Re: [Rats] Call for feedback and interest

Carl Wallace <> Mon, 08 August 2022 15:59 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EF909C157B52 for <>; Mon, 8 Aug 2022 08:59:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6c3j8EW7S0r3 for <>; Mon, 8 Aug 2022 08:59:05 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::f34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id ACCE9C157B4D for <>; Mon, 8 Aug 2022 08:59:05 -0700 (PDT)
Received: by with SMTP id l8so1963321qvr.5 for <>; Mon, 08 Aug 2022 08:59:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=content-transfer-encoding:mime-version:in-reply-to:references :thread-topic:message-id:to:from:subject:date:user-agent:from:to:cc; bh=M/TGizcXBYlEPLeqXjPwm9nVW7u08jVhkuCWZffSzNY=; b=NOSFKHEIlhggi6nh1d217kNtPETkiVo//l+AwpmHI4+keGx1G4xn/vRa6jIlz+gBHT +VcTDc31amT5SS1CTj6Lddiksw0ePv5Y0lGwz7e2YdG2vXYda5DW+fqSlq8VP3XUepe0 cNcTEQQzaKuGy48yNSNqvF9LUYrzxIb4QlYes=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20210112; h=content-transfer-encoding:mime-version:in-reply-to:references :thread-topic:message-id:to:from:subject:date:user-agent :x-gm-message-state:from:to:cc; bh=M/TGizcXBYlEPLeqXjPwm9nVW7u08jVhkuCWZffSzNY=; b=KyqP1+FN3jRIczXVJI/UZ4Q7+EA1lzm1UMC8SqEoZbcEPE0w3iOpVREyjsUW1bbSEp 6rt0FjD4Dx6v6QX0+Bkflhpr2FHSy5VapwrtzPprmbSGp2Mxgur1S144fT5+c8UNraAQ nzEbW9m9HbV6Qctz8nLkq4lcePJeqWi1PWD5NyLR3SXlEnYmazKpHhgAfEtL5QOhzDOZ /kRlMqADR2zKz6ZIZ9pKOek/ca7zmYMWg7jX/cxTP45HOM9iCNNtabV2cM7ETuIVYEEQ S75eo5JFf/aLavNebU6wajx2oCc9k2TbMq0j2XtGgV07dQmJ40DdYrus6XTYrY9Qkibx PNmA==
X-Gm-Message-State: ACgBeo2QWpnSKLXN0kQh1wfvB46WCdfehrYS75BAdJuKyjpqi0RPkjE2 wxD9ea3DAw8jnDVhZ5ddE0/c3eYYHuGxvA==
X-Google-Smtp-Source: AA6agR61GvAD1lkYOt2yaT8CJP+mAkn0/Ko0m8L68WbtzYtxNAnqiv1X/cJnjWZo/hvL4P8z8Iic4g==
X-Received: by 2002:a0c:8084:0:b0:472:f26b:59f7 with SMTP id 4-20020a0c8084000000b00472f26b59f7mr16582856qvb.62.1659974344691; Mon, 08 Aug 2022 08:59:04 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id m19-20020a05620a291300b006b63679a433sm9841150qkp.133.2022. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 08 Aug 2022 08:59:04 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.63.22070801
Date: Mon, 08 Aug 2022 11:59:03 -0400
From: Carl Wallace <>
To: Michael Richardson <>, "" <>
Message-ID: <>
Thread-Topic: [Rats] Call for feedback and interest
References: <> <> <30050.1659973777@localhost>
In-Reply-To: <30050.1659973777@localhost>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <>
Subject: Re: [Rats] Call for feedback and interest
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Aug 2022 15:59:10 -0000

I am puzzled by the perceived poor fit with RATS. To some extent, the spec just refactors the attest key triple from CoRIM. Depending on how the environment and constraints get defined, the end result may cut across a number of groups. However, this is not an uncommon occurrence. RATS consumes stuff from several other working groups, and so too could other groups consume this.

On 8/8/22, 11:49 AM, "RATS on behalf of Michael Richardson" < on behalf of> wrote:

    I agree that it's valuable, and I agree that it's ready to be adopted.

    Dave Thaler <> wrote:
        > Yes this is of interest to the IETF (indeed I would want to use it in
        > TEEP and in SUIT, in ways unrelated to remote attestation).

    Sure, I think that it fits poorly into all of SUIT, TEEP and RATS.

        > There was discussion at the IETF 114 RATs session on defining a CoRIM
        > Extension to facilitate the conveyance of constrained trust anchor (TA)
        > stores.  The details are in

    Because of the "constrained" and CBOR basis of this, it does not really fit
    into LAMPS either.   One could punt to COSE maybe.

    Michael Richardson <>   . o O ( IPv6 IøT consulting )
               Sandelman Software Works Inc, Ottawa and Worldwide

    RATS mailing list