IETF Logo Mail Archive

Re: [VoT] Foundational questions of principle

"Cantor, Scott" <cantor.2@osu.edu> Fri, 10 October 2014 01:05 UTC

Return-Path: <cantor.2@osu.edu>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F8F01AD03A for <vot@ietfa.amsl.com>; Thu, 9 Oct 2014 18:05:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1keVxaS3b2fI for <vot@ietfa.amsl.com>; Thu, 9 Oct 2014 18:05:26 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0737.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:737]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52B411AD037 for <vot@ietf.org>; Thu, 9 Oct 2014 18:05:26 -0700 (PDT)
Received: from BL2FFO11FD037.protection.gbl (10.173.160.32) by BL2FFO11HUB014.protection.gbl (10.173.160.106) with Microsoft SMTP Server (TLS) id 15.0.1039.16; Fri, 10 Oct 2014 01:05:03 +0000
Received: from cio-tnc-pf04.osuad.osu.edu (164.107.81.218) by BL2FFO11FD037.mail.protection.outlook.com (10.173.161.133) with Microsoft SMTP Server (TLS) id 15.0.1039.16 via Frontend Transport; Fri, 10 Oct 2014 01:05:03 +0000
Received: from CIO-TNC-HT05.osuad.osu.edu (cio-tnc-ht05.osuad.osu.edu [164.107.81.168]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by cio-tnc-pf04.osuad.osu.edu (Postfix) with ESMTPS id E8ED938005A; Thu, 9 Oct 2014 21:05:02 -0400 (EDT)
Received: from CIO-KRC-D1MBX01.osuad.osu.edu ([fe80::450b:35e6:80f4:f3e0]) by CIO-TNC-HT05.osuad.osu.edu ([fe80::d0be:603:484c:5a2f%10]) with mapi id 14.03.0174.001; Thu, 9 Oct 2014 21:05:01 -0400
From: "Cantor, Scott" <cantor.2@osu.edu>
To: "swilson@lockstep.com.au" <swilson@lockstep.com.au>, "vot@ietf.org" <vot@ietf.org>
Thread-Topic: [VoT] Foundational questions of principle
Thread-Index: AQHP4/5G4lDLBqwim0uOTbuH/sjzZJwoZk77gAAeJIA=
Date: Fri, 10 Oct 2014 01:05:01 +0000
Message-ID: <D05CA369.11F64%cantor.2@osu.edu>
References: <1412885935.58929166@apps.rackspace.com> <04CF3DDE-9FDF-499A-8093-3EC3CE84E4DF@identinetics.com> <1412896617.869315461@apps.rackspace.com>
In-Reply-To: <1412896617.869315461@apps.rackspace.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [128.146.14.94]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <F081B35169D03842BFB47ED76D34EF43@osu.edu>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:164.107.81.218; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(979002)(6009001)(438002)(24454002)(51444003)(199003)(51704005)(377454003)(479174003)(189002)(23726002)(21056001)(107046002)(107886001)(31966008)(46406003)(106466001)(36756003)(54356999)(50986999)(95666004)(93346002)(97756001)(4396001)(87936001)(86362001)(76176999)(77096002)(2656002)(85852003)(90282001)(2501002)(20776003)(47776003)(92566001)(64706001)(66066001)(44976005)(6806004)(92726001)(88552001)(19580395003)(19580405001)(50466002)(85306004)(80022003)(109096001)(75432002)(46102003)(106116001)(76482002)(99396003)(120916001)(89122001)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:BL2FFO11HUB014; H:cio-tnc-pf04.osuad.osu.edu; FPR:; MLV:ovrnspm; PTR:cio-tnc-pf04.osuad.osu.edu; A:1; MX:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:BL2FFO11HUB014;
X-Exchange-Antispam-Report-Test: UriScan:;
X-Forefront-PRVS: 03607C04F0
Received-SPF: Pass (protection.outlook.com: domain of osu.edu designates 164.107.81.218 as permitted sender) receiver=protection.outlook.com; client-ip=164.107.81.218; helo=cio-tnc-pf04.osuad.osu.edu;
Authentication-Results: spf=pass (sender IP is 164.107.81.218) smtp.mailfrom=cantor.2@osu.edu;
X-OriginatorOrg: osu.edu
Archived-At: http://mailarchive.ietf.org/arch/msg/vot/AUw9t-LGpgR3z-4eS09yk25jU_I
Subject: Re: [VoT] Foundational questions of principle
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Oct 2014 01:05:28 -0000

On 10/9/14, 7:16 PM, "swilson@lockstep.com.au" <swilson@lockstep.com.au>
wrote:

>
> 
>I like your approach.  But I think we should review what the objective is
>of LOAs in general, and question whether or not labeling things by
>"level" is a useful idea. Yes we need to help organisations better
>understand and manage authentication risk, but is "LOA" is a necessary
>output of that process?  Doesn't a four level label over simplify things?
>I find it's a misleading shorthand that leads people to believe that a
>given identity can be used at a given RP without any further analysis.

I think that taking complex ideas and reducing them to levels is overly
simplifying, and it would be better to just define a schema for attribute
data to express in each area.

But my personal *experience* is that applications won't do the work of
building and enforcing polices around that fine-grained a way of
expressing the information. They don't do it well with user attributes, so
there's even less chance they'd do it with data that isn't even core to
their purpose.

Reducing to levels is a way of splitting the work and pushing more of it
to other parties that care enough to do the work.

Perhaps some of the "vectors" are more amenable to reduction to levels
than others. I tend to agree with others' comments that things like
incident response and the operational maturity issues probably don't
reduce well to levels. So maybe both approaches are needed if there are
concrete justifications for them.

And to be honest, I have a lot more concrete evidence that those
non-linear concepts are of interest to applications than I do most of the
traditional assurance-related vectors. And I think they're *more*
well-defined, not less. Most of the easily linear concepts seem like
solutions looking for a problem to me, with the exception of
authentication quality.

-- Scott

v2.23.0 | Report a Bug | By Email