By the way, a lot *has* changed. If we can use the TEE to get signed information out... if *it* is the attester, that's a pretty big benefit. That just leaves the protocol gorp. But one needs to know that there is a TEE.
On 21.06.18 22:04, Hannes Tschofenig wrote: > > That’s a good question, Eliot. Let me put something together for the > IETF meeting > > > > *From:*Eliot Lear [mailto:l...@cisco.com] > *Sent:* 21 June 2018 20:17 > *To:* Hannes Tschofenig; oauth@ietf.org > *Cc:* Laurence Lundblade; e...@ietf.org > *Subject:* Re: [OAUTH-WG] Standardizing Attestation Tokens > > > > Hi Hannes, > > The draft is interesting, but it looks a bit like NEA. How would this > vary, apart from the CoAP part and a different registry? Seems to me > the real magic is how the device is interrogated such that the > consumer of this information has confidence as to its validity. The > protocol bits are the easy part. If people have some understanding of > that magic and are willing to share, then this work becomes > considerably more interesting. > > Eliot > > > > On 21.06.18 17:11, Hannes Tschofenig wrote: > > Hi all, > > > > I would like to make you aware of work that will be discussed on > attestation on the EAT mailing list. Here is the link to the list: > > https://www.ietf.org/mailman/listinfo/eat > > > > Here is a document describing the idea: > > https://tools.ietf.org/html/draft-mandyam-eat-00 > > > > The work is relevant for IoT and non-IoT devices. > > > > Laurence and I are planning to organize a Bar BOF at the Montreal > IETF meeting to entertain the idea. > > > > Ciao > > Hannes > > IMPORTANT NOTICE: The contents of this email and any attachments > are confidential and may also be privileged. If you are not the > intended recipient, please notify the sender immediately and do > not disclose the contents to any other person, use it for any > purpose, or store or copy the information in any medium. Thank you. > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org <mailto:OAuth@ietf.org> > > https://www.ietf.org/mailman/listinfo/oauth > > > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or > copy the information in any medium. Thank you.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
