[Rats] Early feedback for draft-tschofenig-rats-aiss-token

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Fri, 29 April 2022 07:38 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46BD0C1594BF; Fri, 29 Apr 2022 00:38:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tPfd0TpMgRCh; Fri, 29 Apr 2022 00:38:12 -0700 (PDT)
Received: from mail-edgeKA24.fraunhofer.de (mail-edgeka24.fraunhofer.de [153.96.1.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2A44C157B5B; Fri, 29 Apr 2022 00:38:06 -0700 (PDT)
IronPort-SDR: iiNvZ2f1RkTz7/VmCMUJk/ytCwmjivYe090hkUm/xvxyKmYRDtrsvsj6ovDVpG0yR73A9gujf7 6F7es9IWfX9z/YsUzt1HRP6WCU0fOK3/2bJoc4Gj+8qQJY0IT6j9qg+2spwqI8PEVDII8ydDxW eyz0SrQhIZPb3Ve5/ssEMv2puCAVFGLCzXlKJ0AB0IVLvp9MMbY9nBRNfvy99He6O1jdX3RLDF oDADdyeSyziWfGN69qQawwDu0mRrlBXa+MGMQDG7Vbli405uKd9NnUZ17KRYzUkU67qGuz0Fje zSw=
X-IPAS-Result: A2H9BABplWti/xwBYJlagQmDUSh+gVSET44HgwKBFpohglEDGDwLAQEBAQEBAQEBBwEBOQkEAQEDBIovJjgTAQIEAQEBAQMCAwEBAQEFAQEGAQEBAQEBBgQCAoEYhS85DYNTTTsBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEFAkFHDDMEJA8BBQgBATgEFBQIAiYCNBcUAQwIAQGCeAGCYwMNM5IynBGBMYEBgggBAQYEBIJWgjcYXIFcAwYJAYEGLIMRi10ggVVEgRUnD4I9g1gCAoU0gmWcOxxUXARRAiBxTgt1kgQxrgc0B4ISgToFgTYGDJ4gBhQug3SSYjaRR5ZgIKMBg04CBAIEBQIOCIF4gX9NJE+CaVEZD49GAQiCQ4UUhUxzAgE4AgYBCgEBAwmNegEB
IronPort-PHdr: A9a23:1c0CMhWvSWX49Kj1gTvuFG1+zSbV8K3yAWYlg6HPw5pCcaWmqpLlO kGXpfBgl0TAUoiT7fVYw/HXvKbtVS1lg96BvXkOfYYKW0oDjsMbzAAlCdSOXEv8KvOiZicmH cNEAVli+XzzMUVcFMvkIVPIpXjn9j8OXBvlPBdzJuP7F5SUg8nkv90=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.91,297,1647298800"; d="scan'208";a="41500734"
Received: from mail-mtaka28.fraunhofer.de ([153.96.1.28]) by mail-edgeKA24.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2022 09:38:03 +0200
IronPort-SDR: +1WrPuJLbx/KvRK0B9WOOJTmQNON/D5BeV2/WoszZHsAUF9O0N6rswrM5jL+HWEDoyJ+12i3qD kITSLE4XRg4kxQF+a0zYN4wwxdTQ6LUbteXfPK8lnEx40QtF5OjAUjcutZQ9yzZU0diU3lqYI2 wzWjZs7lAHhE3QIu/EN9B8uGOy2FZlgGErQUjpCdABLIX99ZIni3LyNg+SKNmDs6wKs0DeaItj sdeoUOGPO1a5gguRbfX5DPsO0MjCVZhumemI6buRgkyPHEwXZjazZIv3d5QK9nSvdKore1SfP6 7KTS21z9mW13JRaIzZyZzxpv
X-IPAS-Result: A0B2CQBplWti/3+zYZlaHgErCwYMAgsVCYMeKigHd1coVYROg0gDAQGFMYUJXQGCJDsBWpohglEDVAsBAwEBAQEBBwEBOQkEAQGKMwImOBMBAgQBAQEBAwIDAQEBAQUBAQUBAQECAQEGBIEJJwZeBmiBT4FhEws0DYZEBBMRDwEFCAEBFCQEFBQIAiYCNAcQFAEMCAEBHoJaAYJjAw0jAQEOkjKPNwGBPgKLGYExgQGCCAEBBgQEglaCNxhcgVwDBgkBgQYsgxGLXSCBVUSBFScPgj2DWAIChTSCZZw7HFRcBFECIHFOC3WSBDGuBzQHghKBOgWBNgYMniAGFC6DdJJiNpFHlmAgowGDTgIEAgQFAg4BAQaBeCWBWU0kT4JpTgECAQINAQICAwECAQIJAQECj0MBCIJDhRSFTEEyAgE4AgYBCgEBAwmNegEB
IronPort-PHdr: A9a23:qaXrhRJa0NqyLdTVv9mcuWkyDhhOgF28FgIW659yjbVIf+zj+pn5J 0XQ6L1ri0OBRoTU7f9Iyo+0+6DtUGAN+9CN5XYFdpEfWxoMk85DmQsmDYaMAlH6K/i/aSs8E YxCWVZp8mv9P1JSHZPlZkGUrGe78DgSHRvyL0x5K7edJw==
IronPort-Data: A9a23:YGjQz674aTkf5m79Z/G3pAxRtNDHchMFZxGqfqrLsTDasY5as4F+v mRKX2/Uaa2MN2rxf9l2atm+/RsCucSGz4dqTANtrS5nZn8b8sCt6fZ1gavT04N+CuWZESqLO u1HMoGowPgcFySa+1HxWlTYhSEUOZugH9IQM8aZfHEoLeNYYH1500g7x7Ro2tcAbeWRWmthh /ui+6UzB3f4g1aYAkpMg05UgEoy1BhakGpwUm0WPZinjneH/5UmJM53yZWKEpfNatI88thW5 wr05OrREmvxp3/BAz4++1rxWhVirrX6ZWBihpfKMkSvqkAqm8A87ko0HPcDeEtF1g6lptJg0 oxqsZuAUykDH4SZzYzxUzEAe81/FbZD5KeBLGi0sYqd1UTbdXvrzfh0Sk07VWEa0r8qWicfq rpBd2FLN0rc7w616OrTpu1EhsklL4/hPZkcunZk3xnCDOpgT4rKXqPK4tFVxnE8i6iiGN6ON 5dAN2Y3N3wsZTVNOgslI64V29uRvWe4eDQGqn6ur6g4tj27IAtZleKF3MDuUtCQTMtJ21qDr WLB8Wn/Ax5fLtWD0n+M82m3w/PIni79cIMfCLP+8eRl6HWJz3AIIBwbSVX9puO24nNSQPoGd hdRq3Vr9PdjsRXxEZ/jWluz5nCetwMaW91eHvd85AzlJrfo3jt1z1MsFlZpAOHKfudtLdDz/ lPWzd7vGxJ1t7iZFSCU+ruO9GzgIikJa2EYbDICTQwL7sOlrIxq1kDDSdNqEaiUiNzpGGisk m7Q83Vk3+0e3ZwRyqG23VHbmDby9JLHeQ4C4FmFVGyS6A4kNpWuYJal6ASA4PsZdNSZQ1CNs WIqgc+b6OxSX5iBmDbUH7cWHa3v6eyMLTvchlBiBd8t+m31qXKkeIlR5hB4JVtoa5pVJ2W2P RWL4Q4Ivc1dJnqna6NzcrmdMcVywPiyD8nhW9DVcsFKPMp7ejiHyycyN0Se6GbgzRo3mqYlN JbHKsuhACpICaljyzbqFe4R3aVxnXIlwH/LA53rxBTh36CXeXiVTrkIKh2CY7lhvq+DpQzU9 fdZNteLkkkODrehP3OPqYNDf0oXKXUbBIztr5AFfOC0JAc7SnoqDOXcwO98doE5zb5ZkPzEo iO0VkNCkwGt3CCcbFTVLyk8Ofa2B8k5s3d9NmoiJ1+13Xgkb4u1qqsSLsNlcb4i/e1l7Ph1U /hcJ5TeWKsSEGyf9mRPd4T5oaxjaA+v2VCEMR2jbWVtZJVnXQHIpoLpcwaHGPPi1cZrWRbSe 4Gd6z4=
IronPort-HdrOrdr: A9a23:YAMfpKhJrI/jn7iURHcdy5YhXnBQX1V13DAbv31ZSRFFG/FwyP rAoB1L73PJYWgqNU3I+ergBEDyewKkyXcT2/hqAV7CZnichILMFu9fBOTZsljd8kHFh5ZgPM RbAtdD4b/LfDpHZK/BiWHSebZQo+VvmJrY+ds2pE0dKz2CBZsQiDuRRjzrdnGfE2J9dOcE/d enl7x6jgvlXU5SQtWwB3EDUeSGj9rXlKj+aRpDIxI88gGBgR6h9ba/SnGjr18jegIK5Y1n3X nOkgT/6Knmm/anyiXE32uWy5hNgtPuxvZKGcTJ0qEuW37RozftQL4kd6yJvTgzru3qwFE2kO PUqxNlG8ho8Xvecky8vBOo8Qj91zQF7WPk1Daj8DLeiP28YAh/J9tKhIpffBecw008vOtk2K YO5G6dv4o/N2K0oA3No/zzEz16nEu9pnQv1cQJiWZEbIcYYLhN6aQC4UJ8Cv47bW7HwbFiNN MrINDX5f5Qf1/fRWvepHNTzNulWWl2NguaQ3IFptee31Ft7T1EJnMjtYIid0o7hdMAo8Eu3Z WFDk0orsAFciYuV9MzOA9bKvHHSVAkQnr3QRCvyBrcZeM60kn22u/KCYUOlZ+XkaMzvesPcb T6ISdlXD0JCjXT4fPn5uw5zvmKehT5YQjQ
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.91,297,1647298800"; d="scan'208";a="88516403"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA28.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2022 09:37:59 +0200
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.15; Fri, 29 Apr 2022 09:37:58 +0200
Received: from DEU01-FR2-obe.outbound.protection.outlook.com (104.47.11.177) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.15 via Frontend Transport; Fri, 29 Apr 2022 09:37:58 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OLlaWAqMN6ZJ5OURDx+K5tI8a7skO2bCsfqewFexyDRPB9gxdfd5VZEt8KAl29G4WdeXr9HqnHiHU4MjKqKTWH9wighJgkFbp3BahEJcWdshFqLzmJOnH5BI2AYvHH2N9FolxjI5f6Zw1vooguHRfhFA4wzgEcZqOSKqCx+bMfSucp8eQ6RniGO7IAFgzKmggyPh9xYoXNQxXoj7YTVBfbT+GtdD/5n3LxSLUZkM7ULsL6f1Hm21Z4mG7e7w6vK9uqRfwORKhADD1WmsCLcI7H0d93iFRYp4+F6UIozuYxkHWSw53EjciMkehlMN8CbuN2QRNOuZdiWPBbJnZFNVzA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KAcv8tKnSqnv25/bBx7oBZytTb63IXlOV3eGAbc9ccY=; b=WpOUxlWNnxxUCK5ruqNggpXpp2+dB3acYTeOJfNqNOn3QWNOgPsmtBfJ9TFEQe51NTV5DDlQRowvNQACqniZkzbkMUSstgPh0oz7wtcUSVI0lF+wl9hqIXUsmW/DWtDCFowTueKHW/pj4hVa7lL0YLR2QOIaFk3PLtMUMERXeWzBLp1jHkMGM/l3bC78uin1dvPq6+P8dBHj4NkO4/puNp7B7m8HtRb9wo/QoFeHstmnLXYTBu83fioh+iVI3Sx9/xkux2uj58gQJvnQTdVpbdVys7HWd8z9iuLVpfDb3Si5fKJdO1Tp0WVq2HSszZPRsDhJ2nuipV/DI+FmipIMcg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.fraunhofer.de; dmarc=pass action=none header.from=sit.fraunhofer.de; dkim=pass header.d=sit.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KAcv8tKnSqnv25/bBx7oBZytTb63IXlOV3eGAbc9ccY=; b=UJB1meMA/YT/F1V9+30jDkQ51SqnnHSuWKTcj/G59uvt93Ev2a6FDubEbgteAoqAw1bUbUkAugONHPniz1tsGecwYDtSroemVr3gxqwolfb0scgFwZoBkwLMqXJSwcYad3L+8/6o1xkOJAP0OTBDrES2q9rG6qdwfA66yJDjr7g=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=sit.fraunhofer.de;
Received: from FR0P281MB0785.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:50::13) by FR3P281MB1520.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:7f::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.6; Fri, 29 Apr 2022 07:37:58 +0000
Received: from FR0P281MB0785.DEUP281.PROD.OUTLOOK.COM ([fe80::da:ad1c:9684:48f7]) by FR0P281MB0785.DEUP281.PROD.OUTLOOK.COM ([fe80::da:ad1c:9684:48f7%8]) with mapi id 15.20.5206.014; Fri, 29 Apr 2022 07:37:58 +0000
Message-ID: <82f684aa-4f01-a473-c648-f3c7ff534cf8@sit.fraunhofer.de>
Date: Fri, 29 Apr 2022 09:37:55 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
To: draft-tschofenig-rats-aiss-token@ietf.org, "rats@ietf.org" <rats@ietf.org>
Content-Language: en-US
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: AS8PR04CA0174.eurprd04.prod.outlook.com (2603:10a6:20b:331::29) To FR0P281MB0785.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:50::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 87d1c327-8451-4f17-d35a-08da29b32e62
X-MS-TrafficTypeDiagnostic: FR3P281MB1520:EE_
X-Microsoft-Antispam-PRVS: <FR3P281MB152099611C2F3AD5ED0DC5DBA8FC9@FR3P281MB1520.DEUP281.PROD.OUTLOOK.COM>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: hRCIQzwbGauZIw46gLK4Zy09KjM+H/Inx16koa1nJUN70F0V9l/3pYO7REJ3FF1W+KUWwx5zjR+YDuMLGpAJ72xSNGA+KEJzw1rbcfx/bkKPm6Zul1Z89YUn6hwkLsNRlYpWr7tkPv8x3m1plqOFOBW/fbMUxjw6V8FUFh2GfiTjXXBUuIaE9+SSZdI8a336SPhLemQjXT1N5YmApdLU2+RRhlT0yPoQ7XpGUBRmmgZhSlhNKfmk2NVaCjVCnLfLbvx5HDqC2bpV7CdkMlarVIqqXsxsdHMZSSL3HXjCeGmUEUksVj0FbYUYsKv7QpLqfsytj90BD44bYREBWNbr5v9sKh7QMHfj/KW9OIZwianImnFGp4zKI9lQFdohRtZru96UdmjKloBKfPv1fITNkdtBoldWkU/XUY0YONCyFS9NR3ZLorv7vRUyxMjTQOYCG6csOKMAC22PW6MtyV7XxhnyhMPR6Oeh8JjMTqBxngsZcmLTvweFfqnJ8ZQpYjsNnUTRXIY3pd8y+HGKjHbftqwY/2Qf+kGN/r/xwBlLKfuPXXSrC2yyhc+G95B86q7thOeSaTrtgO0LEdbC1KtAsQBeCE8q/JrLWhA58rJI+YMAi6EWeDMfvICa74qncnGARehtikTDDskQfRq4/vjsjm/0+/V6x6/VDCam4+Hg556n7fxhRinkyE5cULJ9S7yuMssAiBWCyjjjQHKIt+LcjcJ/KFHc4EAIL+UrQGxErrWWCGf5ejcanBtCg8K511YTZhg4sqtDH0YwtP1NZRuPOEyUfMtGMtyWHdomYyNZszuzEqfM/Y7V3kTFktq3jRiKDEAAEopOpBDaydWCcm2HOl/HuQ6+ANJ//syP2H/w+pk=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:FR0P281MB0785.DEUP281.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(366004)(5660300002)(6506007)(86362001)(83380400001)(2616005)(31696002)(2906002)(8676002)(66556008)(66476007)(66946007)(450100002)(186003)(38100700002)(316002)(31686004)(6486002)(6916009)(966005)(508600001)(82960400001)(6666004)(52116002)(44832011)(6512007)(8936002)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2
X-MS-Exchange-AntiSpam-MessageData-0: Xi2ssF4mXUfqKpf+HPHx6aH1AiaQqOZD9Lgr3y3qnGY94NTR9xrQ4Um9kj0VmzImJShgi7+p/U4g/3Wqo/bKzguJnrR/ZA92JyWlmlAQGeqXTrZRtrAwGJh1IhYmqT2EMRhnzXw/f5LHYcpkacTNoOkr11H0SubUWC0N9di5QxPLciPtQ8w2olLwSTSqcwGVxbfnrmP7BM5Qam6List3lme2KThoOigG30Im+uOD941tJCqWemFn8rFdqDS2PthQLtnidqxpKCqZxIx+C7tSh9ekX7MblF2Un2RljDxyHemErOAo0per0e9ie9JPhsEnQ4AxnBhUG/d/VTbQ2ncO7Cz7NrgTgjfqsbtIiTJRAdORbrLc58iqr4PxipxyIze3kt0gVINfSyULC/Oz7ydBhWZlXvLFidF08iFMDlJGbSJrQt7rzhDJKvdO2NJyr0+tONp+/z3NfyQmva48oaEeyfnCqnrooZpcO1uaWU7sQKS5nJLYS72rITuksfIjUs4y4HKJWC7ObohLVSlfBQkCUNm5CbbcVG7r5YWUw57ZJY1rR21uVJmT+5Ee2X5wo/GEjDgh/bme4lYoK0TgAjI8UxXNjjDbGuoOxTxskz2fj1rXitqGzcJ27eOnZTMYcijdJcZbP1vhjT833271k4NTG4fx96wzj2FZLdj1uNrrk1B+cy/5TJYVq03mTpcdqkmg9b4psQX690Q3tQnHIorKuczHLP1TWDaWkVU5lajxvDONjDsRSe5UoRbtVI+FpwpAEAXcd0zwsMaJFQcuM0V6fQZI+0Qep1RisVAO8MB2mjt9YZlS36E+rD+SS/SB951PzbBkpHgtlo37Z14xlipUgFSg2cwCWX2WQ8otLDR+PJ3Nxvqkx5HK69Og2MC3jaUBTcWCmotVwU9NSChuSVNWtH4PUwHKiBjtCuSruJHZvBNm6OM0oyLBcvbCtKtZURCw85PgJOCtCCUxuClvq1fLdsoiYggBEZm08aSqbQA84Il226Nvlbmn7qCdvFsI9KowuU8pLVzjy9fYATglun88NR9lNZZHyxHsV6KllwuYJTpKhxK1CLOq9fWn+lt/3KtyYA4VTHEAiP0KCsygHmrJ/dLbb8MHaYChToM/18Nouex2aTLEmNYr2csFNdDF48tmzXmKpx6hNsjwQmmkVHpw9JeuYm4s0uYw89bnD/Rww9vAsSIt+/ZtqqLj/J6eKvWJYFwWbdTS5ao5OSl0cua45fMdVsM2XG2uHfdRT8BPr2s6Z7PfWj3iDWnUWbvhiSTnnutuMJ4beRLGGC3xWDQi7CRYoDvVltkVCZukCU3HEUwKf1XLAyqxoebhtNTENQBYHVECSYJWlndE3CtBypyvVRNQExgBzBWpCQZx1NrlE3YRV+0NtbcB65PkgoIU9gj6G+1BAVasYaWmmUZ3FtvbVbrmbQ9NSLulOxfozaAK7wet/Xruu0XZOnN8h88sofJHZ0j3bdQktPHQv5TfmYEfw1+1ogI8Y0mFLLXVYIQkyfaWtYGlAQ82SiHxZvLGWTP7Is35GNvICZsBxJVisemKNUzEVoEm1MEABQD99Fq+j17hqGr31JnN68+kMokrf6lMp3vSf8g7yQJTWHwUwCiV+wWyI+DrGRU5Jf9tOrxHNycPhBZCDG64a+ZbkLb/+Vfz1ktssBuNmkgNT3G/JdYCQ8unJodJpjCkyIab6J+LjE7ipUaHm7GIRgTp6PEftoTI8KiaCbPq8Yz+FegcmmfSsoqnpA/yqHEbkqwUVQTeDjk/TGYmVJFHh7K1qmWAz7bm4PBMvsnI
X-MS-Exchange-AntiSpam-MessageData-1: Bu26MO9vvjXlWdJnBRp92EePzRrH08rreQFuii7i0XOR3xUDkzVsjw4e
X-MS-Exchange-CrossTenant-Network-Message-Id: 87d1c327-8451-4f17-d35a-08da29b32e62
X-MS-Exchange-CrossTenant-AuthSource: FR0P281MB0785.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2022 07:37:58.2178 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: uDQ4lBccTrdFMDdhKKJcDAdAYAwU0b9s6tD5UKbDrK4F2jjMhOdbLkurBxbcvPBh8YPovbFUWXsIG53oIiPeAM0qniNAdmdi56sNNyPBXgs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR3P281MB1520
X-OriginatorOrg: sit.fraunhofer.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/4SdG7nYfNOK4GR52lXe-mqGxycs>
Subject: [Rats] Early feedback for draft-tschofenig-rats-aiss-token
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Apr 2022 07:38:17 -0000

Hi authors,

considering this is a -00 it was a quick an comprehensive read. I am 
aware that in this state the document is basically a list of Claim 
definitions and corresponding CDDL.

A few questions and comments:

1.) It seems that an AISS is Evidence as it is consumed by a Verifier 
and reference values and policies are used to appraise it:

> https://www.ietf.org/archive/id/draft-tschofenig-rats-aiss-token-00.html#section-7

As "Verification" is a bit of an ambiguous term nowadays, I'd recommend 
to rename Section 7 to "AISS Token Appraisal". Also, I would clearly 
state that an AISS token is Evidence early on.

2.) The colloquial term "verification service" is used in:

> https://www.ietf.org/archive/id/draft-tschofenig-rats-aiss-token-00.html#section-3.3

which currently only implies that that is a Verifier conducting AISS 
token Evidence appraisal, I think. Just defining what a verification 
service is (see 1.) would help as there are other colloquial terms that 
mean the same thing, such as attestation service (which also are ambiguous).

3.) Are the reports mentioned in:

> https://www.ietf.org/archive/id/draft-tschofenig-rats-aiss-token-00.html#section-3.4

self-assertions or Evidence or something else? Are they produced by a 
RoT or a higher Attesting Environment? Are these states Claims that can 
be collected from Target Environments that are "the silicon" or are they 
derived in a different manner?

4.) I am wondering which Attesting Environment is supposed to produce 
the AISS token Evidence. In your definition of a RoT (Which I'll come to 
in the next item) it is highlighted that a boot loader can be a RoT, 
which would imply in that example that the bootloader is the first 
Attesting Environment in layered attestation.

Is the first Attesting Environment always the producer of an AISS token 
or can later Attesting Environment also do that? I am asking because, if 
you look at the scenario from a certain angle, it seems as if the 
Attestation Environment (bootloader) would collect claims from Target 
Environments that would be the parts of the Silicon. Is that correct?

5.) What's the intended output of an AISS token appraisal? Theft and 
Overouse seem to be two characteristics as stated in:

> https://www.ietf.org/archive/id/draft-tschofenig-rats-aiss-token-00.html#section-3.6

Are there others? I assume that determining certain Attestation Results 
is the whole point of producing AISS tokens in the first place. Defining 
those categories of outcomes seem to be in-scope?

6.) In March Kathleen advised the RATS WG to include an explicit 
definition of Root of Trust in the RATS architecture. AFAIK, that is 
that only remaining open issue with the document. Maybe we can 
collaborate on that definition as you started one here and I don't think 
it's an awful definition? :o) That would be cool and hopefully move the 
RATS architecture, which seems to be stuck for quite a while now and 
that issue might have been the reason.

7.) I like how most of your Claims used/defined are matching the layout 
of CoRIM :-) (obviously) and thanks for naming it AISS and not AISST and 
therefore avoid calling them AISST tokens later :-)

Viele Grüße,

Henk