-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ar4si CDDL definition #23
Comments
Hi Ned,
I like where you are going with this. What would you think of containing something like this within a new appendix?
Eric
From: Ned Smith ***@***.***>
Sent: Monday, April 10, 2023 3:12 PM
To: ietf-rats-wg/draft-ietf-rats-ar4si ***@***.***>
Cc: Subscribed ***@***.***>
Subject: [ietf-rats-wg/draft-ietf-rats-ar4si] ar4si CDDL definition (Issue #23)
Currently there isn't a CDDL description of an ar4si structure even though the prose seems fairly specific about a structure. Based on careful reading of the I-D, I have the following suggested CDDL:
ar-augmented-bundle = [ + $ar-augmented-type-choice ]
$ar-augmented-type-choice /= ar-augmented-map
ar-augmented-map = {
&(signed-ar: 0) => signed-ar-map ; presumably ar-augmented-bundle is a COSE payload?
&(rp-pof: 1) => $pof-type-choice ; aka nonce
&(v-pof: 2) => $pof-type-choice ; time since appraisal
* $$ar-augmented-map-extension
}
�signed-ar-map = {
&(identity-ev: 0) => $identity-claim-type-choice
? &(trust-vector: 1) => [ + trustworthiness-claim-map ] ; results claims
* $$signed-ar-map-extension
}
$identity-claim-type-choice /= stateful-environment-map ; contains identity triple
trustworthiness-claim-map = {
&(trust-tier: 0) => trustworthiness-tier ; is associated with each trust claim
&(trust-quanta: 1) => $trustworthiness-quanta-type-choice
? &(trust-policy: 2) => $policy-type-choice
* $$trustworthiness-claim-map-extension
}
trustworthiness-tier = &(none: 0, affirmed: 1, contraindicated: 2, warning: 3 )
$trustworthiness-quanta-type-choice /= bytes ; assigned by verifier based on appraisal policy
$policy-type-choice /= text ; could be a policy ID?
However, such a structure might not be fully warranted given other work related to the definition of an attestation results message. Nevertheless, having CDDL definitions makes it easier to clarify the author's intended meaning.
—
Reply to this email directly, view it on GitHub <#23> , or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADPW7IF7VCVLUBJYCTGKCT3XARLQDANCNFSM6AAAAAAWZJ44UQ> .
You are receiving this because you are subscribed to this thread. <https://github.com/notifications/beacon/ADPW7IG4RLJGAOYNMW4BXD3XARLQDA5CNFSM6AAAAAAWZJ44USWGG33NNVSW45C7OR4XAZNFJFZXG5LFVJRW63LNMVXHIX3JMTHGGBB4CY.gif> Message ID: ***@***.*** ***@***.***> >
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently there isn't a CDDL description of an ar4si structure even though the prose seems fairly specific about a structure. Based on careful reading of the I-D, I have the following suggested CDDL:
However, such a structure might not be fully warranted given other work related to the definition of an attestation results message. Nevertheless, having CDDL definitions makes it easier to clarify the author's intended meaning.
The text was updated successfully, but these errors were encountered: