Re: [Rats] draft-thaler-rats-architecture (was Re: Use case -> architecture document)
Dave Thaler <dthaler@microsoft.com> Wed, 16 October 2019 15:39 UTC
Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB3851207FD for <rats@ietfa.amsl.com>; Wed, 16 Oct 2019 08:39:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5CVGsu-Rj2d9 for <rats@ietfa.amsl.com>; Wed, 16 Oct 2019 08:39:40 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-eopbgr740104.outbound.protection.outlook.com [40.107.74.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FA23120164 for <rats@ietf.org>; Wed, 16 Oct 2019 08:39:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P6mdozTTejLXNIoyWKvMz/EPOpeV7PAXXZiZswOBjLSMJy6cAT9gY1HYLmt06uMgP9hOLoQh8cFkWSYgH/PKfIxK+2g0JjVVwNc0Iaoj7Zq2K/knMLJG0Cy/XQ4ld7uLtLEQ8Fz6GQdZhag8fSN4EKy/UhggsRUfax2Br1jFRxWiR/6rBWHYhcipMehMxsZikID98kCNxKAk7+YiGBx970aUojI4RiemWe08F1TYtVJvF8uNQuTxdTm1iVPTSeMhjRnuSKw4HifHVamo6X6G/cpntK2WgXT2asx5Y0QUWo37sWyktno1YY/ICknYS8MErCwOUAaTrui5dmqMnVENIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nh17OEDyo/XXcuJHyQHJoSrrXC6srj3YkYl709DhRcE=; b=cMB25a4eAqN/GvTv03/m9/vqzsAO2ttDnkbP2gIf7OVMkbQCIxccm5k3FGizFXN7DpshRurwpNHUsVxpizcOESpAK49VOS/HYcrew3oBSSNHrcTrnIpxzVgqSdUHBZ41HJ8lH4/MLC5S4fPUuTW+29QSztuTlCm2P3OzE/AumHRIdI/VH85ZMMjssEElmLvgRRJt69fO0JLIIzDoXHRANWBMcJ9KBYq7ewLW3qaKiTK0RYKtGEV6OMZQNt1j92HLCugmqJ84LeUHr9vaqlGMk4W7VnmB05120ATYprCtnPvLcyZd56VkUD1YpAJopb3MYvxeHmBhAYYcQVzy5Iddjg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nh17OEDyo/XXcuJHyQHJoSrrXC6srj3YkYl709DhRcE=; b=QbEmaOS1hRTAQznZY4NPF83Q72sHs8yxqNIsxDWWP7GYlFrfxGwgkBvdFttY3VkAjUc/GpEMN3/ciIp5BcdqI+GRQEZ9XrE35EMS43kBdCM6biPW83pnF69TeHRfAfx35oeFSWldLa2Mv7+HcKlZLe2Loj8UbyCyA8YHhfhMrBM=
Received: from MWHPR21MB0784.namprd21.prod.outlook.com (10.173.51.150) by MWHPR21MB0192.namprd21.prod.outlook.com (10.173.52.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2367.2; Wed, 16 Oct 2019 15:39:37 +0000
Received: from MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::5d43:ff3f:d4e9:c39c]) by MWHPR21MB0784.namprd21.prod.outlook.com ([fe80::5d43:ff3f:d4e9:c39c%11]) with mapi id 15.20.2367.014; Wed, 16 Oct 2019 15:39:36 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] draft-thaler-rats-architecture (was Re: Use case -> architecture document)
Thread-Index: AQHVhBnLlC9gQmoZfkiS7wrE5VS2OqddZIjA
Date: Wed, 16 Oct 2019 15:39:36 +0000
Message-ID: <MWHPR21MB0784A9614FD5C3D3D326E320A3920@MWHPR21MB0784.namprd21.prod.outlook.com>
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <CAHbuEH7WkqeyUW3sL5bdw5N25B6O7ZEF0Qkx03fE5c42Sd4M5w@mail.gmail.com> <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de> <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de> <CAHbuEH6u-6GsJjK8s0eFQPLeSuGjPMgonhyQkmaeA6Q+rp42kA@mail.gmail.com> <9379d880-2b7e-6657-c547-b37bb7a9e466@sit.fraunhofer.de> <CAHbuEH7XfWgPT+=T-Za9Cw-5GRQj0_+WT3L+Kd4aPp6VvU9jAQ@mail.gmail.com> <MWHPR21MB078499E5D4A2A5E697924EC7A3900@MWHPR21MB0784.namprd21.prod.outlook.com> <18312.1571227464@dooku.sandelman.ca>
In-Reply-To: <18312.1571227464@dooku.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=dthaler@ntdev.microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-16T15:39:35.9361979Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=b15b60e4-b340-404d-8a6b-0fe14abb0daf; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com;
x-originating-ip: [73.59.106.235]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b83f3638-1715-49da-7e05-08d7524f0cf5
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: MWHPR21MB0192:
x-microsoft-antispam-prvs: <MWHPR21MB01926C73129A132542F8CCDFA3920@MWHPR21MB0192.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0192E812EC
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(39860400002)(376002)(396003)(136003)(346002)(189003)(199004)(51444003)(25786009)(81156014)(8936002)(8990500004)(10090500001)(305945005)(7736002)(74316002)(81166006)(476003)(446003)(66066001)(229853002)(486006)(4326008)(2906002)(256004)(52536014)(14444005)(6116002)(11346002)(3846002)(86362001)(9686003)(66446008)(66476007)(66556008)(478600001)(76116006)(71200400001)(14454004)(6506007)(186003)(76176011)(64756008)(71190400001)(26005)(33656002)(55016002)(6436002)(10290500003)(5660300002)(22452003)(7696005)(102836004)(99286004)(66946007)(6246003)(316002)(8676002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0192; H:MWHPR21MB0784.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: fLgn9CxvHHtOFLZBvH+ZQa4Nl/rxH2YRvhJzSIjoJ+sXGzNnb2OeTcGdAsYIHJlUnemh5o2IDsGf1HQOF2Bm1TOW9B16iu1zJgfWBE3PbWdFc03eONubaSWSsHcjAx+/0taFgdTOzVSkBAU0pvhyxgxH43SyC3ZFY6qRLcb1UxEnkpw0tn1AECX5CCZZRyqdVPfqIbaGuKgj99qkiGob5eTVwqM2edWOOxYnIw9YiIWX1WaASVoMP+1ymezoUuN4CwbL98cMSG4wEAZOzUvPY2qpxncGo01b6Wi8AAYrbMNyB2PS2dNjrZLhnimcGsFvvSB3mjfQISP4TrNMG1nFyskV5tc5n8jBbeevhut44bHB7QwdLT2m18uvXnbpYZ/faTcO9M+bxglKtBiCt9vwSPW19oV/QQWlOPUdP3cEfT4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b83f3638-1715-49da-7e05-08d7524f0cf5
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Oct 2019 15:39:36.7454 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: v/S/v2VFDOPSvyfQ6hsIdfeoNgRDwUYLTAK+xVARwZ3jlEqXs5waLHw8EIKr58aBUXxiCPyuPmcLwbdA8fLzIh9abu7SxbMdV8LBoAnMqxs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0192
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/1wYBeGv0DHjzDPa70SQg8SlzKAM>
Subject: Re: [Rats] draft-thaler-rats-architecture (was Re: Use case -> architecture document)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 15:39:43 -0000
> I think that the existence of the 2+ architectual models should be introduced earlier, > and that it is worth including an explanation in each use case as to how they make > use of the passport/background-check model. I intentionally did not, since every use case I listed could use either model, which was why I put the models after the use cases. Were the order to be reversed, I would need to replace every use case with multiple "use cases", one per model. That's why the intro above the use cases says they're solution independent. The choice of model is made by a solution to a scenario, not the scenario. Maybe it's a terminology point and I should call them scenarios? That is, if you think that a "use case" is a specific solution to a scenario, rather than the scenario that needs to be solved with some solution which is how I was using the term. > I still find the terms Attester and Verifier confusing. I have no strong opinion on that matter, and will go along with whatever the WG consensus is, but was trying to use Henk's terms where I think a concept is essential to understand. > I think that when the Verifier signs/creates the Attestation Results, that this is an > act of Attestation, and this the Verifier is the Attester. I think it comes from the phrase "A attests to B" (meaning "A supplies claims to B so that B can evaluate A's trustworthiness"), which is how I've often heard people talk about attestation. In that phrasing A is the Attester. In your phrasing, people would say "B attests A", but I've never heard anyone say that. > draft-birkholz-rats-architecture uses this term Computing Environment, which I don't > think works well, but I don't have a better suggestion. That was an area I just hadn't gotten to in my draft attempt, so I don't have a better suggestion yet either, but I do think such a discussion is useful to help motivate the discussion around different ways to model sets of claims (nesting, chaining, etc.) Dave
- [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Dave Thaler
- [Rats] 答复: Use case -> architecture document Xialiang (Frank, Network Standard & Patent Dept)
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Diego R. Lopez
- Re: [Rats] Use case -> architecture document Eric Voit (evoit)
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Ira McDonald
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Guy Fedorkow
- Re: [Rats] Use case -> architecture document Diego R. Lopez
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Carsten Bormann
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Laurence Lundblade
- Re: [Rats] Use case -> architecture document Dave Thaler
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Thomas Hardjono
- Re: [Rats] Use case -> architecture document Ira McDonald
- [Rats] Question about WG Procedure -- Re: 答复: Use… Thomas Hardjono
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Roman Danyliw
- Re: [Rats] Use case -> architecture document Laurence Lundblade
- [Rats] draft-thaler-rats-architecture (was Re: Us… Michael Richardson
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] draft-thaler-rats-architecture (was Re… Schönwälder
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] draft-thaler-rats-architecture (was Re… Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Smith, Ned
- Re: [Rats] draft-thaler-rats-architecture (was Re… Dave Thaler
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Laurence Lundblade
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Nancy Cam-Winget (ncamwing)
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Nancy Cam-Winget (ncamwing)
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Kathleen Moriarty
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Henk Birkholz
- Re: [Rats] Use case -> architecture document Dave Thaler
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Guy Fedorkow
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Dave Thaler
- Re: [Rats] Use case -> architecture document Schönwälder