IETF Logo Mail Archive

Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Tue, 10 October 2023 06:55 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B68B6C193304 for <rats@ietfa.amsl.com>; Mon, 9 Oct 2023 23:55:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sit.fraunhofer.de header.b="rTyw83Du"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="P6UXxqKG"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6xS5VYHm080X for <rats@ietfa.amsl.com>; Mon, 9 Oct 2023 23:55:20 -0700 (PDT)
Received: from mail-edgeka27.fraunhofer.de (mail-edgeka27.fraunhofer.de [IPv6:2a03:db80:4420:b000::25:27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB019C1AE9C4 for <rats@ietf.org>; Mon, 9 Oct 2023 23:55:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sit.fraunhofer.de; i=@sit.fraunhofer.de; q=dns/txt; s=emailbd1; t=1696920919; x=1728456919; h=message-id:date:subject:to:cc:references:from: in-reply-to:content-transfer-encoding:mime-version; bh=VzKlDJI23dPrNGd/U61DepnykTwE/ucfe+CkUfgy3qg=; b=rTyw83DuhtmVp5A+Mke+HA4bRRJT451HfndohH/A1yFLrKJtoYdurgU1 uh02EMMFYaanc13ai47qOf9ivnrzF54roGcK9RiEQuUyXizRMCgQMkyQS 9AaycXQoXrDSHd5XOKN4n62mzsadjshGo3N97JzBuOKXpMYC48UjQD78X k7X1QZ76vDrnKJsgjZdr2jCIbUeriDrFeMUDTJvr5gTwPlMIGs/asQlsJ q54CXehFEe9FDwir2jgiRByIRVsXjGehC3bJfuxzuEYkgbygYv9cWTwgY JzYLB+mK6Xo1d4Kego8MjXlV7an5mwN3sUEqoi+cP7R7Y3kIhmf9hp3ea A==;
X-CSE-ConnectionGUID: 5/LZ0yycTeWI3gupMQ564g==
X-CSE-MsgGUID: avh0YtCWRLub2ZDPrYddCg==
Authentication-Results: mail-edgeka27.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-IPAS-Result: A2FjCQAqXbxj/xwBYJlNGQEBAQEBAQEBAQEBAQEBAQEBARIBAQEBAQEBAQEBAQFAgTuCK4EHUAGBB4RPg0+NUAOBE4FsiD6QUIJRAy4YEA8BAQEBAQEBAQEIAS4PBwQBAQMBA4ILgnMCgRsmSwECAQMBAQEBBAMBAQEBAQEBAgEBBgEBAQEBAQYEAgKBGYUvOQ2DV4EHAQEBAQEBAQEBAQEBAR0CDTQNESkMDRYBAR0BAQEBAgEBASEPAQUIAQEsCwEECwkCDgMBAgEBAQECAiMDAgIhBgsUAwYIBg0BBQIBARCCagGCbgMOIxNZmx16gTKBAYIIAQEGgQZNAxgmgwQNC12BXgkJAYEKLAGDRYNwgyiCEoQxFyCBVUSBFScPgj0HMD6CIEIBAQIBgTWDf4JngVQGEBVGBlkLAQNLBgEBFAwBATk2DhEVDwEFIwcRARIECxECFQcRkjYKLY4coCVHOzQHgiOBT4FKBgyJeYJPjDcBhXEGEy6DeYxahjGMJ4UcXod7j04gjSiDapEjDYR3AgQCBAUCDgiDOxkFDAdNJE+CZwlJGQ9WjUoMFhWDO4UUhUxzAjkCBwEKAQEDCYlLglcBAQ
IronPort-PHdr: A9a23:ZT6mFhyXLqW9NqvXCzKPy1BlVkEcU8jcIFtMudIu3qhVe+G4/524Y RKMrf44llLNVJXW57Vehu7fo63sCgliqZrUvmoLbZpMUBEIk4MRmQkhC9SCEkr1MLjhaClpV N8XT1Jh8nqnNlIPXcjkbkDUonq84CRXHRP6NAFvIf/yFJKXhMOyhIXQs52GTR9PgWiRaK9/f i6rpwfcvdVEpIZ5Ma8+x17ojiljfOJKyGV0YG6Chxuuw+aV0dtd/j5LuvUnpf4FdJ6/UrQzT bVeAzljCG0z6MDxnDXoTQaE5Sh5MC0ckk9pBCuftg/6XqvtiRXalcl52i+kJ8rkb+sMVg2a/ 79MUk+xh3sqOQMr1zj+358V7upR9Sr/mixv2q37QNiPBNZzUqqCRfkiWGZIGdR9ZzJjIJm8V a4dV9YxYcd2gpfWqWk/pjycKlG1BczWlh9uuHn70pI67+diTQzNjQMiMMwE813Krd7bKfkDa 7my3JHKxDuedtxk0zTbx6XZY0hwsNrdb7R5Y8zTz1VzNl/gow+elo+mH2LWi7oRjVm1/s1Cb qWF10wHgRpYmSSGwJwus9HXn64y6lnB9Dwn69sQFIjrAF4+YMSjFoNXrT3fLYZtX8c+Fnlho z1polVnkZuyfSxPxZgoyh3WMaPBfZKB/xTjU+icO3F0iSEtdLG+gkOq+FO7gq3nV8ay2UpXt CcNjNTWt34M2hCSosiKQ/dw5AGgjB6BzQnO7OFDL00u063dLp8q2LkrkZQP90/EG0fL
X-Talos-CUID: 9a23:9KWq9W9Tv5kxrup5S+aVvxNTPvJ9Y2zW8HrvAhS3FH5MceDLFVDFrQ==
X-Talos-MUID: 9a23:9YQQlQ6w2il6vFcVqZDTh9MWxoxh/aT2OVwmrq8ipsPeBwBIIQaRgB+4F9o=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.88,1,1635199200"; d="scan'208";a="546275"
Received: from mail-mtaka28.fraunhofer.de ([153.96.1.28]) by mail-edgeka27.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Oct 2023 08:55:13 +0200
IronPort-SDR: 6524f550_y54RvE2YhHGKi88q8T+yStyALvxAC04cnujEjpB22gUEt3i OzWrhMcUAzz45wE+v5lKnfXxOGnDSes6k8jHPxg==
X-IPAS-Result: A0A1AADA8yRl/3+zYZlaGgEBAQEBAQEBAQEDAQEBARIBAQEBAgIBAQEBQAkcgRYFAQEBAQsBgWVSBz41UAEHK1oxhCGDTQEBhE5fhkABgXUtAzgBWoFriF2QdIEsgSUDVg8BAwEBAQEBCAEuDwcEAQGCE4J0AkoBBAEIhjQCJzQJDgECAQECAQEBAQMCAwEBAQEBAQMBAQUBAQECAQEGBIEKE4VoDQkOEIF9hCgBAQEBAgEBARARDwEFCAEBFBgLAQQLCQIOAwECAQEBAQICIwMCAiEGCwcNAwYIBg0BBQIBARAOglwBgioDDiMCAQEQBpZMj00BgUACiih6gTKBAYIJAQEGBASBTwMYJq4HDQtfgV8JCQGBEC4Bg1uEEB4BgyyCJYQ1Fx+BVUSBFScPgj0HMT6CH0IBAQIBgTWEA4JohACCdYIFBw4uBzKBCgwJgQWCejUqgRSJP18REwVCCGgbAwcDgQMQKwcELxsHBgkWGBUlBlEELSQJExI+BIFngVEKgQY/Dw4RgkMrNjYZS4JbCRUMNE12ECsEFBeBFARqHxUeNxESFw0DCHYdAhEjPAMFAwQ0ChUNCyEFVwNHBkwLAwIcBQMDBIE2BQ8eAhAaBg4pAwMZTQIQFAM7AwMGAwsxAzBXSwxaBHAkBA4DGSsdQAIBC209NQkLG0QCJ5wbbTWBPAYQFUYGWQsBA0sGAQEUDAEBOTYOERUPAQUjBxEBEgQLEQIVBxGSTAotjm6hKEg7NAeCMYFegVkGDIoWgk+MRQGFdwYTL4QBjG+GOIw5hSJiiCKQGCCNQ4N1kUENhH4CBAIEBQIOAQEGgWM8gSgZBQwHTSRPgmcJRgMZD1aNSgwWFoNAhRSKZ0EzAjkCBwEKAQEDCYhvGguCNgEB
IronPort-PHdr: A9a23:+h8w9x1+hNjYwNDbsmDO5gUyDhhOgF2JFhBAs8lvgudUaa3m5JTrZ hGBtr1m2UXEWYzL5v4DkefSurDtVT9lg96N5X4YeYFKVxgLhN9QmAolAcWfDlb8IuKsZCs/T 4xZAURo+3ywLU9PQoPwfVTPpH214zMIXxL5MAt+POPuHYDOys+w0rPXmdXTNitSgz/vTbpuI UeNsA/Tu8IK065vMb04xRaMg1caUONQ2W5uORevjg7xtOKR2bMmzSlKoPMm8ZxwFIDBOokoR rxRCjsrdls44sHmrzDvZguC7XhPNwdemBodIg/mtkvkXpfNrhDElsle3CucA9fxX5JvYTub1 7dzbwW40ShbGjAE4kaOo5kj6cATqkeZ+SFP05f3T6HMLspSc4/UIuswfXdNV4FDexxfIKGmb 7EqHbI9Dbp5gaTjjFU8nBCZJyb0HeLA82NooEHw0KIF09giUl3L110vHf0Qujf9stT+GrpMQ Nrsy7nwzzzNMup56z3+zqflYwF58OCnDIB2eNjXy08zSyKZq3jKp7PmfBPElblTr1aqwftHd 9nooTIFiytqiwOz78F3iLCRmJs57XDN8CRgnq1oAOztGwZrJN++F51IsDuGcpF7Wd4mXzRws T0hmdXu2La+dSkOjZE7zj32MazBfZKB/xTjU+icO3F0iSEtdLG+gkOq+FO7gq3nV8ay2UpXt CcNjNTWt34M2hCSosiKQ/dw5AGgjB6BzQnO7OFDL00u063dLp8q2LkrkZQP90/EG0fL
IronPort-Data: A9a23:Bp+hNK45ZWBtFZyKBElzvQxRtH7CchMFZxGqfqrLsTDasY5as4F+v mQZCGnXa/aPYWGjc4h2YIrl9k9QupKGz9MxSwQ4qigwZn8b8sCt6fZ1gavT04N+CuWZESqLO u1HMoGowPgcFyOa/FH3WlTYhSEU/bmSQbbhA/LzNCl0RAt1IA8skhsLd9QR2+aEuvDnRVvW0 T/Oi5eHYgT8g2Ylajl8B5+r8XuDgtyi4Fv0gXRjPZinjHeG/1EJAZQWI72GLneQauG4ycbjG o4vZJnglo/o109F5uGNy94XQWVWKlLmBjViv1INM0SUbriukQRpukozHKJ0hU66EFxllfgpo DlGncTYpQvEosQglcxFOyS0HR2SMoVD4rubfkibuPatznWYKkfR3/g/D0MfaNhwFuZfWQmi9 NQDLSwVKB2TjOLwzqiyV+9sgcouNo/nMevzuFk5kGqfXKlgGM+SBfyQure03x9o7ixKNfbTY clfYzt1bxTHZw9nIVYLTpwklfquhn7xficepF/9Sa8fujOIkVAsj+e0WDbTUtyVX5sMoF6fn 3/9pkG6KSAmCNWl0QPQpxpAgceKx0sXQrk6CL2/8/dxi1mSwGMaDh8RU1agifa8g0+6HdlYL iQ8/iUqhakp8EWtQpznUga/umLCtRkZM/JVGPd56QyRxILP6gCVC2wBRzgHY9VOnM4/TxQr3 1XPmMnmbRR1uaGOYXOQ6rnSqim9URX5NkdbOHRBHFRAuoay5dhp0VTRS5BoVqCvh8DzGTb+z irMoCVWa6gvsPPnHp6TpDjvqzy2r4XPTgk76x+RWWSg7whjY5WiaZDu4l/ehcus5q7CJrVYl ClcxZqt/6oVAIuTlSeAZuwIEfv7r7yGKTDQyxonVZUo6z3nqTbpcJFy8QNOAh5jEv8FXjv1P 27Vmwdav6FIMFWQMKRYXoOWCuYR95bGK+jLbP7vQ+B1UsBDTzPfpCBKTmyM7l/pi3kpwP0eO 4/EUMOCDkQ6KKVAzRikTtckzI0t5CAy+j7UT8rJyx+mjLmsX1+OaLI/KFDVRPsI3KCFhwT08 thkKMqBzStEYtD+eiX69Y0yL0gACGoSXLTaipVwWLaYAwxEHGoBNafg8Yk5cdY4o5UPx/b6w H6tf2R5lnz9vCTjAieXYClBbLjPY85OnUgjN3ZxAWfyimkRWqfx3qIxbJBtQKIG8tZkxvtKT /UoXcWML/BMazbf8QQmcpjPg91+RSuvmD6xEXKpUBonc75kYj75yNvuUw/s1SsJVySMpZQfp Z+k3VjlWpYtfVlpI/vXT/ON9GmPm0Yhtth8ZGb2B+VCWV7N9dFqIhPhj/VsLMArLw7C9wSg1 A2XIEk5o8/Rr68c7ev5haKNhNqsGO5QR0BfH3fp6IinESzg+kui3o5yf+Kadh/NVG7P2fuDZ McE69reIfE4jFJxnI4kKIlSzIU6/MrJm79W6i9GDUf7RQ2nJZ04K0bXwPQVkLNGw4FonDefW 2WNy4F8AqqIMsa0K2whDlMpQcrb3M5FhwSIy+o+JXj7wypF/LCnd0F2FDvUgQx/KIpFCq8U8 d0DiuU3tTPm0gELN+yYhB96726Pd3wMc5s2v6EgXbPEtFAZ9UFgU7f9VAnGuIqCevddAHkMe zW0vpfPt55Y50jFckcwK0Tz4Ppgtcwwny5OnXA/JAWvu9vah/UI8gVb3hYpQy90kBhW8eJBF VJ6Fk9yJK7U+29MgfpSblCSBghuVRirym3s+XQ0lUnybUqhZkrSJkITZMeP+0E49TpHXz55p bu39kfsYQzITurQgBQgfFFDkOPya+Bx+inputGVL+7cE7YUOTPa07KTP0wWoB7ZMOYNrUzgp 9gy2t1vaKf+ZBUik4diB6a0jb0vGQ25fkpcSvRc/YQML2HWWBe2/ROsc0mRWMd8F8bmwH+CK f5FB5xwDkyl9SO0sDokK7YGIOZ0kN4X9dMyQO7XClBcgYSPjAhCkcz2xnHyilZ+Fp8q2Yw4J 5jKfj2PLn2IiDEG0yXRpc1DISyjbcNCeAT42/uv/f4UE44Y9tthalw2zqD+qkD93NGLJP5Il Firi3fq8tFf
IronPort-HdrOrdr: A9a23:Pw+mxa1GMtHAMA/ZNhLIWgqjBJUkLtp133Aq2lEZdPU1SKGlfq +V7ZcmPHPP5Ar5HUtQ/exoW5PwPU80l6QFg7X5VI3KNGKNhILrFvAG0WKI+VPd8ljFltK1op 0AT0ERMrLN5HFB/KDHCFPRKadY/DDNytHOuQ6X9QYUcek+A5sQlTuQIm6gYzBLrCAvP+tDKK ah
X-Talos-CUID: 9a23:K8B0am5u3yPiB8nk79ss8VQQRp8VVnTn8nbofRaENHpkGb6XYArF
X-Talos-MUID: 9a23:6VPSEwlXDSZq+elOrj2JdnpiK902upq2D3kQqswj+OK1CRB5AS+k2WE=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.03,211,1694728800"; d="scan'208";a="133545771"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA28.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Oct 2023 08:55:11 +0200
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Tue, 10 Oct 2023 08:55:11 +0200
Received: from DEU01-BE0-obe.outbound.protection.outlook.com (104.47.7.169) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25 via Frontend Transport; Tue, 10 Oct 2023 08:55:11 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mYPdG+OR7GcD2AqRORegBO49C0/qcukjKw+rf7zhxvBerSVz0Gqxt3T2euSTIePMlLkNiEscry+b+SUtwBOsM3jr9jo2CsdUsRtxIr/vXRw420lZA1S8f/P2VT+S3BB82wsXcoA4vyx9a26RNbI78/r2uXyJsLWOmqTieCKz2kGsE7Fuhkdg3GlMy8HdKfiuff4kZTBGsxAoy0fK/fILAZhpwEm2fqn1qexyQ+xT4AcT4xr00ynllbj4x7+PFBz+YjoXOoPXXk5yw2y6f1oXP1QaOr8yVu0Jx5wRzzEep1W8/H0JV5RygAiqa7MTnlmoeSZDrFIwYTagRdjcIQg2GA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IoK22vhhTtSVHKKljnVrozJ3PgQPxpOr81g4EfUzO1A=; b=aUdF0ZEmtMDUanniKwOTydMVIlQp+9LCnoRuGIuCXDCbVfCTW5uXbe6fXkinw/9BmVodg75mu+rLSGzePuwDeFGrnCrpEIUze3vJe1Jj9kAMHuCnwYnqroqbTB2lJ9vagBC0kZE6OwrJqSKs6ewyqT4buJHsL5JvkB30LqyBOt5/iieGj/IiUOMlkvIYFd6KPlBq3hAJh1GA6vJQPJnNFPA0/5Fuwg9r15DT3tnmW+TtarH63y3SNZTeko0yotLMUwJ1LqAS38AWBqhPbpcMfOzUJnYlknxkc7oiJfh0BIBIXnT6F/JWZIlFTQ4yRCwuK6Fj7I3VaYIC0x89uhxScg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.fraunhofer.de; dmarc=pass action=none header.from=sit.fraunhofer.de; dkim=pass header.d=sit.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IoK22vhhTtSVHKKljnVrozJ3PgQPxpOr81g4EfUzO1A=; b=P6UXxqKGH1rXDeDa7PBPuda/zDXvJJrhRMz0TX4IFEvCfZYcOJG0qiGQ4HNVnegWhTk+4ec9gjGvb+AvicFu6yR1oxPjaf5qGZbkNGEyy09yC9Znaznjnt4I4ME2fWk+H9+56tVYFyOJS/B4JHBsAStAn3jQ0vqDOHamiq6C5MY=
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8) by BEZP281MB3396.DEUP281.PROD.OUTLOOK.COM (2603:10a6:b10:65::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Tue, 10 Oct 2023 06:55:09 +0000
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::595:8732:7c77:f32e]) by FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::595:8732:7c77:f32e%3]) with mapi id 15.20.6863.032; Tue, 10 Oct 2023 06:55:09 +0000
Message-ID: <a19f7e86-f1f1-242b-e2a1-ea4a43c163c9@sit.fraunhofer.de>
Date: Tue, 10 Oct 2023 08:55:07 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: Tom Jones <thomasclinganjones@gmail.com>, "Smith, Ned" <ned.smith@intel.com>
CC: "lgl island-resort.com" <lgl@island-resort.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "iab@iab.org" <iab@iab.org>, rats <rats@ietf.org>
References: <169627945480.62917.5309122275327869344@ietfa.amsl.com> <16966.1696299372@localhost> <CAK2Cwb7X+Xri81tKX6Uvci_Ur_h18SKaAi0CQmJZHkVnpA-51A@mail.gmail.com> <87C6E17A-A4E6-49F6-AF51-BC6FD3A06404@island-resort.com> <CAK2Cwb6jy9W=-qJGt8xDEabi_U6qDTSMvv7FFNpqTN1z=qh-6Q@mail.gmail.com> <7897AE41-5DC7-4B9A-A5D6-952E7CBF9B9F@intel.com> <SA1PR20MB5407C5FA816E3DD9C41681578ECEA@SA1PR20MB5407.namprd20.prod.outlook.com> <CE654377-E5D7-41A5-9C98-B948A20F263E@intel.com> <CAK2Cwb7fvH8eqXaP64tkL6BDcCEKa6eBLj-YCdF5CeOXsJOByQ@mail.gmail.com> <7A06930B-77BB-4CD0-A121-655AF09B99D3@intel.com> <CAK2Cwb5Cq0hQDjSpn4rSPGCwizx+8ctTJUF7DNSn9xNZHNfk5g@mail.gmail.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
In-Reply-To: <CAK2Cwb5Cq0hQDjSpn4rSPGCwizx+8ctTJUF7DNSn9xNZHNfk5g@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: AS4PR10CA0008.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:5dc::10) To FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: FR0P281MB2879:EE_|BEZP281MB3396:EE_
X-MS-Office365-Filtering-Correlation-Id: 0656ac2f-a39c-48af-9e15-08dbc95dd7a9
X-LD-Processed: f930300c-c97d-4019-be03-add650a171c4,ExtAddr
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: h5N13m6FBIhyUEFgYHbjaL3uYxwqUuPQEjuVXqhOSg3rRbGztUf0rL4MDp0YGG7CR6be7naIJXbCp9emrhLhyds8v4As3irYYoZO/Bl1Lf91Rw/RqoEhAabrEQvZ2paOv0cxEZ8fjYBanMLmeopA9xqfhRG3swpXF85v4fsQciNDYthwGtS/LEw3OFm2H+8ADSw1434ErDIpLOKidQoIdFVjme3kx/crMZ9EQMGHpAuMqWKY+9LUFbU5CXbW2rMiSI3kJm4/QYbv8woKE689LHV1V5mEoBde+6otalFvvFgXybBibVvefDYlkpWhU1mTW9Jww/qPq+9bu+7JyeNW3ZPqASj3bO2ige8FBXYNMHJc4W7/kJREuOK0M6PN8SsUHM5B3jASpya3x4uq76eOIQvhb4wkFqKp1yP7vPuLi7bXCbaC9elyoIDWujo4p1tZAF/rPmdYrlkcDeUWkD5VubS6LsgLnmOwyYDnKHLSRWElwuADcYhVadnDQt4q0sAgHGJyNpBPHWr1juz8naKjYok5sICoomXpDyCEnETw4p9o+SpTliWqbosI6HOXuRYK29grRaQg8kAs0XAgSWOzrcTEMYtEQToq2jix+kQxIP96FIXRVjWZigeyaPc0HoOAqtU9mp6WCLppJWJiGAnioMbnI7JhVZJD4kfqadJ6X0jCQLe9wFVV5iklLV0Mb1uX
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(376002)(346002)(39860400002)(366004)(136003)(396003)(230922051799003)(451199024)(64100799003)(1800799009)(186009)(66899024)(2906002)(30864003)(86362001)(31696002)(82960400001)(38100700002)(8936002)(8676002)(4326008)(66574015)(6486002)(966005)(6512007)(53546011)(6506007)(2616005)(316002)(31686004)(41300700001)(54906003)(110136005)(66556008)(66946007)(5660300002)(44832011)(45080400002)(83380400001)(66476007)(478600001)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 0hh1cveRLHM23npbn5FRUQSHO50vljpYH0nlMAgrp56f4TZpgRl+BWLvpem4XQ8bGKeoY8HZX/3c6QdhZBQ/RpyWH+IEfetgfd/mxMed50FKZy1PVRbvlwooJOmk5AcJqYQEcMDzzFA9DV2SEgD/M7tADWUz6dF61FDhL15azVr9XDDTsp+JdHxp4xgDcwABIuY+LvWrWzCxGBiaL3zaP18VDLxYD/u6ibg9RRJwPIwSBRPgMT5ZlbYfWmnV3muWZdGmmXfvy+/6ndIYGsUP++H1ndG4ZgsOifswy6+0kKjyft7fN5uUPQrvDJrrMcjG8rQBxxDV8WK1mJwBJCVYqoMvJA07sQ6mahljVZBnc2c/zF3F/tvXk3TI/PsofEbX8KM9CxoFqsfcGwdz9Ibqwp0i2km7njtvdwsdHnR4WNhqkvDpYKaW/B3SHgoFVHvYXWvkYU8PGPeQUZu2AdOk+K7G/u72dpVYe/DNI4RlqZHACDXeZJwoGPHk8qHX0VuzLXaxvSZt9t2Y/h+8nSH8xJYShgoKlBFZSC5K91zdOW4eBMv70kzZ+azMrA3/MqPxNiWND18UExdXebDyIOkFBh0TKANN++mAOVm1Bt2FPpYr7QfDDJpPaOPx9UhDfkzYFsWEyzsKUjAFJ5A8/i/0I6a2W45ksdsQNxlj4ykS+c3sUhXYmTSB/YeUHsGickr5L2s0Zoo47E0KSjCa5kItbVk/5Me3w+nd9D4iQ6AqA4Aa/QN6rb7kjmwOMP7lnw0giakRJ+Bbbxqjbo2W8uh12bvUyp1z7Hejt2rRbsdlQGaHKYSI0HLzn3s9B0P/TOd3etG1+Ui7eCSQdBazLQhXiOxGXjf7tyw2QCMm+KhFUZQel5s5rvHBH/Sy3WEC5RKbtTzN1k62oqQtruCcibBSou3+wRfI8L5LxnHtgxu+jQP2uA/1o9Sp4H2R52I11T8w7SLOUtBLX5zYUJxlFC/DpiRtAkxewdhh3BdDuZvcKDSlflrIBxd14OBmNL80lF1YyFqZPcZ3h/TVxQ/LZZzbyWvDvzaRFnSnU9vM4f/CeAVwHnlkCsc7D5ZTtHBD88BOBovC/3M2lT42G9/SRhJA0eDiAUzeu1JYrlffgJNK8bREivnmZTAJ6qYSBgAsccPc/5cv5Rv3hg5uNgCMVSlksj+WA8xcvu1QhirtHJad8ZObUsovw2jAJOL9vPlJ0M7bRyAmtMJxhJmhVv7oK/yFoXi1PJLV0/wmmCypXX8sQdEd0MwPGw3sN/7WXfth6Om13sJDgeTjPYCo+XIM9+3oxfVOoZet1Jb/nd/zleFmIzXcqUn6Q6LZfQUMPOMxR+s30PEOs9sVYiZVeGiUc/AxTPDvVljzXzIBRv/onHqGIvLtAtDJbHCIQ7Rs3ZAe1J7HPAiKAv7Lum968v9i+ZsjNK87dpxywIoA3eFWcz9ra81iryX5m0yPn/BD7NrMkqaG/F63U8cK7YSSbWYPSSZniYi6X+eoeKT7NpRGbDXxDBZIo915C9WU5JVoHpMpbSCPG10NZ9Eb3Ega8z6OL7/eaKjVLc7+j835FEnDwZuXOCCPjFQGdZRFfVUR6YiWbJfxApxcV4mBEB6YGFREw6gkE7BHsi9LIK27jDkYHUFZqcpITtttzDGF8qVYNhCf1nDYqiIj0cu5TZubQfmuQEkkEA==
X-MS-Exchange-CrossTenant-Network-Message-Id: 0656ac2f-a39c-48af-9e15-08dbc95dd7a9
X-MS-Exchange-CrossTenant-AuthSource: FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 06:55:09.3214 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: BckCi274SBVo9T32wWwiUMdRM9tmCS19rxDkxkpUoj0I2VNKAUHRM6Icvhm+ltpCeH1Ts6jYd9nsRhqoO+/Iv7MJYmppfqFVDkSMMFiFGE0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BEZP281MB3396
X-OriginatorOrg: sit.fraunhofer.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/M-yPUD7DtANkKA5nxN5OaakxaOU>
Subject: Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2023 06:55:25 -0000

On 09.10.23 23:56, Tom Jones wrote:
> I have trouble with much of what NED said.

Hi Tom,

to your comment:

> There is an architectural document. There appears to be no consideration for human privacy

That is correct with the exception of

> https://www.rfc-editor.org/rfc/rfc9334.html#name-privacy-considerations

Is there something explicitly missing that you would like to see in that 
section? If so, Ned highlight two documents where we can add further 
statements or we can do another round on RFC 9334, if that seems warranted.

Also, declaring the "class" of, for example, Evidence generating 
hardware/firmware and thereby something to the effect of type, model, 
version of hardware and its protected capabilities is all over the place 
in RATS documents. Two examples:

> https://www.ietf.org/archive/id/draft-ietf-rats-eat-21.html#name-hwmodel-hardware-model-clai

or

> https://www.ietf.org/archive/id/draft-ietf-rats-corim-02.html#name-class

If indicating TEE or HSM class only in remote attestation Evidence or 
corresponding Attestation Results is not enough, could you elaborate 
more on what you think is required here?

> 
> All of the attestation I have seen comes with machine ID. (s/w id, 

I have seen tons of attestations, such as SBOMs, code reviews or CVEs 
that come without a machine ID. I am a bit surprised by that assessment, 
to be honest.

> whatever) And I understand that, nothing can be said about something 
> without some sort of ID/binding for that something.
> I strongly object to any machine that can be tracked to me (even IOT 
> can) responding to any request for any data without my explicit consent. 
> Any collection of attributes that can be followed can become a way to 
> track me.  I have had this particular problem with smartphones walking 
> around in supermarkets. While this problem is not unique to attestation, 
> it really starts with attestation. so  NO ATTESTATION REQUEST FROM ANY 
> site that is not known to me. Would be a real privacy assertion.
> 
> BTW - my bona fides - I was part of the team at Intel that created the 
> first security co-processor in mid 1990's. I was part of some of the 
> teams at MSFT that struggled with both versions of the TPM.
> 
> Please remember the huge outcry when Intel attempted to put an ID in a 
> processor.

I think we have moved on a bit in the recent years, but maybe this 
thread helps to identified issues with existing IETF documents that we 
can fix!

> 
> The attempt to push this off to a "DISINTERESTED" third party without a 
> funding plan is a non-starter. (SEP field) and I never understood how 
> this attestation could be linked to data later sent from the device anyway.

Could you elaborate a bit more about your usage scenario here? And maybe 
provide a pointer to get more familiar with the issue?


Viele Grüße,

Henk

> 
> ..tom
> 
> 
> On Mon, Oct 9, 2023 at 12:55 PM Smith, Ned <ned.smith@intel.com 
> <mailto:ned.smith@intel.com>> wrote:
> 
>      > There is an architectural document. There appears to be no
>     consideration for human privacy____
> 
>     __ __
> 
>     RFC 9334 does call out privacy considerations relating to humans. It
>     specifically suggests removal of PII from Evidence.____
> 
>     “Another approach to deal with Evidence is to remove PII from the____
> 
>         Evidence while still being able to verify that the Attester is
>     one of____
> 
>         a large set.  This approach is often called "Direct Anonymous____
> 
>         Attestation".  See Section 6.2 of [CCC-DeepDive] and [RATS-DAA]
>     for____
> 
>         more discussion.”____
> 
>     __ __
> 
>     User privacy threats are often concerned with user tracking and
>     targeting. PI and PII are attributes that allow such activity. ____
> 
>     The various drafts that define specific attributes such as
>     draft-ietf-rats-eat-21 - The Entity Attestation Token (EAT)
>     <https://datatracker.ietf.org/doc/draft-ietf-rats-eat/> define
>     attributes that are optional to include in Evidence. Many are
>     attributes that represent a class of device that in most
>     circumstances is ineffective as PII. ____
> 
>     __ __
> 
>     The use (or not) of an attribute due to its privacy sensitivity (or
>     not) is a policy decision. The Attester can have privacy policy that
>     dictates which attributes are privacy sensitive. The Attester, as
>     part of reasonable protocol design, can select which Verifier to
>     trust to enforce the Attester’s privacy policy (in addition to
>     locally applied policy). ____
> 
>     __ __
> 
>     Attestation that focuses on machine attributes rather than user
>     attributes helps protect personal privacy in that it shifts the
>     focus from humans to machines (of which there can be a large class
>     that are the same). This approach allows user identities and
>     credentials to be omitted while still allowing assessments that can
>     detect malware and compromise.____
> 
>     __ __
> 
>     Cheers,____
> 
>     Ned____
> 
>     __ __
> 
>     *From: *RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org>>
>     on behalf of Tom Jones <thomasclinganjones@gmail.com
>     <mailto:thomasclinganjones@gmail.com>>
>     *Date: *Monday, October 9, 2023 at 12:32 PM
>     *To: *"Smith, Ned" <ned.smith@intel.com <mailto:ned.smith@intel.com>>
>     *Cc: *Tom Jones <rp_tomj@hotmail.com <mailto:rp_tomj@hotmail.com>>,
>     "lgl island-resort.com <http://island-resort.com>"
>     <lgl@island-resort.com <mailto:lgl@island-resort.com>>, Michael
>     Richardson <mcr+ietf@sandelman.ca <mailto:mcr%2Bietf@sandelman.ca>>,
>     "iab@iab.org <mailto:iab@iab.org>" <iab@iab.org
>     <mailto:iab@iab.org>>, rats <rats@ietf.org <mailto:rats@ietf.org>>
>     *Subject: *Re: [Rats] IAB Statement on the Risks of Attestation of
>     Software and Hardware on the Open Internet____
> 
>     __ __
> 
>     To be clear. There is an architectural document. There appears to be
>     no consideration for human privacy. Can this gap be addressed within
>     this community. Or is there a sep field in operation here. (See
>     someone else's problem, hitch hiker's guide )____
> 
>     thx ..Tom (mobile)____
> 
>     __ __
> 
>     On Mon, Oct 9, 2023, 11:27 AM Smith, Ned <ned.smith@intel.com
>     <mailto:ned.smith@intel.com>> wrote:____
> 
>          >so then, there is no hope for privacy preserving architecture
>         from RATS?____
> 
>         ____
> 
>         Does “RATS” refer to the WG or RFC9334? And I didn’t say privacy
>         preserving attestation was hopeless. ____
> 
>         ____
> 
>         *From: *Tom Jones <rp_tomj@hotmail.com <mailto:rp_tomj@hotmail.com>>
>         *Date: *Monday, October 9, 2023 at 11:17 AM
>         *To: *"Smith, Ned" <ned.smith@intel.com
>         <mailto:ned.smith@intel.com>>, Tom Jones
>         <thomasclinganjones@gmail.com
>         <mailto:thomasclinganjones@gmail.com>>, "lgl island-resort.com
>         <http://island-resort.com>" <lgl@island-resort.com
>         <mailto:lgl@island-resort.com>>
>         *Cc: *Michael Richardson <mcr+ietf@sandelman.ca
>         <mailto:mcr%2Bietf@sandelman.ca>>, "iab@iab.org
>         <mailto:iab@iab.org>" <iab@iab.org <mailto:iab@iab.org>>, rats
>         <rats@ietf.org <mailto:rats@ietf.org>>
>         *Subject: *Re: [Rats] IAB Statement on the Risks of Attestation
>         of Software and Hardware on the Open Internet____
> 
>         ____
> 
>         so then, there is no hope for privacy preserving architecture
>         from RATS?____
> 
>         ____
> 
>         Peace ..tom____
> 
>         ------------------------------------------------------------------------
> 
>         *From:*Smith, Ned <ned.smith@intel.com <mailto:ned.smith@intel.com>>
>         *Sent:* Monday, October 9, 2023 11:13 AM
>         *To:* Tom Jones <thomasclinganjones@gmail.com
>         <mailto:thomasclinganjones@gmail.com>>; lgl island-resort.com
>         <http://island-resort.com> <lgl@island-resort.com
>         <mailto:lgl@island-resort.com>>
>         *Cc:* Michael Richardson <mcr+ietf@sandelman.ca
>         <mailto:mcr%2Bietf@sandelman.ca>>; iab@iab.org
>         <mailto:iab@iab.org> <iab@iab.org <mailto:iab@iab.org>>; rats
>         <rats@ietf.org <mailto:rats@ietf.org>>; Tom Jones
>         <rp_tomj@hotmail.com <mailto:rp_tomj@hotmail.com>>
>         *Subject:* Re: [Rats] IAB Statement on the Risks of Attestation
>         of Software and Hardware on the Open Internet ____
> 
>         ____
> 
>          > The problem then is that the verifier must state what the use
>         case is in a trustworthy message.____
> 
>         If there is a gap in the RATS Architecture, it is that it didn’t
>         acknowledge the need for a Verifier to present usage/context to
>         the Attester as a prerequisite to disclosing Evidence. And it
>         assumes the relying party doesn’t need to present usage/context
>         to the Verifier before disclosing Attestation Results.____
> 
>         ____
> 
>         In its defense, the RATS Architecture wasn’t trying to define a
>         protocol, rather a conceptual flow of information. Actual
>         protocols would consider deployment and usage context and
>         address privacy considerations as appropriate. Consider an
>         embedded system behind a firewall, this may not need the
>         deployment context to be communicated in a protocol message
>         since the context is embedded.____
> 
>         ____
> 
>         -Ned____
> 
>         ____
> 
>         *From: *RATS <rats-bounces@ietf.org
>         <mailto:rats-bounces@ietf.org>> on behalf of Tom Jones
>         <thomasclinganjones@gmail.com <mailto:thomasclinganjones@gmail.com>>
>         *Date: *Sunday, October 8, 2023 at 11:12 PM
>         *To: *"lgl island-resort.com <http://island-resort.com>"
>         <lgl@island-resort.com <mailto:lgl@island-resort.com>>
>         *Cc: *Michael Richardson <mcr+ietf@sandelman.ca
>         <mailto:mcr%2Bietf@sandelman.ca>>, "iab@iab.org
>         <mailto:iab@iab.org>" <iab@iab.org <mailto:iab@iab.org>>, rats
>         <rats@ietf.org <mailto:rats@ietf.org>>, Tom Jones
>         <rp_tomj@hotmail.com <mailto:rp_tomj@hotmail.com>>
>         *Subject: *Re: [Rats] IAB Statement on the Risks of Attestation
>         of Software and Hardware on the Open Internet____
> 
>         ____
> 
>         The problem then is that the verifier must state what the use
>         case is in a trustworthy message.____
> 
>         thx ..Tom (mobile)____
> 
>         ____
> 
>         On Sun, Oct 8, 2023, 11:41 AM lgl island-resort.com
>         <http://island-resort.com/> <lgl@island-resort.com
>         <mailto:lgl@island-resort.com>> wrote:____
> 
>             I think the workable strategy is privacy-preserving
>             attestation. The attestation target (e.g. client device)
>             reveals only enough to prove the security characteristics
>             that it needs to for the use case. FIDO supports this sort
>             of thing. ____
> 
>             ____
> 
>             In some ways, formal, cryptographically secured attestation
>             doesn’t change things. Web sites already try to collect as
>             much personal information as possible. The OS and the web
>             browser defend. ____
> 
>             ____
> 
>             The IAB’s comment, is that web sites and services would deny
>             service unless the client device provided attestation of
>             their SW stack and such. That’s different than the privacy
>             issue.____
> 
>             ____
> 
>             LL____
> 
>             ____
> 
>             ____
> 
>             ____
> 
>                 On Oct 7, 2023, at 11:03 PM, Tom Jones
>                 <thomasclinganjones@gmail.com
>                 <mailto:thomasclinganjones@gmail.com>> wrote:____
> 
>                 ____
> 
>                 Granted that the iab doc is difficult, I would like to
>                 state an objection in terms of the user. ____
> 
>                 ____
> 
>                 No verifier may ever request more attestation than they
>                 are willing to first provide.____
> 
>                 ____
> 
>                 What's sauce for the goose is sauce for the gander.____
> 
>                 ____
> 
>                 That would limit the sites that just troll users to see
>                 what they can discover to the sites that the user is
>                 willing to trust.____
> 
>                 ____
> 
>                 Generally I agree with panwei.____
> 
>                 thx ..Tom (mobile)____
> 
>                 ____
> 
>                 On Mon, Oct 2, 2023, 7:16 PM Michael Richardson
>                 <mcr+ietf@sandelman.ca <mailto:mcr%2Bietf@sandelman.ca>>
>                 wrote:____
> 
> 
>                     IAB Executive Administrative Manager <execd@iab.org
>                     <mailto:execd@iab.org>> wrote:
>                          > On 25 September 2023, the Internet
>                     Architecture Board (IAB) posted a
>                          > new IAB Statement on the Risks of Attestation
>                     of Software and Hardware
>                          > on the Open Internet[1].
> 
>                          > [1]
>                          >
>                     https://datatracker.ietf.org/doc/statement-iab-statement-on-the-risks-of-attestation-of-software-and-hardware-on-the-open-internet/ <https://datatracker.ietf.org/doc/statement-iab-statement-on-the-risks-of-attestation-of-software-and-hardware-on-the-open-internet/>
> 
>                     It's an interesting statement, and I suspect that I
>                     agree with the intent.
>                     As written, it fails to inform: you need to know
>                     what the treacherous uses of
>                     remote attestation are (and then take two steps not
>                     detailed in this
>                     statement) in order to understand the statement.
>                     I think that this should be revised, and it
>                     shouldn't be so timid.
> 
>                     As an author of RFC9334, I'm rather surprised that
>                     this statement was issued
>                     without any consultation with us.
> 
>                     As written, I find this statement useless.
>                     I would be happy to work with the IAB to craft a
>                     better statement.
> 
>                     --
>                     Michael Richardson <mcr+IETF@sandelman.ca
>                     <mailto:mcr%2BIETF@sandelman.ca>>   . o O ( IPv6 IøT
>                     consulting )
>                                 Sandelman Software Works Inc, Ottawa and
>                     Worldwide
> 
> 
> 
> 
>                     _______________________________________________
>                     RATS mailing list
>                     RATS@ietf.org <mailto:RATS@ietf.org>
>                     https://www.ietf.org/mailman/listinfo/rats
>                     <https://www.ietf.org/mailman/listinfo/rats>____
> 
>                 _______________________________________________
>                 RATS mailing list
>                 RATS@ietf.org <mailto:RATS@ietf.org>
>                 https://www.ietf.org/mailman/listinfo/rats
>                 <https://www.ietf.org/mailman/listinfo/rats>____
> 
>             ____
> 
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email