IETF Logo Mail Archive

Re: [Rats] Attestation Results for Connectivity (was RE: RATS Digest, Vol 35, Issue 24)

"Eric Voit (evoit)" <evoit@cisco.com> Tue, 27 April 2021 12:13 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 690CA3A144D for <rats@ietfa.amsl.com>; Tue, 27 Apr 2021 05:13:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.918
X-Spam-Level:
X-Spam-Status: No, score=-11.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=bOyA3LaG; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=BJyo3FUY
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bNZAHvutw_m9 for <rats@ietfa.amsl.com>; Tue, 27 Apr 2021 05:13:14 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D14F83A1449 for <rats@ietf.org>; Tue, 27 Apr 2021 05:13:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=19666; q=dns/txt; s=iport; t=1619525593; x=1620735193; h=from:to:cc:subject:date:message-id:mime-version; bh=r9JEd7g1qzEVmcJ3iLorqm3rFOhEhWyFtKIJ3tzmRu8=; b=bOyA3LaGDeAoxbiVTHmXaKIP54G7c7YaKv7WVUMnYm2qsEYKWLyJGfk4 4MfVprS+tVWJYOi/ZQsp4YQCXqPDdH3cSxbHFa5obsj8DS0k8QEIQhJ3T RDsgcht16UeYyZ5ScXE0tzSljhkZoAXD4rsxCw2ovQYdaXBaC6HLgrkrq M=;
X-Files: smime.p7s : 3975
IronPort-PHdr: A9a23:rX4gHxIc+HMoyUhaN9mcua8yDhhPgJ39IxIV55w7irlHbqWk+dH4MVfC4el25HfPWoba4rdOhu7S9qTpU3dG6pGE4zgOc51JAhkCj8he3wktG9WMBkCzKvn2Jzc7E8JPWB4AnTm7PEFZFdy4awjUpXu/vjgVGRT2cAB4IuCwHofYlIK80OXhs5HWah9D0Ty6Z746JR6qrALX488Rh4YHSO4xxxLFr2EOdf5RwDZjJEmYmFD34cLjlKM=
IronPort-HdrOrdr: A9a23:pMqnZKl4MeaGChhSD/Fd648u/FDpDfOdj2dD5ilNYBxZY6WkvuiUtrAyyQL0hDENWHsphNCHP+26TWnB8INuiLNxAZ6LZyOjnGezNolt4c/ZwzPmEzDj7eI178ldWoBEIpnLAVB+5PyU3CCRGdwt2cTC1aiui/vXwXsFd3AWV4hLxW5Ce2GmO2dxQxRLAod8MZKa6NZOqTbIQwVqUu2QAH4ZU+/f4+DajZ6OW29LOzcLyimryQmp5rnzDgSC0n4lMw9n7L8+/QH+4nfEz4q5tfXT8G6460b2z7B73OTs0cFCAsvksLlbFhzJhhyzbIpsH52u1QpF2t2H01ohnNnSrxpIBa0agBm9EhDX0HnQ8jP92zUj4WKK8y7/vVLfoNf0TD9/K81NiZMxSGqg12Mcvcpx2K8O4mSBt5A/N2K4oA3B4bHzJnVXv3vxhUBnvf8YjnRZX4dbQqRWt5Yj8ERcF4pFND7m6ag8edMeQv301bJzSxe3fnrZtm5gzJiHRXIoBCqLRUAEp4i8zyVWpnZk1EEVrfZv30soxdYYcd1p9u7EOqNnmPVlVckNd59wA+8HXI+RBnHSRwnPdEafO07uGq1CG3+lke+23JwFoMWRPLAYxpo7n5rMFHlCs3QpRk7oAcqSmJJR9BTAR3i8QCTtxslS64MRgMy/eJPbdQm4DHw+mcqppPsSRufBXeyoBZ5QC/j/aWvicLw5mjHWat13Ez0zQccVstE0VxalucTQMLDnseTdbbLWLLrpGjA0R3PnDhI4LXzODfQFynrudm7zgRDXVX+oUFf454hMHK/T+PVWzpMMOI1Kug0ckk+4+cmPND1HvsUNDQhDCYKitpn+iXi9/G7O4WksEAFaFFxp7LLpVG4PuRUHKFrucbEIu8yWfGdb2HfvHG45c+rmVCpk43hn86O+KJKdgR04A9W8K2SAkj84v3SRVaoRnaWF+Obocp41FYwdRaR0DAnHfiYF3zpCmSNmUkskTlWaPi7yga+l5aZke933Rp1ZukOXBuJ67VjYrl6RoMkzQGBzZU/RbeenxSA0RzRVgVVt9bQ4m7Too0f3FUIPxMIlLVZLdGObRJVBAQjtXvQOppnbPCdtUGyNmTuWzysWR1Ov3UATimv9RBfkIc3jCkZBu3xez6bh+E51cGLYZE5rdnVmq+RGZBX7k2c23umRaqWp1WyNLlME3+EGKTnAJSAfOwV02rmMpVWosSfHEXUt3ZM1OOPBSLwlbrHIw3uoQbf43J0uDrtR/Jx/MsrpvfJOWeWDexWNJDe9D+8ywQSaqjIkPyZzwUNU2c/AyVng7GKi2mQ4DueXKFN6R6sDK9XZ9nP6XZ+zoeFEpMNwufH1PnT6a9aAx62SZzlfKgnLqWrzS+0zs5hbsa87qbMbJeiQbRLYkHVcmBkuJsb9k00TBL52573MIYdjdc0fcSAxxCteqP2faE8w9gDmCO43el8gy2LBN9SS+rzStP4hBFaCqAaYAyjTzwRNu/PeGy2N2r4RB/hufSBYaE0g5G9j++3HfYvKEwmuf/xC+l3/MnLVSs4udIGVXbEL6hB96JWUmuXScSzy0gXZpyF6LaJD6HzPe7LEPCucXepTt8WnMlGNiLaw6MG9jD3rWSK2An5o9rFtZAgVdIBfkTEsg408zziqRqH2qkwjlUFC4TsPrC+Z5qG2pGHBHU9HNgXFgpJZGTlLW0L4/fj4zQ==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CKCgCH/odg/5pdJa1aHQEBAQEJARIBBQUBQIFSgSMwKSgHdywuNjELiAADhTmIcAOHfoxPhHaBQoERA1QEBwEBAQoDAQEdAQoKAgQBAYRQAoF6AiU4EwIDAQEMAQEFAQEBAgEGBHEThVANhkQBAQEEAQErEwEBDCALAREBCBEEAQENGwklCgEUCQkBBA4FCAYPBIJRgX5XAx8QAQ6eBwKKH3iBNIEBggQBAQaFHhiCDAcDBoE6gVOBJoN8DYJfhB0cgUlCgRNDgl8+gmABAYErARIBIysJgxeCK4FPGioxBgg4KB0KARsQIDsGOAaBEiuRMYxRiyuRagqDD4Eig2WCd5UzEINRiwWWO5AKgyWgf4RNAgQCBAUCDgEBBoFrIys+cHAVO4JpUBcCDo4fDBYVbQEIgkOFFIVJczgCBgoBAQMJfIsDATJdAQE
X-IronPort-AV: E=Sophos;i="5.82,254,1613433600"; d="p7s'?scan'208,217";a="796478334"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Apr 2021 12:13:12 +0000
Received: from mail.cisco.com (xbe-rcd-004.cisco.com [173.37.102.19]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id 13RCDCPn032381 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Tue, 27 Apr 2021 12:13:12 GMT
Received: from xfe-aln-003.cisco.com (173.37.135.123) by xbe-rcd-004.cisco.com (173.37.102.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Tue, 27 Apr 2021 07:13:12 -0500
Received: from xfe-rcd-003.cisco.com (173.37.227.251) by xfe-aln-003.cisco.com (173.37.135.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Tue, 27 Apr 2021 07:13:11 -0500
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-003.cisco.com (173.37.227.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3 via Frontend Transport; Tue, 27 Apr 2021 07:13:11 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WUHsZsuINmmAmuFWVgYM/ywKibkVo1s9yKfeNSZ211xvM9D3WsIqzBC+peaTngZOssZb+bJbkl9ajBX/vYPgndOEM8Cbg7KFVEeg7rayxEXYMLOwOcM24nWaf4qz8pjVQdKs8pkFBQI0Dwlg8nI5UJxusTg+jh5gsbddB295vtpSwxLYqUuEO2zq63IOvMkbyNDbg+d9tKSlade73+KgoetZbEGy26FTNIYQQXOr4eF0vyZFNNGPwfe0U/OOgjr+OZOAmXfQesjMHC/exj6iOhvnrSP2Mz9GG/jggDAxbhJ4HmORPpDyAXqQhbpi4HhDqneiifPBZjfWZMARSWdQ6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZneggWHjcbl0NPAeQW3ag0tjs44DfDH2DW8iIgGcF08=; b=Wf5IvAUz58HhHWczONj6be5uMuWsm+ZxzbOucZc1JUXXIfw6Ey6crpwYnwwF6JfBwXmtZPdtBs4ZwDLizGHh88QDiOCgT3XpMAdOi4xqEfK6tmKwljXqMAFRwrKRbKvxCCpvhSVZ1ZNvnRytp/3VsH1u3ELCO39UfT8J3pU3gfhtKBspE3+QVeFQJxmG9jX5nukM0T1GtlUwo4PNsGrwuNneTdSjz9/oSj9H/9YiNpRVgKTpQ9yeoNa1ZCEW2u/DRlFsk6Kft/OPPcTYWUlBzAv7RKV3j2PT2erV7BeEkZ5kGyTe8Hc7LCXCAi/U/fw1HVYvPF2y0ec/UQRC1KpofA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZneggWHjcbl0NPAeQW3ag0tjs44DfDH2DW8iIgGcF08=; b=BJyo3FUYW1nF+DDOXHWNDIs4R8Aa74xPwNeVYrSbyqkmMqICiaWNlQJioDlljd1hPloyUlamcrRQDvGAVKBHrsGx2kw3F2pIwQrEhLKSyc2hbfHZrESy/BTqc+5eBl4nc98In8gq76e+bFzkSwpoxeCJIxu0god40Hp7vEhVQLg=
Received: from BL0PR11MB3122.namprd11.prod.outlook.com (2603:10b6:208:75::32) by MN2PR11MB4584.namprd11.prod.outlook.com (2603:10b6:208:264::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.23; Tue, 27 Apr 2021 12:13:10 +0000
Received: from BL0PR11MB3122.namprd11.prod.outlook.com ([fe80::f571:5dd6:fe20:3ab0]) by BL0PR11MB3122.namprd11.prod.outlook.com ([fe80::f571:5dd6:fe20:3ab0%4]) with mapi id 15.20.4065.027; Tue, 27 Apr 2021 12:13:10 +0000
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: "Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Attestation Results for Connectivity (was RE: RATS Digest, Vol 35, Issue 24)
Thread-Index: Adc7XVbwrJ4R/EzWS6i4Q4GV/6jT6g==
Date: Tue, 27 Apr 2021 12:13:10 +0000
Message-ID: <BL0PR11MB3122968A083C121DF9658CEAA1419@BL0PR11MB3122.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: nokia-bell-labs.com; dkim=none (message not signed) header.d=none;nokia-bell-labs.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [108.18.141.61]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 93db5574-2128-44b9-a5b6-08d90975d2f0
x-ms-traffictypediagnostic: MN2PR11MB4584:
x-microsoft-antispam-prvs: <MN2PR11MB4584CBAACE1117C82EE71A13A1419@MN2PR11MB4584.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6roHN+XVRI2zUvOxxea7M5aFIYuQAwxP9I6f1xO/hiU9O/WYhodlz1LloECr5OXOJk3IWVs/IbC1VFSffkQYYHXXRALP4L9wmoLX+qv8zSXghq4jOLX/oTgBX0DF7C6DPxdLmBVRUO3voGDMkUW4nms490IgvOc55YTkh2oD7U00k06YQAsLmKiyfBENFw4WOuIWrgmfM/E0qCzprbio2nTxOC5m6QuXJnfc/gpn9N0y6sjkadd0qnuH5RyVWIn9HfUvXO5EEpuK2lL+OGEJxnlgjBrh8aLV/4+ZSgGd0/6mUpDbVjhaDVelbJzXra8JxEixHIJ/GJ2hLZI5iUfynzHFpIu6mqNcxYL3S+O+UXl9U8ynVF3B9uymTYuw7zZIeexTw4ERzX8VSfgP0/JKBLue73oGf4Uewd+plcR2qqJXIcX13hy7NaVNeDOAIBDJj0GE7IlbiFax8lbicqWuxirVDtWlQLlqA4ybeSkxII4VbxWfWYoDLSI5zGhPvGAdEGX9Qo0ofW233pAemjBNUw4JfjzpSFXDl1IJSJ6mzsuMNFKt45+hEme93UNrMDwPQElmYZlrgqe/IQPBySnb3awT8dnEV5PJ+FrmQAzkjUidgnLFrldngnLIYwCM85jkdGIjxEjH5L0iVR7tS55R+0Xp/6ieP1FsdJL40dtFg/pbYzpxvvPSI4LEztlO8P4L
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR11MB3122.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(366004)(136003)(39860400002)(346002)(376002)(6506007)(53546011)(122000001)(7696005)(6916009)(2906002)(8676002)(38100700002)(76116006)(66446008)(4326008)(186003)(316002)(26005)(86362001)(9326002)(66616009)(99936003)(966005)(55016002)(66574015)(9686003)(5660300002)(83380400001)(166002)(8936002)(66476007)(66946007)(64756008)(71200400001)(52536014)(66556008)(478600001)(33656002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: BFaWUaV3vMvMeG3KTo53uEb3SXgRFJRR+AEID+EC4lVbDN7UEBz4/AsDThb22B5N5YQJ6FDK5eI35r0EGc6As+QpOTXgzkb2FlSAlApUiEvohoT0zqBn4UAfsbG31AkSgc6nA7o9yRimH8YPvXeumYG6FpgfxMHZaZ+xDYlf8oe05MbLvb36la7/sUza2J3olQPTt7cL8F4XVmNA7qckAFfIS16KW9Xj7URJEEHwhxvGdD4fbeykUklNWAx1Gf6vUBqCfUqvv9uI3LN66u7egsbIB/wUrMgMVR8BfkZVYwBhdApa7CiKkASGm7EEutlNH7nRuF0vkgCsZACvKNU7QgR9tmRFtU4wZwMguGWk3cfvB68cxYLJMjkK+FMWUhZ4pgcvEyRlVaL0rW9KbW74ECQNhhj+uH2uaw6iwDsSq0e606R0Sqz6bOSg7NWSV3X8HOE908CGwe12jeqA9EZ2uSU+4pfFMrs3w88dEKh7UbDpqdsjSH2fKOmBxAN3dPmhVxsTsBpf+3+Cmp3k5rvGe7REBnbVqfQZYCmrxumskpM0W41d2a+xD7AibAOzeXNYJg6Sb2SKtF4xhtFwgFldONWIGLelDtaL328AyH62EDstV727cWZ8LSfOfhMztt9IEvISm88MZvBOfvuCjLO+bHFsnO2gvoQ343zO0tf/WFZSOvXyuTLkSsHmHKHRZsU05kj9IMXgHfwSY0Vo4zjHxZXlbKi3LKg6dGYLz0pmXhw3ZDLB5ABFsSIP24bq7v2gY8rjBmID5IQ4nq5A8VexW9+NlwGHQ2j2WznlIQIbPuChI8o5F07SXmxkKdau0et0jJEPko41ThHR9xqk6MTuTeB1lP1ERbVRBAetZyLLp1VhDd27KeOu9b9CrNvlNc4wec6O5d60BRCiSb2AY1pw65YgpG1j/Yb0T7UMaTDQ2+cDOAuQhpdMFvQ3KNL9shSqZL9KZ9SMyJoYBkd3jnLJrUJJMRJjMvS3Rdv/Tw6rfyglva39DRH810egRyKYgLpzzqEPUPIKoSuQm4ZyMkRM81sVtHPgryW+qztrxi0czdmeTPi+HuBQcRjzxB+jWE4F6IUy2fXyc3itNYx7n9xBe6o3O+jLn0xoWeNEsWuzBgq2g1+r7iHnxNuN6Xvl7wk/1ZPPlHcopEFzpy3gVUvZIlSRDxZmn3GKvgeDgDoN7XFGwJ2u8rU/BTbMbmQq8d7hIUB+ltycLC4fpEHXNi7WTS/hPvuEBNe7jXJCN4ajXuTa5Clvz+ZT/MqNE96m3O3eq+wXaGSMgvcD6wW/B5NIxRv3Bq+DspmrzjCOJTnJed8nwDlQnAxgQkqn6IKO86vB
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0018_01D73B3B.CFFD4430"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL0PR11MB3122.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 93db5574-2128-44b9-a5b6-08d90975d2f0
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Apr 2021 12:13:10.3346 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ViN2C2dorrPC/jOssXkPbKPvTuzi7+JfSe1M9XQA9g/+5iiHwoe4phH4oDvh7ML+
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4584
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.19, xbe-rcd-004.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/FEUygWSc9qV-8qtHYxunGGrIsj4>
Subject: Re: [Rats] Attestation Results for Connectivity (was RE: RATS Digest, Vol 35, Issue 24)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Apr 2021 12:13:20 -0000

Hi Ian,

 

From: RATS <rats-bounces@ietf.org> On Behalf Of Oliver, Ian (Nokia -
FI/Espoo)
Sent: Tuesday, April 27, 2021 2:21 AM
To: rats@ietf.org
Subject: Re: [Rats] RATS Digest, Vol 35, Issue 24

 

Hi,

 

very quick comments from me and also aid my (mis)understanding

 

[DT7]: I'd argue that each Attesting Environment (e.g., each OS or firmware
vendor) might similarly support a different set of claims so this is not
unique to hardware chips.
[EV7]: We can change 'hardware chip' to 'Attesting Environment'.

 

Agree with this as hardware chip implies, eg: TPM, whereas "attesting
environment" allows for a much broader implementation, eg: container etc.

 

Works for me.

 

 

[DT9]: Does this mean that the Verifier can authenticate both the hardware
and the firmware? 
[EV9]: In draft-voit-rats-trustworthy-path-routing, we broke out hardware
and firmware.  However I was unable to find a real case where a customer
might be good with the hardware being ok, but they were not ok with the
firmware being not ok.   So from the perspective of the Relying Party +
Verifier B, if Verifier A finds any issue here, then flag it.   In general,
it is useful to collapse failure states where the Relying Party + Verifier
will take the same action no matter what.

 

>From most practical perspectives F/W==H/W as the latter comes with implicit
trust

 

Agree.  This is why (from the perspective of the Relying Party) it is safe
to collapse them when we are simply making an affirming or detracting claim.


 

 

 

[DT12]: executables != files. Some executables can be dynamically downloaded
and installed without ever being stored as files. (Javascript code running
in a browser is one example, but there are many more, including ones running
natively, not in an interpreter) 
[EV12] Good catch.  Will change 'file' to 'executable'.

 

Is there a reason for restricting this just to executable items?

 

Not really.  How about "code, script, and/or files"?

 

 

Thanks for your thoughts,
Eric 

 

 

t.

 

Ian

 

 

  _____  

From: RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org> > on behalf
of rats-request@ietf.org <mailto:rats-request@ietf.org>
<rats-request@ietf.org <mailto:rats-request@ietf.org> >
Sent: 27 April 2021 02:48
To: rats@ietf.org <mailto:rats@ietf.org>  <rats@ietf.org
<mailto:rats@ietf.org> >
Subject: RATS Digest, Vol 35, Issue 24 

 

Send RATS mailing list submissions to
        rats@ietf.org <mailto:rats@ietf.org> 

To subscribe or unsubscribe via the World Wide Web, visit
        https://www.ietf.org/mailman/listinfo/rats
or, via email, send a message with subject or body 'help' to
        rats-request@ietf.org <mailto:rats-request@ietf.org> 

You can reach the person managing the list at
        rats-owner@ietf.org <mailto:rats-owner@ietf.org> 

When replying, please edit your Subject line so it is more specific
than "Re: Contents of RATS digest..."

v2.23.0 | Report a Bug | By Email