Re: [Teep] Call for adoption of draft-thaler-teep-otrp-over-http

Mingliang Pei <Mingliang_Pei@symantec.com> Wed, 12 June 2019 19:31 UTC

Return-Path: <Mingliang_Pei@symantec.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51EC01200D7 for <teep@ietfa.amsl.com>; Wed, 12 Jun 2019 12:31:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symantec.com header.b=mS4DBfrx; dkim=pass (1024-bit key) header.d=symantec.com header.b=R7abd47l
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ILwwOuanyyPs for <teep@ietfa.amsl.com>; Wed, 12 Jun 2019 12:31:06 -0700 (PDT)
Received: from tussmtoutape02.symantec.com (tussmtoutape02.symantec.com [155.64.38.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B78EC120075 for <teep@ietf.org>; Wed, 12 Jun 2019 12:31:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=Symantec.com; s=1; c=relaxed/simple; q=dns/txt; i=@Symantec.com; t=1560367863; x=2424281463; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=UzpWq1lstYmxq2Ccb+QBm1JgSGPsp+r3VnCQRc1sIpY=; b=mS4DBfrxCE2MuCkmeiqFinE72lcREDN5/ql7sC3uvJldPjzpfXXl8yvRDHUET0eh qdsVZ2esVkyohPvpljQMZ9fPRnrXIZJmJFqnf6GvDastrEr0Ay8a2kBKx7X+vtkj DxjZMn5en/eyWBLE4JBd0EiS8VrYuNxqgKS3rU59FSY=;
Received: from tussmtmtaapi01.symc.symantec.com (tus3-f5-symc-ext-prd-snat4.net.symantec.com [10.44.130.4]) by tussmtoutape02.symantec.com (Symantec Messaging Gateway) with SMTP id 65.B5.48468.7F2510D5; Wed, 12 Jun 2019 19:31:03 +0000 (GMT)
X-AuditID: 0a2c7e32-b37ff7000000bd54-71-5d0152f70acc
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat2.net.symantec.com [10.44.130.2]) by tussmtmtaapi01.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 86.2D.29008.7F2510D5; Wed, 12 Jun 2019 19:31:03 +0000 (GMT)
Received: from TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (10.44.91.33) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 12 Jun 2019 12:31:02 -0700
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (10.44.128.6) by TUSXCHMBXWPI01.SYMC.SYMANTEC.COM (10.44.91.33) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Wed, 12 Jun 2019 12:31:02 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symantec.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UzpWq1lstYmxq2Ccb+QBm1JgSGPsp+r3VnCQRc1sIpY=; b=R7abd47lyxPEj+33aREcVMPMeSYJ9CVzrpAErgNYvprOms+OtsvNd+94TdFWFbUTchhda5K5dVPAaSZgTR1U4+ZfDmoi/6LOUINEPZUuJzbjWwCbkdotNDM8hGrqU67JGyXSm051szlt1a4x39FbicV690I/HOKlhcxtRtx/DXE=
Received: from CH2PR16MB3574.namprd16.prod.outlook.com (52.132.247.213) by CH2PR16MB3494.namprd16.prod.outlook.com (52.132.247.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1965.15; Wed, 12 Jun 2019 19:31:01 +0000
Received: from CH2PR16MB3574.namprd16.prod.outlook.com ([fe80::95db:48ae:5b72:c17b]) by CH2PR16MB3574.namprd16.prod.outlook.com ([fe80::95db:48ae:5b72:c17b%6]) with mapi id 15.20.1965.017; Wed, 12 Jun 2019 19:31:01 +0000
From: Mingliang Pei <Mingliang_Pei@symantec.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>, "Wheeler, David M" <david.m.wheeler@intel.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>, "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "teep@ietf.org" <teep@ietf.org>
Thread-Topic: [Teep] Call for adoption of draft-thaler-teep-otrp-over-http
Thread-Index: AQHVFOGEwUKGBoO0w0ufhIS/wg0a4KaABlcAgADZDICAAUgp4IAACFwAgABCB4CAFZmwAA==
Date: Wed, 12 Jun 2019 19:31:00 +0000
Message-ID: <AA45ADF2-3326-4017-8A83-A55B2DC40391@symantec.com>
References: <B57377C9-72EC-45C4-B5C2-9A6443B8C073@cisco.com> <246ce79a-75a6-4e4d-d76a-2b54eb71cf75@gmail.com> <BN6PR21MB0497781C059E34E015875C55A31E0@BN6PR21MB0497.namprd21.prod.outlook.com> <VI1PR08MB5360C0AFED2E8DDA94734016FA1F0@VI1PR08MB5360.eurprd08.prod.outlook.com> <0627F5240443D2498FAA65332EE46C843B74679C@CRSMSX102.amr.corp.intel.com> <ce9c0b4c-8d18-1f29-9b53-b3e4220683b6@gmail.com>
In-Reply-To: <ce9c0b4c-8d18-1f29-9b53-b3e4220683b6@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.d.1.180523
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Mingliang_Pei@symantec.com;
x-originating-ip: [155.64.23.38]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5b8b7757-8eb6-4179-27d1-08d6ef6c8086
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:CH2PR16MB3494;
x-ms-traffictypediagnostic: CH2PR16MB3494:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <CH2PR16MB34942223DB05231292C75AC8ECEC0@CH2PR16MB3494.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0066D63CE6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(136003)(346002)(376002)(39860400002)(396003)(40434004)(199004)(189003)(51444003)(91956017)(2906002)(3846002)(66946007)(66476007)(68736007)(64756008)(26005)(102836004)(66556008)(86362001)(6116002)(36756003)(80792005)(14444005)(73956011)(66446008)(76116006)(10290500003)(478600001)(256004)(14454004)(66066001)(6246003)(72206003)(966005)(486006)(5024004)(6506007)(33656002)(6436002)(6512007)(71200400001)(76176011)(99286004)(53936002)(446003)(2616005)(71190400001)(81156014)(11346002)(229853002)(6486002)(476003)(305945005)(8676002)(25786009)(8936002)(110136005)(7736002)(58126008)(316002)(81166006)(2501003)(186003)(6306002)(53546011)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:CH2PR16MB3494; H:CH2PR16MB3574.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: FV3GctP+iIHdNYa67WXx4IQP0efX3T1PTTf5kk0vdOvOCZXpXpJfWWv14mVqA/UG0m8chwHxES6FVJ5NDt9iwaSBj3u4XaMLNANQr5/yMk+NQdReBTBPe/fwkQCxMd2sYjqVyDGsLr3Y1A/++qqtamnCIXS1ELgiJCBUS/ZdKZTFhWblC/ugsvdgrEdJfT26FyKM4T7A3gkwiQR6uTX75YIOFnOOXfOJP2a0o6MRNMRrnOS2eAlGOgGoegsCT0RliqxTObmffSOc96o8Buk4jCO9oJDjkWRIqonrQ5uUeehTGobHK8uzMMSIJ0b1sS0TmE22grIYljYv+kdJaga8I6RiPJFiZR56HBhek7g+evqm2hei4nrXRyb4voPqbTA3vX8GulTVE158Wx3maFmzu+e5KSi/Dli+XlZ5ffZz8Po=
Content-Type: text/plain; charset="utf-8"
Content-ID: <9193368644E048479750DA2D1037C03F@namprd16.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 5b8b7757-8eb6-4179-27d1-08d6ef6c8086
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jun 2019 19:31:00.9267 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Mingliang_Pei@symantec.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR16MB3494
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02SbUiTURTHvc/L9mw0ua1ZB0vSRVGmNlfECDO/RCsKwsQiklr6pKJO2aa9 fCi1oMxexpqhC13WkixFZxCZBjGEzJaltNLM0JypWY5MHeHQ9uyZ0JfL/5z/795z/3AYUtpB hzPZWgOr02py5QIxJY4ppWK9yShNYX0Tpxr+YaNVpT1dAtVX6yyh6q/sIlQm8y1C9cA3RyYJ 1A01DUhtnrfT6s66D7S61TIoVNtsfwn1/fYJ4qDgqDghg83NLmJ1WxJPiLNaf83QBTPxZ9rM T4hi9F5xFYkYwNvA46whryIxI8XTCCy+L/SS8aLeGTS8CGylZcGiA4G34SPNF+P+os6FuILC RhKmzT6CdyoIsH//HcS+IRge++N3GEaAFfD+i5bry/B9Aqp/uhE3cQXeCzV37gg5LcP74OKj UprjZTgVHs8kc20Kr4epxc4AIsG7YH7ITvHvm0i4UuIgOUOEd0Kz62kgBcIrwdvVQHCaxKvg s9tK8Okw2NrfkbwOg4mRhQAfhuPgWqtLwN9Ng7+XhhDPRIL9j4fidQT0WsuD/QNw01kfCAm4 H0Ht7ZkgFA1vv3uDA8LBO/JbyOsccN/oDl7eAH0/r5BGtM3y3/8s/swk3gRNz7fwUg29F9fx RBSYy4eFlkD85fC6yk3dRfQjFGko1OvzDPmFBk0Bq1DG6c/mpXOHxr9Z6XHp+XktKLBb55XP 0HTzfgfCDJIvkzgTUJqU1hT5SQcChpTLJMqckDSpJENz9hyryz+uK8xl9Q60mqHkqySeUD+N MzUGNodlC1jdkkswovBitCPSufne5Mjl469CRhNbBza+HK0cj25rYYw36vumRE1rpIP9JYcm RzIu1PakVFWWmJxfY5U7l9cNNBohKsKuvVkQHTqnbjt0fmvKmQuZZbOpyafDqxMWjyygT4WN s5ljp0xNJpej++G4z+jpCTu2Oylmz9p326//OtliLncd1q+tkFP6LE18NKnTa/4Bih2LslcD AAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA02SbUiTURTHuc+bjyPjtqae1Mi0IqV0QtCCykSkKSoyIrKSerKl5ku2Tak+ +BrkS6nYjNTUxCU6hbToxVID0XzBqVmGRorTYSmmmathSrVnzz705fL/n/M799xzOSwpbqDd 2IQUjVKVwiV5MSJKtC+H2G9RoBhpkX6XzLigo2U57wYY2VTNT0I2cX+AkJVq7xKyRxu/yGOM vLm6Gcm16620vK/+Ay1vq5h0kOt0a4S8rn2eiGJOiw5fVCYlpCtV/kfPi+LbvpnpVHPAtdfa p0QWGpEWIEcW8AHoaBwkC5CIFWMLAl1Ovt10I7A0f6QF89Vq6scQbyhcQsIP7QYhZMoIaJ1b sWMzCIxfVq0ZlmWwFEY+p/BxCa4joGrRhPiOW3EoVFdWOvBagsMgV59D87wEn4Qms4IPU3g3 LP3tsyFOOBDWp1sp4f5SEvKyu0g+4YiPQMvYc5rXCLuAZaCZ4DWJXeGTqYYQpsOgax8mBe0M 87N/bLwz9oPbbWOMUBsDazenkcB4QuvqMiXo7TBaU2iPR0DxYKNtSMATCGrvme2QLxjmLPYG bmCZXXEQdCKYiobsxXtgfDHPznjAM0O+XfcyUL60rQRJK/57d4X1L0jsA49f+QtSDqO53gKx E7SFRocK27dsgf5yE/UQ0XrkqUlTq5M1yRqOS02QBvipryfH8gdnXaxYv9gryU+QbbWC4SXq 3AjvQphFXpucsAjFiGku3Up2IXeW8nJ1ioo2nxHjOE6jTFQqU5Wqc6q0JKW6CxGso1sW8ij7 /ts57OD7ksBF9du9xzNM44q4yKtDb9IkLbcYw43hJh+Dd9C04vKhKIUiw2W+51IHpZ+MiOis EhszQxuKa92JTLNT9qne4PohMsOjLn3jTmjkwqAk6KxbpWG5+4Tee0d0PzH0YMqijw0Pmc9i OE2YvmfmQm7g5hD9ou+LLC9KHc8F+JIqNfcP/3L51TsDAAA=
X-CFilter-Loop: TUS01
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/tn6fky8PiTW-wxN7SnCD4brc2_Q>
Subject: Re: [Teep] Call for adoption of draft-thaler-teep-otrp-over-http
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2019 19:31:08 -0000

Sorry for late catch up on email thread. I think we need to support CBOR too, and favor to add it as a subsequent separate draft. I also endorse the adoption of the transport draft.

Thanks,

Ming

On 5/29/19, 11:40 AM, "TEEP on behalf of Anders Rundgren" <teep-bounces@ietf.org on behalf of anders.rundgren.net@gmail.com> wrote:

    Hi David,
    Since you mention the unfinished architecture document, have you seen https://clicktime.symantec.com/3TQuntRi95xtHKDzR9VRWN97Vc?u=https%3A%2F%2Fgithub.com%2Fietf-teep%2Farchitecture%2Fissues%2F52%23issuecomment-493652265 ?
    
    This is about creating a *unified* (JSON/CBOR independent) TEE management API.
    
    Ten years ago I had something similar to OTrP but felt it was becoming "clunky" and limiting, so I threw it out and haven't regretted it a second.
    The switch wasn't that difficult after getting the core mechanics in place.
    Much later when I was forced switching protocol format from XML to JSON, *not a single bit* changed in the API.
    
    Regards,
    Anders
    
    
    On 2019-05-29 16:43, Wheeler, David M wrote:
    > I am more in favor of a CBOR/CWT binding than JSON, although I agree that JSON and JWT is more commonly deployed at the moment.
    > 
    > The direction I think we should push this is toward CBOR. However, I think that it is fine to build JSON into the OTrP protocol spec and then have an alternative specification that provides CBOR bindings – I would be willing to work with Anders on a such a specification (after the arch document is complete 😉 ).
    > 
    > Thanks,
    > 
    > Dave Wheeler
    > 
    > *From:* TEEP <teep-bounces@ietf.org> *On Behalf Of *Hannes Tschofenig
    > *Sent:* Wednesday, May 29, 2019 7:35 AM
    > *To:* Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>; Anders Rundgren <anders.rundgren.net@gmail.com>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com>; teep@ietf.org
    > *Subject:* Re: [Teep] Call for adoption of draft-thaler-teep-otrp-over-http
    > 
    >   * The IoT market has adopted CBOR rather than JSON.
    > 
    >   * That’s a bit overstated, “IoT” is very broad and hence there are _/many/_ IoT “markets”, and many of them have not adopted CBOR. For example, if you look in industrial IoT, the dominant protocol is OPC UA, which uses neither CBOR nor JSON. In consumer IoT like in devices on shelves now, I think you will find that JSON is far more deployed than CBOR is (e.g., Hue light bulbs and many other IoT devices use JSON-over-HTTP). It is true that /some/ of the IoT market has adopted CBOR.  For example, OCF adopted CBOR, but OCF has very little actual deployment today.
    > 
    > I agree with Dave here. I think it is fair to say that the JWT has been implement and deployed by the Web community. Particularly in the OAuth context it is widely deployed.
    > 
    > CBOR has been suggested for IoT-related specifications but CBOR, COSE and CWT is definitely not widely implement and even less widely used.
    > 
    > The question I wonder is whether the current deployment status matters in our case and I don’t think it has any relationship to the call for adoption of draft-thaler-teep-otrp-over-http.
    > 
    > When the initial version of OTrP was written there was the assumption that the encoding of the protocol in JSON would be more convenient for Web developers given that the main deployment use case was for mobile phones and tablets.
    > 
    > Now, there is of course the question whether Web developers should be exposed to the details and the encoding of the OTrP protocol itself. I think that’s an important question. Afterall, we are trying to make the life of developers simpler with this work.
    > 
    > Since the formation of the TEEP group we have also added other use cases extending our original goals for OTrP. This makes me believe that it is worthwhile to look into a CBOR-based encoding as well. I also would like to take advance of ongoing working work in SUIT & RATS.
    > 
    > Ciao
    > Hannes
    > 
    > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
    > 
    
    _______________________________________________
    TEEP mailing list
    TEEP@ietf.org
    https://clicktime.symantec.com/396boPiov2Q8ZKx1VAUMjMh7Vc?u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fteep