Justin: now at MongoDB
Draft: https://datatracker.ietf.org/doc/draft-ietf-wimse-s2s-protocol/
Yaron and Brian Presenting for the authors
Yaron: Making significant progress
Yaron: Please share information about implementation
Yaron: examples of protocol documents with good security analysis
Justin: think of it as defining what security properties this provides
instead of a formal analysis. ie. does this provide integrity,
confidentitiality, etc.
Yaron: Different properties for different proper
Pieter: reach out to the people who did the FAPI analysis
Usama: security properites are more concrete goals (in formal analysis).
goals are high level and not as formal as properties. Draft should lay
out the security goals.
Yaron: we are focusing on security goals
Yaron: proposes wimse URI scheme
Yaroslav: scheme should have meaning, wimse may be to general to be
meaningful.
Yaron: it just means "I'm going to use it in wimse"
Yaroslav: wimse seems like a placeholder
Yaron: I think people will use the Wimse scheme in real deployments
Pieter: This may be part of an identity draft
Brian talks about multiple oth tokens - replace single value wih json
object containing the multiple hashes
Thibault (cloudFlare) - is this to replace HTTPSignatures?
Brian: no this is not to replace HTTP signatures, want to make in simple
and different
Justin: do refer to http headers, instead have a token labe a value
Brian: we do this for tokens we know, but for unknown we use headers
Justin: don't do it
Yaroslav: related to web bot auth
Lets get to WGLC by Montreal
Draft:
https://datatracker.ietf.org/doc/draft-ietf-wimse-workload-identity-practices/
Arndt presenting
Justin: who has read the draft? ~7 have raised hands, a few people
offered to review
Justin: start WGLC soon
Draft: https://datatracker.ietf.org/doc/draft-ietf-wimse-arch/
Joe Presents
Arndt: differentiate between identity as logical concept and identity as
a specific instance
Yaroslav:
Usama: What about attestation
Joe: Just general high level
Henk: maybe better to leave it out for now
Actions
Usama: what is an agent?
Yaron: ill defined. Maybe If it meets 73% of the "properties" of an
agent then it is an agent
Yaron: Agents look like workloads, but WIMSE does not ccover all of the
things now (identity, attestation, authorization)
Yaroslav: Are there any Agentic AI practitioners who want to
participate? Could we get participant from this community
Yaron: I agree in principal.
Arndt: I don't think WIMSE will be able to solve all of them, we should
try to help the industry. Draft in OAUTH using SPIFFE to talk to
authoizaiton server.
Usama: Did you list all the improtant things for agent?
Yaron: there are more things, but I listed the areas we are missing in
WIMSE
Thibault: Focus on micro-agent what do we focus on in this working group
Yaron: Some of htis is more Appropriate for OAUTH
Thibaut: may identity practices acan expand upon this
Yogesh: each agent is a workload, same principles
Yaron: idagree
Gene: Need to be different. MCP does not have fundamental security.
causes interop problems
Andrew: May not be able to solve all of these problems. We definitly
should attack identity and attestation
Dmitry: Workload identity is fundamental.
Henk (chat): Mark's presentation will start to highlight why
"Attestation" will become as confusing as always everywhere, if not
dealt with
Draft:
https://datatracker.ietf.org/doc/draft-rosomakho-wimse-identifier/
Kathleen: Have you look at the glue document in spice. Glue is trying to
provide a unique identifier
https://datatracker.ietf.org/doc/draft-ietf-spice-glue-id/
Yaroslav: we have not looked at it yet
Yaron: is splitting it out the right approach
Thibault: I think this would be valuable. Scope to workload.
Arndt: Taking the time into account I’m writing in chat: I support
working on it but it should be fast because other documents rely on it
Flemming Andreasen: Agree with Arndt
Andrew McCormick expressed interest as well
Draft:
https://datatracker.ietf.org/doc/draft-schwenkschuster-wimse-credential-exchange/
Definition of protocol vs best practices, patterns and use cases.
Purpose of document - Do we need to start?
There is a bi-weekly credential exchange call
Joe: I think this is needed, have not read the draft yet
Dmitry: (didn't hear all of it but ti think ti would be support of)
Andrew: +1
Deans Saxe supports this work in chat
Flemming Andreason supports work in chat
Yaron: draft is high level why not specific
Arndt: its hard to cover all the use cases with one mechanism
Justin: this is a starting point for disucssion
Yaron: thought this was a solved problem. maybe look at Oauth NHI
Joe: isn't is S2s in WIMSE and then other stuff is out of scope?
Andrew: pretty much
Yaroslav: isn't it Spice?
Orie (AD): it is connected to S2S piece doesn't cleanly fit in the
charter
Pieter: continue to explore then we can discuss charter and relation to
charter
Justin: we are encouraged to discuss this on the list
Draft:
https://datatracker.ietf.org/doc/draft-levy-wimse-headless-jwt-authentication/
Marcel: Are people interested.
Joe: i think ti could be useful to avoid sharp edges. Maybe this fits
with workload practices
Arndt: Different security practices not document. Single key vs global
key.
Brian: overlap with a lot of existing work
Marcel: important point will followup
Draft:
https://datatracker.ietf.org/doc/draft-lkspa-wimse-verifiable-geo-fence/
Mark: Start with Architecture. Separate workload form host plaform and
then combine them
Potetnial conflict of WIMSE and confidential compute semantic.
Usama: RA is a prerequiste to CC
Henk (chat): In some scenarios, but not all certainly
Josef - happy to work on architecture to cover additional deployment
models
Justin - Reminder that confidential compute consortium is a seperate
entity and not part of the IETF, processes, rules and IP protections is
different from that of the IETF. Work in IETF is independant from
Confidential Compute Consortium.
Draft: https://datatracker.ietf.org/doc/draft-ccc-wimse-twi-extensions/