Tigress at IETF 115

Tigress introduction

See slide deck

Requirements

Slide 11 : Security and privacy

Slide 13: Intermediary Server Requirements

Yaron Sheffer: Privacy is not covered well enough in the drafts. If I
lend someone my car, I don't want anyone else to know. In the hotel
situation, the hotel is required to know.

Answer: There's only one current standard for car key transfer.

Yaron: If a requirement is to follow the CCC standard, it needs to be
clarified in the requirements.

Yaron: If the publisher of a credential needs to be in control of the
key sharing is per use case, not overall

Slide 14: Intermediare Server Requirements 2

Discussion about wallets being in control of selection of intermediary
services.

Michael B: Will it be possible to use this protocol without an
intermediary?

Answer: In theory an intermediary could be implemented on the device
itself.

Where we are

Chairs:

Tommy Pauly: How do we migrate implementations from the current early
implementation to the finished published IETF version?

Bradford: Thinking about reliable versioning of the protocol early on in
the doc would be helpful.

Alex: Currently the sharing URL is used for versioning

Yaron: If the URL implies the version, doesn't that imply that you have
the intermediary server?

answer: Good question

Nick: The current solution doesn't use a URL at all...

Chairs: Closing the meeting - have a great IETF week!