Re: [Rats] Fwd: New Version Notification for draft-moriarty-attestationsets-01.txt
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 05 April 2021 23:34 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 540843A2C8C for <rats@ietfa.amsl.com>; Mon, 5 Apr 2021 16:34:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Key7SGWyvlJ for <rats@ietfa.amsl.com>; Mon, 5 Apr 2021 16:34:00 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A29893A2C8A for <rats@ietf.org>; Mon, 5 Apr 2021 16:34:00 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id BEA3538E40; Mon, 5 Apr 2021 19:40:41 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id QxIgyVy1_TMy; Mon, 5 Apr 2021 19:40:40 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 74EA538E3F; Mon, 5 Apr 2021 19:40:40 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 245721627; Mon, 5 Apr 2021 19:33:57 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
cc: rats@ietf.org
In-Reply-To: <CAHbuEH43hREpvwQaP0YO-gesQYK32MZh8RU+KaE-9905EZpjJA@mail.gmail.com>
References: <161739248175.10041.2045836815726386513@ietfa.amsl.com> <CAHbuEH62hfV5PPTW16V+nmoaT-FCiFk21+Z-GdSzTkiRBtQEpA@mail.gmail.com> <10495.1617486762@localhost> <CAHbuEH43hREpvwQaP0YO-gesQYK32MZh8RU+KaE-9905EZpjJA@mail.gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 05 Apr 2021 19:33:57 -0400
Message-ID: <17616.1617665637@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/71n3HJVlqoTGx0xJbY9dcRcJoAo>
Subject: Re: [Rats] Fwd: New Version Notification for draft-moriarty-attestationsets-01.txt
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Apr 2021 23:34:05 -0000
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> wrote: > On Sat, Apr 3, 2021 at 5:52 PM Michael Richardson > <mcr+ietf@sandelman.ca> wrote: >> >> Hi, I tried to the read the document. >> >> I found the Introduction to be very harsh, just peppering me with what >> seem to be unrelated facts. > I'd like to understand what you see as harsh, was it the following: > "Posture assessment has long been desired, but has been difficult to > achieve due to complexities of customization requirements at each > organization." It's not specific wording, it's the way that the facts are assembled. They seem like random facts without any connection. Maybe it makes sense to you, but that's because you already know what the connection is. I don't, and I found it very difficult to read. >> I think the first paragraph could perhaps just be deleted. The second >> paragraph starts better, but then veers off as well. > The point of this was to demonstrate a case where attestations are > centered around an established set of controls is in place today (NIST > 800-193 & TCG's Reference Integrity Measurements). > Being able to attest the result of all the attestations and verifications that happen > on the system would then be a remote attestation. Is an example of > where this is working helpful or not helpful? I think that the examples are useful, but maybe you could do it a different style. If you make me feel that I need to lookup five 200 page references in the first paragraph, then I won't be read paragraph two :-) (I don't know how big the references are. I didn't look them up.) > Thank you. I'm happy to revise as needed. Getting the basic concept > out there, and providing the capability that should simplify at least > some of posture assessment is really the goal. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Rats] Fwd: New Version Notification for draft-mo… Kathleen Moriarty
- Re: [Rats] Fwd: New Version Notification for draf… Michael Richardson
- Re: [Rats] Fwd: New Version Notification for draf… Kathleen Moriarty
- Re: [Rats] Fwd: New Version Notification for draf… Michael Richardson
- Re: [Rats] Fwd: New Version Notification for draf… Guy Fedorkow