Re: [EAT] Preliminary RATS BoF Agenda

"Eric Voit (evoit)" <> Sun, 21 October 2018 17:32 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 64DCE12D4ED; Sun, 21 Oct 2018 10:32:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.563
X-Spam-Status: No, score=-14.563 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.064, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CKf1IHnirpvn; Sun, 21 Oct 2018 10:32:34 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 52CDC1277C8; Sun, 21 Oct 2018 10:32:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=10976; q=dns/txt; s=iport; t=1540143154; x=1541352754; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=tpjy8dlyDNtnWIDulqqytUtyKHFmrNrC0MzYBro5hLA=; b=muQDqE2MOmD/2uN7nO0gxeg7WnHILx9bONJGP9+tDT2KeFKRou6ZVndl 4M4fuP9/+LY7GfpYCq9PXZPXzqgR7++CX5IZ5uAT2WFJjnJPgMe4H8bZu iPTm1eUUSiTdZ9FSUzBqok5okJHWM4rcBq9lMW51ndD22FhN502vDo/cp 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.54,408,1534809600"; d="scan'208,217";a="188732482"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Oct 2018 17:32:33 +0000
Received: from ( []) by (8.15.2/8.15.2) with ESMTPS id w9LHWWuL010435 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sun, 21 Oct 2018 17:32:33 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1395.4; Sun, 21 Oct 2018 13:32:32 -0400
Received: from ([]) by ([]) with mapi id 15.00.1395.000; Sun, 21 Oct 2018 13:32:32 -0400
From: "Eric Voit (evoit)" <>
To: Laurence Lundblade <>
CC: Hannes Tschofenig <>, Henk Birkholz <>, "" <>, "" <>
Thread-Topic: [EAT] Preliminary RATS BoF Agenda
Thread-Index: AQHUaGGNvCYySbrjaE+BAKDogaa266UoT+VggAFc2DCAAFs+AP//7Yhg
Date: Sun, 21 Oct 2018 17:32:32 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_28e484a41ae14f5882bea36031d691bdXCHRTP013ciscocom_"
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [EAT] Preliminary RATS BoF Agenda
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 21 Oct 2018 17:32:37 -0000

From: Laurence Lundblade, October 21, 2018 10:32 AM

On Oct 21, 2018, at 6:49 PM, Eric Voit (evoit) <<>> wrote:

To me the answer is yes.  For over a year Cisco has offered a controller based Integrity Verification application.  This application does remote attestation for routers.  See:

Eric, thanks for sharing that. I read it carefully and that helps me understand quite a lot in a more concrete way. Even looked at the KGV tar ball. In a lot of ways this isn’t too different some EAT uses on mobile phones where the idea is to use TrustZone, virtualization and other HW architectures to measure Android.

I’m guessing a lot of this is implemented with TPMs and TCG ideas.  Is that right? If you can share implementation HW specifics, then I won’t have to guess and have a lower probability of saying dumb things, but understand if that is highly proprietary.


Hi Lawrence,

Cisco has a variety of off-the-shelf and custom hardware implementations of the TCG ideas across dozens of its products.  I believe this effort has the potential to normalize much of the software between these variations of hardware and the application layer.