IETF Logo Mail Archive

[Rats] Re: New Version Notification for draft-sardar-rats-sec-cons-03.txt

David Condrey <david@writerslogic.com> Thu, 07 May 2026 23:06 UTC

Return-Path: <david@writerslogic.com>
X-Original-To: rats@mail2.ietf.org
Delivered-To: rats@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id C1068EAE5F17 for <rats@mail2.ietf.org>; Thu, 7 May 2026 16:06:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1778195162; bh=D4LSzd3K05LJwutLkvC9yhAUZgwtwU9P0+K6SOUJmlU=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=Pj/ILlmjZLx5gOz7+y6sNbe9S04shvXzii1fCrchAr0kKdAshCj6+VbS+7oc0eMfG sD5phf5qGFjs3279O8UcVGWP4w/nkxvIvuRtHPNRlo8T+pfzpKFr7oTPODr/gy2J9p svttUrSkNYUx8K1AX+UZdg6ddSqFpwCJbpchZhaY=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=writerslogic.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wLycSJUQ7yYS for <rats@mail2.ietf.org>; Thu, 7 May 2026 16:05:59 -0700 (PDT)
Received: from mail-dy1-x1341.google.com (mail-dy1-x1341.google.com [IPv6:2607:f8b0:4864:20::1341]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C971BEAE5EF0 for <rats@ietf.org>; Thu, 7 May 2026 16:05:56 -0700 (PDT)
Received: by mail-dy1-x1341.google.com with SMTP id 5a478bee46e88-2ef2a1cc06dso1262990eec.0 for <rats@ietf.org>; Thu, 07 May 2026 16:05:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=writerslogic.com; s=google; t=1778195156; x=1778799956; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=qRCYPJXfhSdfyRcpTbZQkoiutZVat2W85HXBd07c3Tc=; b=SZnIRX7uChUEXNXBU2vpoqBTsdLPA5o0MxNYmwFOp2ybOmnlZ8Wia4HQsSjcJwSPHH eaSSmoKqOOWNEyVaKxlfngH8D1MtRDCH8u/CbTXWsN6ZR2+8oscXQSK8tMEykN+CIzO1 iRUvIRUWjkPdSQzv0UKRQ89gcqiJv9wZf/ctaavUf1o9OnWEIODm5VqxBdMLlr/zu6f/ ltCsnnyrBKGER9mjqlEIt4nonfKN4x8yssJiU05XHDZYkJvhmvXlGS6mSHDlFAWfikvX v1+LDR+euvBBgxWq2xbWbySrF0oc0sDieNfCMKkK2roYooQ2dGk2fsD4CUYB5kUNnoL5 PXuw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778195156; x=1778799956; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qRCYPJXfhSdfyRcpTbZQkoiutZVat2W85HXBd07c3Tc=; b=h8wsQbAUQUo0nY32gzFtApA1zSpe0eObv/pJg9dsCYKVaPaI+HxIM05IunJdKUpahQ 9aUrIH9rjRqHBfcJM2B0+TbkSZdTP711cX/beW/xQ/H0/vTwuPLAw0z94DzJohEQUxT2 55LgZVJ2UDokFkZzSMNIFVbxB67K8YjY+wKvMK83qNovlGVpL11oAGDoiMcWLRiYzBdl 6hgp2t5EUJMeR/BxGAb2HRt0o/bxWBxemk611tJqN97HXkO2RJeG5THRfp0trcZsF1Ba th6Pb1A1HLuzrmw7Y27cPest8vgiqC2TN5B0q/oNuxU+U20bBcWHeGLYGc6W6fpce05F SpBw==
X-Forwarded-Encrypted: i=1; AFNElJ9w6hdV/5r2JpvdAX6Tv7uMJavQidcyfvPSo7ypJEStxyZePklfPzP+TbCy6Ru77gLysd65@ietf.org
X-Gm-Message-State: AOJu0YxLa5Br7bpXlx/THtPlXPgU9BeW9ILVK7YsIHhGpS9gmW1VF0mi MywfmZ1eDN0ql0O+AiUZNgaGXuAnxRB+/kc7Mq9C9xui3eRW5bweuB5JrJ5B/0534Lc2vjSqukK aNk9Yi+pFL6J3VQ==
X-Gm-Gg: Acq92OHJyKS6vvU9lW9RHtXfxhXqCSmGfLY4LI5x8SFd3TPxUEBPNLWXKNPAy9abYBy g2iFAVveFfV8EXufUym31+BsCBa+vxcaYlGD73F/kZE0oZf/QlU2apLX/D3lbbM72BhFi+AB6Bb Q/GQt7VSayPHxsrtoO1xJJvh7K58gbvX4jwa0Azym1ZaOF4btYMbDHzeK6LXKJXAqf8pyPXhdkg 8lg119Uybj4OWL72YtjPW5wXFnbvNkj67mInS6/6pxWGr2PqE6XxCWB/D+GP56tG2B77xHXQI3s hzcpvTixMfBKPp+fqBUrJaGkIfMX6CCT0NnTnh86Anqyf0rCytz3Q38YzM5W4U1F1AIBXM76dPL 7w2dzlDSTTBO8UUDBVjjTmlJEI/AFz2pApscf1F+oGvWtu0QcG9U5Gb65TKzNiaLuuJUq5zDBa6 +K9TWaQw4s/UwvTkpgHpWHy6DlL2F9PVLYvWTIbtzOTRdaMt+naDKETkkXCro2wKyRJo6u9ne9P GWsmckV1bge7V+ZqQ6JUPhkNWJ/QaPbIHoCWS1bFBc9Tx/NAtU/F4RpV62VrC1Naw4oUMD4O+8=
X-Received: by 2002:a05:7300:572c:b0:2f2:b544:2fd4 with SMTP id 5a478bee46e88-2f54ae73769mr5782091eec.34.1778195155525; Thu, 07 May 2026 16:05:55 -0700 (PDT)
Received: from smtpclient.apple ([2600:8801:c200:2800:5c50:7069:4879:f815]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2f86486db55sm335419eec.1.2026.05.07.16.05.54 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 May 2026 16:05:55 -0700 (PDT)
From: David Condrey <david@writerslogic.com>
Message-Id: <D5D9352B-E4DD-4596-B4A3-F2F88EE75275@writerslogic.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_68E6872B-037B-4E8A-9714-B8652109899A"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.600.1\))
Date: Thu, 07 May 2026 16:05:43 -0700
In-Reply-To: <0388f4fe-54e0-41b2-a520-3a2eb27f642a@tu-dresden.de>
To: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
References: <177750265590.432348.3146191093263172762@dt-datatracker-b45949c58-t72jx> <0388f4fe-54e0-41b2-a520-3a2eb27f642a@tu-dresden.de>
X-Mailer: Apple Mail (2.3864.600.1)
Message-ID-Hash: EWWMFG7IUFW7FQAFQE36ACGKJHU73YFS
X-Message-ID-Hash: EWWMFG7IUFW7FQAFQE36ACGKJHU73YFS
X-MailFrom: david@writerslogic.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rats.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-deshpande-rats-multi-verifier@ietf.org" <draft-deshpande-rats-multi-verifier@ietf.org>, "rats@ietf.org" <rats@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Rats] Re: New Version Notification for draft-sardar-rats-sec-cons-03.txt
List-Id: Remote ATtestation procedureS <rats.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/5XNmWUad5frpJTYus__NMJzbMvo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Owner: <mailto:rats-owner@ietf.org>
List-Post: <mailto:rats@ietf.org>
List-Subscribe: <mailto:rats-join@ietf.org>
List-Unsubscribe: <mailto:rats-leave@ietf.org>

Hi Usama, Yogesh, Jun, Houda, Henk, and the RATS WG,

I am replying to voice my strong support for Usama's request to include the security and privacy considerations from draft-sardar-rats-sec-cons-03 (Sections 8.1.1 and 8.1.2) into the multi-verifier draft.

From the perspective of other active work in this space, preserving the security and privacy guarantees of TLS Exported Authenticators (expat) is critical. As the author of drafts utilizing the Proof of Process (PoP) framework and related cryptographic proofs (such as draft-condrey-cfrg-posme and draft-condrey-rats-pop), my proposed architectures fundamentally rely on those expat guarantees remaining intact.

If the multi-verifier architecture breaks the expat guarantees, it creates a cascading issue that undermines the threat models of downstream drafts that depend on them.

David Condrey


> On Apr 29, 2026, at 4:08 PM, Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de> wrote:
> 
> Hi Yogesh, Jun, Houda, and Henk,
> 
> We are doing research on the security and privacy of multi-verifiers, and we will share any solution that we will have from our analysis.
> 
> For now, we have revised the proposal for security considerations statement [0] based on the adoption call discussion that we would like to be added in the draft until you or we find some reasonable solution.
> 
> Privacy statement is unchanged [1] and we would like that to be added in the draft as well.
> 
> Thank you.
> 
> Best regards,
> 
> -Usama
> 
> [0] https://www.ietf.org/archive/id/draft-sardar-rats-sec-cons-03.html#section-8.1.1-3
> 
> [1] https://www.ietf.org/archive/id/draft-sardar-rats-sec-cons-03.html#section-8.1.2-3
> 
> 
> 
> 
> 
> -------- Forwarded Message --------
> Subject: 	New Version Notification for draft-sardar-rats-sec-cons-03.txt
> Date:	Wed, 29 Apr 2026 15:44:15 -0700
> From:	internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>
> To:	Muhammad Sardar <muhammad_usama.sardar@tu-dresden.de> <mailto:muhammad_usama.sardar@tu-dresden.de>, Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de> <mailto:muhammad_usama.sardar@tu-dresden.de>
> 
> A new version of Internet-Draft draft-sardar-rats-sec-cons-03.txt has been
> successfully submitted by Muhammad Usama Sardar and posted to the
> IETF repository.
> 
> Name: draft-sardar-rats-sec-cons
> Revision: 03
> Title: Guidelines for Security Considerations of RATS
> Date: 2026-04-29
> Group: Individual Submission
> Pages: 14
> URL: https://www.ietf.org/archive/id/draft-sardar-rats-sec-cons-03.txt
> Status: https://datatracker.ietf.org/doc/draft-sardar-rats-sec-cons/
> HTML: https://www.ietf.org/archive/id/draft-sardar-rats-sec-cons-03.html
> HTMLized: https://datatracker.ietf.org/doc/html/draft-sardar-rats-sec-cons
> Diff: https://author-tools.ietf.org/iddiff?url2=draft-sardar-rats-sec-cons-03
> 
> Abstract:
> 
> This document aims to provide guidelines and best practices for
> writing security considerations for technical specifications for RATS
> targeting the needs of implementers, researchers, and protocol
> designers. This is a work-in-progress, and the current version
> mainly presents an outline of the topics that future versions will
> cover in more detail.
> 
> * Corrections in published RATS RFCs
> 
> * Security concerns in two RATS drafts
> 
> * General security guidelines, baseline, or template for RATS
> 
> 
> 
> The IETF Secretariat
> 
> 
> _______________________________________________
> RATS mailing list -- rats@ietf.org
> To unsubscribe send an email to rats-leave@ietf.org

v2.46.0 | Report a Bug | By Email | System Status