IETF Logo Mail Archive

Re: [Rats] draft-thaler-rats-architecture (was Re: Use case -> architecture document)

Dave Thaler <dthaler@microsoft.com> Wed, 16 October 2019 15:39 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB3851207FD for <rats@ietfa.amsl.com>; Wed, 16 Oct 2019 08:39:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5CVGsu-Rj2d9 for <rats@ietfa.amsl.com>; Wed, 16 Oct 2019 08:39:40 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-eopbgr740104.outbound.protection.outlook.com [40.107.74.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FA23120164 for <rats@ietf.org>; Wed, 16 Oct 2019 08:39:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P6mdozTTejLXNIoyWKvMz/EPOpeV7PAXXZiZswOBjLSMJy6cAT9gY1HYLmt06uMgP9hOLoQh8cFkWSYgH/PKfIxK+2g0JjVVwNc0Iaoj7Zq2K/knMLJG0Cy/XQ4ld7uLtLEQ8Fz6GQdZhag8fSN4EKy/UhggsRUfax2Br1jFRxWiR/6rBWHYhcipMehMxsZikID98kCNxKAk7+YiGBx970aUojI4RiemWe08F1TYtVJvF8uNQuTxdTm1iVPTSeMhjRnuSKw4HifHVamo6X6G/cpntK2WgXT2asx5Y0QUWo37sWyktno1YY/ICknYS8MErCwOUAaTrui5dmqMnVENIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nh17OEDyo/XXcuJHyQHJoSrrXC6srj3YkYl709DhRcE=; b=cMB25a4eAqN/GvTv03/m9/vqzsAO2ttDnkbP2gIf7OVMkbQCIxccm5k3FGizFXN7DpshRurwpNHUsVxpizcOESpAK49VOS/HYcrew3oBSSNHrcTrnIpxzVgqSdUHBZ41HJ8lH4/MLC5S4fPUuTW+29QSztuTlCm2P3OzE/AumHRIdI/VH85ZMMjssEElmLvgRRJt69fO0JLIIzDoXHRANWBMcJ9KBYq7ewLW3qaKiTK0RYKtGEV6OMZQNt1j92HLCugmqJ84LeUHr9vaqlGMk4W7VnmB05120ATYprCtnPvLcyZd56VkUD1YpAJopb3MYvxeHmBhAYYcQVzy5Iddjg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nh17OEDyo/XXcuJHyQHJoSrrXC6srj3YkYl709DhRcE=; b=QbEmaOS1hRTAQznZY4NPF83Q72sHs8yxqNIsxDWWP7GYlFrfxGwgkBvdFttY3VkAjUc/GpEMN3/ciIp5BcdqI+GRQEZ9XrE35EMS43kBdCM6biPW83pnF69TeHRfAfx35oeFSWldLa2Mv7+HcKlZLe2Loj8UbyCyA8YHhfhMrBM=
Received: from MWHPR21MB0784.namprd21.prod.outlook.com (10.173.51.150) by MWHPR21MB0192.namprd21.prod.outlook.com (10.173.52.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2367.2; Wed, 16 Oct 2019 15:39:37 +0000
Received: from MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::5d43:ff3f:d4e9:c39c]) by MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::5d43:ff3f:d4e9:c39c%11]) with mapi id 15.20.2367.014; Wed, 16 Oct 2019 15:39:36 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] draft-thaler-rats-architecture (was Re: Use case -> architecture document)
Thread-Index: AQHVhBnLlC9gQmoZfkiS7wrE5VS2OqddZIjA
Date: Wed, 16 Oct 2019 15:39:36 +0000
Message-ID: <MWHPR21MB0784A9614FD5C3D3D326E320A3920@MWHPR21MB0784.namprd21.prod.outlook.com>
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <CAHbuEH7WkqeyUW3sL5bdw5N25B6O7ZEF0Qkx03fE5c42Sd4M5w@mail.gmail.com> <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de> <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de> <CAHbuEH6u-6GsJjK8s0eFQPLeSuGjPMgonhyQkmaeA6Q+rp42kA@mail.gmail.com> <9379d880-2b7e-6657-c547-b37bb7a9e466@sit.fraunhofer.de> <CAHbuEH7XfWgPT+=T-Za9Cw-5GRQj0_+WT3L+Kd4aPp6VvU9jAQ@mail.gmail.com> <MWHPR21MB078499E5D4A2A5E697924EC7A3900@MWHPR21MB0784.namprd21.prod.outlook.com> <18312.1571227464@dooku.sandelman.ca>
In-Reply-To: <18312.1571227464@dooku.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=dthaler@ntdev.microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-16T15:39:35.9361979Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=b15b60e4-b340-404d-8a6b-0fe14abb0daf; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com;
x-originating-ip: [73.59.106.235]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b83f3638-1715-49da-7e05-08d7524f0cf5
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: MWHPR21MB0192:
x-microsoft-antispam-prvs: <MWHPR21MB01926C73129A132542F8CCDFA3920@MWHPR21MB0192.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0192E812EC
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(39860400002)(376002)(396003)(136003)(346002)(189003)(199004)(51444003)(25786009)(81156014)(8936002)(8990500004)(10090500001)(305945005)(7736002)(74316002)(81166006)(476003)(446003)(66066001)(229853002)(486006)(4326008)(2906002)(256004)(52536014)(14444005)(6116002)(11346002)(3846002)(86362001)(9686003)(66446008)(66476007)(66556008)(478600001)(76116006)(71200400001)(14454004)(6506007)(186003)(76176011)(64756008)(71190400001)(26005)(33656002)(55016002)(6436002)(10290500003)(5660300002)(22452003)(7696005)(102836004)(99286004)(66946007)(6246003)(316002)(8676002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0192; H:MWHPR21MB0784.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: fLgn9CxvHHtOFLZBvH+ZQa4Nl/rxH2YRvhJzSIjoJ+sXGzNnb2OeTcGdAsYIHJlUnemh5o2IDsGf1HQOF2Bm1TOW9B16iu1zJgfWBE3PbWdFc03eONubaSWSsHcjAx+/0taFgdTOzVSkBAU0pvhyxgxH43SyC3ZFY6qRLcb1UxEnkpw0tn1AECX5CCZZRyqdVPfqIbaGuKgj99qkiGob5eTVwqM2edWOOxYnIw9YiIWX1WaASVoMP+1ymezoUuN4CwbL98cMSG4wEAZOzUvPY2qpxncGo01b6Wi8AAYrbMNyB2PS2dNjrZLhnimcGsFvvSB3mjfQISP4TrNMG1nFyskV5tc5n8jBbeevhut44bHB7QwdLT2m18uvXnbpYZ/faTcO9M+bxglKtBiCt9vwSPW19oV/QQWlOPUdP3cEfT4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b83f3638-1715-49da-7e05-08d7524f0cf5
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Oct 2019 15:39:36.7454 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: v/S/v2VFDOPSvyfQ6hsIdfeoNgRDwUYLTAK+xVARwZ3jlEqXs5waLHw8EIKr58aBUXxiCPyuPmcLwbdA8fLzIh9abu7SxbMdV8LBoAnMqxs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0192
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/1wYBeGv0DHjzDPa70SQg8SlzKAM>
Subject: Re: [Rats] draft-thaler-rats-architecture (was Re: Use case -> architecture document)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 15:39:43 -0000

> I think that the existence of the 2+ architectual models should be introduced earlier,
> and that it is worth including an explanation in each use case as to how they make
> use of the passport/background-check model.

I intentionally did not, since every use case I listed could use either model, which was why I
put the models after the use cases.  Were the order to be reversed, I would need to
replace every use case with multiple "use cases", one per model.   That's why the intro
above the use cases says they're solution independent.  The choice of model is made
by a solution to a scenario, not the scenario.   Maybe it's a terminology point and
I should call them scenarios?   That is, if you think that a "use case" is a specific solution
to a scenario, rather than the scenario that needs to be solved with some solution
which is how I was using the term.

> I still find the terms Attester and Verifier confusing.

I have no strong opinion on that matter, and will go along with whatever the WG consensus is,
but was trying to use Henk's terms where I think a concept is essential to understand.

> I think that when the Verifier signs/creates the Attestation Results, that this is an
> act of Attestation, and this the Verifier is the Attester.

I think it comes from the phrase "A attests to B" (meaning "A supplies claims to B so that
B can evaluate A's trustworthiness"), which is how I've often heard people
talk about attestation.   In that phrasing A is the Attester.

In your phrasing, people would say "B attests A", but I've never heard anyone say that.

> draft-birkholz-rats-architecture uses this term Computing Environment, which I don't
> think works well, but I don't have a better suggestion.

That was an area I just hadn't gotten to in my draft attempt, so I don't have a better
suggestion yet either, but I do think such a discussion is useful to help motivate the
discussion around different ways to model sets of claims (nesting, chaining, etc.)

Dave

v2.23.0 | Report a Bug | By Email