[Secret] BoF Follow-up on charter definition
Matthew Byington <mbyington@apple.com> Tue, 15 February 2022 17:22 UTC
Return-Path: <mbyington@apple.com>
X-Original-To: secret@ietfa.amsl.com
Delivered-To: secret@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 222343A09D6 for <secret@ietfa.amsl.com>; Tue, 15 Feb 2022 09:22:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.675
X-Spam-Level:
X-Spam-Status: No, score=-7.675 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5IQJDvhdP_ml for <secret@ietfa.amsl.com>; Tue, 15 Feb 2022 09:22:44 -0800 (PST)
Received: from ma1-aaemail-dr-lapp02.apple.com (ma1-aaemail-dr-lapp02.apple.com [17.171.2.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D7293A0B91 for <secret@ietf.org>; Tue, 15 Feb 2022 09:22:44 -0800 (PST)
Received: from pps.filterd (ma1-aaemail-dr-lapp02.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp02.apple.com (8.16.0.42/8.16.0.42) with SMTP id 21FHA0xY046988 for <secret@ietf.org>; Tue, 15 Feb 2022 09:22:43 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : content-type : content-transfer-encoding : mime-version : subject : message-id : date : to; s=20180706; bh=eUprUs6mi+hZ4WqtFggMd5Z3XjWs0yVne1/4uuA5sS8=; b=j9Ava24dptkDNhHMa01qrfqnTFkzSrOScgAM7MOqUobr2CtVkZN0d2UqikapMnG/ujHl CjkU4eVUXF6DAN2i3w69ZW3u9DEEkctebtY79zhLQOSw0UujUMUoL9EF5QDnkR2qINoY iZhlLHCW9OBhmwlrrFZgl7+VrbLA5+I5lOzirfhaF7XA0YYMaPI+7aD5C4zNhFVGeM4l MFPJfzw5NU7hiTcGUY1wLUGasepRmntaJieGYiGD5fisD+aYygaJewbmFddf3YJIXfgy bikTE5Au+BBIU27XwKaJj3wCuM4ZwzQoq1E9fqzK01usJ8Q9eQqXXi5O3/6XoaYrG61x hQ==
Received: from rn-mailsvcp-mta-lapp01.rno.apple.com (rn-mailsvcp-mta-lapp01.rno.apple.com [10.225.203.149]) by ma1-aaemail-dr-lapp02.apple.com with ESMTP id 3e6aexqhus-5 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <secret@ietf.org>; Tue, 15 Feb 2022 09:22:43 -0800
Received: from rn-mailsvcp-mmp-lapp02.rno.apple.com (rn-mailsvcp-mmp-lapp02.rno.apple.com [17.179.253.15]) by rn-mailsvcp-mta-lapp01.rno.apple.com (Oracle Communications Messaging Server 8.1.0.12.20210903 64bit (built Sep 3 2021)) with ESMTPS id <0R7C00WLWW9T75I0@rn-mailsvcp-mta-lapp01.rno.apple.com> for secret@ietf.org; Tue, 15 Feb 2022 09:22:41 -0800 (PST)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp02.rno.apple.com by rn-mailsvcp-mmp-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.12.20210903 64bit (built Sep 3 2021)) id <0R7C00C00W7N8S00@rn-mailsvcp-mmp-lapp02.rno.apple.com> for secret@ietf.org; Tue, 15 Feb 2022 09:22:41 -0800 (PST)
X-Va-A:
X-Va-T-CD: 2a3e8a854bc1bbd3eec9719f68b9d1ab
X-Va-E-CD: a9154d586cff486e3614e68b42f2a455
X-Va-R-CD: c8090e380128fe2cc57951e95877ed3c
X-Va-CD: 0
X-Va-ID: a78a772e-f9d0-4de8-85e7-bbd70d7fd30a
X-V-A:
X-V-T-CD: 2a3e8a854bc1bbd3eec9719f68b9d1ab
X-V-E-CD: a9154d586cff486e3614e68b42f2a455
X-V-R-CD: c8090e380128fe2cc57951e95877ed3c
X-V-CD: 0
X-V-ID: 7fa93552-5484-49a2-b02d-a6a235d0b960
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.816 definitions=2022-02-15_04:2022-02-14, 2022-02-15 signatures=0
Received: from smtpclient.apple (unknown [17.149.236.162]) by rn-mailsvcp-mmp-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.12.20210903 64bit (built Sep 3 2021)) with ESMTPSA id <0R7C00NGSW9TOF00@rn-mailsvcp-mmp-lapp02.rno.apple.com> for secret@ietf.org; Tue, 15 Feb 2022 09:22:41 -0800 (PST)
From: Matthew Byington <mbyington@apple.com>
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: quoted-printable
MIME-version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Message-id: <7C07A6C7-15CE-442D-87CD-3D8825E11313@apple.com>
Date: Tue, 15 Feb 2022 09:22:41 -0800
To: secret@ietf.org
X-Mailer: Apple Mail (2.3654.120.0.1.13)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.816 definitions=2022-02-15_04:2022-02-14, 2022-02-15 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secret/bmLYuQg0FClvu8jxLRnMgNg7wKk>
Subject: [Secret] BoF Follow-up on charter definition
X-BeenThere: secret@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Credential Transfer <secret.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secret>, <mailto:secret-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secret/>
List-Post: <mailto:secret@ietf.org>
List-Help: <mailto:secret-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secret>, <mailto:secret-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2022 17:22:46 -0000
Hi everyone, I wanted to thank everyone who participated in our BoF last week. I thought that it went great and all of the comments, questions, and feedback were very useful. Some folks put up Pull Requests to modify the charter text per our conversation at the BoF (thank you to those that did) and we made some other changes. I wanted to send the new charter text below and ensure that we’ve captured the feedback appropriately. Please respond to this list if you think that we should make further modifications. Thanks! Matt ============================== There are many situations in which it is desirable to share a digital credential with another person. For example, you may want to provide access to your vehicle to a friend or a family member. You may also want to provide access to your home to your cat sitter. Or, you may want to share a hotel key with your spouse. Today, no such standardized method exists in a cross-platform, multidisciplinary capacity. The WG charter includes the definition and standardization of a protocol that will facilitate such credential transfers from individual to individual. The protocol will leverage a “relay server” to transfer data from sender to recipient. The scope of the transfer is limited to a single origin device and a single destination device. Privacy goals include: • The relay server should not see sensitive details of the share • The relay server should not be able to provision the credential itself, acting as an intermediary for the recipient (MiTM) • Aside from potentially the IP address, the relay server should not learn the identity of the sender or receiver Sufficient security measures should be embedded in the protocol in an effort to: • Ensure only the intended recipient is able to provision the credential • Ensure the credential can only be provisioned once (Anti-replay) • Ensure the sender has intent to share (secure user intent) The solution the WG comes up with must: • Allow a sender to initiate a share • Allow a recipient to view the share request, and provision the credential associated with the share upon receipt • Allow dynamic message formats based on the credential type • Allow sender device and receiver device to quickly perform multiple round trip communications Out of scope topics for the proposed WG are: • Defining the mechanism the receiver will use in order to provision the credential • The WG will define the full set of different credential types that could be shared. A subset of these credential types adhere to a public standard. For these credential types, the format of the Provisioning Information shall be defined by the appropriate standard. Other credential types may be proprietary. For these credential types, the protocol the WG aims to establish shall not define the actual format nor content of each field within the Provisioning Information. • The User Interface (UI) that is displayed to the sender or receiver during sending or receiving - this will depend on the device OEM’s UI and HI guidelines. The WG will deliver a protocol to facilitate secure credential transfer. The WG must consider all Privacy and Security considerations in an effort to perform the credential transfer in a secure manner. The protocol will use appropriate cryptographic mechanisms to protect the transferred credentials in accordance with the security and privacy goals described above. ==============================
- [Secret] BoF Follow-up on charter definition Matthew Byington
- Re: [Secret] BoF Follow-up on charter definition Michael Richardson