IETF Logo Mail Archive

Re: [Rats] Reminder on RATS scope

Roman Danyliw <rdd@cert.org> Tue, 11 January 2022 22:57 UTC

Return-Path: <rdd@cert.org>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8156A3A12D6 for <rats@ietfa.amsl.com>; Tue, 11 Jan 2022 14:57:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mk4hJmAi0DFZ for <rats@ietfa.amsl.com>; Tue, 11 Jan 2022 14:57:08 -0800 (PST)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0109.outbound.protection.office365.us [23.103.209.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78A783A13F9 for <rats@ietf.org>; Tue, 11 Jan 2022 14:57:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=h52cYA+g/2YzDxVnIszSHplz1IglDSsHWJ0pviAeTbd8Assq84tagol3wr9JVd3QxJnHHRE5iun0LD4Om7txWjNahbKlumClQ+TWUd8KadPpLuwzs9wcKYENHX5TbOEXRoItAW8d9p+Es/XnKiVeTywnsSr7U0RMSK9SJ+O29gy4thZjnpQhmpFWMgJUTV+dbCoFMEpCGNNruxYWO0P1OwfYAQHux5o4gk4/26lqS1jqSkFVF03dWfprXdpUBxl9MUYQF2ZJXDOeVUWhhoXjk+F89g7pqfU1lTL0MA2Vkf24ivcfSBPNw0zAGJBxaRDO3f0ypMQ9mUoLdn6IjuOv2A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iS5BfFGs1OCSYVA74hdgJrjgIcqtzatcZXGoM5a4cuM=; b=DDvuo3anLN57CDxvuQlSpvpIvuisELvoazbY8hDOaH7/0NkPYy3490q2vw5ic+/IJVdt8doc2m2+dxDHgTP1z0HXkVItNpNIYKfFzct8X5UEUFPmPhNOk964VdxOclkR/Gv0dpVvF+tBLULdnDyNjtWtf5irc6u1MMP0e1BD4ZPZUFp574/FEljFxjH+tfMSb8H1Z3NRDaQoZ0FN4+x1PU+ACpliuxJS31EBHyWM1Nuoho5QvaS5+yhXKL0R5zYoZJfjNhp94sK8okqSiyNKoeiirIBmiYGqVUFKsUPBMHVdPZaJO2Zr3nqvmH9iOqYqq9/tBnl46bbPB7elz1EhZg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iS5BfFGs1OCSYVA74hdgJrjgIcqtzatcZXGoM5a4cuM=; b=ZfVQbqrvojjy73iQ7z/nzomIq/ALJ6wI8+PobzzTjpallafweA20Zuvv717ai2Qy0ALzaVUy46j3lrBPeoEC0+btUgU3pwRaFGTElWMxqYYjmwOh/K63amJsmVIzTzGNzg1tjEpVIe4SE+WDcdB2kydbXlZ1rWcZJO8rq+bL0NI=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1527.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.7; Tue, 11 Jan 2022 22:57:04 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::f0be:6d5:6544:cce0]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::f0be:6d5:6544:cce0%4]) with mapi id 15.20.4867.012; Tue, 11 Jan 2022 22:57:04 +0000
From: Roman Danyliw <rdd@cert.org>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Reminder on RATS scope
Thread-Index: AdfxEbHExsq1chsfTimebwv/Zqtb4gEmyeMABGPXbOA=
Date: Tue, 11 Jan 2022 22:57:04 +0000
Message-ID: <BN2P110MB11076EEC8A3DA9B96CF34F8BDC519@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <BN1P110MB0939C792A41D7012EA7C94C5DC759@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM> <e47777cb-30ea-5976-2506-1503f9a4b85b@sit.fraunhofer.de>
In-Reply-To: <e47777cb-30ea-5976-2506-1503f9a4b85b@sit.fraunhofer.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1dac5564-1c59-4341-7226-08d9d555af84
x-ms-traffictypediagnostic: BN2P110MB1527:
x-microsoft-antispam-prvs: <BN2P110MB152782A9F306E1DB27932AA1DC519@BN2P110MB1527.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: wRPlob5Y6WwMHuai+aH3MVhqQDq37zVy2HI/Suyl3Vu3O6dW6Jff5Cq9l1nZPJCoBI79etL7EFGWublLRWUFkuM9L0PmZq64RZSUe9GbUy8Zl5PP8yzVa8/0irWmZHErNRIc0xDmaDw+ivgli6OBbo+5QKakdtcJ1Kq1zI5dLnZ+BUDOHEuGjYnNSnwkLLtWtsjwLlDNf8eV/JWdVR9CEchn6RIpSD630TWnP08G7QDoRB8B3J6/B5PUiI4JnnDMR1egFvLbbZh+bkIr9GwKyXw00pW2X/NewcnPLQcudOPfq7P6H8OX2pK5SGf4DYeVxFzUJztWhVaitc73cY8IDKtlbwS+RoWfV2eRucJe72aQlE4qeWrwU+sMqpH2BF/N6LBDaaHU2HnvdjG/EP9OwZ6cYeIr6ynGROakA379senXhKtUYevzLUecDkyXbetUPZiLBjznmJIgeNh2Na3q0smNGwizNAOr/5Z5JeWKhdRBFoA9OqEbcrpc8VyMz2tU1HX4fO0f/t7Mu5PdqmhlXsSHFz/NKHnOfP2/spOv8VKWbIljnOpuYws9orZS1qfY3f0pfbWiyBPC54/7k+vGstTk2L/b1xg7MNHOiTsuHYYuOUhXQ9/1sVphQkvB9ZlsFsZdXxst6FZhsvIbzj6zjC25nDN3O8PYM1b1Sm4m47YmOwuRUSW/d7G65b8kPnNsbyEaD6u11TafOnKrwqtAig==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(52536014)(6506007)(53546011)(8676002)(55016003)(7696005)(2906002)(8936002)(186003)(38070700005)(82960400001)(86362001)(966005)(71200400001)(5660300002)(33656002)(498600001)(66476007)(66556008)(66446008)(66946007)(9686003)(38100700002)(110136005)(122000001)(76116006)(83380400001)(64756008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: IB7YjCXr7xUTDj7ntX2iHGISMWlGgx5jMkYTcOLmO0HDX3LJwJkzYJxQFH4e7B7jG3kyiOyKrgpELfqASeiELHI4g14mIuBFPQIRb25uBGKteEZsAlxoiRAOsd0zplvhqY5hItvp5C5qbnhaps91frm78OboHuKAJ85stortdsp5359s5t2axBtxlXBdwEPXjqchRdaa36fDwT4wLDb/Kw==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 1dac5564-1c59-4341-7226-08d9d555af84
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jan 2022 22:57:04.2707 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1527
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/90rYWpMxD0hxrFNNa7iTHz2CN7U>
Subject: Re: [Rats] Reminder on RATS scope
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jan 2022 22:57:14 -0000

Hi Henk and WG!

I don't want to micromanage the creation of proposed charter text, but I would suggest we leverage the clarity we got from the all of the hard work on the architecture document an enshrine it into the charter text.

A way to repeat the same charter scope we have now using the language of the architecture document and add the new proposed scope (cribbing from Henk's words) would be as follows:

===[ OLD

Goals
=====

This WG will standardize formats for describing assertions/claims about system
components and associated evidence; and procedures and protocols to convey
these assertions/claims to relying parties. Given the security and privacy
sensitive nature of these assertions/claims, the WG will specify approaches to
protect this exchanged data. While a relying party may use reference, known, or
expected values or thresholds to assess the assertions/claims, the procedures
for this activity are out of scope for this WG (without rechartering).

Program of Work
===============
3. Standardize an information model for assertions/claims which provide
information about system components characteristics scoped by the specified
use-cases.

5. Standardize interoperable protocols to securely convey assertions/claims.

===[ Proposed

Goals
=====

The WG has defined an architecture (draft-ietf-rats-architecture) for remote attestation.  It will standardize formats for describing evidence and attestation results; and the associated procedures and protocols to convey this evidence for appraisal to a verifier and these attestation results to a relying party.  Additionally, the WG will standardize formats for endorsements and reference values, but protocols and associated procedures for conveying them to the verifier are out of scope.  Formats and protocols for appraisal policy for evidence and appraisal policy for attestation results are also out of scope.

Program of Work
===============
3. Standardize an information model for evidence and attestations results scoped by the specified use-cases

5. Standardize interoperable protocols to securely convey evidence and attestation results

6. Standardize information and data models to securely declare and convey endorsements
   and reference values.

==[ end

In addition to the charter text itself, the charter would need milestones for this new program of work in #6 (of the form "<date> Submit <deliverable name> draft to IESG for publication").  During this discussion I would also recommend revisiting all of the existing milestones which are 6 months - almost 2 years old in some cases.

Regards,
Roman


> -----Original Message-----
> From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
> Sent: Monday, December 20, 2021 9:21 AM
> To: Roman Danyliw <rdd@cert.org>; rats@ietf.org
> Subject: Re: [Rats] Reminder on RATS scope
> 
> Hi Roman,
> 
> we tried to create proposal for a minimalist change to the charter with the
> intent to allow for endorsement and reference values to be in scope.
> 
> > https://github.com/ietf-rats/charter/compare/798fd27...2nd-RC1
> 
> Viele Grüße,
> 
> Henk
> 
> 
> On 14.12.21 18:40, Roman Danyliw wrote:
> > Hi!
> >
> > Congratulations to the WG on the recent push of documents heading to the
> IESG or in WGLC.  I am enthusiastic to see this progress.
> >
> > As the WG considers the future work that needs to be done, I wanted to
> reiterate the charter scope [1] in terms of the common language we have
> established through the architecture document [2].  I appreciate that there
> might be ambiguity as the charter language wasn't written with the benefit of
> this common terminology or the insights the WG has gotten since starting in
> 2019.
> >
> > In scope activities are:
> > ** Architecture (to include extensions, but not alternatives) and use
> > cases (plural) documentation (informational documents) for RATS
> > regardless of which components are involved
> > ** Protocols, formats and procedures for the communication between (a)
> > the attester and verifier, and (b) the verifier and the relying party
> >
> > Out of scope activities are:
> > ** Protocols involving the endorser, reference value provider,
> > verification owner, relying party owner as their primary focus
> > ** Formats for endorsements, reference values, appraisal policy for
> > evidence, or appraisal policy for attestation results
> >
> > It has not escaped my attention that a number of the individual (unadopted)
> drafts [3], some under WG discussion, are out of scope per the charter.  I leave
> it to the WG to consider if they have both the energy and interest to consider
> broader scope.  I would strongly recommend that the next time the WG
> updates the charter with new scope, the terminology be harmonized.
> >
> > Regards,
> > Roman
> >
> > [1] https://datatracker.ietf.org/wg/rats/about/
> > [2] Figure 1.
> > https://datatracker.ietf.org/doc/draft-ietf-rats-architecture/
> > [3] https://datatracker.ietf.org/wg/rats/documents/
> >
> > _______________________________________________
> > RATS mailing list
> > RATS@ietf.org
> > https://www.ietf.org/mailman/listinfo/rats
> >

v2.23.0 | Report a Bug | By Email