IETF Logo Mail Archive

Re: [stir] Review of: draft-ietf-stir-passport-05

Chris Wendt <chris-ietf@chriswendt.net> Mon, 29 August 2016 18:52 UTC

Return-Path: <chris-ietf@chriswendt.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB21512B04E for <stir@ietfa.amsl.com>; Mon, 29 Aug 2016 11:52:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=chriswendt-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o_Uq81ERwBzI for <stir@ietfa.amsl.com>; Mon, 29 Aug 2016 11:52:05 -0700 (PDT)
Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA03012B00D for <stir@ietf.org>; Mon, 29 Aug 2016 11:52:05 -0700 (PDT)
Received: by mail-qk0-x234.google.com with SMTP id t7so147478170qkh.1 for <stir@ietf.org>; Mon, 29 Aug 2016 11:52:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chriswendt-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=429CcpIX/RJa2/kk6R/BqZhziEvoXF3IyDBf3B2DiAk=; b=Jv0QSUKyXQeG2BxFoX5+kCWwl9GT664r1C1Fh6YS7VwcE8EahLZg074UHruJYtEEBx VtMhenEPKrLeFwmbZiMdLazjpOYvEoRjNzhCu2NYuSrzLK2Ia4AhEw8E/R3k/ShV6snq Aq3gaZ2MZF+bQfjpv6/YQhiYiL9+A8CDDBJKWYQhqoeti47sQkH7zpz2o5KzvyJuDQrq yCWydIZV/ej1uYg8DmZjgWkgr9mEU8NiMu1JU/riwA1MVMVDrqIf1YS5mM+afXwcPFPH 6Frz8S+35CglR8yGBsX8MCz3tqABjAZpfYA0123LPtDvimitDr07Y5XjXPyYSYkZr7jG 98AA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=429CcpIX/RJa2/kk6R/BqZhziEvoXF3IyDBf3B2DiAk=; b=dZgJHA+iWxmZZKnSBe5V0rmCtBURIOxixZ2O+alVHCdoxbsDLH0ybdHWCFuZyCYyWt UOVZnro28yKj6AZbRWypV6SvS3Dvk7/PSm/wBL12iyKX7kmD6vzVywTBeYIXKUPzW0ou dt4FaAglk3acB+Hl+0GX66UaG2WK0LorkZ4IF4HtOrXBTkU4nrqbHxwMdS2eFtQRflUu I9qQ7NOG6JX9rgFu1cg7zMTf59no53q5H0uBpevMPkIWa+9zeRqjxWisPtrtbOi8n6qj KW8bMGwUxcdHcTXfAyMZlGbb9qFjkSx3Sf1Tdb75FVf2pJcrexLXli9ygix693kapOjN MWog==
X-Gm-Message-State: AE9vXwMu9aJGnhAardOtXqMvKjEo+U/dgi7Wqf34PqAgkOuK5wLuBYE6Lul+7cKdhWI1Pw==
X-Received: by 10.55.44.69 with SMTP id s66mr21575654qkh.174.1472496724839; Mon, 29 Aug 2016 11:52:04 -0700 (PDT)
Received: from [10.36.72.35] ([69.241.19.12]) by smtp.gmail.com with ESMTPSA id f17sm19325252qke.37.2016.08.29.11.52.03 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 29 Aug 2016 11:52:04 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Chris Wendt <chris-ietf@chriswendt.net>
In-Reply-To: <1c29f054-5b26-5327-b6bc-4f1ebfdcb8f2@bbiw.net>
Date: Mon, 29 Aug 2016 14:52:03 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <958917CD-5FA5-4553-939E-CC1468AE8341@chriswendt.net>
References: <07e0eb16-6758-cdf1-c571-1f1ed768e741@dcrocker.net> <67A1F75C-DAA9-4E84-8C70-9A392A90FF6F@chriswendt.net> <8fd2cf67-5241-039a-e3a4-a9ad0928023a@dcrocker.net> <CABcZeBOYQG5JSRqDgnUCS66co1GjEE7pWf14qxJQWCOtqW+cwQ@mail.gmail.com> <1c29f054-5b26-5327-b6bc-4f1ebfdcb8f2@bbiw.net>
To: Dave Crocker <dcrocker@bbiw.net>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/OYf9rNbCKHq0hTHlPCYHfx8BVtA>
Cc: "stir@ietf.org" <stir@ietf.org>, Eric Rescorla <ekr@rtfm.com>
Subject: Re: [stir] Review of: draft-ietf-stir-passport-05
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Aug 2016 18:52:07 -0000

Agree, will remove term “non-repudiation", discussed this in ATIS Task Force and came to realization that we are looking at the Passport representing purely an assertion of the identity and the signer is the party responsible for that assertion, and “buyer beware”.


> On Aug 27, 2016, at 8:07 PM, Dave Crocker <dcrocker@bbiw.net> wrote:
> 
> On 8/27/2016 4:52 PM, Eric Rescorla wrote:
>> 
>> 
>> On Sat, Aug 27, 2016 at 2:40 PM, Dave Crocker <dhc@dcrocker.net
>> <mailto:dhc@dcrocker.net>> wrote:
> 
>> 
>>            Is the timestamp the basis of claiming non-repudiation?
>> 
>> 
>>        Partially, depending on your interpretation of how
>>        non-repudiation is
>>        achieved.  The digital signature based on a certificate is the
>>        non-repudiation of the original assertion and signing of the token.
>> 
>> 
>>    That seems to equate authentication with non-reputation of
>>    originator. But they aren't the same.
>> 
>> 
>> Do you mean "non-repudiation" here? I ask because "reputation" is also a
>> concept potentially in play here.
> 
> I'm using 'non-repudiation' because the spec uses that term.
> 
> If the spec really means 'reputation', that opens a different set of concerns, since nothing in any of the 3 documents has to do with reputation, per se.
> 
> 
>> I think it would probably be fine to remove the term "non-repudiation"
>> from this spec, since it only appears in the abstract. Generally, it's
>> not that useful a concept for most security settings, especially when
>> one starts to ask questions about the legal context.
>> 
>> With that said, given that these tokens are signed by their creator and
>> there is a timestamp to provide anti-replay, there is at least
>> potentially an important technical property being provided here, which
>> is that in the case where a passport creator signs a bogus passport, it
>> is possible to demonstrate that it did so, which is not a property
>> necessarily provided by authentication systems.
> 
> And I believe that was my original guess, although my very limited understanding of non-repudiation includes the significant burden of having the timestamp, itself, be validated by an independent authority. Otherwise, the signer could claim any time they want to...
> 
> d/
> 
> 
> -- 
> 
>  Dave Crocker
>  Brandenburg InternetWorking
>  bbiw.net

v2.23.0 | Report a Bug | By Email