Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)
"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 08 September 2023 13:19 UTC
Return-Path: <rwilton@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AA8EC151082; Fri, 8 Sep 2023 06:19:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.605
X-Spam-Level:
X-Spam-Status: No, score=-14.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="G0j36pWI"; dkim=pass (1024-bit key) header.d=cisco.com header.b="M2H2C9Rt"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JBiSrWIqjFEe; Fri, 8 Sep 2023 06:19:33 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 919CDC14CE29; Fri, 8 Sep 2023 06:19:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=174389; q=dns/txt; s=iport; t=1694179172; x=1695388772; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=kHpZ3WDwPUizw4NKsNbYE/fG6XJpYSD+d9IdtW9ZTSw=; b=G0j36pWIl21bbp8RgaHXwfRM2al4rjh9YV3kqkShAUqLoaG1zv2+CR1y Xlw745XBhhFwt0KWLOlqSsJJpSHQ8Sv1NFHayygAwce47UT5aQiIW19zK xPz7OtZCDJgeLK8ftE8GIWi3RAyVz6CzNOLSHpxEtiWTFOhe9Xbc/fEmx E=;
X-CSE-ConnectionGUID: ZcT9SaQVQZ2oAo45rOBleQ==
X-CSE-MsgGUID: D3xFzSJ4Si6rjhbD+V3C1w==
X-Files: image001.png : 104674
X-IPAS-Result: A0ADAAATH/tkmJFdJa1aGQEBAQEBAQEBAQEBAQEBAQEBARIBAQEBAQEBAQEBAQFlgRYEAQEBAQELAYEzMVJ2AlkqEkcEhE2DTAOETl+IZAOROoxBFIERA0IPBQgHAQEBCgECAQEuAQ4HBAEBghKCdAIWhlsCJTQJDgECAgIBAQEBAwIDAQEBAQEBAQIBAQUBAQECAQcEFAEBAQEBAQEBHhkFDhAnhWgNhgQBAQEBAwEBAwEMEQICBgESAQEsCwELBAIBCBEBAwEBBgEBAR8DAgICBRABDgELFAMGCAIEAQ0EAQYCBhSCXAGCXgMBEEWcMAGBQAKKKHp/M4EBggkBAQYEBYFOQbBWBwmBSAGEMINNCwGBTgEBUoFohXwnG4FJRIEVQ4JoPoJiAQECAYEoARIBIysJCD+CXjmCLolNgnWCBhguBzKBDgwJgQaDXYEYiCIqgQgIXoFqPQINVQsLXYEUgkYCAhE5E0dxGwMHA4ECECsHBC8bBwYJFi0lBlEELSQJExI+BIFngVEKgQY/EQ4RgkUiAgc2NhlLgmMJFUFOdhArBBQYgRQEagUaFR43ERIZDQMIdh0CMjwDBQMENgoVDQshBRRDA0gGSwsDAhwFAwMEgTYFDx8CEBoGDi0DAxlFA0QdQAMLbT01FBsFBGZZBYFaLAYcAhEKCQYRCg8NAQGZW4FGgTcLGUUqglgIXAEDIgsFCRYCFAw7JAYTKxcEBxMKAg8ZIimSPQqDE0eKdUeBQ4wxhlKEF4l7CoQLiXYCggiPF4YkF4QBgVaLGJgOYpZBgWwggi+IRoJMlSYYhH0CBAIEBQIOAQEGgTIxOi0+cHAVO4IzAQEBMQlJGQ+OIAkDDQkWg0CFFIpldgIBOAIBBgEKAQEDCYtIAQE
IronPort-PHdr: A9a23:FB2CoxJt50Jt8z1qBNmcuaoyDhhOgF28FhQe5pxijKpBbeH5uZ/jJ 0fYo/5qiQyBUYba7qdcgvHN++D7WGMG6Iqcqn1KbpFWVhEEhMlX1wwtCcKIEwv6edbhbjcxG 4JJU1o2t2qjPx1tEd3lL0bXvmX06DcTHhvlMg8gPPv0HpLViey81vu5/NvYZAAbzDa4aKl5e Q2/th6Z9tFDmJZrMK831hrPrzNEev8Dw2RuKBPbk0P359y7+9ho9CE4hg==
IronPort-Data: A9a23:PRCQ8ayQc6ntVGDBLYZ6t+dywSrEfRIJ4+MujC+fZmQN5Y4bYwd3l z9ODjyGOv6UIjyiS21FGIy18U0EsMCEy9ZgGwE+/CE3ESkUp8CcVN+QdRr9ZH3JdpaZFBk45 Z4QMISccM5uHyaCrxujbLawpCktifjTTbCU5IIoW8xUbVcMpHAJ0Eo/xbFl6mIRveWEPu+th T/Ti8eHaFWugGN+aTtEsq6OpEgz5auvsT5D5gwzP6sUtgTQvnREV5h3yYNdgJfbrii4OsbgG o4vGZngpjuxEy8FU47jyvCjNBRSHtY+BCDW4lJOQa+unxNekSI716c/JZI0ZFxe49mzt4gZJ O5l69roE2/FAoWWwL5GC0gAQ3knVUF70OavzUaX4JT7I3LuKxMA8902ZGkqMIsR/PpAAG0m3 ZT0/xhUM3hvL8rvqF6KYrEEavYLdaEHD6tD0p1U9gw1ON59KXz1rwom0vcDtNs4rpgm8f8z/ KP1YxI3BPjLS0Un1lv6lPvSkc/w7kQTfQG0p3qnrpZm2GHq8jVDir/EN4aIYPugQchsyxPwS mLupwwVAzkAP9CZjDGC6H/p16nEnDjwX8QZE7jQGvxC2QLIgDdMTkxNEwLn/JFViWbmMz5bA 1YL+y4yqq4a/02wRd67VBq9yJKBlkdFAYcBSbxjsWlhzIL4uBa3FFMmEgVANsYktMUaBgJx/ QaWyoaB6TtH6e3JFi31Gq2vhSm7JTM9LGIea2kDVwRty8PqvJp2hRLGT8x4OK+4ktOzHiv/q xiGtiEwm/ASgNIFkr+y4UuCjjuwjpnEUgBz4R/YNkqk4xh2TI+oe4Lu7kLUhcusN66DRVWH+ XMDgcXbvaYFDIqGk2qGR+Bl8KyVC+itAjbg0GVmJqcYxW6q0nn/IJp3yjVzHRI8WiobQgPBb EjWsAJXwZZcOnq2cKN6C75d7ex3ksAM8vy4CJjpgspyjotZL1DYoXk/DaKE9yW8zxh2yPBX1 YKzKJ70VR4n5bJbIC1artrxPJcxzSw4gGjUX52+nlKs0KGVYzieTrJt3LqyggIRsvjsTOb9q oY32y62J/N3DLWWjs7/qt97ELzyBSJnba0aUuQOHgJ5HiJoGXs6F9jayq47dopuksx9z7mZo ijkAxMDmAam3xUrzDlmjFg9MtsDur4h9RoG0dAEYT5EJlB6O9/0tfdDH3fJVeB5rLILIQFIo wktIpXcXasnpsXv8DUGZp61t515aBmunmqz09mNPlACk2pbb1WRoLfMJ1K3nAFXV3bfnZVl+ dWIiFiEKafvsiw/Vq46ntr1kQPo1ZXc8covN3b1zi57IxS8oNE0dX2t1Jfa4agkcH3++9dT7 C7PaT8wrujWqIhz+97M7Z1oZa/3eweiNiK2x1Xm0Is=
IronPort-HdrOrdr: A9a23:pWuatKtOjQhyRbzirUTTpygf7skCOYAji2hC6mlwRA09TyXGrb HMoB1L73/JYWgqOU3IwerwSZVoIUmxyXZ0ibNhRItKLzOWyFdATbsSorcKpgeQeREWmdQtqJ uIH5IOb+EYSGIK8/oSgzPIXerIouP3jJxA7N22pxwCPGQaD52IrT0JdTpzeXcGPDWucKBJbq Z0kfA33AZIF05nCPiTNz0uZcSGjdvNk57tfB4BADAayCTmt1mVwY+/OSK1mjMFXR1y4ZpKyw X4egrCiZmLgrWe8FvxxmXT55NZlJ/K0d1YHvGBjcATN3HFlhuoTJ4JYczDgBkF5MWUrHo6mt jFpBkte+5p7WnKQ22zqRzxnyH9zTcV7WP4w1PwuwqhnSW5fkN5NyNyv/McTvLr0TtmgDi66t MM44utjesTMfoHplWl2zGHbWAzqqP+mwtQrQdatQ0sbWJZUs4RkWTal3klSqvp20nBmdsaOf grA8fG6PlMd1SGK3jfo2l02dSpGm8+BxGcXyE5y4aoOhVt7ThEJnEjtYcit2ZF8Ih4R4hP5u zCPKgtnLZSTtUOZaY4AOsaW8O4BmHEXBqJaQupUBjaPbBCP2iIp4/84b0z6u3vcJsUzIEqkJ CEVF9Dr2Y9d0/nFMXL1pxW9RLGRnm7QF3Wu4xjzok8vqe5SKvgMCWFRlxrm8y8o+8HCsmeQP q3MII+OY6rEYIvI/c+4+TTYegkFZBFarxhhj8SYSP7nv72
X-Talos-CUID: 9a23:S5FVT2gF/JkxxM4bxMcBm7Rd9zJuQHbhnUzZGnGBOzxuYbrJFEW30qdpqp87
X-Talos-MUID: 9a23:cJK1DQjm3FIGWZZSeQZ0iMMpGJx4zbaVKhw2kMscucmOGW9OYBzEk2Hi
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-2.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Sep 2023 13:19:22 +0000
Received: from rcdn-opgw-2.cisco.com (rcdn-opgw-2.cisco.com [72.163.7.163]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 388DJL0m016571 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 8 Sep 2023 13:19:22 GMT
X-CSE-ConnectionGUID: fC9o8RyMSJmi8nRqzQ9h/w==
X-CSE-MsgGUID: kd4RRmfMQeO+Xkt7oPf4XA==
Authentication-Results: rcdn-opgw-2.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=rwilton@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.02,237,1688428800"; d="png'150?scan'150,208,217,150";a="1533684"
Received: from mail-bn7nam10lp2102.outbound.protection.outlook.com (HELO NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.102]) by rcdn-opgw-2.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Sep 2023 13:19:20 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jAp5tHMwndIOEb7kZDmaF7mbIvg+6v5Y3WdOV1U8cHTzIdbmJ8IHEwaJL68/d6ZPVEAwsQuUICIhDCKEHkF7yXWbEeva3MiKqc38iS+oQeFY3RmKv4mjb73A+43P67iYoXwskNPbTg1QvBUllFI+2gFJ184RAhpO5vcWQyTCxs4XSB3waUblYATsGYYZgcNTKss1TrYUy+a1jvb3o6YzL6ZIR5HK884B5psxESk9s1UMOTOwaWocLrNgjzWvX4wWWH90bhqeBeWRy8konH4wSegve5kYi8rrCXk2BCse9W0ywAwPdd5gD6Bi+DrPFX6LDYc1eYCcicN3sYcEeiKmrA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YRFhwFwT6znRFCaEUUaEFxFGTH/d97rJsIm4EMB1diQ=; b=SN6TLAYQhHWP8P4/KV3AzDqibgsm1Wwm9zJdBVBW4nY8N0jgqR8vYc4Y2kgVw0VB8STrBcnQO1KjGV1u8taW1WPyYZcJFL5FK79nq6zFIfO7KBi+zojNN4PYY8KD2Sgap8CI9lWomv7LeMcIK+Bv/IO4glIL4dHo3iY1eSFbNXV5Wd2Pm6mY49na0d4I56C+tFkB4jUI2JENj4VTXZvaGGR0mt6gnu9ZpMdjsotTA2SlllMZ27h8xFNUN3dwL2R88PqLMpKFC98vQ8sG6LTFWZBrszm459O+bQQf8pYYU+/swVKsBo6PU/Y2Ef+cM/rEhg+vrmBBE/YipRFMm/pgfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YRFhwFwT6znRFCaEUUaEFxFGTH/d97rJsIm4EMB1diQ=; b=M2H2C9RthPDevCWhHTeQXy7SIufIPX1kBKTU1MdIcvCYiSHF2GIE7OTgnFNgjDhJ09loNj09ylazaTdCDv08D7+Csaql4Oy+NrCX/wFdzNQ7ILWocIxTvHRS9H44JTxYUxEa0MPruchejW/2ewN+V8RGupuNKqQwfbEVO2vWh9c=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by SJ0PR11MB5071.namprd11.prod.outlook.com (2603:10b6:a03:2d7::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.30; Fri, 8 Sep 2023 13:19:18 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::3d8c:2037:d8ac:ac5e]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::3d8c:2037:d8ac:ac5e%5]) with mapi id 15.20.6768.029; Fri, 8 Sep 2023 13:19:18 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "lgl island-resort.com" <lgl@island-resort.com>, Roman Danyliw <rdd@cert.org>
CC: "Smith, Ned" <ned.smith@intel.com>, The IESG <iesg@ietf.org>, "draft-ietf-rats-eat@ietf.org" <draft-ietf-rats-eat@ietf.org>, "rats-chairs@ietf.org" <rats-chairs@ietf.org>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)
Thread-Index: AQHZ4YydJvA3mUClZkqH+OTRb2FAdLAPnRiAgAAHOQCAAA4igIABCG+Q
Date: Fri, 08 Sep 2023 13:19:18 +0000
Message-ID: <BY5PR11MB41964D3E5D46199FF851E6E0B5EDA@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <169409219358.34717.10637003445246332249@ietfa.amsl.com> <0362104E-7D7D-4A22-B202-E147073D852D@intel.com> <BN2P110MB110707F866D4E418199B6437DCEEA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <E09F6E69-C299-4798-BB33-9E476F478457@island-resort.com>
In-Reply-To: <E09F6E69-C299-4798-BB33-9E476F478457@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR11MB4196:EE_|SJ0PR11MB5071:EE_
x-ms-office365-filtering-correlation-id: fc947428-b670-4981-ab82-08dbb06e3530
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IebtYoj5mQjqpoXVKYBNzTtsoAGTzDIObS5Y4sfiSvX4Edf8/CF6tJ+oOk8uONJMLIOZVnnHorSo+1UvBdoCyPJ65W0cAvcI1QVEre8b+hznhX2GLx0tLnCwiZrOmJFYVnqxL43YTfLqtxEKsDh1B23wYS6PNEHFSHX6QKC849GInpIl+KQJS+m3VgEWGPWjkMS0N2a8UKmF2f3/aYmBta4fLsEUYI71c8DXhaICI/5NYYcJ6/zBmuyfLNx738qtWq8KiLRMQq8PYDbP8AmfGa68KjHUCOoWt9SnqcQ7+ECrQkgP0951G2wya87e38r0OyVGwwouMozyDkwc4KNtVlRxNGlhrcgWty232Iz/yaQhXuupra6pcSKqHlhQd6rXDZ8kdQ7QYIf74L8CO8NmzQzmyCgiaBSQk4jl3oB6KRmVOEAMN08RZWcQw+L+aD6cNzx0lCTwiJrEFkmLr0nkO+gAwuILd86CQTT0vEoS48Ba0yWFAYWFq51HZ1njOHQ0dcK8pzijw2jjydnjsL7GC+ej0toLrKMkWwtauWKwDfux+3S8LlXzrIgsW4LWUKH12LMC1ykMLkwAojjGmeALV4zH7lSXPDTBEDWPFKypppDFr68nUGr8MaDMY2fnjmTDTXxLUDDsE5YyBiXJ1/qbbQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(376002)(396003)(136003)(39860400002)(346002)(451199024)(186009)(1800799009)(8936002)(8676002)(4326008)(41300700001)(64756008)(110136005)(52536014)(66446008)(54906003)(66556008)(66946007)(66476007)(76116006)(316002)(5660300002)(2906002)(99936003)(122000001)(66574015)(166002)(38100700002)(38070700005)(83380400001)(55016003)(9686003)(53546011)(86362001)(33656002)(966005)(6506007)(7696005)(71200400001)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Kt2CEArMsnJ5zRKAdowQpYampscd/welVRYD9WiXCQXi9v6AJHPXaj9v1TWXaOVel2gEEwyLwAel1Hqhzf8zTxOsTXq1BPD3Xw8/zciHu3pYfEQ/HOdAFbAq4QC4ekEE9ORShd6f1SoTfMrjNke1V7Sf3qfeth+MweSZPzcFxbuta8lpp+7SNI3HgElqxAo8bDuhDl+KPc6EsYjn7uY+T47UPKpHznTcmU5vITRitoWxzczOfTKaSe6XBFbwCCsfaQ+TG2PIupJSWKJOmPX+2sGWQX4+bgCvZ+TKTn+wRsdBzsxi93wmAioHl2WHWdmijDAreNE1TcoNKpo2SqRyRY3c6DXf8z7z4Nfi97iHS4Gn6GvmrTcIJGwK1R05Xt/aG2liTPFr233hlke+zX5VONWYudi020SjAHlm3n1MXFUGT7RT0afmBp5JyIu69jMhSOkO/S0j+TT1XUPi0DvzlsSTvDAGEkOqyWXnDCg6T025fnw6S8ax6SxBsPt0qmDr0KqJl0rdmaHffJixiBfcSbePRRRlDujdwpBhU/eGhKPDNhw9CP1TzaYmStGig9H92DKkR+oN6Qqnj8XxbhyJsirzyqkfoSyyWb/+r5ZPPWqc52NoAHyXIZMjZRxB0vK+9/b3qGseaSsxkVgGTydFJwU2xol2zeUiwyxtXyhS+jQ5lBvdf5g4CCeMsyTI7PPJuCy6uOrAcA/XZRAO+H+2WE6ySeunxcEldYImjpPZgAouUYuSJ6A9AQbEKQceV7xmWSqr1vNxyT+DJFY5rERav5wiK/HRtAveC5aK+ZsOY/goappCJs0Hbfgg1oV3e+ldZGsL9wA9BObQH58dMItXZGlB6iBZLFyURCectqQBrYCAiq43ZzMsoHkVnOUM75kJZzg3OjjjFGUPAzkLh2GcTuoypASIMusfrud8Ny1CkzoqLdPGspKETpuvHbbXsKj8Qy2CEqSMd5smIBes0K7a9syBYf75gEmZz/MkWlqR1KvkiVUurCfLbKWq5h4Fkq8enMYU6TXZUGfbOhUKmgrkt/5KKL1WUh9KKnfi6F3yDHcmCF2QBtBc7iSrWoq/hfiHeLpgK9a1U1QcYbbiu7Ntrlj1jNIrICTkFvTaW62AxzGEVkU91yxOfmQ/1Rd7zmiEfPBHoMd2rptnZaXoX2Xto/EK5//5YtcyZ/ubnd3GJ8cA0Q1D+zXKSmwkSQQGheO1iTp+pPuWzlDGqKAfm015z3lipiogsQMB/doykphwYbvG0n1S9mGdqxKXYDSBYS6n9g4tHNivPkboYLgeKlJgvCRjkhLqNFiIp+80PkOKouiiZOBRjgbSt4PfK17fYkpc34/Uz3j2kkr3oAhw1otisVfR0gYIJlwCQmQOHDWWPXpDx/Dk6HilLZ/WSMQgTNO/oQFKXNqTyiSDpu/6eGX8YSZvcAssxbhp5//XsI+psJeEaiLw1sB8ki8OYut8138iK/p5EiWNgu6uP7JjsaK/IibVBs/ClEfgAK7hLFQgx/8YdQaML7T9lsWShwzuadRYwqNIr+tQNQQ0vPCD/bmDmORGhgkI940ijE2nZla9X4roAjFOEGLsSIEIci160tSCAxE0kMKvlBKhWeMZztXz+lgrFGL0H5qAMd4sLiwFf1E/M1/eFQ35GDgXQR0HKdFE
Content-Type: multipart/related; boundary="_004_BY5PR11MB41964D3E5D46199FF851E6E0B5EDABY5PR11MB4196namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fc947428-b670-4981-ab82-08dbb06e3530
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Sep 2023 13:19:18.8198 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yxzoKG+hyc05LO/fUguZxaRG7oOpoh/14EJR37xvzCuQ3AR+P+1uHEIByiqpl1s2sA9CpEm8wRFhyPLkc4Wasg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5071
X-Outbound-SMTP-Client: 72.163.7.163, rcdn-opgw-2.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Pu0Ji0k0vUquWZOt036bZX1SqQE>
Subject: Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2023 13:19:38 -0000
I’ve cleared my discuss. Regards, Rob From: iesg <iesg-bounces@ietf.org> On Behalf Of lgl island-resort.com Sent: 07 September 2023 19:40 To: Roman Danyliw <rdd@cert.org> Cc: Smith, Ned <ned.smith@intel.com>; Rob Wilton (rwilton) <rwilton@cisco.com>; The IESG <iesg@ietf.org>; draft-ietf-rats-eat@ietf.org; rats-chairs@ietf.org; rats@ietf.org Subject: Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT) Makes it normative Update to 9334 LL [cid:image001.png@01D9E247.CDDD5450] RATS.Architecture -> RFC9334 and normative by laurencelundblade · Pull Request #410 · ietf-rats-wg/eat<https://github.com/ietf-rats-wg/eat/pull/410> github.com<https://github.com/ietf-rats-wg/eat/pull/410> On Sep 7, 2023, at 10:49 AM, Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>> wrote: Hi! -----Original Message----- From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> On Behalf Of Smith, Ned Sent: Thursday, September 7, 2023 1:24 PM To: Robert Wilton <rwilton@cisco.com<mailto:rwilton@cisco.com>>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>> Cc: draft-ietf-rats-eat@ietf.org<mailto:draft-ietf-rats-eat@ietf.org>; rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>; rats@ietf.org<mailto:rats@ietf.org> Subject: Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT) BTW: [RATS.Architecture] is now RFC9334. Regardless of whether it is informative or normative, the reference should be updated. Agreed. I believe it is informative because RFC9334 is an informative RFC. The status of RFC9334 won't dictate whether it is normative or informative in this document. Referenced normatively in this document just makes RFC9334 a "DownRef" (i.e., a "higher status" proposed standard document referencing a "lower status" information document) Borrowing from https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/, the key question is whether [RATS.Architecture] is needed to implement this RFC. The text in Section 9.3 of this documents meets that threshold of being "required reading" by pointing this document to the security considerations in [RATS.Architecture]. ==[ snip ]== 9.3. Freshness All EAT use MUST provide a freshness mechanism to prevent replay and related attacks. The extensive discussions on freshness in [RATS.Architecture] including security considerations apply here. ==[ snip ]== Roman On 9/7/23, 6:11 AM, "RATS on behalf of Robert Wilton via Datatracker" <rats- bounces@ietf.org<mailto:bounces@ietf.org> <mailto:rats-bounces@ietf.org> on behalf of noreply@ietf.org<mailto:noreply@ietf.org> <mailto:noreply@ietf.org>> wrote: Robert Wilton has entered the following ballot position for draft-ietf-rats-eat-21: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling- ballot-positions/ <https://www.ietf.org/about/groups/iesg/statements/handling-ballot- positions/<https://www.ietf.org/about/groups/iesg/statements/handling-ballot-%0bpositions/>> for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-rats-eat/ <https://datatracker.ietf.org/doc/draft-ietf-rats-eat/> ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Hi, Thanks for this document. Sorry, I didn't have time to review this document that closely. I have flagged one issue for discussion to change the reference to the architecture document to being a normative reference. This would mean a downref, but should otherwise be an easy change to make. The rest of my comments are non-blocking. (1) p 71, sec 11.2. Informative References [RATS.Architecture] Birkholz, H., Thaler, D., Richardson, M., Smith, N., and W. Pan, "Remote ATtestation procedureS (RATS) Architecture", Work in Progress, Internet-Draft, draft- ietf-rats-architecture-22, 28 September 2022, <https://datatracker.ietf.org/doc/html/draft-ietf-rats- <https://datatracker.ietf.org/doc/html/draft-ietf-rats-<https://datatracker.ietf.org/doc/html/draft-ietf-rats-%0b%3chttps:/datatracker.ietf.org/doc/html/draft-ietf-rats->> architecture-22>. "From section 1.3, EAT follows the operational model described in Figure 1 in [RATS.Architecture].". This, along with other references indicates that the RATS architecture should be a normative reference. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- (2) p 0, sec An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with attestation-oriented claims. This is probably contentious, but given that this is a new spec, I wonder whether it wouldn't be better (i.e., encourage wider interop) if only CBOR, COSE and CWT were used/allowed. (3) p 20, sec 4.2.6. swname (Software Name) Claim The "swname" claim contains a very simple free-form text value for naming the software used by the entity. Intentionally, no general rules or structure are set. This will make it unsuitable for use cases that wish precise naming. I found it interesting, and slightly surprising, that the hardware model claim is opaque, but the software name claim is not. (4) p 24, sec 4.2.11. uptime (Uptime) Claim The "uptime" claim MUST contain a value that represents the number of seconds that have elapsed since the entity or submodule was last booted. Relative to other claim descriptions, the MUST in this description seems strange. Perhaps better as just "The "uptime" claim contains a value ..." (5) p 88, sec Appendix B. UEID Design Rationale A UEID is not a UUID [RFC4122] by conscious choice for the following reasons. Note that the UUID spec is currently being updated (it is also on this week's telechat review), so some of the concerns being described here may no longer be valid. It is still only 128 bits though, and 6 bits are spent identifying UUID format and version. (6) p 89, sec Appendix B. UEID Design Rationale Note also that that a type 2 UEID (EUI/MAC) is only 7 bytes compared to 16 for a UUID. Note that the paragraph at the end of appendix B.1. states that UEIDs are a minumum of 128 bits ... Regards, Rob _______________________________________________ RATS mailing list RATS@ietf.org<mailto:RATS@ietf.org> <mailto:RATS@ietf.org> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats> _______________________________________________ RATS mailing list RATS@ietf.org<mailto:RATS@ietf.org> https://www.ietf.org/mailman/listinfo/rats _______________________________________________ RATS mailing list RATS@ietf.org<mailto:RATS@ietf.org> https://www.ietf.org/mailman/listinfo/rats
- [Rats] Robert Wilton's Discuss on draft-ietf-rats… Robert Wilton via Datatracker
- Re: [Rats] Robert Wilton's Discuss on draft-ietf-… lgl island-resort.com
- Re: [Rats] Robert Wilton's Discuss on draft-ietf-… Smith, Ned
- Re: [Rats] Robert Wilton's Discuss on draft-ietf-… Roman Danyliw
- Re: [Rats] Robert Wilton's Discuss on draft-ietf-… Roman Danyliw
- Re: [Rats] Robert Wilton's Discuss on draft-ietf-… lgl island-resort.com
- Re: [Rats] Robert Wilton's Discuss on draft-ietf-… Rob Wilton (rwilton)