[Rats] REIM v06 review
sfigueiredo@ipn.pt Fri, 10 February 2023 17:06 UTC
Return-Path: <sfigueiredo@ipn.pt>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D3E0C1575D2; Fri, 10 Feb 2023 09:06:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipn.pt
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kJXPEzuj0dwb; Fri, 10 Feb 2023 09:05:57 -0800 (PST)
Received: from mx2.ipn.pt (mx2.ipn.pt [93.108.226.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2002C15155F; Fri, 10 Feb 2023 09:05:51 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx2.ipn.pt (Postfix) with ESMTP id C2A1610141D; Fri, 10 Feb 2023 17:05:47 +0000 (WET)
Received: from mx2.ipn.pt ([127.0.0.1]) by localhost (zimbra-mta-02.ipn.pt [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id CmvmCLLzBpra; Fri, 10 Feb 2023 17:05:43 +0000 (WET)
Received: from localhost (localhost [127.0.0.1]) by mx2.ipn.pt (Postfix) with ESMTP id 27F19101749; Fri, 10 Feb 2023 17:05:43 +0000 (WET)
DKIM-Filter: OpenDKIM Filter v2.10.3 mx2.ipn.pt 27F19101749
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipn.pt; s=287F3554-2CE6-11EC-A4D5-651030978A60; t=1676048743; bh=GgAUERTqjHCmE3WQTR7hjYdrTtshAq2OwqutAmjBLnM=; h=From:To:Date:Message-ID:MIME-Version; b=cD3ndiDTirgK/c7AthKh3+HXjpaFdmxCCnkpd/44CVTNot+nAlLvtjM8S669tk8nJ EMGXFJAsyRiQeEZrhuqiWYGOGG3tZix6PBVP67c5DTIoCoP1ZbSIbu+ka2wNZhv99l GEnKItzPgHOBgr4xAYtYGxjxB/1PUGhgN60ydf8A3NWk1jAW+L9QOpmGvV0cYFk3BA dNbVYckvRxPxg00FHA2z5Hk+BO/01QAscNqhgWxySMbGAEz8wmIn/YhfywlGfkpAj3 i163TucoxC+jgp2AjpcETphlbTf/EOawvXQU23OVHoeaXYBAbfLJAJubHvlF7HDJC2 LjHfaA8y1ta7g==
X-Virus-Scanned: amavisd-new at
Received: from mx2.ipn.pt ([127.0.0.1]) by localhost (zimbra-mta-02.ipn.pt [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id gr440vvPxl1U; Fri, 10 Feb 2023 17:05:43 +0000 (WET)
Received: from LISP166 (unknown [148.63.168.21]) by mx2.ipn.pt (Postfix) with ESMTPSA id E730F10141D; Fri, 10 Feb 2023 17:05:42 +0000 (WET)
From: sfigueiredo@ipn.pt
To: draft-ietf-rats-reference-interaction-models@ietf.org, rats@ietf.org
Date: Fri, 10 Feb 2023 17:05:42 -0000
Message-ID: <061901d93d71$e8c71420$ba553c60$@ipn.pt>
MIME-Version: 1.0
Content-Type: multipart/related; boundary="----=_NextPart_000_061A_01D93D71.E8C71420"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Adk9cega8C0eaehyREugJ/UfA/N2zQ==
Content-Language: pt
x-bromium-msgid: 48ce5db5-4ac7-459c-88f1-29d6b03877dc
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/KGJH0MurueekPfH8iHQoO6H4TKI>
Subject: [Rats] REIM v06 review
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2023 17:06:01 -0000
Dear REIM Authors,
Ive performed an (unsolicited, but hopefully still welcome) revision to
draft-ietf-rats-reference-interaction-models-06, resulting in the following
(mostly minor) comments:
1. Introduction
- attestation policies: evidence appraisal policies seems to be a more
accurate description.
2.1 Disambiguation
- definition of Attestation as described in
[I-D.ietf-rats-tpm-based-network-device-attest].
- a side- question (and now useless, since it has been
published as a RFC): why wasnt attestation definition included in RFC9334?
3. Scope and Intention
how to triggering: how to trigger
6. Generic Information Elements
- (..) all kinds interaction models: all kinds of interaction models
- that each identifies an Authentication Secret in a single Attesting
Environment: where each identifies seems to be more correct
7.1. Challenge/Response Remote Attestation
- see section Section 10.: repeated words
- The final output of the Verifier are Attestation Results: while this is
correct, maybe it would be more accurate to state The final output of the
Evidence appraisal by the Verifier are Attestation Results?
- Attestation Results constitute new Claim Sets about the properties and
characteristics of an Attester, which enables Relying Parties, for example,
to assess an Attester's trustworthiness.
Considering the usage of for example, what are other generic usages of
Attestation Results by Relying Parties other than assessing the Attesters
trustworthiness?
Section 7.1.1 , 1 Passport model
- In this model, the attestation sequence is a two-step procedure.: This
seems to ignore the Request coming from the Verifier (depicted in the
diagram). To ensure coherence with the subsection 2 Background Check
model, it should probably mentioned.
General comments:
- I found the document to be informative, with an apparently clear scope and
intent
- mentioning to [I-D.ietf-rats-architecture needs updating to RFC 9334
Best regards,
Sérgio Figueiredo
Technical Project Manager | Laboratory for Informatics and Systems
+351 910 097 968
<http://www.ipn.pt/> www.ipn.pt
- [Rats] REIM v06 review sfigueiredo
- Re: [Rats] REIM v06 review Henk Birkholz