Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)
Colin Wallis <Colin.Wallis@dia.govt.nz> Tue, 30 June 2015 20:50 UTC
Return-Path: <Colin.Wallis@dia.govt.nz>
X-Original-To: vot@ietfa.amsl.com
Delivered-To: vot@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E889E1B2EE6 for <vot@ietfa.amsl.com>; Tue, 30 Jun 2015 13:50:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.317
X-Spam-Level:
X-Spam-Status: No, score=-1.317 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HELO_EQ_BIZ=0.288, HTML_MESSAGE=0.001, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_LOW=-0.7, RELAY_IS_203=0.994, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s-oxcLICWcaP for <vot@ietfa.amsl.com>; Tue, 30 Jun 2015 13:50:12 -0700 (PDT)
Received: from mx1.securemx.biz (mx1.securemx.biz [203.84.134.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D137C1B3229 for <vot@ietf.org>; Tue, 30 Jun 2015 13:50:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=nz.smxemail.com; s=alpha; c=relaxed/relaxed; q=dns/txt; i=@nz.smxemail.com; t=1435697409; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC; bh=YQaUW9Ye6GwajvPMN/j2iCMoq8c5lJXFlQPCtQZIbpo=; b=Kl3b/mHJtva1Esu9ayAZoAepmAAQzTiYjQGAykGOKQj+p9s8cBGqKORtL1wS+wJi 813o1KcWYzXrvi0gYLJfYGggRHB1Uq9kvXtPDsfRu1bW+Hnbgq7KJynsyp60WzHe cRUhx8sFbmT9nWGCnA0YED/4hjOX21KTdOFL717gVhU=;
Received: from s111-0006-lnv01 ([131.203.48.73]) by omr.nz.smxemail.com with ESMTP (using TLSv1 with cipher AES256-SHA (256/256 bits)) id 55930101-2C4D3136@mta1101.omr; Tue, 30 Jun 2015 20:50:09 +0000
MIME-Version: 1.0
Message-ID: <147EE18440E5AF44834B220ED35BA530014AB25FFC@WLGPRDMBX02.dia.govt.nz>
X-MessageIsInfected: false
Received: from 161-65-142-21.ip.fx.net.nz (EHLO WLGPRDMM01.dia.govt.nz) ([161.65.142.21]) by s111-0006-lnv01 (JAMES SMTP Server ) with ESMTP ID 1856221349; Wed, 01 Jul 2015 08:50:06 +1200 (NZST)
Received: from WLGPRDCAS01.dia.govt.nz (Not Verified[172.29.0.93]) by WLGPRDMM01.dia.govt.nz with MailMarshal (v7, 1, 1, 5205) (using TLS: SSLv23) id <B559300fe0000>; Wed, 01 Jul 2015 08:50:06 +1200
Received: from WLGPRDMBX02.dia.govt.nz ([fe80::d51f:14cf:8162:8a0b]) by WLGPRDCAS01.dia.govt.nz ([172.29.0.93]) with mapi id 14.03.0235.001; Wed, 1 Jul 2015 08:50:06 +1200
From: Colin Wallis <Colin.Wallis@dia.govt.nz>
To: 'Mark Lizar' <mark@smartspecies.com>, "Grassi, Paul A." <paul.grassi@nist.gov>
Thread-Topic: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)
Thread-Index: AQHQstUckGykwW32yECQR8eylo0If53EIrcAgAFfslA=
Date: Tue, 30 Jun 2015 20:50:06 +0000
References: <147EE18440E5AF44834B220ED35BA530014AB1AEC1@WLGPRDMBX02.dia.govt.nz> <F54072E0-5653-49B2-A370-E1C6318E7985@mit.edu> <69B21050-7E52-4B85-8081-8DE210DE432A@nist.gov> <675F1A61-4881-4365-8138-8517B2047B91@smartspecies.com>
In-Reply-To: <675F1A61-4881-4365-8138-8517B2047B91@smartspecies.com>
Accept-Language: en-US, en-NZ
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailadviser: Confirmation not required
x-originating-ip: [172.29.0.162]
Content-Type: multipart/alternative; boundary="_000_147EE18440E5AF44834B220ED35BA530014AB25FFCWLGPRDMBX02di_"
Archived-At: <http://mailarchive.ietf.org/arch/msg/vot/zQTeqr4JrFoLn6r2Ta7coyfHUP8>
Cc: "vot@ietf.org" <vot@ietf.org>, Justin Richer <jricher@mit.edu>
Subject: Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D)
X-BeenThere: vot@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Vectors of Trust discussion list <vot.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vot>, <mailto:vot-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/vot/>
List-Post: <mailto:vot@ietf.org>
List-Help: <mailto:vot-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vot>, <mailto:vot-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2015 20:50:15 -0000
Thanks for those comments on Clause 7. It seems like the challenge is to find that sweet spot/fine line that gives the reader enough info on how to do the cross domain subscription/validation, without having the this whole draft standardizing trust frameworks and trustmarks. Because that is a whole lot more work and takes the focus away from the original intent (which was my concern and hence the idea of making this part informative until such time as we have a supported trustmark and trust framework standard to reverse the cross domain things back into). Cheers Colin From: Mark Lizar [mailto:mark@smartspecies.com] Sent: Tuesday, 30 June 2015 11:35 p.m. To: Grassi, Paul A. Cc: Justin Richer; Colin Wallis; vot@ietf.org Subject: Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of Trust I-D) nice and crisp. I can really start to imagine how discovery and trust marks can be used to scale trust. Although there is some additional issues around the overarching trust framework (whatever that is, I am assuming law). For example assessing trust marks so that they are appropriate for the purpose and also for application in the framework, with a robust method for assessing and asserting integrity of trust marks. In this context then I think it would be clear how the trust marks fit with VOT. Its the gap between these elements I suspect that needs to be further articulated and understood. nicely thought provoking .. On 30 Jun 2015, at 02:35, Grassi, Paul A. <paul.grassi@nist.gov<mailto:paul.grassi@nist.gov>> wrote: I personally like the idea of discoverability at the onset, and the discussion that will follow. This was great to read, thanks to you and Leif for the work! On Jun 29, 2015, at 8:49 PM, "Justin Richer" <jricher@mit.edu<mailto:jricher@mit.edu>> wrote: Colin, that’s a great question, because I’m honestly not sure what the answer is yet. I think that the vectors only make sense in the context of some kind of trust framework setup, but that sometimes those policies will be hard-coded at configuration time and won’t need to be dynamically bound or discovered. That said, I think the real value of this is going to be cross-domain where an RP could subscribe to (and understand) multiple trust marks and be able to validate them at runtime. Still, that piece might be separable enough, and perhaps substantive enough, to be its own draft. That said, I figured I’d write it down down and figure out where it’s actually supposed to go later. :) — Justin On Jun 29, 2015, at 7:14 PM, Colin Wallis <Colin.Wallis@dia.govt.nz<mailto:Colin.Wallis@dia.govt.nz>> wrote: Many thanks Justin and Leif I’ve done a first pass/light read, and from that, I think it is a terrific first cut that gets us on the path to normalizing the discussions over the past 9 months. Aside from a few tidy ups, I just have this slight concern whether all of Clause 7 (Discovery and Verification) is in scope for normative text? I certainly appreciate that in most implementations and deployments, there would be a dependency on an operational trust framework and trustmark. But is it too big a stretch to make that normative for this work? Just a thought.. and more than happy to be proven wrong.. ☺. Cheers Colin From: vot [mailto:vot-bounces@ietf.org] On Behalf Of Justin Richer Sent: Saturday, 27 June 2015 3:15 p.m. To: vot@ietf.org<mailto:vot@ietf.org> Subject: [VoT] Vectors of Trust I-D Hi Everyone, I have taken the initial strawman proposal along with a substantial number of edits and inputs from several folks and have created an initial I-D of the document: https://tools.ietf.org/id/draft-richer-vectors-of-trust-00 It’s still a very drafty draft, but hopefully it’s starting to make this a concrete thing. Please read it over and discuss it here on the list. I would like to propose a bar-BoF in Prague for VoT for anyone who would like to discuss this. If you’re interested (and will be there in person), let me know! — Justin _______________________________________________ vot mailing list vot@ietf.org<mailto:vot@ietf.org> https://www.ietf.org/mailman/listinfo/vot _______________________________________________ vot mailing list vot@ietf.org<mailto:vot@ietf.org> https://www.ietf.org/mailman/listinfo/vot
- [VoT] Clause 7 edgy on scope? (RE: Vectors of Tru… Colin Wallis
- Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of… Justin Richer
- Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of… Grassi, Paul A.
- Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of… Mark Lizar
- Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of… Colin Wallis
- Re: [VoT] Clause 7 edgy on scope? (RE: Vectors of… Bucci, Debbie (OS/ONC)