Re: [EAT] Scope, Goals & Background for RATS

"Diego R. Lopez" <> Thu, 20 September 2018 22:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A55E0127333; Thu, 20 Sep 2018 15:27:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2y9qoXG4W0PK; Thu, 20 Sep 2018 15:27:24 -0700 (PDT)
Received: from ( [IPv6:2a01:111:f400:fe0e::70e]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 052A8128BAC; Thu, 20 Sep 2018 15:27:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dGremADLvYp8AMa0s7OnNKdLLfyRHuaogmcpiS14L7Y=; b=KhuKUuc+Zpp/9J18cLCqc9Ru6oPxxNwFYLYH7mx1G+JqP6hJIVmrZ4MUP5lzMuaB9FCN2/X76HNQb7qywAI+DsUer9wlHHGMKLAa9cOic3A/kN2hjekByH1qNIELB/hwp0oOu/KZ8JRz5QNVChS5gOPkIZm9RJkd5jLekqsxrUc=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Thu, 20 Sep 2018 22:27:21 +0000
Received: from ([fe80::f98c:de95:f78:6396]) by ([fe80::f98c:de95:f78:6396%5]) with mapi id 15.20.1143.017; Thu, 20 Sep 2018 22:27:20 +0000
From: "Diego R. Lopez" <>
To: Laurence Lundblade <>, Henk Birkholz <>
CC: "" <>, "" <>
Thread-Topic: [EAT] Scope, Goals & Background for RATS
Thread-Index: AQHUTylonUGZQhG/1kaWvO+5vdwhGaT5n+wAgABFcwA=
Date: Thu, 20 Sep 2018 22:27:20 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB3PR0602MB3755; 6:+lHxuV+yuPWL0IOQW1U/leekBJ72hmnqowjmNCDqpym8v1cJZQW11VmqJmqpu/CZwcwzoaUyA8otbYULjHlefhitG7J2OOH+wZFb1MwbgpLj3ZoNyAoVNqSoVt2bUiiN5ot99m46quXuJb8cI0RkG8JpqttG/HKA0rubXnvFnZmIB4S0dy3zbeK0Q5YpYB1lu0KL/8WlCgtNwoHvMtAJg+0aq7DeLcd209VeivKdzsC1Ju6Nck49JpEjWgjUFvsntjh0618O6OXghhDIK0PbjKA29ULPP9iimtfLGnXSPcCkWs8aNwGFF9+D+Sipsdos0bzHKJd/IAJmqVW1nSQ37c5auHsLAiAkRCGcrOfNiP1LZZTMrw1xQLPUdgAy1Y4CFW1uCXY7LiCJJDPhNwB6ciBEHgbd0PevilfCg4g1xWoaTNGt2QnhDFA44ZCRq/e/SUzRsiNqPT3Bj1QF0PUa6w==; 5:5Ur3yHJQqkyrvA1ZbCpZ/wwAi/AYKiERNSoPEdgW+hTiEP7XneoS6Bzgnt8Jj3IOnloCRD/SHDPTiZS4vwvQNt0+oiEVoNStQFMyJcTDDzaDNmUmFZEj8+ni6mIpNtJLSpggjXNidyRKlLuSKJaNhNSUUggCj4kwZ64FBlrvoVM=; 7:qvZvk5mDPMCLUUx3F4K24sUAAfBH+whZGavD9SFPVFVOB5eBtf0xboKbOzTZ4qC9gJJE4TRVyrocsypnfCk3R8CKFvOuVwXTMmcVlKK6yjG1VL+e+TeiajDjyPCB+Y3r8x67VU4nmzbm1FEvxONqqw4bptfKFDBDiEKRnEBRSt/hProTEpMowAZZbZ5eul3gwY6NtV1SwgAyTV2Zf5x7D866vaf5/layu/p2CTx4M91Ju/g8vRk4stliKeSYd8zz
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 3fa320c2-5766-4cc9-8436-08d61f483b1d
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DB3PR0602MB3755;
x-ms-traffictypediagnostic: DB3PR0602MB3755:
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:(28532068793085)(40392960112811)(158342451672863)(166708455590820)(209352067349851)(192374486261705)(190501279198761)(128460861657000)(227612066756510)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231355)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123558120)(201703131423095)(201702281529075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(201708071742011)(7699051); SRVR:DB3PR0602MB3755; BCL:0; PCL:0; RULEID:; SRVR:DB3PR0602MB3755;
x-forefront-prvs: 0801F2E62B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(396003)(136003)(366004)(376002)(346002)(40134004)(189003)(199004)(53754006)(25724002)(252514010)(76176011)(11346002)(478600001)(446003)(2616005)(5660300001)(256004)(236005)(6512007)(105586002)(2900100001)(81166006)(6246003)(54896002)(14444005)(476003)(2906002)(6306002)(97736004)(53936002)(486006)(81156014)(86362001)(71190400001)(71200400001)(14454004)(6506007)(99286004)(110136005)(54906003)(316002)(786003)(58126008)(6116002)(7736002)(25786009)(82746002)(6436002)(66066001)(966005)(4326008)(8936002)(186003)(6486002)(102836004)(83716003)(606006)(45080400002)(33656002)(53546011)(561944003)(106356001)(3846002)(8676002)(26005)(229853002)(5250100002)(68736007)(36756003)(551934003); DIR:OUT; SFP:1102; SCL:1; SRVR:DB3PR0602MB3755;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-microsoft-antispam-message-info: exQ2EKtJ6dRfLU2GRzddbDth1P7J1x7mLUpHXgpvDAYKHl0gUqDGTlUMVo29YcTv4uE2QEJxP2I/cOx9QxYyIYZgQ12TbhW3fXX0Wnr89+yEOdvzzUoQkXjiz1+b4+99f/VXeuQbkLhjUwZz6XJEKvQDPj29ITzCLJGTnIHbr44yqRWSs2kEEF0zI+QVQycuUhQhE3grZj53nQzMu7Q1Xkvqvw8VQDBBYoELif7KM7r7ehBQ4Z0OCRRk+uiCCWJcN5m44EDybMWNmjDcH4Xi+qHzCGC+orCf8M8BS/SlCVu28sJdZyXzoXrpua3i5qxTbsFiEc65ZEOBrF/sS5sYbSd5tIrDUvPqdA0s6fwuVM8=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_53CD22A1DFD248DA86682744CCDB6BD5telefonicacom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3fa320c2-5766-4cc9-8436-08d61f483b1d
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Sep 2018 22:27:20.8759 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0602MB3755
Archived-At: <>
Subject: Re: [EAT] Scope, Goals & Background for RATS
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 20 Sep 2018 22:27:31 -0000


I agree with you in the fact that the proposal is intended to address the proposed EAT work, and I think we agree in that this is a good way to go. Regarding the name, and given my dislike for cats, I’d propose to use CRAT, as in aristo-crat or demo-crat… (coming from the Greek god of strength and power)

And I tend to agree in your two final comments on public key, and the fact that circumscribing attestation to devices (of any nature, physical or virtual) need to be clearly stated.

Be goode,

"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D

Tel:         +34 913 129 041
Mobile:  +34 682 051 091

On 20/09/2018, 16:18, "EAT on behalf of Laurence Lundblade" <<> on behalf of<>> wrote:

It’s a bit buried, but I see you do intend that this include the EAT work. Thus the work would not be TPM/TCG centric. It would include use cases like FIDO and Android Keystore attestation that are often based on TrustZone. It could also include EPID-related use cases. Please confirm.

My preference would be to choose another name for the group that is neither EAT or RATS to help make this clear. I don’t really think there is a “procedure” with EAT. To be honest, I don’t really like “RATS” as a name. My suggestions are “RA” for Remote Attestation or “CAT” for Common Attestation Technology (and besides cats caused us to invent the Internet so we share pictures of them (securely)).

I propose a more high-level intro with examples:

The purpose of RA/CAT is to allow a Relying Party (e.g. a web service, network management center...) to securely receive Claims from an Entity requesting service (e.g. a phone, router, IoT device...) that allow the Relying Party to determine if and how that entity is trusted.  For example:
o    An IoT management back-end receives a signed nonce that proves the IoT device is the genuine article manufactured by the expected OEM and is not a Linux box or such emulating such a device.
o    A network management center receives a set of measurement claims from a router to know that the configuration has not been tampered with.
o    An online banking service receives many claims about the device including location, SW versions and measurements and determines that it will allow a higher-than-usual value transaction.
o    A government online document server receives claims indicating manufacture and location of the device, determines they are from the correct country and grants access to classified documents.
There are protocols for determining and securing the identity of a server or service (TLS and IPsec). There are many protocols for authenticating end users (SASL, TLS client auth, EAP…). There are no general protocols for managing the characteristics, security and identity of an end client device (an Entity). RA/CAT aims to address that gap.

There is no goal here to set criteria for what is trustworthy or not as that is an impossible task as it will vary widely from use case to use case. The goal here is to securely provide information (Claims) to the Relying Party so it can make that determination based on its own criteria and needs.

I don’t think the intro should mention public key crypto. I know of attestation solutions that do not use it.

I tend to prefer “attestation” when the goal is whether and how a device is to be trusted and “authentication” when the goal is how a human is to be identified. FIDO, OAuth, SASL are all about users and use the word authentication.


On Sep 18, 2018, at 1:26 AM, Henk Birkholz <<>> wrote:

Hi all,

we pushed an initial document to the RATS github in order to focus the discussion about remote attestation procedures a bit.<>

We included a background section to better highlight the meaning of the term "attestation" in general. Hence, there is a trade-off between clarity and conciseness, which is one of the things we would like to get feedback about.

Naturally, we are also very interested in feedback about the illustrated difference between explicit attestation and implicit attestation.

Viele Grüße,


EAT mailing list<>


Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição