Re: [Rats] Use case -> architecture document

Ira McDonald <blueroofmusic@gmail.com> Wed, 09 October 2019 16:15 UTC

Return-Path: <blueroofmusic@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92B6E12085E for <rats@ietfa.amsl.com>; Wed, 9 Oct 2019 09:15:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gSPFkmFwiOJd for <rats@ietfa.amsl.com>; Wed, 9 Oct 2019 09:15:29 -0700 (PDT)
Received: from mail-vs1-xe30.google.com (mail-vs1-xe30.google.com [IPv6:2607:f8b0:4864:20::e30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37FFD12087A for <rats@ietf.org>; Wed, 9 Oct 2019 09:15:29 -0700 (PDT)
Received: by mail-vs1-xe30.google.com with SMTP id b123so1897490vsb.5 for <rats@ietf.org>; Wed, 09 Oct 2019 09:15:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/tX4RW526WSbiq7g7Zc8L+lRwI7L1gOdjHUBuQ1YaA4=; b=kbv8xgKRqMDn/Jv5WGEe/ZApDPqea2EVbZHi2Sgzcazm7N3LnY++85j2Mnv2YDO9nZ +Si4ked3hlvF5POxec6REgsQYblRv1TCIDLWmknwbHT+GhGFwZXhxxtIiwcEOhOufVJX UOd5KpdEo6AicKgDSMW534nT89Vo3ef65qNNN3h9g9r07wOFNBXakpNPx08sE0acrh7D kC4kPtM2SrEIEH+m4XHGDq/zAp/DY0NEeLl4T6+3mdS3BD/FMpGtj6U+LoBIMOAooqdS xfUvVzWVgMebFydQULTdBlfXtU9H11qASEwWl5klJtNw4U38ejTLhGb7PXKkRpx07s9l YhPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/tX4RW526WSbiq7g7Zc8L+lRwI7L1gOdjHUBuQ1YaA4=; b=akfF02wL+yhpx2+6kwrjk1GTW4NuoxgF5CAOQLe4MHoMhh/jRnqGP+eMla4qaZHHB+ 2uqzJ2sGxuvcjM9twXErqBkagR3ESIZwqQYldryG16LA/spk+48Y2ok9NKGbFA2IKg47 vHlqx+xJzMeHzlLl84KBC1fZC5tgwHTfkw+YuxJuSURi/+w23uKXczKYRvtUFWj/xWKt wRlMWo9cx3kZNpzhXfVnz7PgGkLPTcTT40rubJTCTulYPFoPJ9Kr9OLzpgjN+sskOBbu ejamoA7x5dgR7oglfre+nbqbfaOgLZizsGvLs+7vpSfEx45qCGEhcNTywzaSqOUSpg0w ++cw==
X-Gm-Message-State: APjAAAVIwR0waquoiJziXYez/qqwYoPEXKzES1GLLuQ7wQ54Fsif/aiG Y8VbwTKycmLs8qCeZGllP7x5rokMs84RShyybf4=
X-Google-Smtp-Source: APXvYqyekjMnh2t5UbQbp1pL/UVDvVTB1wcP36mx6GtbnsESL99DvsWMxbqMgr5nYA+FfGvvnzeNW1IAI3AaZT4Qncw=
X-Received: by 2002:a67:f84d:: with SMTP id b13mr2309731vsp.136.1570637728271; Wed, 09 Oct 2019 09:15:28 -0700 (PDT)
MIME-Version: 1.0
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <CAHbuEH7WkqeyUW3sL5bdw5N25B6O7ZEF0Qkx03fE5c42Sd4M5w@mail.gmail.com> <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de> <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de>
In-Reply-To: <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de>
From: Ira McDonald <blueroofmusic@gmail.com>
Date: Wed, 9 Oct 2019 12:15:14 -0400
Message-ID: <CAN40gSvYsyPgXkLxU1Bkdsm0tNc3bhhKNu1Zj5sBBp9Po0wvhw@mail.gmail.com>
To: =?UTF-8?B?U2Now7Zud8OkbGRlciwgSsO8cmdlbg==?= <J.Schoenwaelder@jacobs-university.de>, Ira McDonald <blueroofmusic@gmail.com>
Cc: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "rats@ietf.org" <rats@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com>
Content-Type: multipart/alternative; boundary="000000000000dd53d205947c9747"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/IDMNPAGQhctL_rSf4YN0VTon1fA>
Subject: Re: [Rats] Use case -> architecture document
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 16:15:33 -0000

Hi,

I am opposed to abandoning the current RATS architecture document.

Conflating architecture w/ use cases in one document doesn't make
sense to me.  Use cases collections (by their nature) should be able
to have loose ends and edge cases.  Architecture should instead have
coherence and some rigor about terminology and structure.

I'll be happy to see Dave Thaler's contributions on presentation and
organization.

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Co-Chair - TCG Metadata Access Protocol SG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic@gmail.com
PO Box 221  Grand Marais, MI 49839  906-494-2434



On Wed, Oct 9, 2019 at 10:50 AM Schönwälder, Jürgen <
J.Schoenwaelder@jacobs-university.de> wrote:

> Hi,
>
> I did also look at the use cases document (I think -04) after going
> through the architecture document and I must admit that I did not find
> it too helpful to understand things better. I did not see anything
> architectural in there either. I guess I will read the teep
> architecture next and perhaps that helps me to get a better clue.
>
> For people like me who are not deep into this technology yet, getting
> used to the rather specific terminology and concepts is a certainly a
> learning effort and I think the architecture document was on its way
> to get terms well defined and sorted out. Some more examples or
> explanations may help the reader further and I believe this can be
> achieved.
>
> /js
>
> On Wed, Oct 09, 2019 at 01:55:57PM +0200, Henk Birkholz wrote:
> > Hi Kathleen,
> > hi list,
> >
> > it would help everybody, if you could explicitly highlight what the exact
> > issues wrt readability in the current architecture I-D are - always in
> > comparison with the use-case I-D, if it is doing a better job in that
> part?
> >
> > Jürgen provided a good example of what he found confusing as a first time
> > reader - and that was really helpful and is resulting in ongoing work.
> >
> > Please mind, not everything is fleshed out in the architecture (e.g. the
> > workflows derived from the use-cases). The plan was to aim for a stable
> > nucleus, address the issues raised by the list, go through adoption, and
> > finish the document via the issue tracker in a structured process.
> >
> > In summary, without an actual understanding why you (or others!) think
> the
> > document is still hard to read, there is no way of compare readability
> later
> > on also. It would be really good to get more precise feedback on that.
> >
> > Viele Grüße,
> >
> > Henk
> >
> >
> >
> >
> > On 09.10.19 13:31, Kathleen Moriarty wrote:
> > > Hi Frank,
> > >
> > > Thank you for voicing your concern.  I think some may hold off until
> the
> > > updates are provided, but please do voice your opinions.  I agree that
> > > this work is too important and as such, readability is a high priority.
> > > If you read through the TEEP and SUIT architecture drafts, they are
> > > quite easy to follow and understand.  That is critical for wide spread
> > > adoption.  We may be able to find a balance, but I think this exercise
> > > may speed progress as we have not decided to adopt this draft yet as a
> > > working group item.
> > >
> > > As it stands, the use case document is not an architecture document,
> but
> > > it could be shaped as such and I'd really like to see if we can do that
> > > in short order to have a comparison prior to an adoption call.
> > >
> > > Best regards,
> > > Kathleen
> > >
> > > On Wed, Oct 9, 2019 at 6:53 AM Xialiang (Frank, Network Standard &
> > > Patent Dept) <frank.xialiang@huawei.com
> > > <mailto:frank.xialiang@huawei.com>> wrote:
> > >
> > >     Hi Kathleen,____
> > >
> > >     __ __
> > >
> > >     I am very concerned with this new direction and I strongly
> object.____
> > >
> > >     __ __
> > >
> > >     Current architecture draft goes through a lot discussions and
> > >     reaches many consensus. Right now, it really helps IETF (Teep for
> > >     example), FIDO, TCG and many others. The only issues are on
> > >     readability, the standards track and the completeness (e.g.,
> > >     passport and background check are still missing). It is an very
> good
> > >     document and correct terminology is very important for remote
> > >     attestation.____
> > >
> > >     __ __
> > >
> > >     About use cases document, Its goal is just to clarify a sample list
> > >     of scenarios that remote attestation can apply to and then deduce
> > >     the requirements and the following concrete protocol drafts. It is
> > >     not fit to be an architecture.____
> > >
> > >     __ __
> > >
> > >     The current architecture is too important for telecom and network
> > >     equipment vendors and service providers. I have strong doubts that
> > >     current EAT and OTrPv2 alone is suitable for the (virtualized)
> > >     network infrastructure situation.____
> > >
> > >     __ __
> > >
> > >     B.R.____
> > >
> > >     Frank____
> > >
> > >     ____
> > >
> > >     __ __
> > >
> > >     This e-mail and its attachments contain confidential information
> > >     from HUAWEI, which is intended only for the person or entity whose
> > >     address is listed above. Any use of the information contained
> herein
> > >     in any way (including, but not limited to, total or partial
> > >     disclosure, reproduction, or dissemination) by persons other than
> > >     the intended recipient(s) is prohibited. If you receive this e-mail
> > >     in error, please notify the sender by phone or email immediately
> and
> > >     delete it!____
> > >
> > >     __ __
> > >
> > >     *发件人:*RATS [mailto:rats-bounces@ietf.org
> > >     <mailto:rats-bounces@ietf.org>] *代表 *Kathleen Moriarty
> > >     *发送时间:*2019年10月8日19:25
> > >     *收件人:*rats@ietf.org <mailto:rats@ietf.org>
> > >     *主题:*[Rats] Use case -> architecture document____
> > >
> > >     __ __
> > >
> > >     Hello!
> > >
> > >     I read through the latest version of the ‘use case’ document
> > >     yesterday and found it very easy to read and understand, meaning I
> > >     think it is written well and could be easily understood by many
> > >     without having to climb up a learning curve. ____
> > >
> > >     __ __
> > >
> > >     First, this could be a very useful document to register claims for
> > >     the use cases.
> > >
> > >     Second, if the workflow for the passport and background check were
> > >     added and put in terms of the open trust protocol v2 from TEEP, we
> > >     have a fairly nice architecture document that’s easy to read and
> may
> > >     gain adoption.  The workflows cover the various interactions
> between
> > >     roles and TEEP has actively broken up OTrP in v2 to
> > >     accommodate using EAT tokens, this would help create that link and
> > >     make it very clear.
> > >
> > >     The other thing I like about the use case document and think we
> > >     should expand on is the references to other work items.  This makes
> > >     it an architecture document that maps out the full plan of the WG.
> > > One like that was extremely well received by all the ADs that don’t
> > >     like informational/helpful documents.
> > >
> > >     I’m a bit nervous with the terminology being defined and would love
> > >     to see something like this that’s simplified and more easily
> > >     adoptable. ____
> > >
> > >     __ __
> > >
> > >     I appreciate the work done to improve the architecture document,
> but
> > >     I do think the structure changes to the use case document as
> > >     suggested could result in an easier to understand (and therefore
> > >     easier to adopt) document.____
> > >
> > >     __ __
> > >
> > >     While the architecture document is more readable, I think we can do
> > >     better.  Adoption is important and our timeliness matters a lot for
> > >     this work.  EATs can be used for may use cases with OTrPv2, so
> let's
> > >     keep it as simple as we can.
> > >
> > >     Thoughts are appreciated.
> > >
> > >     Best regards,
> > >     Kathleen-- ____
> > >
> > >     __ __
> > >
> > >     Best regards,____
> > >
> > >     Kathleen____
> > >
> > >
> > >
> > > --
> > >
> > > Best regards,
> > > Kathleen
> > >
> > > _______________________________________________
> > > RATS mailing list
> > > RATS@ietf.org
> > > https://www.ietf.org/mailman/listinfo/rats
> > >
> >
> > _______________________________________________
> > RATS mailing list
> > RATS@ietf.org
> > https://www.ietf.org/mailman/listinfo/rats
>
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats
>