IETF Logo Mail Archive

Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet

"Smith, Ned" <ned.smith@intel.com> Mon, 09 October 2023 19:36 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41AFEC151071 for <rats@ietfa.amsl.com>; Mon, 9 Oct 2023 12:36:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8JQ1auDq71Pl for <rats@ietfa.amsl.com>; Mon, 9 Oct 2023 12:36:15 -0700 (PDT)
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E33DBC151061 for <rats@ietf.org>; Mon, 9 Oct 2023 12:36:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1696880174; x=1728416174; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=M8dtxY0ZNMTxCU+CNetphs1xsU+u45619YbNEdAGUDU=; b=GAaQhBvxTXx6z6Sfs2mIcPkj3zI2bNLlXasXBZb3/0ux0DNbg+Djatro j5skqoKwyFry/pVd4VB0b9ixIrHPDXzmTUWfPY0lRN1A8SbC6cEWG8pIv /I1iVQoslePMSr+KE9u42va2P1putqt0opIp7ZAExAYroMVacL5eQ6SR3 57Ef4YWXrJLDqS5gcrVr4+ptBpLpqUx8kc/7QbuzSXbWRNUwaaWE5trZa 7GouZ7HnKdv0/vtLs8ZQ2V3Dl48R32S4eGfSjs2db8lLGvHxVAJ+w8Yyv kygVPrxOpCcDHu9PAdOwHW3mz6osOpzb/wIQYwHYkKoCJ6D81R8sw48S9 w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10858"; a="448426129"
X-IronPort-AV: E=Sophos;i="6.03,210,1694761200"; d="scan'208,217";a="448426129"
Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2023 12:36:13 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10858"; a="876931916"
X-IronPort-AV: E=Sophos;i="6.03,210,1694761200"; d="scan'208,217";a="876931916"
Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by orsmga004.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 09 Oct 2023 12:36:13 -0700
Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32; Mon, 9 Oct 2023 12:36:12 -0700
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.32 via Frontend Transport; Mon, 9 Oct 2023 12:36:12 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.168) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.32; Mon, 9 Oct 2023 12:36:12 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TX/A77qW7Zs7bz2Y3qvv7WIlkJYZ/oUMugjTyrfmkcQzj0TnJ6gBQytEX/gsIYROX1Qy6+Ewho4OV1DlA3Ect6adDav/LwpM0B70lNjMWrJ1pKjALxcfUqVFbQj2LfppQ4woCbxMA6tQrWEwwsD0XMYKQx69kjZXaWan9azYIZirdpNHvp5U9gSyORsZf1RiiRAhazZNNIfbS5NurS6Rq4BM02w+S5e0s0Ct09kyIATJCOPnk5HYJfth+MZYhBwaNjSz2eXj+O6BcESeh5cHclotGSy1HGlD4CXNPDQvCXk+i0Bc4DJbGmyHre0gYLy9N3ieYj6rRuDQCdX+KHa/1g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M8dtxY0ZNMTxCU+CNetphs1xsU+u45619YbNEdAGUDU=; b=bahGNLMVbg4HFwTVO+7z3XGw19JRQNK2kD3MRjxPVus0hxbOT9xooicZoH0Zhz5j1N6xV0bcWZKy5NPOgx4Q61F4AlLL+mU5Ek4jKm5rPTL/mt37xhgeZxU4nHBQHMF/a9C6WB+UMCTLEFakuyWGO6GeNMtmfD6hhaaKkgLqjuhTUg9W03LfSENvKFJFgaqXaD1cqJ7S+KHborlWOhFM67iW7Txl5k+oVQi6gL4NsO5DakdjHnwwrt/irTqYX8xJYvRgxXND/KGCa2oZF8YxpMPQn/GBPZFLKup4waCvwg0PKhKI6HrrN0aur23Sg3uLDs7zbxNRlHGI/1aCvu4acQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by PH7PR11MB7987.namprd11.prod.outlook.com (2603:10b6:510:242::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.43; Mon, 9 Oct 2023 19:36:04 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::20ce:90f8:e37a:746b]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::20ce:90f8:e37a:746b%4]) with mapi id 15.20.6863.032; Mon, 9 Oct 2023 19:36:04 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: "lgl island-resort.com" <lgl@island-resort.com>, Tom Jones <rp_tomj@hotmail.com>
CC: Tom Jones <thomasclinganjones@gmail.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "iab@iab.org" <iab@iab.org>, rats <rats@ietf.org>
Thread-Topic: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet
Thread-Index: AQHZ9XFHoYXW2Rzq/U2DeqRmHEHRSbA3VEUAgAgbM4CAANOngIAAwRWAgABULoCAAHZbgIAADaCA//+TFgA=
Date: Mon, 09 Oct 2023 19:36:04 +0000
Message-ID: <80FBBBA8-907C-4297-BD7A-F996E3AFD3CF@intel.com>
References: <169627945480.62917.5309122275327869344@ietfa.amsl.com> <16966.1696299372@localhost> <CAK2Cwb7X+Xri81tKX6Uvci_Ur_h18SKaAi0CQmJZHkVnpA-51A@mail.gmail.com> <87C6E17A-A4E6-49F6-AF51-BC6FD3A06404@island-resort.com> <CAK2Cwb6jy9W=-qJGt8xDEabi_U6qDTSMvv7FFNpqTN1z=qh-6Q@mail.gmail.com> <7897AE41-5DC7-4B9A-A5D6-952E7CBF9B9F@intel.com> <SA1PR20MB5407C5FA816E3DD9C41681578ECEA@SA1PR20MB5407.namprd20.prod.outlook.com> <B808408E-6C31-411F-857D-A87660B63745@island-resort.com>
In-Reply-To: <B808408E-6C31-411F-857D-A87660B63745@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.77.23091703
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO1PR11MB5169:EE_|PH7PR11MB7987:EE_
x-ms-office365-filtering-correlation-id: 059ed28d-e61e-45e7-6206-08dbc8fefa1d
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XQtgSmMfyRAQAPbtHdVkPwf4c1qPDo3UT3rU76+su5VEAFWCT2D7aMZMLvCJdoz0p4qQNwnnuBXOpY0Ykv9Lt+eaH+iTHvBD4uupJPvo0ycjMg+qsJfQDpe8c0gfiZEDt0XnUSUaX5loQ8sjmywozqyAcdsVrXdG4++BBhcEFlugbiVUMb673u/FQ4JrfvZHGGJUDcniatnUrMpk+99dW3WsVMd3hyoBK2GMja4V8ijxKssEnT2EntBSb8KCeR2cU6Xnuf0Qt0SB8L5n2c8R4K/4apZfACwnQRbfUJkhuT4vE99h90sGKPGn4M6sqw98alSRAugYpSTnawKiP76j1GadOo2tOaF6SR7+FoSyTNV5gI7ayzgGtP/6wvkvv146Skc3pNJaR2xYPe51xXLlGAom/wVP4GWcPZ7kqur4HIqBXm7YeGg37Xql0NbH7iatWs6hzgx//47DxeAsAaT+0hDR9Z3VnM3qfFHv06HkQCjivwbxynBrNwkfzIwwI7wNYOht2LA963wHsgs2wLmuLXJRtz0BIysD3yNYK8OwZCfMFLy/MKEEzb6Ul4pL4ZDj/mRgIu5QpndaK2VwStQ1bhMrZbK7sheUm022ZfFruxDGLcbOgX+6zq40PXpJHHdfG9/Ps/Ri69LXIi2/17Xepia9F2kxa5yl1U9SDrzM0JE=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(366004)(39860400002)(396003)(136003)(376002)(230922051799003)(451199024)(186009)(64100799003)(1800799009)(66899024)(83380400001)(2616005)(66946007)(66574015)(26005)(166002)(66556008)(66476007)(110136005)(66446008)(54906003)(316002)(76116006)(64756008)(5660300002)(8936002)(8676002)(6506007)(4326008)(53546011)(41300700001)(71200400001)(6486002)(2906002)(6512007)(966005)(45080400002)(478600001)(33656002)(36756003)(38100700002)(82960400001)(86362001)(122000001)(38070700005)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: JgTCfXBXP+P7RROLIbEAsnSVoYKo7qqr7wx/Jke5RC9wsHfd+Q+m+hqvxvIdFHI2hiRwFQ5AZGiu0v8HgUDJqQZf/pJWl1tKLllzXsNuXhnpJOd0FMjhtAH4qN2DDWeXZr+qhFUUh51wK6t6sc8V1sEQwV6UrBm+13xAkaRUe8/nchS/LIWD5KeCZuUZDAppzx9WLaqvNuglJobqG+lSbH0H1joyFhQje3Ynvr0rNALSvGsxgHaFp7Auju3uL0TBoTQ48ggkHCqR8c061bYWzDJ/CzVSS7zLxCFWRlVzboJ+oS5VEVxyvtlkX/j4yqSkju6uI5mDgoxL9SrUcZYvvDAH2HEsA2myDYXmeHMs+sCT8XdEfs8FKxT46b/NazTx3lwZjGSwe2ogMjZlNueNo6zIxrw9z2cI/sHmULvY6jvzJBEYQXZwJMHZXbHOKsYZ68cb6rphWHaoYnypqHBC/sCAWgbMzMmH9HxpxX+h5Uwp8w0u8wN65//E1T3oZfydQ7QR4dGjPdAkZy+SotBYgEFmNQIX2xwI7dIntLEfdlWv0HPFeFNHAtETquFoEz+aNeWIWsLX9x3AoEHavj8ir5+c+4Sr9OogWox1O2DdwWBsuhw4anzaqr6hkxjwxmddq7+L1kxuYvKkAunKK5YetCDhZWvsDZWDvKTmiuU6vdkfIZbVvrQx+yxUxdhEFbA8Rz6pShr/Boe46Tfzo0Wj0l2YK9ioPvINPHc+wAzGMgDqQXRYAyHVS2BOfddC9j3S+MvFzmhuYhNTpbHL4mA7ngID6kTv1ixuV+EzcWQ1yG+SN14lMMKowP1ToOEqA4X301K/GJorombzOJChbQBw1Ui/HO2PxBjina9QC6W0YtVRoXE+Gk1z/mHQW3oMWTQGKqWqHgJn6x3oAIm1NNEcHU5AmIed35UKE0K4xtkvfZGQVDM/T/oUqiS3NRhMBCHfViHpwoUOu/v4t5Lxz946iDr8+fSyS0kFGUklH7dxCIj9Tbz0QnQ0l5cSA1HgK+ns0qQ7c2x7JlZyUt0xiUs7pzJ7rPzDOO6awlfOKg+FwPJY6fNcS7ROj2T6GsedIi/RgEI3IMT89glP4zg9YATAb9CiXm6i3Fl2oEu2lvF1r3aHbQisFAGNpyMxAhsQSMdcdzVeZ8y0q5vwO1bBZTRU0zBHmUNGRBNjsltWqR9Y2NTCp8FMcWNy8CT4GYgBSXho/5U0WZbMzmODe8Z3DDbv0o0jNGORMaHIFrH1K5ch9RWlIrwAS5UyhzUuAUcQCs6JHoTWNSr4R3W/S6bg/nLVgAM1R7XTBfHUOeCsGsSruuo/T2Y24jbwm8h6Elpa/RVvgzpQS38aAl+npu1BGM24HN8bL8jcX0xt7Z1cKNuYymt0o2S0F4/nfpigsqYGmOYxmroQIEG3kAf0Z+HN7XhDNY8Ai4wfymR/7EH9eYxlcC2XZisMobDYvU+SWuvRFJmALImQaago/iF7036ZTQ+voYwjVR7Tyji0/F5hqK0lzeqjzqu46vgPCcXqgfXYBEYujhkhMdU93zGe1ElSycFa3W+ZtH2075NcSXOmR60n0WHSL2kEClCfTKjOP3AFTsh2dVHH1HrncGPxskngA795Rw==
Content-Type: multipart/alternative; boundary="_000_80FBBBA8907C4297BD7AF996E3AFD3CFintelcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 059ed28d-e61e-45e7-6206-08dbc8fefa1d
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Oct 2023 19:36:04.5993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0NSsfTM0UnowbYXgRRpm/N8SPjx6ESrUBfYnPlvhKGXtJ+sXPlDkztYh4YsMRvgrijTomceS+5yF0i4kQeQoyg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB7987
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/NNQs1ujFtsE1br0teRFYU6Ba6PI>
Subject: Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Oct 2023 19:36:19 -0000

Here are a some of the privacy preserving approaches currently in flight in the RATS WG:

draft-ietf-rats-daa-04 - Direct Anonymous Attestation for the Remote Attestation Procedures Architecture<https://datatracker.ietf.org/doc/draft-ietf-rats-daa/> – The daa draft defines use of group signatures that allows an Attester to present Evidence anonymously, independent of the Verifier.

draft-ietf-rats-ar4si-05 - Attestation Results for Secure Interactions<https://datatracker.ietf.org/doc/draft-ietf-rats-ar4si/> – The ar4si draft describes attestation results that are a summarization of Evidence details that may be used to hide information from downstream Relying Parties.

The Attester can employ privacy preserving behavior independent of the Relying party. For example, in the passport model (RFC9334), the Attester receives the attestation result (aka passport) from the Verifier. If it contains privacy sensitive content, the Attester can refuse to supply the passport to a Relying Party.

As Laurence observed, protocol definition outside of the RATS WG also can help address privacy considerations.

-Ned

From: RATS <rats-bounces@ietf.org> on behalf of "lgl island-resort.com" <lgl@island-resort.com>
Date: Monday, October 9, 2023 at 12:06 PM
To: Tom Jones <rp_tomj@hotmail.com>
Cc: "Smith, Ned" <ned.smith@intel.com>, Tom Jones <thomasclinganjones@gmail.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "iab@iab.org" <iab@iab.org>, rats <rats@ietf.org>
Subject: Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet

EAT defines an attestation token, a signed set of claims about the device, not a round-trip protocol. Its use is usually by embedding the token in another protocol. So you know the use case from the context of the carrying protocol.

FIDO is a great example. It is clearly focused on the authentication use case. FIDO certification also defines two types, one for the open market that is privacy preserving and one for the enterprise which is not (because enterprises want it that way).

Lots of apps on mobile devices define their own protocols (i.e. JSON/REST APIs) and may or may not include attestation. Android attestation (proprietary) has been an option for some time. For example a banking app may include attestation (and you already agreed to no privacy in a banking app because banking regulations require tracking).

Privacy preservation can also be through a proxy or intermediary. The attestation goes to a neutral third party that verifies attestations but doesn’t track. The end consumer of the attestation just gets a yeah/nay, no PII.

There is tons of room in the RATS architecture for privacy preservation.

LL




On Oct 9, 2023, at 11:17 AM, Tom Jones <rp_tomj@hotmail.com> wrote:

so then, there is no hope for privacy preserving architecture from RATS?

Peace ..tom
________________________________
From: Smith, Ned <ned.smith@intel.com>
Sent: Monday, October 9, 2023 11:13 AM
To: Tom Jones <thomasclinganjones@gmail.com>; lgl island-resort.com <lgl@island-resort.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>; iab@iab.org <iab@iab.org>; rats <rats@ietf.org>; Tom Jones <rp_tomj@hotmail.com>
Subject: Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet


> The problem then is that the verifier must state what the use case is in a trustworthy message.

If there is a gap in the RATS Architecture, it is that it didn’t acknowledge the need for a Verifier to present usage/context to the Attester as a prerequisite to disclosing Evidence. And it assumes the relying party doesn’t need to present usage/context to the Verifier before disclosing Attestation Results.


In its defense, the RATS Architecture wasn’t trying to define a protocol, rather a conceptual flow of information. Actual protocols would consider deployment and usage context and address privacy considerations as appropriate. Consider an embedded system behind a firewall, this may not need the deployment context to be communicated in a protocol message since the context is embedded.


-Ned


From: RATS <rats-bounces@ietf.org> on behalf of Tom Jones <thomasclinganjones@gmail.com>
Date: Sunday, October 8, 2023 at 11:12 PM
To: "lgl island-resort.com" <lgl@island-resort.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "iab@iab.org" <iab@iab.org>, rats <rats@ietf.org>, Tom Jones <rp_tomj@hotmail.com>
Subject: Re: [Rats] IAB Statement on the Risks of Attestation of Software and Hardware on the Open Internet


The problem then is that the verifier must state what the use case is in a trustworthy message.

thx ..Tom (mobile)


On Sun, Oct 8, 2023, 11:41 AM lgl island-resort.com<http://island-resort.com/> <lgl@island-resort.com<mailto:lgl@island-resort.com>> wrote:

I think the workable strategy is privacy-preserving attestation. The attestation target (e.g. client device) reveals only enough to prove the security characteristics that it needs to for the use case. FIDO supports this sort of thing.


In some ways, formal, cryptographically secured attestation doesn’t change things. Web sites already try to collect as much personal information as possible. The OS and the web browser defend.


The IAB’s comment, is that web sites and services would deny service unless the client device provided attestation of their SW stack and such. That’s different than the privacy issue.


LL





On Oct 7, 2023, at 11:03 PM, Tom Jones <thomasclinganjones@gmail.com<mailto:thomasclinganjones@gmail.com>> wrote:


Granted that the iab doc is difficult, I would like to state an objection in terms of the user.


No verifier may ever request more attestation than they are willing to first provide.


What's sauce for the goose is sauce for the gander.


That would limit the sites that just troll users to see what they can discover to the sites that the user is willing to trust.


Generally I agree with panwei.

thx ..Tom (mobile)


On Mon, Oct 2, 2023, 7:16 PM Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr%2Bietf@sandelman.ca>> wrote:

IAB Executive Administrative Manager <execd@iab.org<mailto:execd@iab.org>> wrote:
    > On 25 September 2023, the Internet Architecture Board (IAB) posted a
    > new IAB Statement on the Risks of Attestation of Software and Hardware
    > on the Open Internet[1].

    > [1]
    > https://datatracker.ietf.org/doc/statement-iab-statement-on-the-risks-of-attestation-of-software-and-hardware-on-the-open-internet/

It's an interesting statement, and I suspect that I agree with the intent.
As written, it fails to inform: you need to know what the treacherous uses of
remote attestation are (and then take two steps not detailed in this
statement) in order to understand the statement.
I think that this should be revised, and it shouldn't be so timid.

As an author of RFC9334, I'm rather surprised that this statement was issued
without any consultation with us.

As written, I find this statement useless.
I would be happy to work with the IAB to craft a better statement.

--
Michael Richardson <mcr+IETF@sandelman.ca<mailto:mcr%2BIETF@sandelman.ca>>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide




_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats

_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email