[Wimse] WIMSE Design Team update: securing service to service traffic
Yaron Sheffer <yaronf.ietf@gmail.com> Mon, 10 June 2024 10:43 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: wimse@ietfa.amsl.com
Delivered-To: wimse@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88032C15170B for <wimse@ietfa.amsl.com>; Mon, 10 Jun 2024 03:43:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.008
X-Spam-Level:
X-Spam-Status: No, score=-2.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZcON1PqzGet for <wimse@ietfa.amsl.com>; Mon, 10 Jun 2024 03:43:13 -0700 (PDT)
Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com [IPv6:2a00:1450:4864:20::32e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9704DC151551 for <wimse@ietf.org>; Mon, 10 Jun 2024 03:43:13 -0700 (PDT)
Received: by mail-wm1-x32e.google.com with SMTP id 5b1f17b1804b1-42133f8432aso25315595e9.3 for <wimse@ietf.org>; Mon, 10 Jun 2024 03:43:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718016191; x=1718620991; darn=ietf.org; h=content-transfer-encoding:to:message-id:thread-topic:subject:from :date:mime-version:from:to:cc:subject:date:message-id:reply-to; bh=mtvwlSx4gFeGnIp2HnEEPmesph2bEiP7tofgZGvq9GI=; b=GBq/3wSbTg4xtpg6s8ePwdiJnt3bmmQ4EPDWg1HgPX8xNC1rANY38QW+A0a3+DXf8o i38FLF9FIZvkd8dEgvAW+Qjco//7b0ktNGbdITqDjDV8oToydVuhnOJcicuK+feV6PRR T4EmvJXVb9PHMsV/7gdjvYUH3M3ppuR/9vDiCM111pxuSztz/q+R/IqdzgaR46cBP/nm hZO5/MhZvhaNs63AK1NAg8T8T6cnXyEchkrr/MxAKXgFwyWRs1BIrMs0JPHE76mg2uo2 LbV6NFH/WUaT5FOZN1MV9vNRPqcMggBoWO3A3bmYRDVUBgjGdVUbbtPr6Sq6Itc5IY6b PX+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718016191; x=1718620991; h=content-transfer-encoding:to:message-id:thread-topic:subject:from :date:mime-version:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=mtvwlSx4gFeGnIp2HnEEPmesph2bEiP7tofgZGvq9GI=; b=SK9qcXbj45JWY82Y3jd238gkMIq1LjsZgRC9Bc1v+nfxUJiycT3TmBzjkT8zDoE4SP J5DVtYNH+E/TrLCQa9LXmY3v4JtqA01RIU2sEUZVUdDPljr58FCQmgZsrDLIwiRCaIc9 i3KjwJ9slG4gE6t373J5XoVB4vghny1qzB+TJGSrD0LPFnSRD0F0MoT7MfLDeNBSKBbZ xlxQ7Fyg+ScCYEuogyVNp9sgis14nmmZKtpOSozUwRahXJqH+xlvGGrD+ysDGZt777Zj 03CMrmT6ufvX2ocNx+60RSvRdmiL279w9JAQtO+m9W6/TKRIndQmYf/kcbyUlyrU9dY8 Tblw==
X-Gm-Message-State: AOJu0Yx0JQ0MnTC811o39MfZAwwFXUZNZNZNQqPYVFydfBQKQtUn1XnW r+7UfvJdLFc+J867+L70I7yc2daGbxi+TBk4aX3CDVNDpuoh228FRZFnnPd6
X-Google-Smtp-Source: AGHT+IGLEZS6huEfLKzFpeaC5zVYnfSpKqDv6LsiFMOmQ5ZMYc1bnS9uWCmqHW/soD52IKNYehFytw==
X-Received: by 2002:a05:600c:1907:b0:419:f241:633b with SMTP id 5b1f17b1804b1-421649ea685mr83431545e9.8.1718016191327; Mon, 10 Jun 2024 03:43:11 -0700 (PDT)
Received: from macos-F7LQR2FV6V (pub-corp-42-8.intuit.com. [91.102.42.8]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-421e91c46e4sm22991045e9.9.2024.06.10.03.43.10 for <wimse@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 10 Jun 2024 03:43:10 -0700 (PDT)
MIME-Version: 1.0
Date: Mon, 10 Jun 2024 13:43:07 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
Thread-Topic: WIMSE Design Team update: securing service to service traffic
Message-ID: <3FFB92F6-EB2E-6240-93F1-884F0354B02C@hxcore.ol>
To: "wimse@ietf.org" <wimse@ietf.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
Message-ID-Hash: H5JIV6KHNNKXWBMCCXRD7WVPI4CUPF72
X-Message-ID-Hash: H5JIV6KHNNKXWBMCCXRD7WVPI4CUPF72
X-MailFrom: yaronf.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Wimse] WIMSE Design Team update: securing service to service traffic
List-Id: WIMSE Workload Identity in Multi-Service Environment <wimse.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wimse/N7kLigjRJ627XGeZbVrxl6TL_TU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wimse>
List-Help: <mailto:wimse-request@ietf.org?subject=help>
List-Owner: <mailto:wimse-owner@ietf.org>
List-Post: <mailto:wimse@ietf.org>
List-Subscribe: <mailto:wimse-join@ietf.org>
List-Unsubscribe: <mailto:wimse-leave@ietf.org>
Dear WIMSE WG members,
The design team has been meeting regularly and we’re moving towards consensus. We don’t have a draft yet, instead we have an initial document outline and a bunch of pull requests that together cover most of the document. The repo is public and available at [1]. We plan to bring all these threads together and publish a -00 draft by the IETF 120 deadline, July 8. In the meantime, feel free to open issues, make comments on existing PRs or even open new PRs.
Thanks,
Yaron, on behalf of Brian, Joe, Daniel and Arndt
[1] https://github.com/yaronf/wimse-s2s" rel="nofollow">https://github.com/yaronf/wimse-s2s
- [Wimse] WIMSE Design Team update: securing servic… Yaron Sheffer
- [Wimse] Re: WIMSE Design Team update: securing se… Pieter Kasselman