IETF Logo Mail Archive

Re: [Secret] Call for consensus on updated charter

Brad Lassey <lassey@google.com> Thu, 16 June 2022 15:16 UTC

Return-Path: <lassey@google.com>
X-Original-To: secret@ietfa.amsl.com
Delivered-To: secret@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8942C14CF12 for <secret@ietfa.amsl.com>; Thu, 16 Jun 2022 08:16:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.609
X-Spam-Level:
X-Spam-Status: No, score=-17.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f84wrjDHcq7o for <secret@ietfa.amsl.com>; Thu, 16 Jun 2022 08:16:42 -0700 (PDT)
Received: from mail-yw1-x1130.google.com (mail-yw1-x1130.google.com [IPv6:2607:f8b0:4864:20::1130]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 520CFC14F739 for <secret@ietf.org>; Thu, 16 Jun 2022 08:16:42 -0700 (PDT)
Received: by mail-yw1-x1130.google.com with SMTP id 00721157ae682-31772f8495fso16102707b3.4 for <secret@ietf.org>; Thu, 16 Jun 2022 08:16:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=nJTrxDEhCT825qxgKnPl4zFJdPy+iaEORdj4NQHb4m4=; b=Jj8qjbmMwqBJg1EchIpwKV+trgvG9rAAWJ4rZQNFs8EKiglTvcxRQOVIhGKJKl3s5N H76+LFL+ER+JxZ6lBx+IjcOYZ9J/vn6lzbvSQ/t14oqO/s+wXxkkVW+dpHDeErCvEcSK XD2PXTmKQjNTFAIGermL9425KytW9SwEQXPIO878dXEbiPMJ2EWAEOJ5kPG9vVsLeS8T B3XtonUsXcH5pm6GDEH0y652JTER/5Jc6KsVmFpRKrDUDY0dAZCSNWtoV7Ivw9sK+CBb 1g6zJliUpdwYHxK3zluY4phM8MUSWHP1WrACc64sLyOHjce73njoa7yBzcske2/gsMwo vMig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=nJTrxDEhCT825qxgKnPl4zFJdPy+iaEORdj4NQHb4m4=; b=zLpA5WrEmqINdx2D62tSRIaBJ83TxIW3xlgSB5bJyz/Ux5b4Tz93bZ8FfLwmkiAm4J HEVhQQrPD1HDcHK2o1VBAdSAft5QtmZM1C5KGqwbm6rbrvNclJK/Ykdka2BLlH9dgm7D GZWLc71bFtjYKVxy7dCPEA2hGk8SGYkS1Tssk2Z5GLmVh/2xlElcv71G/jDZ7B6nRhPk gMmxLX1mqVEY5Kdei0fIae5/xgIctyxlN4GRKQBviAM+YEQugWNqk8Tgli3JoO+8GL24 d5pl0T8ffgLzs1d/oWB0h5DBjmAbY6zcXVkmrvdYkeO+JRlc15FJSfXYnRYuxvSsCZiV I6fg==
X-Gm-Message-State: AJIora9qePDkujWpe/rwvk6TiHxng8kulbVHrWcKzL0HhX0oIyucsddb hSHrqN2N2r5698gb8r9ltlL5hnYdibZ/FOkTA6SNag==
X-Google-Smtp-Source: AGRyM1vahPDeA3epGu5n0afZ+RBHNXPDJSrKwyvNzbi5CA4SOkmQ0GqZCXeYJnITTVw3U8J7GX6smBYnazUgMavugqw=
X-Received: by 2002:a81:1047:0:b0:313:b541:72a1 with SMTP id 68-20020a811047000000b00313b54172a1mr5964136ywq.314.1655392601072; Thu, 16 Jun 2022 08:16:41 -0700 (PDT)
MIME-Version: 1.0
References: <BN2P110MB1107927315F65D68D266C26EDCAA9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <CAA1-vB37_fiLuUEkfM+eL8Rh6MOoaYNCXt-yoR2h8k53FTnQcw@mail.gmail.com>
In-Reply-To: <CAA1-vB37_fiLuUEkfM+eL8Rh6MOoaYNCXt-yoR2h8k53FTnQcw@mail.gmail.com>
From: Brad Lassey <lassey@google.com>
Date: Thu, 16 Jun 2022 11:16:03 -0400
Message-ID: <CALjsk17BKUHf3xuVbfBiMZ4VWFBKswZT+29VUHU6YmWWZqOwYQ@mail.gmail.com>
To: Prachi Jain <prachi.jain1288@gmail.com>
Cc: Roman Danyliw <rdd@cert.org>, "secret@ietf.org" <secret@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f3c49805e1921f0d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secret/8V6maQDm-z0Urp6X0BnUwl55kf4>
Subject: Re: [Secret] Call for consensus on updated charter
X-BeenThere: secret@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Credential Transfer <secret.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secret>, <mailto:secret-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secret/>
List-Post: <mailto:secret@ietf.org>
List-Help: <mailto:secret-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secret>, <mailto:secret-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jun 2022 15:16:44 -0000

I support the charter and I'm willing to review WG drafts. We (Google) are
planning on implementing these drafts.

-Brad


On Thu, Jun 16, 2022 at 9:39 AM Prachi Jain <prachi.jain1288@gmail.com>
wrote:

> I support the charter and am willing to help with it.
>
> 1) Do you support the charter text? Or do you have objections or blocking
> concerns (please describe what they might be)?
> Yes and no concerns
> If you do support the charter text:
> (2) Are you willing to author or participate in the developed of the WG
> drafts? yes
> (3) Are you willing to review the WG drafts? yes
> (4) Are you interested in implementing the WG drafts? yes
>
>
> -Prachi
>
> On Tue, Jun 14, 2022 at 5:24 PM Roman Danyliw <rdd@cert.org> wrote:
>
>> Hi!
>>
>> In February 2022, the virtual SECRET BOF was convened [1].  We had a
>> robust discussion on the scope of work and an initial charter presented --
>> see the minutes [2].  Polling of the BoF participants showed a healthy
>> consensus on understanding of the problem and interest to solve it in the
>> IETF.  There also appeared to be a critical mass of energy to do this work.
>>
>> The BoF feedback and subsequent AD review pointed to a few places for
>> refinement to the charter, to include changing the proposed name of the
>> WG.  That version is included below for your review.
>>
>> The participants in the BoF showed consensus to proceed with chartering a
>> WG.  Now with a revised charter, I'd like to continue this BoF conversion
>> with an email thread to gauge interest to forming a WG to ensure we also
>> capture views from those who were unable to attend the BoF or those who
>> want to reiterate their positions.  Please respond to the list:
>>
>> (1) Do you support the charter text? Or do you have objections or
>> blocking concerns (please describe what they might be)?
>>
>> If you do support the charter text:
>> (2) Are you willing to author or participate in the developed of the WG
>> drafts?
>> (3) Are you willing to review the WG drafts?
>> (4) Are you interested in implementing the WG drafts?
>>
>> If you previously spoke of at the BoF, you are welcome to repeat yourself
>> here.
>>
>> If you have been following along on the mailing list, the charter text
>> below is the one that was being polished in GitHub (
>> https://github.com/dimmyvi/secure-credential-transfer/blob/main/charter.md)
>> with the milestones moved to the end.
>>
>> This call for feedback will end on Monday, June 27.
>>
>> Thanks,
>> Roman
>>
>> [1]
>> https://datatracker.ietf.org/meeting/interim-2022-secret-01/session/secret
>> [2]
>> https://datatracker.ietf.org/meeting/interim-2022-secret-01/materials/minutes-interim-2022-secret-01-202202100900-00.html
>>
>> ==[ snip ]==
>> WG Name = TIGRESS ("Transfer dIGital cREdentialS Securely")
>>
>> There are many situations in which it is desirable to transfer a copy of
>> a digital credential to another person. For example, you may want to
>> provide access to your vehicle to a friend or a family member. You may also
>> want to provide access to your home to your cat sitter. Or, you may want to
>> transfer a copy of a hotel key to your spouse. Today, no such standardized
>> method exists in a cross-platform, credential type-agnostic capacity.
>>
>> The WG charter includes the definition and standardization of a protocol
>> that will facilitate such credential transfers from one person's device to
>> another person's device. The protocol will leverage a "relay server" to
>> transfer data from sender to recipient. The scope of the transfer is
>> limited to a single origin device and a single destination device. Note
>> that neither private keys nor secret symmetric keys present on the sender's
>> device are exchanged during the transfer operation. In the transfer
>> protocol, the "credential" being transferred from sender to recipient
>> comprises data both necessary and sufficient for the recipient to exchange
>> with the credential authority for new digital key material granting the
>> recipient a subset of the sender's capabilities or entitlements.
>>
>> Privacy goals include:
>> * The relay server should not see sensitive details of the share
>> * The relay server should not be able to provision the credential itself,
>> acting as an intermediary for the recipient (person-in-the-middle,
>> impersonation attack)
>> * Aside from potentially the IP address, the relay server should not
>> learn the identity of the sender or receiver
>>
>> Sufficient security measures should be embedded in the protocol in an
>> effort to:
>> * Ensure only the intended recipient is able to provision the credential
>> * Ensure the credential can only be provisioned once (anti-replay)
>> * Ensure the sender has intent to share (proof of the fact that the share
>> initiation is attributed to a valid device and a user)
>>
>> The solution the WG comes up with must:
>> * Allow a sender to initiate a share and define a relay server
>> * Allow a recipient to view the share request, and provision the
>> credential associated with the share upon receipt
>> * Allow opaque message content based on the credential type (the protocol
>> should be able to carry various types of credentials)
>> * Allow sender device and receiver device to perform multiple round trip
>> communications within a limited time frame.
>> * Support a variety of types of credentials, to include those adhering to
>> public standards (e.g., Car Connectivity Consortium) and proprietary (i.e.,
>> non-public or closed community) formats
>> * Allow opaque message content based on the credential type
>>
>> Out of scope topics for the WG are:
>> * Defining the mechanism the receiver will use in order to provision the
>> credential with the credential authority
>> * The User Interface (UI) that is displayed to the sender or receiver
>> during sending or receiving - this will depend on the device OEM's UI and
>> HI guidelines.
>> * Defining the format or content of each field within the encrypted data
>> (i.e., the provisioned credentials and associated information) stored on
>> the relay server.
>>
>> The WG will deliver a protocol to facilitate secure credential transfer.
>> The WG must consider all Privacy and Security considerations in an effort
>> to perform the credential transfer in a secure manner. The protocol will
>> use appropriate cryptographic mechanisms to protect the transferred
>> credentials in accordance with the security and privacy goals described
>> above.
>>
>> Planned Deliverables:
>>
>> 2022-12: WG adoption of the secure credential transfer protocol
>> 2023-12: Submit secure credential transfer protocol to the IESG for
>> publication
>> ==[ snip ]=
>>
>> --
>> Secret mailing list
>> Secret@ietf.org
>> https://www.ietf.org/mailman/listinfo/secret
>>
> --
> Secret mailing list
> Secret@ietf.org
> https://www.ietf.org/mailman/listinfo/secret
>

v2.23.0 | Report a Bug | By Email