback is greatly appreciated.

Regards,
Stefan Halén
The Swedish Internet Foundation