Re: [Secret] Murray Kucherawy's No Objection on charter-ietf-tigress-00-01: (with COMMENT)
Roman Danyliw <rdd@cert.org> Wed, 29 June 2022 17:27 UTC
Return-Path: <rdd@cert.org>
X-Original-To: secret@ietfa.amsl.com
Delivered-To: secret@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1E77C14F733; Wed, 29 Jun 2022 10:27:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qL7aKVQVz-Yq; Wed, 29 Jun 2022 10:27:21 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0127.outbound.protection.office365.us [23.103.209.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 007B2C14F72A; Wed, 29 Jun 2022 10:27:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=LQ7oQzzEXiUHZ1aJkyUAAmVHS5H2IyHeFEo12bZM5AbHWJwN+tqiWd+wbv+ndg1l3rLJ0BbAqyFVVMLb/kewKAUDYRlv38Bj2YYb8xaT3Lrxy/paoIZCSqYUJ0C0c6Nc8JDZXyrDnRYjOSQPfAdUHQbSJIhMlDmWaBMS6cLJ2StDnfgfXXwog7WaUsSbDx9EjdK4ecbOf1HumaBmnf7LueTvPYbMfO7evdtvo8wsw1lr1wc1C0Pk4+8JLyTGjRgldIRf0H0JaVp8KH6yYIZB4oCs3riMkY/Go72ZjGDhaiKr1cf7sdtomuS+jaad2A2hMDakxtChpYPnjFaYVjGRMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NjALv6zRzuF6krdu33bX2MObH8ruDjLscVsydJ4NqYE=; b=mV08XGzJFYId8W3MLeYP18yMU/TCBo5FfL4GnfWVP+hAjlmZ+z5VRFEDAXKCjNYrEQRS7To0o1infoq2y+tfurotkp5pBT5WSOB0OYyN9ZZbr4UFN3l67WVowR0FmzdWwzdRIKLNx5avW+2HsJAazGwWGrm2srAeDVw7kjvYx6X7tbxpLgUuNocbWiZuoRjf4A7/tTupFPWKWkKH3t3K+HNLi6gdKwVE2l8rWD+qjRMkURciKCJlevHgciJUVgwTl9X6K+rB9sm1rowfJw3zhXrollN6VUapwoVSu+3kviumGfhzs1B7ysCs6qhN3KOzc68IIMD3JgejNc3Boo0Hmg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NjALv6zRzuF6krdu33bX2MObH8ruDjLscVsydJ4NqYE=; b=Y3PeUwSCWGB0AUtUsR6cZzmWHt/rxmQkjIl1QAqSxJ1hyrmT+aj+9eR+ltk5vX7UZ1wQXxaJ7tpfNVo4ntOqrcQc7+zV1mJ9sCyKlzHGPFwSPvpt5AYUN2JwGPSTpR3F+uxhsntS/fTrQRnMF0PLHRaR2vZJOfhDHGGXtLdd744=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (52.145.7.11) by BN2P110MB0993.NAMP110.PROD.OUTLOOK.COM (52.145.7.205) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.22; Wed, 29 Jun 2022 17:27:16 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::8d8:1199:53f0:8077]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::8d8:1199:53f0:8077%2]) with mapi id 15.20.5353.024; Wed, 29 Jun 2022 17:27:16 +0000
From: Roman Danyliw <rdd@cert.org>
To: Murray Kucherawy <superuser@gmail.com>, The IESG <iesg@ietf.org>
CC: "tigress-chairs@ietf.org" <tigress-chairs@ietf.org>, "secret@ietf.org" <secret@ietf.org>
Thread-Topic: Murray Kucherawy's No Objection on charter-ietf-tigress-00-01: (with COMMENT)
Thread-Index: AQHYiyiDFVP/7Ymr1U2MM/JK4IOymq1mo1Xw
Date: Wed, 29 Jun 2022 17:27:16 +0000
Message-ID: <BN2P110MB1107D60E1C05F039A1C2E7AEDCBB9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <165644589641.27894.7585176443533912652@ietfa.amsl.com>
In-Reply-To: <165644589641.27894.7585176443533912652@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fe4b1f0d-df71-4cff-48e4-08da59f49ce2
x-ms-traffictypediagnostic: BN2P110MB0993:EE_
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XYRqZVUTWkcbBN19fTQQV5jdaUZDN5DpO/BHJ59O23jG/pMJIKgBFpWj4NJbig9dCBVwyn6UUqhH4DNfV+6RNNvKqd3XROgRWE9d+8hO6qkTzVbQCXGAkByNsJ1m+jyBdD3bdpSh47lObDdSqw+nUcu6mQXouqLPDzXbO5u6IDjLVuYG2itggYPUlf1UAa58wA181V3vuGEHcd+iIJ9N44jFCFrWQFn4b2qNmpihqI/S1H4zYJiT5M16qH4AoJVaj6Xjj0W8BaRryIh01ti6YsI6KQ9ALRzioe7FvWwiBo/Tp50ouZ6VN3VIjMgaOKmke0ETFQPICLvVkIKBPfQ19oloIlpQirc4OR+af9dP+TYj/tbxBKCBTQmOsNwIVYSc2SNlHke18wucBsowF32K3e0YHNyCel0x4niEPLoYaWrzFdZBeSQLnOuZLpFb2LoAb1LDTTEXXG9jNfnMuXj7qa4SI88R1Uz67oukbw+OY2ubSNoqvLqDLFIqQCTNcE14+NaH9CumeKTkJVKevHXxlZc7xgpAMncuVIiJ1deRawTR9J3KYhhsZiIzi7rHcCAzr2ytbE7YDc899e05iygO2U9dGsBL1nR+Kb1Y5xFkCG7EQyEjSZIogoHRMqBmt0K86r8oHYhk3YRCb32eWral+XQcDDOGtcxxoG3644scPC/0q2qbshXWuq9f6ko/vNh5V9cZs/kUTAG72oDKd0NDSonFx4/3O7N+GLMIE2KeAbJYq7XWdyPUwTdcCidfkZ9t
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(366004)(2906002)(64756008)(83380400001)(71200400001)(54906003)(66556008)(8936002)(82960400001)(4326008)(53546011)(66446008)(38100700002)(66476007)(66946007)(76116006)(110136005)(8676002)(55016003)(186003)(38070700005)(6506007)(122000001)(33656002)(498600001)(5660300002)(966005)(7696005)(9686003)(26005)(86362001)(52536014); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Y4XfxtIRnAi2CvsWZRGf6SthTsYI0+o38XFCCW/YOzFr4vyuSZ9oHVrisqgXQoCry8mUFrRswLp7X43ZLfo3Gu5gzfIRbIJTkFTAQUpJb5vWFMdkkOUcHU4tXFjMnFN521J5RYsRc1+Zlw+intUwOwuH71cdsBsHxpAsQZl9a8DRUNINxGEXGHgPi94zxHR5KjYdExUsTGuKrbzpCPqB3VLqEeN7NlNDoCcdwP4E7s33dRSsb1qKe9mXFocnvCjUowUKmG3Bx9P0yggGyxFThAvqeoHAKd/oNyPGqI/XhV0qBN2o1obbOSHwA/ZYzyLL80Vr9VRcCbVQxv7ABIlU5ck8/FE/DKOu6nMtatDMSfiVNWI+4E/NAjiOoOUuZVb2xZ5Hb3zSVB8Dn27pCMYnXetsspuJ3/7O+dWhin6NYho=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: fe4b1f0d-df71-4cff-48e4-08da59f49ce2
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jun 2022 17:27:16.4689 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB0993
Archived-At: <https://mailarchive.ietf.org/arch/msg/secret/r2xD36Xeb-3blwq-bn1nLdK070Y>
Subject: Re: [Secret] Murray Kucherawy's No Objection on charter-ietf-tigress-00-01: (with COMMENT)
X-BeenThere: secret@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Credential Transfer <secret.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secret>, <mailto:secret-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secret/>
List-Post: <mailto:secret@ietf.org>
List-Help: <mailto:secret-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secret>, <mailto:secret-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jun 2022 17:27:25 -0000
Hi Murray! Thanks for the feedback. > -----Original Message----- > From: iesg <iesg-bounces@ietf.org> On Behalf Of Murray Kucherawy via > Datatracker > Sent: Tuesday, June 28, 2022 3:52 PM > To: The IESG <iesg@ietf.org> > Cc: tigress-chairs@ietf.org; secret@ietf.org > Subject: Murray Kucherawy's No Objection on charter-ietf-tigress-00-01: (with > COMMENT) > > Murray Kucherawy has entered the following ballot position for > charter-ietf-tigress-00-01: No Objection > > When responding, please keep the subject line intact and reply to all email > addresses included in the To and CC lines. (Feel free to cut this introductory > paragraph, however.) > > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/charter-ietf-tigress/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > The second paragraph reads like a bunch of decisions have already been made. > I suggest this should be rewritten to specify requirements (if that's appropriate > at this stage) rather than enumerating things that appear to be properties of an > already preferred solution. My understanding from the BoF discussions is that there are certain baseline assumption planned for the solution and this paragraph tries to capture them. Sentence by sentence from the charter: (Sentence 1) A The WG charter includes the definition and standardization of a protocol that will facilitate such credential transfers from one person's device to another person's device. Comment: largely a restatement of the WG's goal (Sentence 2) The protocol will leverage a "relay server" to transfer data from sender to recipient. Comment: a fundamental architecture assumption that the devices won't directly talk to each other (Sentence 3) The scope of the transfer is limited to a single origin device and a single destination device. Comment: another fundamental assumption about the scope. (Sentence 4) Note that neither private keys nor secret symmetric keys present on the sender's device are exchanged during the transfer operation. In the transfer protocol, the "credential" being transferred from sender to recipient comprises data both necessary and sufficient for the recipient to exchange with the credential authority for new digital key material granting the recipient a subset of the sender's capabilities or entitlements. Comment: clarifying language requested from the BoF and subsequent mailing list discussion that the solution space is not about a sending passing a recipient a "key." Roman
- [Secret] Murray Kucherawy's No Objection on chart… Murray Kucherawy via Datatracker
- Re: [Secret] Murray Kucherawy's No Objection on c… Roman Danyliw