IETF Logo Mail Archive

Re: [Rats] Entity vs. role

Thomas Fossati <tho.ietf@gmail.com> Tue, 22 March 2022 15:15 UTC

Return-Path: <tho.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE4CD3A0AA7 for <rats@ietfa.amsl.com>; Tue, 22 Mar 2022 08:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HA4PRHqZ5tMa for <rats@ietfa.amsl.com>; Tue, 22 Mar 2022 08:15:10 -0700 (PDT)
Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67DCC3A1589 for <rats@ietf.org>; Tue, 22 Mar 2022 08:14:59 -0700 (PDT)
Received: by mail-lf1-x135.google.com with SMTP id d5so11163969lfj.9 for <rats@ietf.org>; Tue, 22 Mar 2022 08:14:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=e/m+QuuoPafA/OxarcGrCwkriADDpSqwCNkOZsrAWwM=; b=Ny3p/UrRFtbXe3+0eTD6xUhMhvftyMl6qIrZqv/dXXWWV6IB2CjVJBMKh3Hbrem+z5 VpXnQaD+tQVkMGvbuhHDMky0TfuFcYMUSQPIsI0CtQCZiIJz9eUvRIc6pxlkYo/bbftJ s1uw60HGmw3a+HpC7GozVn72b8wEPUOFka3vF6sg5jsnehQjZA+9fBZ8UcscZxTPPHiQ fjO3BGKuqwJtDNB8uw5vuF0KUcza4nIOJNddLTkNfZV6n74xcJMT68qy/RYaZ55pitGv dhQjoz6ERW+UK1OfQAANBQSvU72XY+XuMrJNCKeExe++EzOxsTOZCxs1+AobzZJ4sxpX gFhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=e/m+QuuoPafA/OxarcGrCwkriADDpSqwCNkOZsrAWwM=; b=qNjSLTAWZ2i2MziIPdPokn/UDKNP1AF6S4JltaERAFxgoV14rdBq+NWYkQ1/Rt93R3 lQNo6fCmeY+ZvajtrvdDLCLgjnSzChmMZAWtrMk10hANbich2r62D3b/efH3tAhD2zM+ wmWJdIPhAu+A6OprG3DDlIVWXMUMRZoYBpqNexvfrWJYHQc6o6h73T/x+oz1ErEzDyZG JrvoY/IgFIJWz9cVnfK8ijpxUpMS4t5DspxwXdOoN5ASp5IlMf0WzxZ+jcbaPzeZsfri 7hD7Rtym8dggvdQWIWi/yddD4QQGm4529CjQzdT0aqeuietITzH1EB7jKjidKyz3Iu3N Xjrg==
X-Gm-Message-State: AOAM531MZBHxJBktiyglN1ISlry1qtRde74M6MNV8vS7ocjMquhyssGv 1kmCI00y49aG/FCxUnTKyffwXbViZeqFfLvHBcJdlPbP0aSz/A==
X-Google-Smtp-Source: ABdhPJyKJ/HkiToVZfKtDnqTJ8l6IMRtcGrdeHeaKHfrXhf0BmQxG0mRGR8jOsd7JGJ+AEBFIXVAZs4/TsTWfADymDI=
X-Received: by 2002:a05:6512:98c:b0:448:b7b8:1024 with SMTP id w12-20020a056512098c00b00448b7b81024mr18137706lft.105.1647962097052; Tue, 22 Mar 2022 08:14:57 -0700 (PDT)
MIME-Version: 1.0
References: <3407CFB9-B713-4E13-BDA3-08EC7B5A905E@intel.com>
In-Reply-To: <3407CFB9-B713-4E13-BDA3-08EC7B5A905E@intel.com>
From: Thomas Fossati <tho.ietf@gmail.com>
Date: Tue, 22 Mar 2022 15:14:46 +0000
Message-ID: <CAObGJnOxU0vfxzzZ9tv1J64KHDigxLcEMrgx0gDy97bE7NQJcA@mail.gmail.com>
To: "Smith, Ned" <ned.smith@intel.com>
Cc: "rats@ietf.org" <rats@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/3hlUs4fPNSYK-a9DD-ohNGt-GBE>
Subject: Re: [Rats] Entity vs. role
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2022 15:15:22 -0000

hi Ned

On Tue, Mar 22, 2022 at 1:13 PM Smith, Ned <ned.smith@intel.com> wrote:
>
> (not as chair)
>
> One of the topics discussed during RATS113 session I seemed to focus on architectural considerations for entities vs. roles. The architecture draft summarizes concisely:
>
> “In essence, an entity that combines more than one role creates and consumes the corresponding conceptual messages as defined in this document.”
>
>
>
> This is different from a distributed Verifier that operates on a portion of a conceptual message and (possibly) forwards a portion for some other Verifier to consume. The architecture didn’t attempt to name partially processed conceptual messages distributed across multiple entities.

I fully agree with this.

> It may be helpful for drafts to give names to partially processed conceptual messages

As you say, a Verifier implementation can fraction and distribute the
appraisal box the way it wants.  It seems to me though that trying to
name these intermediates equates to making the internal
(implementation-specific) interfaces explicit, which is something we
should really avoid at least until we decide it's time to revise the
architecture to break down the Verifier box.

> but until processing is complete (and therefore becomes a different conceptual message) it should still be correct to refer to the partially processed conceptual message by it’s architectural name (e.g., Evidence that has been authenticated but not appraised would still be regarded as Evidence architecturally. Appraisal results that haven’t been authenticated to a Verifier might still be called Evidence up until all the requirements for being called Attestation Results are satisfied.)

I also fully agree with this.

-- 
Thomas

v2.37.1 | Report a Bug | By Email | System Status