IETF Logo Mail Archive

Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)

"Bucci, Debbie (OS/ONC)" <Debbie.Bucci@hhs.gov> Tue, 30 June 2015 23:58 UTC

Return-Path: <Debbie.Bucci@hhs.gov>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A9351B2B93 for <vot@ietfa.amsl.com>; Tue, 30 Jun 2015 16:58:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jizSAaO9Sb9f for <vot@ietfa.amsl.com>; Tue, 30 Jun 2015 16:58:23 -0700 (PDT)
Received: from smtp02.ees.hhs.gov (smtp.ees.hhs.gov [158.72.139.19]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E80981B2A81 for <vot@ietf.org>; Tue, 30 Jun 2015 16:58:22 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.15,381,1432612800"; d="scan'208,217";a="413102245"
Received: from unknown (HELO webmail.hhs.gov) ([158.72.139.33]) by smtp02.ees.hhs.gov with ESMTP/TLS/AES128-SHA; 30 Jun 2015 19:58:21 -0400
Received: from PL-EMSMB12.ees.hhs.gov ([158.72.137.102]) by PL-EMSCAS12.ees.hhs.gov ([158.72.137.92]) with mapi id 14.03.0224.002; Tue, 30 Jun 2015 19:58:20 -0400
From: "Bucci, Debbie (OS/ONC)" <Debbie.Bucci@hhs.gov>
To: Colin Wallis <Colin.Wallis@dia.govt.nz>
Thread-Topic: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)
Thread-Index: AdCywAdxGV06rU/8R4OLexR95fMGDAAMA90AAAGh1QAAFOvGAAATZHkAAAMURQA=
Date: Tue, 30 Jun 2015 23:58:19 +0000
Message-ID: <A549FC9D-1DEA-4500-849B-0235BBA00CEA@hhs.gov>
References: <147EE18440E5AF44834B220ED35BA530014AB1AEC1@WLGPRDMBX02.dia.govt.nz> <F54072E0-5653-49B2-A370-E1C6318E7985@mit.edu> <69B21050-7E52-4B85-8081-8DE210DE432A@nist.gov> <675F1A61-4881-4365-8138-8517B2047B91@smartspecies.com> <147EE18440E5AF44834B220ED35BA530014AB25FFC@WLGPRDMBX02.dia.govt.nz>
In-Reply-To: <147EE18440E5AF44834B220ED35BA530014AB25FFC@WLGPRDMBX02.dia.govt.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_A549FC9D1DEA4500849B0235BBA00CEAhhsgov_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/vot/bctBLxxQjapj-QuGyO91qeoM28E>
Cc: "Grassi, Paul A." <paul.grassi@nist.gov>, Justin Richer <jricher@mit.edu>, "vot@ietf.org" <vot@ietf.org>, Mark Lizar <mark@smartspecies.com>
Subject: Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2015 23:58:26 -0000

In re: trustmarks,  I would suggest there are exemplars out there today.  VOT should standardizes the container and let others duke out the content issue.

Sent from my iPhone

On Jun 30, 2015, at 4:50 PM, Colin Wallis <Colin.Wallis@dia.govt.nz<mailto:Colin.Wallis@dia.govt.nz>> wrote:

Thanks for those comments on Clause 7.
It seems like the challenge is to find that sweet spot/fine line that gives the reader enough info on how to do the cross domain subscription/validation, without having the this whole draft standardizing trust frameworks and trustmarks.
Because that is a whole lot more work and takes the focus away from the original intent (which was my concern and hence the idea of making this part informative until such time as we have a supported trustmark and trust framework standard to reverse the cross domain things back into).

Cheers
Colin


From: Mark Lizar [mailto:mark@smartspecies.com]
Sent: Tuesday, 30 June 2015 11:35 p.m.
To: Grassi, Paul A.
Cc: Justin Richer; Colin Wallis; vot@ietf.org<mailto:vot@ietf.org>
Subject: Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)

nice and crisp.

I can really start to imagine how discovery and trust marks can be used to scale trust. Although there is some additional issues around the overarching trust framework (whatever that is, I am assuming law). For example assessing trust marks so that they are appropriate for the purpose and also for application in the framework, with a robust method for assessing and asserting integrity of trust marks.  In this context then I think it would be clear how the trust marks fit with VOT.  Its the gap between these elements I suspect that needs to be further articulated and understood.

nicely thought provoking   ..

On 30 Jun 2015, at 02:35, Grassi, Paul A. <paul.grassi@nist.gov<mailto:paul.grassi@nist.gov>> wrote:

I personally like the idea of discoverability at the onset, and the discussion that will follow.

This was great to read, thanks to you and Leif for the work!

On Jun 29, 2015, at 8:49 PM, "Justin Richer" <jricher@mit.edu<mailto:jricher@mit.edu>> wrote:
Colin, that’s a great question, because I’m honestly not sure what the answer is yet. I think that the vectors only make sense in the context of some kind of trust framework setup, but that sometimes those policies will be hard-coded at configuration time and won’t need to be dynamically bound or discovered. That said, I think the real value of this is going to be cross-domain where an RP could subscribe to (and understand) multiple trust marks and be able to validate them at runtime. Still, that piece might be separable enough, and perhaps substantive enough, to be its own draft.

That said, I figured I’d write it down down and figure out where it’s actually supposed to go later. :)

 — Justin

On Jun 29, 2015, at 7:14 PM, Colin Wallis <Colin.Wallis@dia.govt.nz<mailto:Colin.Wallis@dia.govt.nz>> wrote:

Many thanks Justin and Leif

I’ve done a first pass/light read, and from that, I think it is a terrific first cut that gets us on the path to normalizing the discussions over the past 9 months.

Aside from a few tidy ups, I just have this slight concern whether all of Clause 7 (Discovery and Verification) is in scope for normative text?
I certainly appreciate that in most implementations and deployments, there would be a dependency on an operational trust framework and trustmark.
But is it too big a stretch to make that normative for this work?
Just a thought.. and more than happy to be proven wrong.. ☺.

Cheers
Colin


From: vot [mailto:vot-bounces@ietf.org] On Behalf Of Justin Richer
Sent: Saturday, 27 June 2015 3:15 p.m.
To: vot@ietf.org<mailto:vot@ietf.org>
Subject: [VoT] Vectors of Trust I-D

Hi Everyone,

I have taken the initial strawman proposal along with a substantial number of edits and inputs from several folks and have created an initial I-D of the document:

https://tools.ietf.org/id/draft-richer-vectors-of-trust-00

It’s still a very drafty draft, but hopefully it’s starting to make this a concrete thing. Please read it over and discuss it here on the list.

I would like to propose a bar-BoF in Prague for VoT for anyone who would like to discuss this. If you’re interested (and will be there in person), let me know!

 — Justin

_______________________________________________
vot mailing list
vot@ietf.org<mailto:vot@ietf.org>
https://www.ietf.org/mailman/listinfo/vot
_______________________________________________
vot mailing list
vot@ietf.org<mailto:vot@ietf.org>
https://www.ietf.org/mailman/listinfo/vot

_______________________________________________
vot mailing list
vot@ietf.org<mailto:vot@ietf.org>
https://www.ietf.org/mailman/listinfo/vot

v2.23.0 | Report a Bug | By Email