Re: [VoT] IPR disclosures

Jim Fenton <fenton@bluepopcorn.net> Mon, 27 November 2017 23:43 UTC

Return-Path: <fenton@bluepopcorn.net>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7685127136 for <vot@ietfa.amsl.com>; Mon, 27 Nov 2017 15:43:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.01
X-Spam-Level:
X-Spam-Status: No, score=-0.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bluepopcorn.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AGsGJ63fQzDg for <vot@ietfa.amsl.com>; Mon, 27 Nov 2017 15:42:57 -0800 (PST)
Received: from v2.bluepopcorn.net (v2.bluepopcorn.net [IPv6:2607:f2f8:a994::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87CA3124207 for <vot@ietf.org>; Mon, 27 Nov 2017 15:42:56 -0800 (PST)
Received: from [10.148.18.163] (li1301-101.members.linode.com [45.79.202.101]) (authenticated bits=0) by v2.bluepopcorn.net (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id vARNgX55031619 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 27 Nov 2017 15:42:39 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net; s=supersize; t=1511826167; bh=HbTMaByTnrAEIk5Zi3UqLwyuxvp397aQnJ9G8PV7HBU=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=qlfBA20K3kJJOcpbH3oXsmPnjLeNGOC3F5POXP8ZiC6ttlBl4D4oX6kng9WJvWZP8 6MEKbYnUc5st4R0KbnD2Opa8mj1eQTjIJyxy2ste6+cZtDhR4WL7ih4tQDLLTyL5YB 6HPyUD5mCU7Y4mWQ/DbjOcg54BIqYIvVRFbeWyWA=
Content-Type: multipart/alternative; boundary=Apple-Mail-9B9557C3-0C14-41C4-A8E1-2841EA9ACD7C
Mime-Version: 1.0 (1.0)
From: Jim Fenton <fenton@bluepopcorn.net>
X-Mailer: iPhone Mail (15B202)
In-Reply-To: <C4AA7E13-9287-4813-BF28-7B8A81B196A3@nist.gov>
Date: Mon, 27 Nov 2017 16:42:27 -0700
Cc: John Bradley <ve7jtb@ve7jtb.com>, "vot@ietf.org" <vot@ietf.org>, Chris Drake <Chris.Drake@cryptophoto.com>, Leif Johansson <leifj@sunet.se>, Justin Richer <jricher@mit.edu>, Phil Hunt <phil.hunt@oracle.com>
Content-Transfer-Encoding: 7bit
Message-Id: <C06C6AF4-4633-4389-A1A2-68B9BA766B39@bluepopcorn.net>
References: <CAANoGh+hGmwOufaX1gik4zD50auT37pUKjcApuyNbmbBjrssfg@mail.gmail.com> <CAANoGh+r4LaunjnR_8W3wHJaAt7Thv8v0QH4Gxy0s05d0Qb13g@mail.gmail.com> <CAANoGhJMyfGNBNa_XFnt2zMsNLfC7s6V3=LJHTyKChjd7m0ovA@mail.gmail.com> <CAANoGh+vTWSKh75Kr91=LUvXn_O4p4MaAq9jM93GGo0U092ETA@mail.gmail.com> <34a6e930-5d60-6b64-5d6e-49e062628a74@sunet.se> <07DB5C07-2DE0-4DD2-B63B-02343499E546@oracle.com> <71FA2939-36BF-4B1F-98BE-619421293143@nist.gov> <1273163981.20171124134926@CryptoPhoto.com> <30FC6686-4AFC-44B0-82D1-027CE3DDC3D5@nist.gov> <CAANoGhJyOCgDk8Fax0Jg10qgH972Kdzv522xj9unHTpLUJsbhQ@mail.gmail.com> <C4AA7E13-9287-4813-BF28-7B8A81B196A3@nist.gov>
To: "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov>
Archived-At: <https://mailarchive.ietf.org/arch/msg/vot/kCUsPipxCjN_kMx_GbaKNkWq7Lw>
Subject: Re: [VoT] IPR disclosures
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Nov 2017 23:43:02 -0000

I'm sure Paul meant to say, "is interoperable.". 

-Jim

> On Nov 27, 2017, at 12:09 PM, Grassi, Paul A. (Fed) <paul.grassi@nist.gov>; wrote:
> 
> WE have iGov tomorrow. I encourage those that are on the workgroup to come to discuss this, as we have made a bunch of changes (to include some recommended by Phil) and will be going to a vote soonest. I can assure you that even though USG requirements are represented in the draft, it isn’t interoperable and is inline with other international use cases.
>  
> From: John Bradley <ve7jtb@ve7jtb.com>;
> Date: Thursday, November 23, 2017 at 11:37 PM
> To: Paul Grassi <paul.grassi@nist.gov>;
> Cc: Chris Drake <Chris.Drake@cryptophoto.com>;, Phil Hunt <phil.hunt@oracle.com>;, Leif Johansson <leifj@sunet.se>;, Justin Richer <jricher@mit.edu>;, "vot@ietf.org"; <vot@ietf.org>;
> Subject: Re: [VoT] IPR disclosures
>  
> We should probably try and keep the VOT and iGov discussions separate.  
>  
> IGov's use of VOT should largly be on the iGov mailing list at the OIDF.  VOT is only a small reference in iGov.  If that needs to be expanded then discuss over there.  
>  
> This list is for the core VOT spec, and it's fitness to purpose.    
>  
> Concrete examples of profiles for security token trust that cannot be accommodated by VOT would be helpful when making points that the spec is inadiquate in some way.  
>  
> Taking off yet again, so out of communication for at least 12h.
>  
> John B.  
>  
> On Nov 23, 2017 11:17 PM, "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov>; wrote:
> As the USG rep, I can confidently state that the use case this version supports is 90% of our use cases. Don’t hold us up for the last 10%. That 10% will be amazing, but can come later. What is being asked for is gold-plating, not something that if not done means we are wrong.
>  
> Paul
>  
> From: Chris Drake <Chris.Drake@CryptoPhoto.com>;
> Date: Thursday, November 23, 2017 at 10:49 PM
> To: "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov>;, Phil Hunt <phil.hunt@oracle.com>;
> Cc: John Bradley <ve7jtb@ve7jtb.com>;, Leif Johansson <leifj@sunet.se>;, Justin Richer <jricher@mit.edu>;, "vot@ietf.org"; <vot@ietf.org>;
> Subject: Re: [VoT] IPR disclosures
>  
> Hi,
> 
> I'm on the side of "get it right".  OpenID swept a similar range of topics into the "out of scope" basket, which rendered their first standard so unusable they had to come back and do a second one.
> 
> Lets at least learn from history, and build something *effectively useable* out of the gate.
> 
> You can't drive unsafe or inappropriate cars on any roads, let alone in a SAML lane.  Nobody cares *how* it goes wrong, they just care that it did - so it's our job to look ahead and watch out for those obstacles now; rather than shroud them in SEP.
> 
> Kind Regards,
> Chris Drake
> 
> 
> Friday, November 24, 2017, 1:27:18 PM, Grassi, Paul A. (Fed) wrote:
> 
> Fine. But as I have said you want a unicorn when we just want a car that can drive in the same Lane as SAML. Your unicorn is coming, as the phases of igov include international agreement on vot vectors/values and attribute metadata to assert 'assurance' of attributes that are unrelated to proofing.  
> 
> I happy for your contribution don't take unicorn comment poorly. Just a quick post turkey dinner way of making a point. Happy US Thanksgiving. 
> 
> Sent from my iPhone
> 
> On Nov 23, 2017, at 5:25 PM, Phil Hunt <phil.hunt@oracle.com>; wrote:
> 
> The issue i am concerned about then is that by leaving out the issue of claims than the vot is incomplete and would require a separate statement. 
> 
> This leads to a lot of interop and complexity problems down the road.  Which value wins etc given they would overlap. 
> 
> The vot does not have to address it now but it should have the capability to do so (that may not be possible without a model). 
> 
> This is a lot like when we found loa was actually multi dimensional and it had to dramatically change.  IAL falls into the same problem. 
> 
> Phil
> 
> On Nov 23, 2017, at 2:08 PM, Leif Johansson <leifj@sunet.se>; wrote:
>  
>  
> On 2017-11-23 21:23, John Bradley wrote:
>  
> Authors,
>  
>  
> As part of the write-up for the Vectors of trust document, we need an
>  
> IPR disclosure from all of you.
>  
>  
> Are you aware of any IPR related to the following VOT document?
>  
>  
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__datatracker.ietf.org_doc_draft-2Dricher-2Dvectors-2Dof-2Dtrust_%26d%3DDwIGaQ%26c%3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE%26r%3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA%26m%3DQbLS61Tkq_l46PCZqD5dxO1fLIa4bYOrGBHGDtJrGNY%26s%3DMzyyadRifkHa-POatwYHEwdNoC7wUj777DGKpyRF2RE%26e&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=1dkeGx37WKNwiWfLzR5YNC4KBjqYWqVnt%2B%2FOt7ArqvE%3D&reserved=0=
>  
>  
> Please reply to the list.  
>  
>  
> Regards
>  
> John B. 
>  
>  
> I am not.
>  
>  
> _______________________________________________
>  
> vot mailing list
>  
> vot@ietf.org
>  
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__www.ietf.org_mailman_listinfo_vot%26d%3DDwIGaQ%26c%3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE%26r%3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA%26m%3DQbLS61Tkq_l46PCZqD5dxO1fLIa4bYOrGBHGDtJrGNY%26s%3DvMBbg4PMZy1qgq6VilC4_SKh4m6b5wkecJsTBKu6txU%26e&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=kSRrzffFE6tfhI5p%2F4bk5qXC23kK%2BlMjSa34zlyqaZY%3D&reserved=0=
> 
> 
> _______________________________________________
> vot mailing list
> vot@ietf.org
> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fvot&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=6OwTIaa5BjmDXJU4vAzBWtOSbH1Zpav4J6O1Ume7Ra0%3D&reserved=0
> 
> 
> 
> 
> _______________________________________________
> vot mailing list
> vot@ietf.org
> https://www.ietf.org/mailman/listinfo/vot