IETF Logo Mail Archive

Re: [Rats] Review of draft-ietf-rats-yang-tpm-charra-21

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Tue, 29 August 2023 06:46 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5CEAC151078 for <rats@ietfa.amsl.com>; Mon, 28 Aug 2023 23:46:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sit.fraunhofer.de header.b="QHGE5b0N"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="MV1ZMe0j"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kIlpht0FSvf2 for <rats@ietfa.amsl.com>; Mon, 28 Aug 2023 23:46:33 -0700 (PDT)
Received: from mail-edgeDD24.fraunhofer.de (mail-edgedd24.fraunhofer.de [IPv6:2a03:db80:1504:d267::25:24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A21EFC151076 for <rats@ietf.org>; Mon, 28 Aug 2023 23:46:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sit.fraunhofer.de; i=@sit.fraunhofer.de; q=dns/txt; s=emailbd1; t=1693291592; x=1724827592; h=message-id:date:subject:to:cc:references:from: in-reply-to:content-transfer-encoding:mime-version; bh=zU7hSQDuUxLJ9WCc2BKKlQH8HsrTvQT9Xmr5SXh5hWI=; b=QHGE5b0NXkqFOdkIzxiVnkSOT6+BMf8XZswTQS679oPndWRAMNQ+fbAU NZk6pyulz2pu2GVFe/jgXmuD7pJ1KuAGR8mhSwT161QdNjfgh95JLgUUY lvCPBzTZ16TkTUX74CtsOKOJjGzYAnlCignGcPwv1ZYxqdX0MRwfMZ1Xt 3q30K4smqtYq6aJO+QfVsjzK61LlvqurTv4LOT9oAR/+4aSpSBvcjw3if i1lPl5XZGu19C+mkLyw5TXMdDgzsn0KkBfP5Wa0KjaAuNT2wTRSHwJ/sb XVH1THj4AeFaQmGYZGxTOzisXj7GIhBTy4dH9AWS8vxTJ3tBtrzICYoNb g==;
Authentication-Results: mail-edgeDD24.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-IPAS-Result: A2GyAABOk+1k/xoBYJlaHQEBAQEJARIBBQUBQIE8BwELAYI2doFchFKDT4stgjUtA5E7imsqgSwUgREDGBYoDwEBAQEBAQEBAQgBOwkEAQEDAQOCC4J0AoZrJjUIDgECAQMBAQEBAwIDAQEBAQEBAwEBBgEBAQEBAQYGAoEZhS85DYJyZFM0AQEBAQEBAQEBAQEBAQEBAQEBAQEWAg0oCEgBAQEBAgEjDwEFCAEBMAcBCwQJAhEBAwEBAQICJgICMhcGCAYBDAEFAgEBgnoBgioDDiMUjmubNnqBMoEBggkBAQaBB68YGF+BXwkJAYEMLQGDW4QqAYVIhDMCNoFVRIEVJwwDgnU+gX8hQgIDgSQgAYNzgmeHCw2CVoJ6ggcYLgcygQ4MCYEGg16IeCqBCAhegWw9Ag1VCwtjgRWCRwICEScTEwVLcRsDBwOBAhArBwQyGwcGCRcYFSUGUQQtJAkTEkAEgXGBUwqBBT8RDhGCTCICBzY2GUuCZgkVDDROdhArBBQYgRQEbB8VHjcREhkNAwh4HQIRIzwDBQMENgoVDQshBVcDSAZLCwMCHAUDAwSBNwUPHwIQGgMJBA4DGSsdQAIBC209FCEJCxtGAiegGnCBXhFbBQECBioMJgEDGA8cEAJbKBMzAggFKw4BUhSSYI56oiQ0B4IxgV2BWAYMihWVCgYTL4QBkyM3kSFimCwggi+LEo4FhyABhRQCBAIEBQIOCIFlA3GBIE0kLiGCZwlJGQ9WjUoLF4NShAiBDIpndAI5AgcBCgEBAwmIboF8XgEB
IronPort-PHdr: A9a23:W3OWPBJP9nVtYCfKddmcuDdnWUAX0o4cQyYLv8N0w7sbaL+quo/iN RaCu6YlhwrTUIHS+/9IzPDbt6nwVGBThPTJvCUMapVRUR8Ch8gM2QsmBc+OE0rgK/D2KSc9G ZcKTwp+8nW2OlRSApy7aUfbv3uy6jAfAFD4Mw90Lf7yAYnck4G80OXhnv+bY1Bmnj24M597M BjklhjbtMQdndlHJ70qwxTE51pkKc9Rw39lI07Wowfk65WV3btOthpdoekg8MgSYeDfROEVX bdYBTIpPiUO6cvnuAPqYSCP63AfAQB02hBIVjTG3jOkAcfUsCz5ifNT1SiGM+6rVOxpXhGDw IhsRjPsiiIYPhFj0kTJhscl38c56Bj0giIm8avZOIOfDMdiX+Dtf8IkXzAYQt1rWDFCW6fkc rVTMMwnH8dosK7/p1gFsCrvGA6CA+L+5W5MuXzQ06MX/c8MFF7m9yErNP0Dq3f5vIj4Gakyd Oev7pjw3AXCa9xn6zLP06LhSSsL+PWnXa1OXMON6BELNRzPyXqPq7P+Ph/F8fQv73e96dBjf +Wz1TIhiB5g/CWE4dkN0Nnm3Zopmn3exCRT7KRpK+ydHR0zcZulCpxWryaAK85sT9g/R309o C8h0e5uUf+TeSELzNEqyxHSR9DdL86G+Bv+UuaWLzpiwn5oK/qzhBe3pFCp0fa0FtK131BDs jdfn5HSu2oM2R3e5onPSvZ08kq7nzfa/w7J4/xCIUc6mLCdLJgkw7UqkYEUv1iFFSjz8Hg=
X-Talos-CUID: 9a23:8qGCrm3zbcfvlyUxty2G3LxfOuYHTGXQ9kfpZFKCK2t7F4O4ZG/K0fYx
X-Talos-MUID: 9a23:W6rmlw7mkdja0Tig5hd1t+z7xoxr6KmKE3BWqqkrhOyVdgkzGDOxogWoF9o=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.02,208,1688421600"; d="scan'208";a="67556590"
Received: from mail-mtaka26.fraunhofer.de ([153.96.1.26]) by mail-edgeDD24.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Aug 2023 08:46:26 +0200
IronPort-SDR: 64ed9440_Uq7IrnA515LQMMl7E4DWkl5Nw0PO2fnoRkDLAc0vRAvThqD zwunlBlEz36t4OvUtIHnlyzuUWtTY0d7Yg0r2iQ==
X-IPAS-Result: A0CzCQDKk+1k/3+zYZlaHQEBAQEJARIBBQUBQAkcgRcHAQsBgWRSBz0yWCtZhFGDTQEBhS2GAECBdS0DOAGRAosVgSwUgREDVg8BAwEBAQEBCAE7CQQBAYISgnQChmgCJjUIDgECAQECAQEBAQMCAwEBAQEBAQMBAQUBAQECAQEGBIEKE4VoDYYEAQEBAQIBEhEPAQUIAQEUHAcBCwQJAhEBAwEBAQICJgICMgcQBggGAQwBBQIBAR6CXAGCKgMOIwIBARCOa49NAYFAAoomeoEygQGCCQEBBgQEsBcYX4FfCQkBgQwtAYNbhCoBhUiEMwI2gVVEgRUnDAOCdT6BfyFCAgOBJCABg3OCZ4cLDYJWgnqCBxguBzKBDgwJgQaDXoh4KoEICF6BbD0CDVULC2OBFYJHAgIRJxMTBUtxGwMHA4ECECsHBDIbBwYJFxgVJQZRBC0kCRMSQASBcYFTCoEFPxEOEYJMIgIHNjYZS4JmCRUMNE52ECsEFBiBFARsHxUeNxESGQ0DCHgdAhEjPAMFAwQ2ChUNCyEFVwNIBksLAwIcBQMDBIE3BQ8fAhAaAwkEDgMZKx1AAgELbT0UIQkLG0YCJ6AacIFeEVsFAQIGKgwmAQMYDxwQAlsoEzMCCAUrDgFSFJJgjnqiJDQHgjGBXYFYBgyKFZUKBhMvhAGTIzeRIWKYLCCCL4sSjgWHIAGFFAIEAgQFAg4BAQaBZQM3OYEgTSQuIYJnCUYDGQ9WjUoLF4NShAiBDIpnQTMCOQIHAQoBAQMJiG6BfF4BAQ
IronPort-PHdr: A9a23:rIvp4xSLc0Ot0Un26i17ddFZJ9psovKeAWYlg6HP9ppQJ/3wt523J lfWoO5thQWUA9aT4Kdehu7fo63sHnYN5Z+RvXxRFf4EW0oLk8wLmQwnDsOfT0r9Kf/hdSshG 8peElRi+iLzKh1OFcLzbEHVuCf34yQbBxP/MgR4PKHyHIvThN6wzOe859jYZAAb4Vj1YeZcN hKz/ynYqsREupZoKKs61knsr2BTcutbgEJEd3mUmQrx4Nv1wI97/nZ1mtcMsvBNS777eKJqf fl9N3ELI2s17cvkuFz4QA2D62E1fk4WnxFLUG2npBv6C6vygAmk6bpY2i6ZAtTYQLEoVxf/9 vs2TzrJpwgAORI98mTIg+MqrodFrBn09Hkdi4SBRb/MBt9zJqHXRe4GZClxXNdvTXYYHpiGY JYMVs5ZINgEkK/bhXo+sjy8BQqnGdK+1zhmgX7n8vw+7OcHHw/r8icNGo0um1nfh/r4L6Q/Q b244afo6DLZTcJuyAf87Kf5QBUTmtulZolaKM76yVYROgqZrw20i5PveByK1NsWskTLyPpCC f2JjVQkgQZt/GSp5dg91JTioZw0kADrrj1FkKsvFNySZGwnb++BRcgYp2SbLYxwWsQ4XyRyt T0nzqFToZegZ3tiIPUPwhfeb7mCb4Gry0i9EuiLKCp+hHVrdaj5ixvhuUSjy+ipTsCvyx4Kt StKlNDQq2oAnwLe8MmJS/Zxvw+h1D+D2hqV67RsL1o9iKzbLJAs2Pg3kJ8Sul7EBSj4hAP9i 6r+Sw==
IronPort-Data: A9a23:TIWgt6MKDenH2rDvrR3hksFynXyQoLVcMsEvi/4bfWQNrUp2hGQFx zQfCm2HaPeCazfzctl0a9y2/E1Q7JGAzNNiTHM5pCpnJ55oRWUpJjg5wmPYZX76whjrFRo/h ykmQoCcappyFBcwnz/1WpD5t35wyKqUcbT1De/AK0hZSBRtIMsboUsLd9UR3Mgw27BVPyvX4 Ymp+52FaAf5s9JJGjt8B5yr+EsHUMva5WtwUmwWPZhjoFLYnn8JO5MTTYnZw6zQG9Q88kaSH o4v/Znhlo/r105F5uCNzt4XRnY3rov6ZmBivJb2t5+K2XCurgRqukoy2WF1hU1/011llPgpo DlBWADZpQoBZsXxdOohvxZwFRx9DbBm0Z78ASK64JWWyHHoUmLqzKA7ZK02FdVwFudfGmRS7 boVODsNKB6Zjv+wwLW1R/MqislLwMvDZd5E/CA/i2iGXLB/G8+rr6bivbe02B8wi8ZNW/zff ckZbj59RA/Bf1tBIF4KDpI5kuqywHXyG9FdgAzP+fppujaOpOB3+LrxOsLXIIe1ef8PoGqJi DPF7l/fDyhPYbRzzhLAqBpAnNTngiL/XIMbEfug//h1jVy7xnEaFxAXE1C8pJGRh1C5Ws4Kd xQf+zElqu4580mDQtz0RRb+oXOYsFgbQdU4O+0z7geA0ezI+A2ZAWYJSD9OQNMjpIkwSCBC/ kWAg8jBBDFzvvuSU331y1uPhWrvYm1EcipbOn5BFFFapcfm5op1gAjGU9BjF6C4lJv5FFkc3 gy3kcT3vJ1K5eYj2b+y4FbHhDyhvN7OSAs07R/QRWWr8kVyY4vNWmBiwQSzAS9ofd7HHGqS9 mMJgdaf5+0oBJSA3n7FCuYUEb3jo77PPDTAiBQ9V9Ms5ha8yU6FJIpw2TBZIFs2E8AmfTSyX lTflzkM77BuPVyrT5RNXaSPN+oQw5PNL+/VDsLvUoIWY7xaVhO2wyV1VEvBg0HviBcNlI88C 7e6cOGtL2QTOZ16/jyUR+sijLghnBI6zmKORqLA7g+G1ICGbyW/UoY1M1qpb8E44piboQ7Tz c1tCsuSxzhbU8z8eiPy46dKCXwrdF8VXYvXre5Tfc69ejtWInkrUaLt8Olwar5bkLRwvcaW2 HOEA2tz6kf13F/DIiW0MkFTUqvlB8tDnChqLB4XHAia3lY4atyS94YZTZw8eIcn+MFFzfJZS /oked2KMs9QSwboqigsUp3gkLNMLBibpxqCHy6AUggNe5RNQw/o+Ni9cDD/qwgILC687vUlr 5Oaiwj0fJskRiZZNvjwVs6B9V2KkEY4pPNTRGrNe9laR1Xt+tNlKgv3lf4GHPsPIhTimBqc8 RqaIT4Fl9nNoYYerdzCgI7dpYKpDdl7IFt+GlPfzLepNBv1+nio7p9AXd2pIxHcdjLQ04eza dpFy8rTNKU8o29LlI5nApBXza4azPn+lY9wlwhLMi3CUAW2N+lGPHKD4/hqioRM4b1o4S2NR UOF/4hhC4WjYc/KPgYYG1s4U76ly/oRpzj16MY1KmXc4Atc3uKOcWdWDim2pB1tFplHG6J7/ r55o+8T0RK1tTQyONXfjix0yXWFHkZdb4oZ7KMlEK3ZoSt17GEaepHNKD7E0LfWYfV2D0QaC Du1hq3Durdi+nT/Y0cDTUbq4+4MqqkN6TZrzUADLWungtDqpOE69zwP/CUVTjZ69ARm0eVyM TJvb2lwF7S/zwl1jecSWlKcOhxzKyCY3mfTyFI5snLTYGf1d27KLUw7Yf2s+mJA+U1iXzFrx pOq40e7biTPY+fKwToUZU5pj9fBXO5B3FTOt+7/FvvUAqRgRyTuh5GfQFYhqjzlMJsXv1LGr +w7x9RAQ/T3GgBIqpJqFrTA86obTS2FA2lwQftB2qctNkOEcRGQ3Qm+EWyASvlvFdfrr3DhU 9dPI/hRXSuQzCyN9zAXJZAdKo9OwcIG2oAwRaPJF0Un7Z2v9zZniceFvGy2zmomWM5nnssBO 5vcPWDKWHCZgXxP3XTBto9YM26/esMJfxD4wPvzyugSCpYfq6t5RCneCFdvU6m9a2OLJy6pg T4=
IronPort-HdrOrdr: A9a23:Scs3H6yra5J2ATDi6g9oKrPwIL1zdoMgy1knxilNoHtuA6mlfq GV7ZYmPHDP5Qr5NEtNpTniAtjifZq/z/9ICOAqVN/INjUO3lHGEGgI1+vfKlPbdRHW7OEY0b 1vN6hyYeeAaWRHsQ==
X-Talos-CUID: 9a23:frDNfmsxaDbk/wdGEuyHmzYm6IsjT37t0Vf5AnSYU2M4EbiSdXGx4aVrxp8=
X-Talos-MUID: 9a23:KgNLvA5PCXblvp9mit4ApfMzxoxq/662ChpWrqk84feoJAIhOCamqjmOF9o=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.02,208,1688421600"; d="scan'208";a="62486165"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA26.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Aug 2023 08:46:23 +0200
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.16; Tue, 29 Aug 2023 08:46:23 +0200
Received: from DEU01-BE0-obe.outbound.protection.outlook.com (104.47.7.168) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.16 via Frontend Transport; Tue, 29 Aug 2023 08:46:23 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q0ID+fqcY6MreVNKuRaau7W83RZomhssmUGlviHHnQL38mCan7/yrKKa2W4dxAN8oRfcaaOJBx47Cvir2JoIa1PUQQz0nB2gsxw2i+bvbYwOUIAvl8XMskzd/mKdqYKPL0fcQ9FcGF30sWtU+aht1W2st+Lg+p6cn2t9vlFgjf/LkGMRPSFaH+gjdnbFjfrCX2DvWJ6Bpy3PYsBMEpr2qCl4mbvlQ9jWpjoKc3uQtbJIx+GktkXXuuAi5WiRwfl9u32h6H4ubD5AMYiUOBPp7MY//1k18hS94rKVOGe2CcFuZw9VMPkSRirQ4m0PMJu+Ux/kgkr5/cO/rw6kPuKL3w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TkZJ678MjokWqFeitfK5q45oMIGGofDljmwaG2JMvdc=; b=UZ6NfANivZJou5Mz/RwLsFAJQ/hGq3e5LZpbrTPLXar67gt8Dab/nmdBIV5S6OeltxiiKbr61APGQ6Z8kaFb6WW9RPEfNGqj8EadZFs4LjExn9ODAq6XIK308rtaBVWDdMbrzCakCpICdSJSfEZQu1UrWnCoXfxO/T8N1kaia3g2rKFNAtYeGwNrQgwRpw4D5Y7QFtpkkA4jwsFIXJIaujGJwjJsSYtdLlwV7FiH2UyMIV4+yZ0sRz68eeabfxnpBRCF8KiJIjkQelXsRpCayoE+JGyirk0KIGjkTe+rv04MFNcBzSCmsriTiXJnDtOV6T2EYR+VKwSBQn2rrSxKWg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.fraunhofer.de; dmarc=pass action=none header.from=sit.fraunhofer.de; dkim=pass header.d=sit.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TkZJ678MjokWqFeitfK5q45oMIGGofDljmwaG2JMvdc=; b=MV1ZMe0jbPUtI+XjyVr21tsRguk1L0uV4WNNJIXwOjhkcuY9uoFoiyG9lWkNffEFCEm7HCEcCGeskEx5eEfHMorJYPyXilGYZmZSBASSB1lChwVEa4I0LJwb/GwjWsiD8OxJ4wNnRkBot64nKwy6uCOvI28G3pT8ErYiBDJ4fYM=
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8) by FR2P281MB2928.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:67::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.35; Tue, 29 Aug 2023 06:46:22 +0000
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::799e:e5e7:3b09:59cd]) by FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::799e:e5e7:3b09:59cd%4]) with mapi id 15.20.6699.035; Tue, 29 Aug 2023 06:46:21 +0000
Message-ID: <1190ea00-c012-2050-6adf-c5083bd28797@sit.fraunhofer.de>
Date: Tue, 29 Aug 2023 08:46:19 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: "Panwei (William)" <william.panwei@huawei.com>, "Eric Voit (evoit)" <evoit=40cisco.com@dmarc.ietf.org>, Hannes Tschofenig <hannes.tschofenig@gmx.net>
CC: "rats@ietf.org" <rats@ietf.org>
References: <77b488ab-c426-d9da-044e-0e081dddaa5d@gmx.net> <BL0PR11MB31227EB811559A075DA9EE2CA1E0A@BL0PR11MB3122.namprd11.prod.outlook.com> <BL0PR11MB312237798563299770BCFCEEA1E0A@BL0PR11MB3122.namprd11.prod.outlook.com> <74230c7445234b01aedd007f44b9ff26@huawei.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
In-Reply-To: <74230c7445234b01aedd007f44b9ff26@huawei.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: FR2P281CA0051.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:92::8) To FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: FR0P281MB2879:EE_|FR2P281MB2928:EE_
X-MS-Office365-Filtering-Correlation-Id: 990d0ec0-6e50-4b72-8102-08dba85ba7ee
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: OMwkTY5iiQzW9fvyi9vLq9byZ802MtTEuTfodSSFmAlQKwwGpPr+TrZ6s6Bi4oF0sCon3d/HZjj+5eu7T13DRU/PQHN+WMZafjihg+rrX7l7YSoQ/OrFfr1D0ghXZ0Jt2u9vjqdGlXmK3xZKQnULUBFFyrti/+xxyJW7Uxo0Feee7eO/PyEmnW+CR26ELPRGdBYpWq30xMQ1uph/eePKK4wB+wrg6DXmGemP6c5H679n0+NOgygxac/5XAD/RSHs/raBFhEJ9eSa5/4bkkHKvDnzMAeC4h6KuUcLoSP38LBzU9Vr5qmruCfib3JUuzWbT4h3Q4OLEzAxJoEndQdNvuHZd6xGR2hmikiGkzaz13bXWxNKV2SGxLYUwnx34vUh6miqUnwE41H/Zzwu00nzpGYl5KjjclRgbOk7fN5qjpI8kf+rcjY/RNXozGjnag0k1QaeSGrTyj0znQWqcOl5OziNBGL2PnY0DrNgaJ9g0aLs0sWMyDdU339EJ1pXgUPIYCB9iNy8ymrqHczeiu+wGFuei7kiqwTJ+CJlFgH5Lp6cQFakvJTNaMuMi7MKg4l2gGzcGSemqrhVsZP+Re4E/xExY8naxQRx7SROQUHsvt4RlT2k+PATUNHrtWoo4kokLvs87KPBru7QYsh4V7Oz+xQvwn5sTVFfrofNDmPLgk7iEZg27Mz9nhuiLTVwDKucRBtmm11EloQ3p9jLDq4fTUePWvoz4cjCM0tTejW8SZ881H9D9XmRozRzBZ5zDqmg
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(39860400002)(376002)(136003)(346002)(366004)(396003)(1800799009)(186009)(451199024)(6486002)(6512007)(6506007)(53546011)(966005)(478600001)(83380400001)(2906002)(316002)(2616005)(41300700001)(66556008)(66476007)(66946007)(110136005)(5660300002)(44832011)(8936002)(8676002)(4326008)(66574015)(82960400001)(38100700002)(86362001)(31696002)(12101799020)(31686004)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: atxA90efb2QNOPBskRwn1Ygpr4dDkIrcuGp7JhPtuFd9LAbRQW+cLMFDp8YBmri5mKJ11jMMFexm7Jjwg/YzGgRvangCOgGAhv4uGPJllG5aa9+EnnLvyZf1RsGNEWgy8LFWto9d8scflYzBKbjiFqTiBsoWgu/fBr1qhXwR3egYtpoBUzuj34EL+dazvP+FR6shVe1Twi/1WNXHHDprVu13B1PKC9KhJmYyH3bILbSCTkMuicizIa4HwnAKmWtDgbZR+WKNfK7vNwCj/+BG5jlm0AGDJYmk3wvu06bdurf5/1iADcdLRrGA49uXgQa1J8u9676pfORG9ZrQPYlJYEHyhERgh8W7p0igsMv6dYRwp1UFDWjOwelf0kkT9Z2sKmzCmF071414A7ZpT+0uwyt1PYyOEvC4rFE0RBTC2oIHWEqXTO9r9EstzdBqEDuSbLmZjg+DatyNdp7QsgerNPKs9qdRqJyzUgoOUp4PONTCbbK9f5OJLSDXGiPw6lRlY/+5KI6nBsU2QRitx2M+Kc1ZJ+Edc6EsbPywopIiTaILtB6XRURqH9KB+t2KNGBhKCGKb1f+6Tv2BdC3AotIcgrXmisLB7B8yZg2C0nS0XaKDSU4HB7QlVf7dWjnIHeiTk+ACpEuu8CtyXizWiwp9tiWyIehwCzHM+pfnLHImTRh7k/E4S6vHwY22eASy5LeVAeOtB0hbWEBeVk8WSILhnr6H6YLMiAwqLK2jEu5AX/5S6VsMIl2oPjDuSfT9SiNSV/NDFEpziNrWn7CpnFLuN4EViPZzWNtBZIym2npCYeI274Wydy6ijQ4aH+rkCkpksjDgKJkmUQCHWNK4ZphhZammLbYsudyUo6/cqZWN4zeUjqlXx3xrTPETa1djwZo7NIQa4BnqhA4o6o/IpWxdgP6GvfZSt3xh3IQlrYfUyNAbZOPjfax3pre46X3TzZcLkZXrVC76br2vjLO97Y+x/jaXQZs18TNbCKB6BLQF/jeDxG772NrrAXscR94b6Q7w+taj4SfbrDwMk/rYqT19x82UC8g5TveUBlYG3gXSH22uiI8jEyc1jwTtEWYLUyPcIwremKTZgB4dNlzqNlBbmk1lm4tTsnercCVtQT+/gA3FHUpeslsG9M1E1Ifw4X5pTFOGRmBHujmgvubV+BkHVkDKPyNs8ls1uRMSOTR0/StH8wR1954Lc1MqwJBkWoWRhxrQPe9t1GCiTZpNoFbiqRTVhNZ6k13aUt82t2WBCoS8BHpCken+2zlTeOm1nK132jUyAw/FBbWKlZ4dBk9m0MW2bhP8yAW7N2Em4x+iQ3rBeACMD7UW4jAu96PYnU6CRgZQOyCEEpztS41co+v1Gi5z9LBxsI6ku2oZLR2Y69v4IicvLqlaW38+vo7MDku2DycEXkHtbQz2I0yvf16zjlIdkxmd7wk3v5zhfsNDZ9Jesc/E7/uGWjNkFlZVSbipQOBwdztPrQ4d8++8zrPQxyLLZqrBagZZYg9W+ynAYwbjXxHPGSPqbnzeb7S6uhE+oMZ9z9XthFTGf8W7326d/YI8phILT0dPKjzDS7Kh9GXJfMFMk6ou1vxqN2ZAg9VCoJPIJNW2OpBb3nZO5DfZNA4w/Fx6sEwjbKENrqrvLQoGX52HyW7eqdUq1oQpgwvJsJ87rAxJ4+B9m78vkEymwoS4Gfmcp9YSHAFcqKuBi8=
X-MS-Exchange-CrossTenant-Network-Message-Id: 990d0ec0-6e50-4b72-8102-08dba85ba7ee
X-MS-Exchange-CrossTenant-AuthSource: FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Aug 2023 06:46:21.7986 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: SYAhg2P2XE+3EgGyFEg/vkXD7WJb+djehlBGG4xFWPzC3MHeJ0DdnIC/bvBKi5FnzuBCiF2Xylsjim28RTKZvimFWZhSzK0B0ttoxqe5sSU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR2P281MB2928
X-OriginatorOrg: sit.fraunhofer.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/KS6v0xMoI_VzKXw8TRl2WU8Hbh4>
Subject: Re: [Rats] Review of draft-ietf-rats-yang-tpm-charra-21
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Aug 2023 06:46:38 -0000

As soon as Kent & Rob unblock C455, we can talk to RFCed and check what 
they think of the changes. We are past all content changes, but I agree 
that these changes look editorial. We'll have to wait for our missref.

On 29.08.23 03:24, Panwei (William) wrote:
> 
> I've reviewed the changes at https://github.com/ietf-rats-wg/basic-yang-module/pull/132, they look fine to me.
> The current changes are really minor and I think we don't need to reset the document in the IETF review cycle.
> By the way, I think the change of the reference of RATS architecture from I-D to RFC 9334 will also be made by the RFC editor when publishing it.
> 
> --snip--
>> The reason for the first part of the additional text is that there are router/switch
>> vendors (including Cisco) provide cryptoprocessors with interfaces compliant
>> to the TPM1.2 and TPM2.0 interface specification.
>> However these cryptoprocessors have not gone through the TCG's compliance
>> verification process.  So a decision was made not to claim compliance.
>>
>> As for the statement ", included in the device components of the composite
>> device the YANG server is running on."   Likely we can delete this as the
>> information is covered outside the Abstract.   Do you have a strong
>> preference
>> for deletion?
> 
> I suggest leaving the text as it is.
> --snip--
> 
> Regards & Thanks!
> Wei Pan (潘伟)
> 
>> -----Original Message-----
>> From: RATS <rats-bounces@ietf.org> On Behalf Of Eric Voit (evoit)
>> Sent: Tuesday, August 29, 2023 1:41 AM
>> To: Hannes Tschofenig <hannes.tschofenig@gmx.net>; Henk Birkholz
>> <henk.birkholz@sit.fraunhofer.de>
>> Cc: rats@ietf.org
>> Subject: Re: [Rats] Review of draft-ietf-rats-yang-tpm-charra-21
>>
>> Hi Hannes,
>>
>> Changes below are proposed into:
>> https://github.com/ietf-rats-wg/basic-yang-module/blob/master/draft-ietf-ra
>> ts-yang-tpm-charra.md
>>
>> Once we are all aligned, we can do a single push to update the draft version.
>> Before doing that, we will need to make sure that this doesn't reset the
>> document in the IETF review cycle first as already cleared the IESG.
>>
>>> From: RATS <rats-bounces@ietf.org> On Behalf Of Hannes Tschofenig
>>> Sent: Monday, July 3, 2023 4:22 AM
>>> To: rats@ietf.org
>>> Subject: [Rats] Review of draft-ietf-rats-yang-tpm-charra-21
>>>
>>> Hi all,
>>>
>>> I have read draft-ietf-rats-yang-tpm-charra-21. The document reads
>>> well. I just have a few small remarks.
>>>
>>> # Abstract
>>>
>>> Expand the acronym: RPCs - Remote Procedure Calls
>>
>> Done
>>
>>> s/roots of trust for measurement/root of trust for measurements
>>
>> Google has:
>> - 3850 results for "roots of trust for measurements" and
>> - 3 results for "roots of trust for measurements"
>>
>> Are you able to describe some advantages for this change?
>>
>>> This sentence is very complex: What are you trying to say? The
>>> document is really about TPMs.
>>>
>>> I suggest to shorten it
>>>
>>> FROM:
>>>
>>> The module defined requires at least one TPM 1.2 or TPM 2.0 as well as
>>> a corresponding TPM Software Stack (TSS), or equivalent hardware
>>> implementations that include the protected capabilities as provided by
>>> TPMs as well as a corresponding software stack, included in the device
>>> components of the composite device the YANG server is running on.
>>>
>>> TO:
>>>
>>> The module defined requires at least one TPM 1.2 or TPM 2.0 as well as
>>> a corresponding TPM Software Stack (TSS).
>>
>> The reason for the first part of the additional text is that there are router/switch
>> vendors (including Cisco) provide cryptoprocessors with interfaces compliant
>> to the TPM1.2 and TPM2.0 interface specification.
>> However these cryptoprocessors have not gone through the TCG's compliance
>> verification process.  So a decision was made not to claim compliance.
>>
>> As for the statement ", included in the device components of the composite
>> device the YANG server is running on."   Likely we can delete this as the
>> information is covered outside the Abstract.   Do you have a strong
>> preference
>> for deletion?
>>
>>> # Section 1
>>>
>>> rolling hash is the incorrect term for how PCR values are generated.
>>> See https://en.wikipedia.org/wiki/Rolling_hash for a definition of how
>>> a rolling hash works. You would use a rolling hash in creating a
>>> transcript hash for TLS when you do not want to maintain a copy of the
>>> entire message exchange transcript.
>>
>> Both are needed.  The sequential series of messages is recorded in the logs.
>> And the PCR (maintained in protected hardware) is the hash this sequential
>> series of entries.   It is this hash which allow you to verify the
>> completeness/accuracy of the log entries.
>>
>>> [I-D.ietf-rats-architecture] became an RFC. Update the reference
>>> throughout the document
>>
>> Done.
>>
>>> # Section 2 The YANG Module for Basic Remote Attestation Procedures
>>>
>>> What does "Basic" refer to? Is there a "sophisticated" or "advanced"
>>> version somewhere else? If not, omit the term "basic".
>>
>> There are advanced versions.  For an example, see:
>> draft-voit-rats-trustworthy-path-routing
>> which is an instance of nested attestations as described in draft-ietf-rats-ar4si
>> Section 3.2
>>
>>> You write:
>>> "
>>> The method for communicating the relationship of each individual TPM
>>> to specific measured component within the Composite Device is out of
>>> the scope of this document.
>>> "
>>>
>>> Is this functionality described in some other document? If so, where
>>> is it described? If not, what is the implication: what am I unable to do?
>>
>> You need an out-of-band provisioning mechanism which lets you know the
>> type of cryptoprocessor, the equipment within which it sits, and its public key.
>> This document does not describe this because these elements of business
>> context are inherited from the companion document:
>> draft-ietf-rats-tpm-based-network-device-attest
>>
>>> 2.1.1.3.2. 'tpm20-challenge-response-attestation'
>>>
>>> Example is not really an example. Here is a snippet:
>>>
>>>      <certificate-name
>>>          xmlns="urn:ietf:params:xml:ns:yang:ietf-keystore">
>>>          (instance of Certificate name in the Keystore)
>>>      </certificate-name>
>>>
>>> Could you include an example with real values? Should be easy for you
>>> to copy-and-paste an example from one of your implementations. It
>>> would also be good to have examples for the other functionality as
>>> well. Readers, like me, like examples. In this specific case I am
>>> interested to see how the certificate identification looks like.
>>
>> If you look at the authoritative YANG draft "draft-ietf-netconf-keystore"
>> instance data in Section 3 it would be "Manufacturer-Generated IDevID Cert"
>> which is less descriptive than what we have now.   This is because the
>> instance data is just a reference to the full set of key info described throughout
>> "draft-ietf-netconf-keystore".  Trying to keep the documents as independent
>> is traditional with yang models so that we don't have to worry about keeping
>> instance data in synch across a large number of drafts.
>>
>>> A small note on the example: Shouldn't the nonce element be called
>>> nonce-value? Here is the text from the example:
>>>
>>>      <nonce>
>>>
>>> 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9
>>>      </nonce>
>>
>> Yes, Good catch.  Fixed.
>>
>>> 2.1.1.5. Data Nodes
>>>
>>> You use the term "compute node" several times throughout the document
>>> but it is not defined. Is there a definition you can reference?
>>
>> The compute node is defined in the YANG model, which itself references
>> RFC6933
>>
>>        list compute-node {
>>          key "node-id";
>>          unique "node-name";
>>          config false;
>>          min-elements 2;
>>          description
>>            "A component within this composite device which
>>             supports TPM operations.";
>>          leaf node-id {
>>            type string;
>>            description
>>              "ID of the compute node, such as Board Serial Number.";
>>          }
>>          leaf node-physical-index {
>>            if-feature "hw:entity-mib";
>>            type int32 {
>>              range "1..2147483647";
>>            }
>>            config false;
>>            description
>>              "The entPhysicalIndex for the compute node.";
>>            reference
>>              "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex";
>>          }
>>          leaf node-name {
>>            type string;
>>            description
>>              "Name of the compute node.";
>>          }
>>          leaf node-location {
>>            type string;
>>            description
>>              "Location of the compute node, such as slot number.";
>>          }
>>        }
>>
>>> Figure 1 has no title
>>
>> As the top of the figure shows <CODE BEGINS> file
>> "ietf-tpm-remote-attestation@2022-05-17.yang" it appeared redundant.
>>
>> Thanks again,
>> Eric
>>
>>
>>>
>>> Ciao
>>> Hannes
>

v2.45.0 | Report a Bug | By Email | System Status