Re: [VoT] IPR disclosures

"Grassi, Paul A. (Fed)" <paul.grassi@nist.gov> Mon, 27 November 2017 19:09 UTC

Return-Path: <paul.grassi@nist.gov>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BFE31293E0 for <vot@ietfa.amsl.com>; Mon, 27 Nov 2017 11:09:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.089
X-Spam-Level:
X-Spam-Status: No, score=0.089 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PkncFdotO46F for <vot@ietfa.amsl.com>; Mon, 27 Nov 2017 11:09:10 -0800 (PST)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0139.outbound.protection.outlook.com [23.103.201.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 681311270A3 for <vot@ietf.org>; Mon, 27 Nov 2017 11:09:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=OxVebuBmJSUI3TAr6lDDhP7OcRt7gz7wxl5C3uhjhg8=; b=wRq+ixYR8obPmHzHcWpJYSaUYkbekvuzBCwMMbY0y327BzyKlls9VMGDTIxtlV19Zj7kGrg2zvQ1VTmKwr/dRPRbmfuvOwej9fze7QnESCQhjD74OXB4dVFB5K8Cki+VerdeC2jcN8sL+4t/8sGHRHwHpl6z2OQosdXGCJI+X7I=
Received: from BY1PR09MB0856.namprd09.prod.outlook.com (10.162.144.142) by BY1PR09MB0856.namprd09.prod.outlook.com (10.162.144.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.260.4; Mon, 27 Nov 2017 19:09:07 +0000
Received: from BY1PR09MB0856.namprd09.prod.outlook.com ([fe80::5508:5461:7b2a:8bd3]) by BY1PR09MB0856.namprd09.prod.outlook.com ([fe80::5508:5461:7b2a:8bd3%14]) with mapi id 15.20.0260.006; Mon, 27 Nov 2017 19:09:07 +0000
From: "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov>
To: John Bradley <ve7jtb@ve7jtb.com>
CC: Chris Drake <Chris.Drake@cryptophoto.com>, Phil Hunt <phil.hunt@oracle.com>, Leif Johansson <leifj@sunet.se>, Justin Richer <jricher@mit.edu>, "vot@ietf.org" <vot@ietf.org>
Thread-Topic: [VoT] IPR disclosures
Thread-Index: AQHTZJjpMIZegUvqS0CHd9nf4hQLlKMihgmAgAAEoACAAFRoXYAABi8AgAAH5QCAAAVUAIAFVucA
Date: Mon, 27 Nov 2017 19:09:07 +0000
Message-ID: <C4AA7E13-9287-4813-BF28-7B8A81B196A3@nist.gov>
References: <CAANoGh+hGmwOufaX1gik4zD50auT37pUKjcApuyNbmbBjrssfg@mail.gmail.com> <CAANoGh+r4LaunjnR_8W3wHJaAt7Thv8v0QH4Gxy0s05d0Qb13g@mail.gmail.com> <CAANoGhJMyfGNBNa_XFnt2zMsNLfC7s6V3=LJHTyKChjd7m0ovA@mail.gmail.com> <CAANoGh+vTWSKh75Kr91=LUvXn_O4p4MaAq9jM93GGo0U092ETA@mail.gmail.com> <34a6e930-5d60-6b64-5d6e-49e062628a74@sunet.se> <07DB5C07-2DE0-4DD2-B63B-02343499E546@oracle.com> <71FA2939-36BF-4B1F-98BE-619421293143@nist.gov> <1273163981.20171124134926@CryptoPhoto.com> <30FC6686-4AFC-44B0-82D1-027CE3DDC3D5@nist.gov> <CAANoGhJyOCgDk8Fax0Jg10qgH972Kdzv522xj9unHTpLUJsbhQ@mail.gmail.com>
In-Reply-To: <CAANoGhJyOCgDk8Fax0Jg10qgH972Kdzv522xj9unHTpLUJsbhQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.28.0.171108
authentication-results: spf=none (sender IP is ) smtp.mailfrom=paul.grassi@nist.gov;
x-originating-ip: [108.28.55.87]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BY1PR09MB0856; 6:jsxzARcoSxcH5lIQppxuMra59onA1u206+QAbZVPYaKMNdwkSaIvpm+kXU6/Ae0bq5NzvsR0IgF3S5qJFTOFUbqkqa+gvjBjvDOL00B3JVLaask6o5ZTpqnEZ6sj3rGy7t9i7RRjmlZUhCCWgnUxcCmM3HPR8b7NssRU+dHKrNW5WIzE61PXhlGIVcLbPPiRQbUqoeQDBJgEH2yfC8W03jK+0KdJ94ovn77kM5AI4tBqx1UT61SURyNf8/PLkUExZcZwGs4JF0wlbicv6ZkeY6UGGz7NHvnKIcMEL/VKAc2bPh4s7SrWYoHl52SUlhFkQAPDYq2YDLeJS3PS0bF6znvD1p2mVPLEUk/xE1W05Pw=; 5:7yzdMoHfb7C4PHgJKgoVfqkD7NGGqLEwpHM1dsYH9iDZH5NzHNHS4CzeltlmvK9wYQRHvq46Y+0Ws7P0GX2xbJsn2GvSpbBzvB/ssPpkxJ2NE090Nd8kcna24rrOJcBQrz8KQrLM8xOjRHpuXtjmzeFrWg5FkKHsO27/JhdC8fo=; 24:hZ0ysFElxdCjynYucMa+i5tKdnS/+2UcumkmweD7qQCvJcXKxTeMYNdHneBdHyXi/A4cdCG9AKb4vzaJU7adH3uB2jbYqCEz+stjZhNf1RA=; 7:QyB3ia9T/UgGrDtp5nIaI0Qe/ezm3bP/q/6fwN7YauL7BbgUh/vXll3dLvDQoW9yC7f2MhTp73gzFmoGNwbrRLq8mR7gnypzx/w19QGXk5d5kMpnLMET4ODw4d551QLx+BqJSPAboRJ/mFIf8LaBaQ9FByWi5lB/9GHd91/J0ZmmJoyiEo+p5Pa/VaC++Jg8RatMCcvpVoLZ5IxQFI7nWnI8CIdUEJD3p+IUVqNEGZ+4ME6cZoZnS5Tjcp1e+6Ag
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: b0a9bd7d-538a-4139-df9f-08d535ca556d
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603199); SRVR:BY1PR09MB0856;
x-ms-traffictypediagnostic: BY1PR09MB0856:
x-microsoft-antispam-prvs: <BY1PR09MB0856F9389F06F832106150E291250@BY1PR09MB0856.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(65766998875637)(192374486261705)(189930954265078)(31418971418879)(227612066756510)(219752817060721)(21748063052155)(69029272430364)(146099531331640);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3231022)(3002001)(6055026)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123562025)(20161123560025)(6072148)(201708071742011); SRVR:BY1PR09MB0856; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:BY1PR09MB0856;
x-forefront-prvs: 0504F29D72
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(39860400002)(346002)(376002)(377424004)(24454002)(189002)(199003)(45080400002)(2900100001)(6436002)(50986999)(54356999)(101416001)(3660700001)(5660300001)(6306002)(76176999)(8936002)(2906002)(14454004)(966005)(68736007)(82746002)(53546010)(3846002)(8676002)(36756003)(102836003)(106356001)(606006)(478600001)(99286004)(105586002)(81166006)(66066001)(3280700002)(83506002)(7736002)(81156014)(54906003)(6116002)(53936002)(6486002)(189998001)(5250100002)(4326008)(6506006)(25786009)(33656002)(2950100002)(5003630100001)(236005)(6512007)(6246003)(575784001)(58126008)(229853002)(97736004)(4001150100001)(54896002)(93886005)(316002)(6916009)(86362001)(83716003); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR09MB0856; H:BY1PR09MB0856.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_C4AA7E1392874813BF287B8A81B196A3nistgov_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: b0a9bd7d-538a-4139-df9f-08d535ca556d
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Nov 2017 19:09:07.4004 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR09MB0856
Archived-At: <https://mailarchive.ietf.org/arch/msg/vot/3JUW8Ap7QA4Ku4BGjmMNeMCYXWc>
Subject: Re: [VoT] IPR disclosures
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Nov 2017 19:09:14 -0000

WE have iGov tomorrow. I encourage those that are on the workgroup to come to discuss this, as we have made a bunch of changes (to include some recommended by Phil) and will be going to a vote soonest. I can assure you that even though USG requirements are represented in the draft, it isn’t interoperable and is inline with other international use cases.

From: John Bradley <ve7jtb@ve7jtb.com>;
Date: Thursday, November 23, 2017 at 11:37 PM
To: Paul Grassi <paul.grassi@nist.gov>;
Cc: Chris Drake <Chris.Drake@cryptophoto.com>;, Phil Hunt <phil.hunt@oracle.com>;, Leif Johansson <leifj@sunet.se>;, Justin Richer <jricher@mit.edu>;, "vot@ietf.org"; <vot@ietf.org>;
Subject: Re: [VoT] IPR disclosures

We should probably try and keep the VOT and iGov discussions separate.

IGov's use of VOT should largly be on the iGov mailing list at the OIDF.  VOT is only a small reference in iGov.  If that needs to be expanded then discuss over there.

This list is for the core VOT spec, and it's fitness to purpose.

Concrete examples of profiles for security token trust that cannot be accommodated by VOT would be helpful when making points that the spec is inadiquate in some way.

Taking off yet again, so out of communication for at least 12h.

John B.

On Nov 23, 2017 11:17 PM, "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov<mailto:paul.grassi@nist.gov>> wrote:
As the USG rep, I can confidently state that the use case this version supports is 90% of our use cases. Don’t hold us up for the last 10%. That 10% will be amazing, but can come later. What is being asked for is gold-plating, not something that if not done means we are wrong.

Paul

From: Chris Drake <Chris.Drake@CryptoPhoto.com>;
Date: Thursday, November 23, 2017 at 10:49 PM
To: "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov<mailto:paul.grassi@nist.gov>>, Phil Hunt <phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>>
Cc: John Bradley <ve7jtb@ve7jtb.com<mailto:ve7jtb@ve7jtb.com>>, Leif Johansson <leifj@sunet.se<mailto:leifj@sunet.se>>, Justin Richer <jricher@mit.edu<mailto:jricher@mit.edu>>, "vot@ietf.org<mailto:vot@ietf.org>" <vot@ietf.org<mailto:vot@ietf.org>>
Subject: Re: [VoT] IPR disclosures

Hi,

I'm on the side of "get it right".  OpenID swept a similar range of topics into the "out of scope" basket, which rendered their first standard so unusable they had to come back and do a second one.

Lets at least learn from history, and build something *effectively useable* out of the gate.

You can't drive unsafe or inappropriate cars on any roads, let alone in a SAML lane.  Nobody cares *how* it goes wrong, they just care that it did - so it's our job to look ahead and watch out for those obstacles now; rather than shroud them in SEP<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fhitchhikers.wikia.com%2Fwiki%2FSomebody_Else%2527s_Problem_field&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cc7d5fb325a5b4a20da7608d532ee6374%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470921831105773&sdata=RSZtGAFRE%2B%2FJl2nT2iSnfndt0EW097naltRcS67%2BYQ0%3D&reserved=0>;.

Kind Regards,
Chris Drake


Friday, November 24, 2017, 1:27:18 PM, Grassi, Paul A. (Fed) wrote:

Fine. But as I have said you want a unicorn when we just want a car that can drive in the same Lane as SAML. Your unicorn is coming, as the phases of igov include international agreement on vot vectors/values and attribute metadata to assert 'assurance' of attributes that are unrelated to proofing.

I happy for your contribution don't take unicorn comment poorly. Just a quick post turkey dinner way of making a point. Happy US Thanksgiving.

Sent from my iPhone

On Nov 23, 2017, at 5:25 PM, Phil Hunt <phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>> wrote:

The issue i am concerned about then is that by leaving out the issue of claims than the vot is incomplete and would require a separate statement.

This leads to a lot of interop and complexity problems down the road.  Which value wins etc given they would overlap.

The vot does not have to address it now but it should have the capability to do so (that may not be possible without a model).

This is a lot like when we found loa was actually multi dimensional and it had to dramatically change.  IAL falls into the same problem.

Phil

On Nov 23, 2017, at 2:08 PM, Leif Johansson <leifj@sunet.se<mailto:leifj@sunet.se>> wrote:






On 2017-11-23 21:23, John Bradley wrote:





Authors,









As part of the write-up for the Vectors of trust document, we need an





IPR disclosure from all of you.









Are you aware of any IPR related to the following VOT document?









https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__datatracker.ietf.org_doc_draft-2Dricher-2Dvectors-2Dof-2Dtrust_%26d%3DDwIGaQ%26c%3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE%26r%3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA%26m%3DQbLS61Tkq_l46PCZqD5dxO1fLIa4bYOrGBHGDtJrGNY%26s%3DMzyyadRifkHa-POatwYHEwdNoC7wUj777DGKpyRF2RE%26e&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=1dkeGx37WKNwiWfLzR5YNC4KBjqYWqVnt%2B%2FOt7ArqvE%3D&reserved=0=









Please reply to the list.









Regards





John B.






I am not.





_______________________________________________



vot mailing list



vot@ietf.org<mailto:vot@ietf.org>



https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__www.ietf.org_mailman_listinfo_vot%26d%3DDwIGaQ%26c%3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE%26r%3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA%26m%3DQbLS61Tkq_l46PCZqD5dxO1fLIa4bYOrGBHGDtJrGNY%26s%3DvMBbg4PMZy1qgq6VilC4_SKh4m6b5wkecJsTBKu6txU%26e&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=kSRrzffFE6tfhI5p%2F4bk5qXC23kK%2BlMjSa34zlyqaZY%3D&reserved=0=



_______________________________________________
vot mailing list
vot@ietf.org<mailto:vot@ietf.org>
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fvot&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=6OwTIaa5BjmDXJU4vAzBWtOSbH1Zpav4J6O1Ume7Ra0%3D&reserved=0