Skip to main content

Minutes IETF116: tigress: Tue 06:30
minutes-116-tigress-202303280630-00

Meeting Minutes Transfer dIGital cREdentialS Securely (tigress) WG
Date and time 2023-03-28 06:30
Title Minutes IETF116: tigress: Tue 06:30
State Active
Other versions markdown
Last updated 2023-03-28

minutes-116-tigress-202303280630-00

TIGRESS @ IETF 116

Note taker: Yaron Sheffer

Leif and Prachi opening the meeting. We will discuss the Threat Model
and Reuqirements docs.

Casey and Dmitry sharing changes to Requirements.

EKR: Not sure how the max participant requirement is enforced.
Dmitry: wanted to remove req of transfer from single to single device,
but couldn't have unlimited number.
Bradford: sender can specify a limiut that they want the prov partner to
adhere to.
EKR: the system needs to include some blob targeted at the prov partner.

Dmitry: we are not trying to cover the provisioning part.
Dmitry: technocally there are multiple ways of doing it.
EKR: but receiver doesn't authenticate.
Leif: may be solved with Privacy Pass.
EKR: [missed this part] Would want to see a diagram of how this can be
done.
Leif: make sure the req is actually feasible.
EKR: the 2nd req is fine.

EKR: for max retrievals, where would this machinery happen. How do you
envision a protocol specifying that.
Yogesh: we are not trying to prevent collusion.
Yogesh: we allow one person to pick up the key.
EKR: but this is not what the req says.
Leif: the intention is to talk about admin control, and the text is
ambiguous.
Yogesh: the idea is not to control collusion.
EKR: if relay enforced one receiver, it is hard to deal with "glitches",
receiver failures. Which means the req cannot be implemented reasonably.

Leif: Eric has a point, we need to have an idea how we can implement it.
The text needs to be clarified - intent is unclear. If we assume no
collusion, let's say so.
DKG: one option: you really want one other device to pick up, at most.
Even if the device fails, it doesn't get a second chance. Is that what
we want?
Yogesh: in some cases you want a retry mechanism, in some cases not.
Dmitry: need to clarify the req.
EKR offered to send a comment.

Brad discussing the Threat Model. Document has been stable for a while
(no slides).
Leif asks for a quick explanation.
Brad: pulls the sec/privacy parts out of the WG charter.

Leif: show of hands on who read the Threat Model doc. 11 Raise hand, 9
do not. Leif: reasonable for the size of the group. Solicits volunteers
to review. Eric volunteers. Also DKG.

Leif: the documents have been rearranged quite a bit, seen a good bit of
review. Plan to issue a call for adoption for the req doc, the Threat
Model needs more review. Adoption call on the list. Are we ready for
adoption?
EKR: adoption is appropriate.
Leif: will take to the list.
Meeting concludes 16:10.