IETF Logo Mail Archive

Re: [VoT] IPR disclosures

Phil Hunt <phil.hunt@oracle.com> Fri, 24 November 2017 05:52 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A1AB1298A1 for <vot@ietfa.amsl.com>; Thu, 23 Nov 2017 21:52:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.229
X-Spam-Level:
X-Spam-Status: No, score=-2.229 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8aBGKuJNfpKM for <vot@ietfa.amsl.com>; Thu, 23 Nov 2017 21:52:50 -0800 (PST)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CC0612943A for <vot@ietf.org>; Thu, 23 Nov 2017 21:52:49 -0800 (PST)
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id vAO5qldb008017 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 24 Nov 2017 05:52:48 GMT
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id vAO5qkPL017846 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 24 Nov 2017 05:52:46 GMT
Received: from abhmp0007.oracle.com (abhmp0007.oracle.com [141.146.116.13]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id vAO5qjjU022456; Fri, 24 Nov 2017 05:52:45 GMT
Received: from [192.168.1.24] (/70.70.142.148) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 23 Nov 2017 21:52:45 -0800
Content-Type: multipart/alternative; boundary="Apple-Mail-1DF23489-614F-4C95-B617-F077D1C5BE47"
Mime-Version: 1.0 (1.0)
From: Phil Hunt <phil.hunt@oracle.com>
X-Mailer: iPhone Mail (14G60)
In-Reply-To: <71FA2939-36BF-4B1F-98BE-619421293143@nist.gov>
Date: Thu, 23 Nov 2017 21:52:43 -0800
Cc: John Bradley <ve7jtb@ve7jtb.com>, Leif Johansson <leifj@sunet.se>, Justin Richer <jricher@mit.edu>, "vot@ietf.org" <vot@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <CDD8C0A9-AF2A-41D4-8088-8497BAF2E2EC@oracle.com>
References: <CAANoGh+hGmwOufaX1gik4zD50auT37pUKjcApuyNbmbBjrssfg@mail.gmail.com> <CAANoGh+r4LaunjnR_8W3wHJaAt7Thv8v0QH4Gxy0s05d0Qb13g@mail.gmail.com> <CAANoGhJMyfGNBNa_XFnt2zMsNLfC7s6V3=LJHTyKChjd7m0ovA@mail.gmail.com> <CAANoGh+vTWSKh75Kr91=LUvXn_O4p4MaAq9jM93GGo0U092ETA@mail.gmail.com> <34a6e930-5d60-6b64-5d6e-49e062628a74@sunet.se> <07DB5C07-2DE0-4DD2-B63B-02343499E546@oracle.com> <71FA2939-36BF-4B1F-98BE-619421293143@nist.gov>
To: "Grassi, Paul A. (Fed)" <paul.grassi@nist.gov>
X-Source-IP: userv0022.oracle.com [156.151.31.74]
Archived-At: <https://mailarchive.ietf.org/arch/msg/vot/ltgHEEqpQSjUYhs6QuRRQCJmRYo>
Subject: Re: [VoT] IPR disclosures
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Nov 2017 05:52:52 -0000

What you described to me before required an RP to set up policy manually based on the reputation of the asserting party (eg its main business) in order to divine the meaning of its identity proofing. 

If that is the case, VoT as a standard does not improve interop, it causes more confusion because the spec does not define how a system may interpret the value other than in a philosophical sense. "Is John really John?" just isn't useful if it isn't the right John.

Phil

> On Nov 23, 2017, at 7:27 PM, Grassi, Paul A. (Fed) <paul.grassi@nist.gov> wrote:
> 
> Fine. But as I have said you want a unicorn when we just want a car that can drive in the same Lane as SAML. Your unicorn is coming, as the phases of igov include international agreement on vot vectors/values and attribute metadata to assert 'assurance' of attributes that are unrelated to proofing. 
> 
> I happy for your contribution don't take unicorn comment poorly. Just a quick post turkey dinner way of making a point. Happy US Thanksgiving. 
> 
> Sent from my iPhone
> 
> On Nov 23, 2017, at 5:25 PM, Phil Hunt <phil.hunt@oracle.com> wrote:
> 
>> The issue i am concerned about then is that by leaving out the issue of claims than the vot is incomplete and would require a separate statement. 
>> 
>> This leads to a lot of interop and complexity problems down the road.  Which value wins etc given they would overlap. 
>> 
>> The vot does not have to address it now but it should have the capability to do so (that may not be possible without a model). 
>> 
>> This is a lot like when we found loa was actually multi dimensional and it had to dramatically change.  IAL falls into the same problem. 
>> 
>> Phil
>> 
>>>> On Nov 23, 2017, at 2:08 PM, Leif Johansson <leifj@sunet.se> wrote:
>>> 
>>>> On 2017-11-23 21:23, John Bradley wrote:
>>>> Authors,
>>>> 
>>>> As part of the write-up for the Vectors of trust document, we need an
>>>> IPR disclosure from all of you.
>>>> 
>>>> Are you aware of any IPR related to the following VOT document?
>>>> 
>>>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__datatracker.ietf.org_doc_draft-2Dricher-2Dvectors-2Dof-2Dtrust_%26d%3DDwIGaQ%26c%3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE%26r%3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA%26m%3DQbLS61Tkq_l46PCZqD5dxO1fLIa4bYOrGBHGDtJrGNY%26s%3DMzyyadRifkHa-POatwYHEwdNoC7wUj777DGKpyRF2RE%26e&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=1dkeGx37WKNwiWfLzR5YNC4KBjqYWqVnt%2B%2FOt7ArqvE%3D&reserved=0=
>>>> 
>>>> Please reply to the list.  
>>>> 
>>>> Regards
>>>> John B. 
>>> 
>>> I am not.
>>> 
>>> _______________________________________________
>>> vot mailing list
>>> vot@ietf.org
>>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttps-3A__www.ietf.org_mailman_listinfo_vot%26d%3DDwIGaQ%26c%3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE%26r%3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA%26m%3DQbLS61Tkq_l46PCZqD5dxO1fLIa4bYOrGBHGDtJrGNY%26s%3DvMBbg4PMZy1qgq6VilC4_SKh4m6b5wkecJsTBKu6txU%26e&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=kSRrzffFE6tfhI5p%2F4bk5qXC23kK%2BlMjSa34zlyqaZY%3D&reserved=0=
>> 
>> _______________________________________________
>> vot mailing list
>> vot@ietf.org
>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fvot&data=02%7C01%7Cpaul.grassi%40nist.gov%7Cab4db3d0fc7a4643a7af08d532c119eb%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636470727310173986&sdata=6OwTIaa5BjmDXJU4vAzBWtOSbH1Zpav4J6O1Ume7Ra0%3D&reserved=0
> _______________________________________________
> vot mailing list
> vot@ietf.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_vot&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=na5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=6pFNIrvLm_EVnrUedIGFNW_kMZCvTRZ5ab06FeZUKjc&s=aoP99Dm88C5EjMwqmtCLIc8D3cn5YU15sh25LsYxKlw&e=

v2.23.0 | Report a Bug | By Email