Re: [Secret] Secure Credential Transfer (secret) BOF Virtual Meeting: 2022-02-10
Sean Turner <sean@sn3rd.com> Tue, 08 February 2022 15:49 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: secret@ietfa.amsl.com
Delivered-To: secret@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62DEB3A12CA for <secret@ietfa.amsl.com>; Tue, 8 Feb 2022 07:49:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UFFANM39YhIU for <secret@ietfa.amsl.com>; Tue, 8 Feb 2022 07:49:00 -0800 (PST)
Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4D433A11C4 for <secret@ietf.org>; Tue, 8 Feb 2022 07:48:42 -0800 (PST)
Received: by mail-qk1-x732.google.com with SMTP id bs32so14043043qkb.1 for <secret@ietf.org>; Tue, 08 Feb 2022 07:48:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Vt4enJ+CZiY8/XuEjtSLiYQA4/v+J7yDocuEyQbxE9c=; b=E0cIAjTg6teCDLnY2rhh6uvI28ouMf7uEOYAIalUvXWKGbadjeSssdE8q5xDTDrATM 20ByhFjmijvaiaUPjlmbkjNhQytwbEcZ+yWrhxN/yhXY1neAmKzUmI7q0QxSReqrI0OV AP3PzvjrMxZdC+yC6pjgW1cQlvyG+EgZlQV34=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Vt4enJ+CZiY8/XuEjtSLiYQA4/v+J7yDocuEyQbxE9c=; b=bkr8RXc7Us5Vw0sC3UCN0y+7ZE69+yLOIMxg6Ea3BzzpYiNhqWM4FUI0XADwn+tOKN nL40epbyjMR+gpWVdWvOa3MIj9ftC4tyXRNbRCYTxhSKQd86Q8Su7dtcE1AMegNMuzBN kJhvueQCC0/qQm1EzmZgaXvF2FeFBpUrEIeUV9S4MnnN1+Tw6rj0hp0j7rRE3+JOgWC2 8prCfxSDCuv6h83zGsY0+DIp/tzYwkwalAgTqsXN+T6CXR5MGCOLfwvdbG4QHXVfp8bZ HYPV3M4ErczIMCynFX3NWGvcaPgvwogkEMxPpba1BYO4kuypQmzH+teqy0pjXQnQBf7v CY7w==
X-Gm-Message-State: AOAM533Yz+H7/4Quh6pHxr1foYujBkWJmANzXNiTCdaLtonofLwDTRms P4DkrT6dB3N6Y6n1haOQBIWcbWitAU/sKFOy
X-Google-Smtp-Source: ABdhPJwzrgmpnE//dqMPdQqKTulrrj++6GCihhpoi+gj09om2bv5z1PYVTsDFDfAqC5TtH5qSw0a3g==
X-Received: by 2002:a05:620a:c96:: with SMTP id q22mr3000285qki.658.1644335320832; Tue, 08 Feb 2022 07:48:40 -0800 (PST)
Received: from smtpclient.apple (pool-71-178-177-131.washdc.fios.verizon.net. [71.178.177.131]) by smtp.gmail.com with ESMTPSA id j15sm7596388qta.83.2022.02.08.07.48.40 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Feb 2022 07:48:40 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <164321863329.27385.6340387845625300575@ietfa.amsl.com>
Date: Tue, 08 Feb 2022 10:48:39 -0500
Cc: dispatch@ietf.org, secdispatch@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <FDD25C19-0F91-4591-AD9D-37D3D341E296@sn3rd.com>
References: <164321863329.27385.6340387845625300575@ietfa.amsl.com>
To: secret@ietf.org
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secret/Mz0-96AKOMJpJTVGXIH-Gjflj5M>
Subject: Re: [Secret] Secure Credential Transfer (secret) BOF Virtual Meeting: 2022-02-10
X-BeenThere: secret@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Credential Transfer <secret.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secret>, <mailto:secret-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secret/>
List-Post: <mailto:secret@ietf.org>
List-Help: <mailto:secret-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secret>, <mailto:secret-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Feb 2022 15:49:15 -0000
Apologies for the multiple cross-posts. I have uploaded the slides for Thursday’s BOF. Cheers, spt > On Jan 26, 2022, at 12:37, IESG Secretary <iesg-secretary@ietf.org> wrote: > > The Secure Credential Transfer (secret) BOF will hold a virtual interim meeting on 2022-02-10 from 09:00 to 11:00 America/Los_Angeles (17:00 to 19:00 UTC). > > Agenda: > > Intro > Use cases > Requirements > WG charter discussion: https://github.com/dimmyvi/secure-credential-transfer/blob/main/charter.md > Conclusion > > Draft: https://datatracker.ietf.org/doc/html/draft-secure-credential-transfer-03 > > Information about remote participation: > https://meetings.conf.meetecho.com/interim/?short=d1a67502-8fe8-4fc2-bb9b-f2e2f4594bb4 > > The meeting will happen over Meetecho. To join the session, you will need to use your IETF Datatracker (https://datatracker.ietf.org/) login, which you should create ahead of time if you don't already have one. If you have forgotten your IETF Datatracker password, you can request a reset (https://datatracker.ietf.org/accounts/reset/). For more information, see the Meetecho guide for participants (https://www.ietf.org/how/meetings/technology/meetecho-guide-participant/). > > BOF Request: https://datatracker.ietf.org/doc/bofreq-secure-credential-transfer-bof-request/ > > Description: > > We presented the secure credential draft to Dispatch on Monday of IETF week (2021). There was a lot of interest, but folks asked for additional detail on the problem statement, requirements, and use cases. It was decided that we weren’t ready to form a WG right away and instead endeavored to schedule a BoF to review the above items prior to forming a WG. The goal is to allow users with secure credentials on their mobile devices to be able to shares entitlements that these credentials grant to other users. This would be achieved by defining and standardizing a protocol that will facilitate such credential transfers from individual to individual. The protocol will leverage a “relay server” to transfer data from sender to recipient. The scope of the transfer is limited to a single origin device and a single destination device. This system does not exist today in a standards-based, cross-platform and cross-channel capacity. The goal of this BoF is to answer some of the questions that came up during the Dispatch meeting (such as, why can’t these credentials simply be lifted and cloned and then sent to the recipient?). We also want to provide additional detail into the applicable use cases, and some of the security and privacy requirements for the solution. The ultimate goal is to form a WG to discuss the initiative in an ongoing capacity. > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-announce
- [Secret] Secure Credential Transfer (secret) BOF … IESG Secretary
- Re: [Secret] Secure Credential Transfer (secret) … Sean Turner
- Re: [Secret] [Secdispatch] Secure Credential Tran… Michael Richardson
- Re: [Secret] Secure Credential Transfer (secret) … Francesca Palombini