Hi RATS enthusiasts,
hi ACE,
hi CBOR,
in the RATS WG we had a lot of discussions about the nature of an Entity
Attestation Token (EAT):
> https://datatracker.ietf.org/doc/draft-ietf-rats-eat/
> https://github.com/ietf-rats-wg/eat/
A bit of (hopefully useful) context: an EAT is one way to convey
believable evidence from an Attester (a role residing on a device-like
entity) to a Verifier (another role defined by RATS - the appraiser of
evidence). All that is done to provide a Relying Party with "simple
enough" attestation results generated by the Verifier to enable Relying
Parties (in general, the remote peer) to make an informed decision about
whether to put trust in the trustworthiness of that Attester or not. In
summary, an Attester could be compromised in some way and RATS tries to
inhibit that Attester to lie about that.
There are a lot of benefits if an EAT (representing evidence) is a CWT:
* we avoid conflicting CWT claim index/label definitions in the IANA
registry, while being able to use the CWT world of claims (existing, cnf
soon, and such),
* at first glance it seems simpler to use existing code that can process
CWT, and
* EAT can simply inherit the well defined COSE signing conventions.
Alas, there is also a very specific drawback:
* sometimes RATS might not want to sign a token (maybe that does render
it not a token anymore, but rather a ticket. But that is just a rather
minor detail for now)
Why do RATS sometimes not require a signature around their CWT Claims
Sets? Because the surrounding secure channel between two entities with
well established authenticity and trustworthiness can be good enough to
convey useful CWT Claims Sets without a signature (emphasis on: in RATS).
Now - there are multiple options discussed in the RATS WG how to deal
with this:
1.) go to COSE and ask for a "null signature",
2.) go to ACE and ask for an "unsigned token" option, or
3.) go to CBOR and ask for a tag for "naked" CWT Claim Sets (i.e., that
are not signed).
At the last RATS virtual interim there was no certainty how to approach
this. So this is a call out. COSE, ACE, and CBOR, how would you approach
this "unsigned CWT Claims Set" requirement?
If one of the three options highlighted above is out of the question,
please say so (and please elaborate on the why for the sake of helping
the RATS WG understand why that is not a good idea).
If one of the three options looks like a low hanging fruit & viable,
please say so (and... you know the drill).
I hope that this email contains all the information required to help the
RATS WG in this call out to other WGs. If it does not, please say so :)
Last but not least, if there are other relevant WGs or experts that
could lend opinions or alternatives, let us know.
Viele Grüße,
Henk
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
