IETF Logo Mail Archive

Re: [SPICE] Call for consensus on SPICE charter

Manu Fontaine <Manu@hushmesh.com> Sat, 24 February 2024 16:12 UTC

Return-Path: <manu@hushmesh.com>
X-Original-To: spice@ietfa.amsl.com
Delivered-To: spice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7FB1C14F5E6 for <spice@ietfa.amsl.com>; Sat, 24 Feb 2024 08:12:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hushmesh-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2i9tVVC_zXo1 for <spice@ietfa.amsl.com>; Sat, 24 Feb 2024 08:12:04 -0800 (PST)
Received: from mail-qk1-x72d.google.com (mail-qk1-x72d.google.com [IPv6:2607:f8b0:4864:20::72d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A68E9C14EB19 for <spice@ietf.org>; Sat, 24 Feb 2024 08:12:04 -0800 (PST)
Received: by mail-qk1-x72d.google.com with SMTP id af79cd13be357-787bb0d85eeso90230585a.0 for <spice@ietf.org>; Sat, 24 Feb 2024 08:12:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hushmesh-com.20230601.gappssmtp.com; s=20230601; t=1708791123; x=1709395923; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=gwChvBtV2+bjG1A5S9QJf3y+08LJ/rJxzCVGhA29I9U=; b=tbKMqO70s2+Uj+EboxDh9mV5lrRH0Iz2TtK+rpp4zdJC2mIGu/0Sq18zLZ3nC2bSiL 6teCPb+o6JPG+EgJ1UYIwCUOJ5o4MQ7uLHMf0+oBoe+pkleO5JaawFz/DbikMNp+7+dP bPK8eM0/7oq2pXqs5QYRDipoxVuvO265oOfaI0tWdvBQi9X1db3FbjMRuY8ZtwP4dJDQ 6218ZYBGDQjvcCh7tIWEoIJmXbtPYQYXzc/QyYmcKXGPn8RAVYk0+M0JwX8omv2pWEQD nsd7+1zYaJ6Hgs6G8Ay4xMgG+zRVUhYpBYjdugQvczUIXJPPQhBT0AxnN891UbCzhfWR RbbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708791123; x=1709395923; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gwChvBtV2+bjG1A5S9QJf3y+08LJ/rJxzCVGhA29I9U=; b=ubLArqP7bFtz34mNnRRMOOJ89X82px+/RAI+c1aSIzLhEe9BhkwZFrs3tHlDOn5DVy cRxQUc1JZ+mEEqZHjZLxoPiwj6paofM8glNTmGaC4w3i8ovy+dhmMn6ywM74e+n6voNZ LTsZaMxXLTpFCmAO3/gpNK1Rs2t2pyeY5fTmcosAm6Gkwjsw3CmsEz0lPWr7DPmzFQmu wBI7YVV/or3sN8yPNaLwMU/ulwjLFCT0FHGIkHJljsBhvPHuiAm2nh3FlUqiYazxGhI0 0OQhRDkvHpFETmbNpsCFjoRbbNS0WnK0lR7B/4hDEFVLuuJ1Z6zIbyKhnQH7k2aBfhTn 7l/A==
X-Forwarded-Encrypted: i=1; AJvYcCVpXnsjyBCufVOQeNza5hvqlGHfnKFBRm415Zxr7BzosMCVMdqpJmMro5vUkFth+8YG5xYKZITiUoQryxTR9g==
X-Gm-Message-State: AOJu0YzheNQG/d85rU2Lni4Ld8tryxCrKHo8y5uLpSVgTQs8oPs78qWy sjkpGOI+xq8p9+P1IU2RmxEdF6lSoTv9ArzNM/i4Dp270VMBolIKcmbuLT2wpxQBnzzGbV2sUKF JxLvM5Z5x0ghaCGfR4Qh0ND3KRLpZDXKfdpbMHQ==
X-Google-Smtp-Source: AGHT+IHHuCLIKYic+TM3A+1iP6rrnrIJ51CQev9ahWKBBo2ZYgLXg2mgPwj+S44wCpPb8IY4zEzYLZTXGt8gmCur320=
X-Received: by 2002:ad4:5d61:0:b0:68f:4d6b:d123 with SMTP id fn1-20020ad45d61000000b0068f4d6bd123mr3638204qvb.18.1708791123389; Sat, 24 Feb 2024 08:12:03 -0800 (PST)
MIME-Version: 1.0
References: <BN2P110MB110725C85B7253C421DDFE71DC4BA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <CA+tYtvG3KmYfUdWM9AqMcs=8abjOA1bCYHa5qeJdyRE_WzeF=g@mail.gmail.com> <CAAse2dFGZ3wFDv8FFQyBm5PYXTm0RrBaUYfF3Tum6tReFsemrA@mail.gmail.com> <CANez3f4GzDjpfL1PQCk4M80EUkDvTF1t7sfCES3GHsoO-x1DXQ@mail.gmail.com> <CACsn0cmqd2R5yJMuQYCgqpV4-Q0X442mEGX4RJatEKvu8eW5Lg@mail.gmail.com> <CAN8C-_+ioJab1Qbiu+gBQ_nx-k77_3_koj=kwEJaGhVEEVc1OQ@mail.gmail.com>
In-Reply-To: <CAN8C-_+ioJab1Qbiu+gBQ_nx-k77_3_koj=kwEJaGhVEEVc1OQ@mail.gmail.com>
From: Manu Fontaine <Manu@hushmesh.com>
Date: Sat, 24 Feb 2024 11:11:51 -0500
Message-ID: <CAHu=PL1y3KHcTv3OhopHUiewF5d2hN6_sqBOgmwMaA3wQEGEZw@mail.gmail.com>
To: Orie Steele <orie@transmute.industries>
Cc: Watson Ladd <watsonbladd@gmail.com>, spice@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e7d57d061222ef74"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spice/uEzyq41QdwGRjtclmkcnkT8T1Ow>
Subject: Re: [SPICE] Call for consensus on SPICE charter
X-BeenThere: spice@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Patterns for Internet CrEdentials <spice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spice>, <mailto:spice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spice/>
List-Post: <mailto:spice@ietf.org>
List-Help: <mailto:spice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spice>, <mailto:spice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Feb 2024 16:12:08 -0000

I am reacting to mentions of "hardware", "balance", and "maximalist
positions" regarding important parts of "delivering secure and usable
systems".

Confidential Computing hardware (TEEs) is readily available, and a
blueprint exists
<https://datatracker.ietf.org/meeting/118/materials/slides-118-hotrfc-sessa-05-a-universal-name-system-uns-and-universal-certificate-authority-uca-00>
to solve for global assurance of provenance, integrity, authenticity,
confidentiality, reputation, and privacy for all bits, be they code or
data, for persons and non-person entities. No exotic cryptography required.

The problem space collapses when using Confidential Computing at the
"infrastructure layer". In 2024, identity, authentication, authorization,
data encryption, key management, and credentialing should all be
re-imagined on top of Confidential Computing, if for nothing else than CC
providing attestation+verification of hardware+software integrity. Why
would anyone not want to verify these critical pieces of infrastructure?
#zerotrust

I am still an IETF newbie trying to understand how to bring this work to
the IETF, realizing that it's tricky as it overlaps with many WGs. I'll be
in Brisbane and will schedule a side meeting to give an update on our work
in this direction, and I hope to start/continue conversations with all of
you.

Manu


On Fri, Feb 23, 2024 at 9:58 PM Orie Steele <orie@transmute.industries>
wrote:

> The charter mentions profiles of JWP/CWP, which is from JOSE not OAuth,
> and which supports BBS, but can be extended to other systems, assuming they
> can support similar interfaces.
>
> https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-proof/
>
> I'd personally like to see CFRG publish some lattice based zkp system that
> could offer similar capabilities... Probably, we are years away from seeing
> hardware support for that... I'd be happy to be wrong, as long as the
> lattice system lasts longer than elliptic curve discrete log.
>
> In the informal meetings, which we have had, BBS has been discussed a lot.
>
> As have the consent and privacy issues, and infrastructure costs
> associated with single use key bound credentials, which include ISO mDoc
> and SD-JWT.
>
> Sustainability, privacy, inclusivity and transparency are all important
> parts of delivery secure and usable systems.
>
> Some balance is necessary, because we are unlikely to agree to maximalist
> positions on any one of these important dimensions.
>
> See also:
>
>
> https://datatracker.ietf.org/doc/statement-iab-statement-on-the-risks-of-attestation-of-software-and-hardware-on-the-open-internet/
>
> OS
>
>
> On Fri, Feb 23, 2024, 8:36 PM Watson Ladd <watsonbladd@gmail.com> wrote:
>
>> On Fri, Feb 23, 2024, 5:17 PM Kaliya Identity Woman
>> <kaliya@identitywoman.net> wrote:
>> >
>> > I don't know what you mean by "privacy" Nick.
>> > I think the folks who are in the trenches of developing the protocols
>> of digital identity at least those arising out of the community arising
>> from Internet Identity Workshop community have been very focused on how to
>> best give individual people the most control possible over how they can
>> leverage digital credentials and have worked very hard.
>>
>> Results, not effort, matter.
>>
>> >
>> > We have also come up against very real world constraints - while the
>> BLS family of cryptography that the BBS+ work is anchored in and is
>> progressing through CFRG is fantastic in providing a path forward for
>> really great selective disclosure capabilities.  It isn't finished review
>> and it hasn't been standardized for how to actually use it to create
>> credentials (Although some great companies leading this work have been
>> experimenting).
>>
>> Isn't that the work of standards bodies and companies to develop the
>> tech and standardize?
>>
>> > Even if it WAS ready "now" the phones that are on the market and widely
>> adopted don't have the capabilities to actually do BLS signatures to anchor
>> the credentials to phones.   (for better or worse this is the primary
>> subject holder binding mechanism that European governments have decided to
>> proceed with for the issuance of state issued documents to
>> citizens/residents).
>>
>> I'm not that familiar with secure element design but I have written
>> papers and run code showing that it's possible to achieve these
>> bindings while preserving privacy and not modifying the element. Now
>> there were some mistakes later work has fixed but it is possible: see
>> SAC '21 and the successor that fixes some stuff is a preprint I can
>> share.
>>
>> >
>> > Extensive research into all the possibilities of formats and signatures
>> and bindings was made and I believe that SD-JWT was the best possible one
>> out of the bunch given all the REAL WORLD constraints. (see this community
>> built spread sheet for the details)
>> >
>> > I think we need the SPICE working group in the IETF to actually make a
>> home to continue to progress the work towards even better credentials with
>> better properties. It is specifically envisioned by the folks who are
>> asking for this working group that work on how to do credentials with BBS+
>> signatures would happen in this group once the CFRG review is complete and
>> I know that there are government folks who want better choices then they
>> have now in terms of ways to protect and support citizen empowerment and
>> "privacy".
>>
>> But that's not what the group is being singularly chartered for nor is
>> it combining all this work over the IETF. The debate here is really
>> about what should be done in the group and elsewhere, and if the
>> charter was BBS identity I think a lot of people would support it.
>>
>> >
>> >
>> > If we don't actually make space to move the work forward it can't move
>> forward.
>>
>> No one is saying we shouldn't do BBS based credentials here. We're
>> asking questions about the scope and whether or not to approve
>> mechanisms that don't meet the bar privacy wise without a lot more
>> effort in deployment that's been pushed out of scope.
>>
>> >
>> >
>> > I find it a bit hard to take seriously folks who have not been actively
>> engaged in the community working on digital credentials for people landing
>> down taking one glance around and saying in an off the cuff way "its not
>> good enough privacy" when they have not really taken the time to understand
>> the history, context, real extremely extraneous effort that has been put
>> into achieving the development of reasonable systems within the real world
>> constraints that really exist.
>> >
>> > Maybe it is our job to do a better job to communicate this prior art
>> and significant body of existing work, and really dedicated people who have
>> a real commitment to core positive values.
>>
>> If this community was committed to privacy you'd collectively away
>> when the constraints make it impossible. That's what being committed
>> to values means. Luther did not say "I stand here, and I'll move a bit
>> if it's inconvenient".
>>
>> SD-JWT isn't a minor privacy problem. It lets the government track
>> every time you use a credential online, with active proposals to
>> mandate it for the viewing of "sensitive" materials, a category
>> encompassing some of the most beautiful photography of the 20th
>> century, several Oscar winning movies. Some governments will of course
>> seek to extend this further to Winnie the Poh memes, French Peanuts
>> reprinters, or news Carter-Ruck doesn't like.
>>
>> >  The work has been happening in earnest with a coherent group of people
>> who have been inter-related and working together on this for 20 years.
>> Many of these people gather twice a year at the Internet Identity Workshop
>> and ongoing efforts inbetween happen in bodies such as the Decentralized
>> Identity Foundation, OpenID Foundation, Trust over IP Foundation, Kantara
>> Initiative, various W3C Community Groups.
>>
>> There has been inordinate work on credentials ever since CL01 and
>> CL04, and all of that has been ignored. It could have gone into secure
>> elements: TPM has DAA after all. But instead we get this. The lack of
>> engagement with cryptographers and privacy engineers is unfortunate,
>> but we can't ignore these issues on the basis that the water has
>> passed under the bridge.
>>
>> >
>> > I have only been to the last two IETFs and I was really impressed with
>> the deep collective intelligence and wisdom I saw in action.  I was
>> surprised about how many different working groups who's efforts touch in
>> some way on identity are not intersecting very much or learning from each
>> other (PrivacyPass has quite limited overlap with OAuth work - TIGRESS is
>> working on moving keys between phones/wallets? also not interacting with
>> work focused on that in the identity community)  Dick and Rifaat have a
>> great outline for an identity sense making effort that could go a long way
>> to helping various groups just as step 1 understand what each other is
>> doing.
>>
>> PrivacyPass is doing something different than OAUTH hence the lack of
>> overlap. If they overlapped more then there would be a problem.
>>
>> >
>> > I think SPICE is needed and I hope the charter will be approved.
>> > I don't think adding more MUSTs to the charter right now will help us
>> progress.  Folks who believe that certain properties and features should be
>> in protocols that the group works on should get engaged to struggle through
>> the real work needed to find the path - rooted in the real world of real
>> adoption by real users of the technology.  If it (digital identity) was
>> "easy" it would have been solved 15 years ago.
>>
>> And if the people solving it has been at all familiar with the
>> literature and cared about privacy they wouldn't have made SD-JWT.  If
>> we end up with SD-JWT everywhere choking the oxygen from a better
>> solution that's bad.
>>
>> End of the day there is no protocol police. So what exactly is it you
>> want the IETF to give you this real world adoption cannot? Why can't
>> we say "here's a privacy preserving solution to your problems" rather
>> than ratify a lot of very flawed work? To be clear I think we need to
>> have a forum to have this discussion, but to the extent SPICE isn't it
>> because things continue in OAUTH (thanks to JWT) and the charter
>> prejudges the result I'm against it. I'd support a broader charter
>> that doesn't have a commitment to ratifying SD-JWT.
>>
>> Sincerely,
>> Watson Ladd
>>
>> --
>> SPICE mailing list
>> SPICE@ietf.org
>> https://www.ietf.org/mailman/listinfo/spice
>>
> --
> SPICE mailing list
> SPICE@ietf.org
> https://www.ietf.org/mailman/listinfo/spice
>

v2.23.0 | Report a Bug | By Email