IETF Logo Mail Archive

Re: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

"Smith, Ned" <ned.smith@intel.com> Fri, 03 June 2022 18:28 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A7B6C14F725 for <rats@ietfa.amsl.com>; Fri, 3 Jun 2022 11:28:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.851
X-Spam-Level:
X-Spam-Status: No, score=-2.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.745, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tdjmD98W1bOO for <rats@ietfa.amsl.com>; Fri, 3 Jun 2022 11:28:50 -0700 (PDT)
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA96DC14CF02 for <rats@ietf.org>; Fri, 3 Jun 2022 11:28:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1654280929; x=1685816929; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=gVLkWzZIYesjYxMu+urI2/CzTJc/VSeSi6jqgNA/0ok=; b=S5aXbRFP0s7fd3DbYv7YJrE56XWvPHgYA61r/EFehMYgOatbNfLw1du5 xt19CmQGi3a+RmcBgv+UYWMTR+K7Km591fq+Kq3Aazt0PMbMhJqJV0GqW 1KEnofDCPUsadg9S3wt+sVgI6WovS70eDWSGfkxJONzzt5GuVZEqvz3o7 6y9nRha28FS+QcA0ZCpdD9ctqfvz5iOdq9YJvuhrxRvqZ+yr+suKmUl2+ AyG60FZ+qyYWgWa9DIRGdockAmeL9dRseARidmUTX9QL/PTp35Uyv4zoz Llnds1nlEHBoxRdaicQOwtToMy0Cg2QpZI7DeaFNho3ZOI+0u0ZR3QTbj A==;
X-IronPort-AV: E=McAfee;i="6400,9594,10367"; a="276342413"
X-IronPort-AV: E=Sophos;i="5.91,275,1647327600"; d="scan'208,217";a="276342413"
Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Jun 2022 11:28:48 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.91,275,1647327600"; d="scan'208,217";a="582696712"
Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmsmga007.fm.intel.com with ESMTP; 03 Jun 2022 11:28:48 -0700
Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Fri, 3 Jun 2022 11:28:47 -0700
Received: from orsmsx609.amr.corp.intel.com (10.22.229.22) by ORSMSX608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Fri, 3 Jun 2022 11:28:47 -0700
Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx609.amr.corp.intel.com (10.22.229.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Fri, 3 Jun 2022 11:28:47 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.106) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Fri, 3 Jun 2022 11:28:40 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EmBdyVEJu8rOXqQaWPppctW4BUJSV0I+qLNZG1nvavjL22Ng8j15FYkREBzFBEG26FB5Q1VHvTJRUAoas4CFTb/Jzd4+dbD7LsKtuefO84gy7OMFFzm3EsXvrnRMQcbmcW6seMgyF3dSfcJ0XPPWgjDtBa7rUQyP7xi88LiWfP0xp9eEywAT4BiNH1nppbNj791G1Cje5pZsZFcA3lFhjYtu7jiisMGRExirtfbUeb75/uyT0uilF7aPrkcpOeugm2fQNg9X2nBj7z2AzrjKj2S2KZfF1i7varhCbIko4EBQ9RMLkI/HKoP4vuKzPDp+RwW+JsssIODNgs22SSbjaA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gVLkWzZIYesjYxMu+urI2/CzTJc/VSeSi6jqgNA/0ok=; b=PIEnCZQHsLHgEhk4s1EIBBJUfyxt+kcc+OtpWpguY351ouPNvflE5F3QUip7ECqEio5xuCeUzh01ti64dtrl7qJoGCFIWyS7k9vFtS0maGKN6i4JesmiJMRXWqJhsPyRPNJythfe99GuInnhGM/EtW8TFmGyDSIb5w41FllhNVvJ87rCAcXB/pkowNmFb0uiB8DwWQrNJxXwSyU25lBcFR6BHZk0gbsOH/iANLl6U52Jc60kdIRHo6WGp8k43MLeoeqKJIYIz0K+ty/4FJIbc4Au9z1HZQertvOH0Y8qo25Avq5fCjsyMSEKPpN1eTmTXQs/ZUHmoKRJZPImxRI62A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by DM6PR11MB4489.namprd11.prod.outlook.com (2603:10b6:5:203::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.12; Fri, 3 Jun 2022 18:28:38 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5dfe:31c7:a62a:d8b8]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5dfe:31c7:a62a:d8b8%3]) with mapi id 15.20.5314.013; Fri, 3 Jun 2022 18:28:38 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: Giridhar Mandyam <mandyam@qti.qualcomm.com>, Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>, Laurence Lundblade <lgl@island-resort.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
CC: "Eric Voit (evoit)" <evoit@cisco.com>, "Eric Voit (evoit)" <evoit=40cisco.com@dmarc.ietf.org>, "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
Thread-Index: AQHYdfnjMsjQPZl9n0yWj7/2kWZTJ607CvaAgAAGa4CAAM9WAIAAfG8AgAAJSICAABHNAIAACd8AgAAVYACAAPa0gA==
Date: Fri, 03 Jun 2022 18:28:38 +0000
Message-ID: <C0C0C756-214C-43C8-8EE2-AD4CFF71C0A0@intel.com>
References: <45618431-7329-4F31-941F-A39BBC9D575F@cisco.com> <BYAPR11MB3125EB2DEC4CE5136AC903F9A1DF9@BYAPR11MB3125.namprd11.prod.outlook.com> <7FD4FE54-7A16-4E92-BDDC-878D726095E6@island-resort.com> <900bf8d8-0b00-cc98-fd82-786dc9c18901@sit.fraunhofer.de> <SJ0PR02MB8353B7216358275E4BF3923081DF9@SJ0PR02MB8353.namprd02.prod.outlook.com> <AB42EABD-FE7A-4DF0-8909-A6D304E292C5@intel.com> <BL0PR11MB3122AA0245129AAB021F0E5DA1DE9@BL0PR11MB3122.namprd11.prod.outlook.com> <c98b992b-5efb-d46f-81d5-d3711941dbb9@sit.fraunhofer.de> <B2C05847-4A5C-4179-AE00-A5F9BACC5121@island-resort.com> <PH0PR02MB725621CB633C322367FD4935F2DE9@PH0PR02MB7256.namprd02.prod.outlook.com> <SJ0PR02MB83536AE654BEDBAE653F803381DE9@SJ0PR02MB8353.namprd02.prod.outlook.com>
In-Reply-To: <SJ0PR02MB83536AE654BEDBAE653F803381DE9@SJ0PR02MB8353.namprd02.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.61.22050700
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ab337c85-dd11-4de7-29da-08da458ee0cb
x-ms-traffictypediagnostic: DM6PR11MB4489:EE_
x-microsoft-antispam-prvs: <DM6PR11MB4489513CBFB1ACAED74EDA96E5A19@DM6PR11MB4489.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: c/EU+/a+MvNnRvuEImeH4ZpMNsHkVd0B2I8nS48N4ZgBPewSJ2YkMrAvUxfaCXI6W7Pd9L1SvXNco72RjqAQvruZ1C1NSkR7IX+O+k75DB73BBqP0lxPe79HIkGWqVM1Zb/eEGGYJPm22pdJxaDub5bvtpxccOjuczcqNf2/eJMTf77G1yc8NFzB08OPs8O5rg/yzuTh5JcSwh2W57gk6m3h/MCxh42gd/BYy6jN1jatuKMJcPvqflAhSJ5xwz7L0nO69PHUMpjLc/Xt+DjEnm3tuZUMtTZDfj0XOtdt/4yasOVpBoXpX2ULqBA9WIOUZPGzDfSn3rJc20+PuEpXh/A+yrfXGtMFg3AwBaZdG6ovUFw90WQfF53NQj1zK2+bIeO8NJXFTiDYJaHiaECsO8Hh8KTo1tNDjeZS5Cxo9vUXhEMaYb6S2OIJwqEat/jWhyiWve5sqiX4Hk4RkNmQyf+N1p3tMAGAuHVIBWtg2i05Ieqdon+AsokNGIiCx+nELMKt5ZB6wPZWe0xiHWqDLngVSvKIF652AL+7fIgezBOusl8r2WKmf6n1aZV75gu8WkpFenWgu3DZmxxcB0RvnMezfuYGU+BGihnSENrNG1nIENh6U6gFMMQ5TOR50CmDsfliH0Rhf4Ck+GqAldBNvbUNtYV/iB/UUI8qrtif88CrNBZUJQQXBykihoqf1HEjA2CpZNG4f4c+KeF3sr3M1RamqOEJ0wSdV3LlYt4KGbSHOn17cS8YaYtzc414/toXcv+QKK8rSE5MplisjChSAMn+Cv1vwCl+PZeoYKmaTVRU2hDepU3lrCYDHFEwGTXeiX/JVm38AdZkhD5hTcox+YiXk0QGJ4QdqC9gnK0QEEY=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(86362001)(38100700002)(36756003)(8936002)(38070700005)(166002)(966005)(83380400001)(2906002)(5660300002)(6486002)(26005)(53546011)(82960400001)(186003)(6506007)(2616005)(110136005)(316002)(508600001)(8676002)(4326008)(64756008)(66476007)(76116006)(66946007)(66556008)(66446008)(54906003)(71200400001)(6512007)(15650500001)(33656002)(122000001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: H9ndNH8B2e+GrZzti11aTjZ1Q57LmsLWz1zjn5lzI9vjQAxd4mlku9NqWMqfwirHhiFdRmk2h0TgcglvPRuGNV2WZ0rYHl/bzJuS6TAHZ8oO9N80LtCAkduifJstcrbZ6Sb//ST5Eul3p+utq6/W0VHOQnL7r2Qh6wpAKf7goQvG/lH5NAIzOTw9J/qWjSuBgpZKVXmhRmOyfBmfK1oRPJPmU/SvWZm/ualmxzsf2PRKbCZFB5aEMohJ8QJvCW4HacnADjHW1VioMHyQ+Bid/SzMDbR7vXA0A3bl11cTxOV/k2Cv1/lP82xa7TN+f+JGJ85IYDiLNAL7OV3qsdSPIZ0OxFVc+6MUGtOD/ZzNvRPxt9yo89rxp7ystYuuZKAdPskDqRRuf370nq6EvoazaYasv6Dw+2Esr3uojzdZmr4M/5ZBg35BxEmcyFB5UlveZ2SgT+OX+97f7RUcWN89IhPez/+RQin8csnneS6MIEzMged8sR8w78TjYVji5P2wB68mLk0mHMDnq7Tlre6odFYVLG/icxNNQFYngzylmimLglAVnlO7X2gmQwM3PYESZLUqQD1V8EFX6p4RdyQY5Ju8uA6Szhvb3nrtBhc1fQrl88+Ba+o9xiXlM/BDDy+M5ad2RsQltHe3cc9zwfuohqyVvw7t8MRXvBcWjVOR5ctDLILOmQyzS5GogEYLK+EaVzkPi3EICt1OzSU06RphH68bZWhIO2A+TIJqdTqq6EpIXXvxzfOTG6hh1pg7v6CXcbEFhpSKPQncT9Lcc5HXkmW3jLsUeRqpjVQ8eNBTz7HC4EOO4iNQCjXQwV0CLmjsaodNYv8nduiJRrPG68rzIxk/OOwLyIlENx8SHKDdOrxLoS5gO3HjFcWF9LQCKhICtPP85nVA9cSrzaBnMBzFyk/j7BoTwuz36iBSxONrDZxKtHE2a83WGyS+qf5hxPi6p9+VeyLSXjkMB8fvuXHXFVzjK53ZbhKXpdXFV7ROL56pxym0XP7XdCTLTmD2Qcc7L/3KopgviagXbiR6Jt27GaCQ63mrsDap3dY5NXzsgNIufwfdE6zMImpz376FZtyMkIauPj0NJTp1z66v/ZVHm+sdBw3p++8JDmp64ofWrBxsDTpoConcaaNqiWE9d9OoM5iC4oyS+YaBs4wtFcrzF1Tw7dYxp5t93vcs0UwgxJlpu1bdmAvvEnrPjYTHbhTMhhSBzyID2YiGu40XAJ6cH80g8bMohhu6TMeVoNLEk565lKZkgffr6515Vykrt7kTbZ87eh+//xlmNmK4l+3b6dRxtqbS9oIjUsDiorvPraCpuqtdeLnvsHSxmJWdsl1OZkRpjMHEjNng7/yim/ztq+z3JLrVgBM5WsbhGmwCqzjgudIv655nivLGC7nZUr3pelgXACrokxTtEmf8FuQKDqCYG6nrECjUaCkYNMGhIhT3d7UZQ1FB5R/QwchWftwdZiOnIxNK3jBQM8t23vFfYP0lB18kWwPd3N//Mi+m8UyYqjhnYMfCNvyxNNr4c/ZdfY7jSnfzImr3BXndVBL9pZYfNZ0ijEz7c8FoYYyePLi6HR4tLf70ecG8eaV1diP3dDchAym67tV0dzGJi112H3ToftO+g6oxCLmZePrjE/R5SFnDhJtmsd8+K+F+msz0uV56gQ1VgYaVbX6U9f5+wHF1xxfp7O7xMrcNXfSLzvg49MXqoeemTqVmr0W58sBevo3LO1a35k2AzlR/Z57ShomFKWn5oAwpg3zkp2evDR4=
Content-Type: multipart/alternative; boundary="_000_C0C0C756214C43C88EE2AD4CFF71C0A0intelcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ab337c85-dd11-4de7-29da-08da458ee0cb
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jun 2022 18:28:38.4961 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: REfH9igj0tFBw+u5lzVR0s/+wjR2A0vUC+HXyTojwd2TLe7x+C5sPZnNCSX8/HNf3X/16LXJESc+gPTeoN9IeQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4489
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/PNqH53kXXtYx7KCGE5fqahw37iE>
Subject: Re: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jun 2022 18:28:55 -0000

I’m not sure how observations about a different draft / legacy technology addresses the issues raised related to the EAT draft security-level claim.
There might be issues with another draft, but those issues should be raised in the context of the draft to which they pertain.
-Ned

From: Giridhar Mandyam <mandyam@qti.qualcomm.com>
Date: Thursday, June 2, 2022 at 1:45 PM
To: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>, Laurence Lundblade <lgl@island-resort.com>, Henk Berkholz <henk.birkholz@sit.fraunhofer.de>
Cc: "Eric Voit (evoit)" <evoit@cisco.com>, "Smith, Ned" <ned.smith@intel.com>, "Eric Voit (evoit)" <evoit=40cisco.com@dmarc.ietf.org>, Nancy Cam-Winget <ncamwing@cisco.com>, "rats@ietf.org" <rats@ietf.org>
Subject: RE: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

I also make an observation that some of the persons who are claiming confusion about whether security level is attestation evidence, attestation results or some form of self-declaration seem to be quite comfortable with comparable (maybe greater) ambiguity with TPM’s.

For instance in https://www.ietf.org/archive/id/draft-ietf-rats-tpm-based-network-device-attest-14.html#name-notes-on-pcr-allocations:


  1.  “PCR[0] typically represents a consistent view of rarely-changed Host Platform boot components, allowing Attestation policies to be defined using the less changeable components of the transitive trust chain. “

How is a “rarely-changed” boot component identified?  Is this the “result” of a rules engine within the attester?



  1.  “PCR[4] is intended to represent the software that manages the transition between the platform's Pre-Operating System start and the state of a system with the Operating System present. ”



What if there are multiple OS’s in the system?  Which entity determines what constitutes the specific operating system that corresponds to this PCR?  Isn’t this an attestation result as opposed to just evidence, as this value cannot be in the quote without a preliminary determination (result) identifying which SW is responsible for the transition to the target OS?



  1.  The text goes on to state “Although the TCG PC Client document specifies the use of the first eight PCRs very carefully to ensure interoperability among multiple UEFI BIOS vendors, *it should be noted that embedded software vendors may have considerably more flexibility*. Verifiers typically need to know which log entries are consequential and which are not (*possibly controlled by local policies*)”



So why is it OK for a RIV-compliant implementation (embedded software vendor) to assign arbitrary values to a PCR (which could conceivably span both evidence and results) with the expectation that a relying party/verifier to be able to apply the appropriate policy to interpret it, but it is unacceptable to expect a verifier to interpret sec level in the context of its own appraisal policy?

-Giri

From: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>
Sent: Thursday, June 2, 2022 12:29 PM
To: Laurence Lundblade <lgl@island-resort.com>; Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Cc: Eric Voit (evoit) <evoit@cisco.com>; Smith, Ned <ned.smith@intel.com>; Giridhar Mandyam <mandyam@qti.qualcomm.com>; Eric Voit (evoit) <evoit=40cisco.com@dmarc.ietf.org>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com>; rats@ietf.org
Subject: Re: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

I’m pretty happy with the latest text. It’s a considerable improvement on what we had previously.

On 02/06/2022, 11:54, "RATS" <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> wrote:


WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.

On Jun 2, 2022, at 10:50 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de<mailto:henk.birkholz@sit.fraunhofer.de>> wrote:

Hi Ned,

this also reflects my perception of group consensus.

Maybe be little careful about concluding what consensus is here?

There are an equal number of people expressing support of security level as there are questioning it.

Isn’t consensus based on number of people, not on how long the list of questions is or how strong the view is?

LL

v2.23.0 | Report a Bug | By Email