IETF Logo Mail Archive

Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)

"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 08 September 2023 13:19 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AA8EC151082; Fri, 8 Sep 2023 06:19:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.605
X-Spam-Level:
X-Spam-Status: No, score=-14.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="G0j36pWI"; dkim=pass (1024-bit key) header.d=cisco.com header.b="M2H2C9Rt"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JBiSrWIqjFEe; Fri, 8 Sep 2023 06:19:33 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 919CDC14CE29; Fri, 8 Sep 2023 06:19:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=174389; q=dns/txt; s=iport; t=1694179172; x=1695388772; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=kHpZ3WDwPUizw4NKsNbYE/fG6XJpYSD+d9IdtW9ZTSw=; b=G0j36pWIl21bbp8RgaHXwfRM2al4rjh9YV3kqkShAUqLoaG1zv2+CR1y Xlw745XBhhFwt0KWLOlqSsJJpSHQ8Sv1NFHayygAwce47UT5aQiIW19zK xPz7OtZCDJgeLK8ftE8GIWi3RAyVz6CzNOLSHpxEtiWTFOhe9Xbc/fEmx E=;
X-CSE-ConnectionGUID: ZcT9SaQVQZ2oAo45rOBleQ==
X-CSE-MsgGUID: D3xFzSJ4Si6rjhbD+V3C1w==
X-Files: image001.png : 104674
X-IPAS-Result: A0ADAAATH/tkmJFdJa1aGQEBAQEBAQEBAQEBAQEBAQEBARIBAQEBAQEBAQEBAQFlgRYEAQEBAQELAYEzMVJ2AlkqEkcEhE2DTAOETl+IZAOROoxBFIERA0IPBQgHAQEBCgECAQEuAQ4HBAEBghKCdAIWhlsCJTQJDgECAgIBAQEBAwIDAQEBAQEBAQIBAQUBAQECAQcEFAEBAQEBAQEBHhkFDhAnhWgNhgQBAQEBAwEBAwEMEQICBgESAQEsCwELBAIBCBEBAwEBBgEBAR8DAgICBRABDgELFAMGCAIEAQ0EAQYCBhSCXAGCXgMBEEWcMAGBQAKKKHp/M4EBggkBAQYEBYFOQbBWBwmBSAGEMINNCwGBTgEBUoFohXwnG4FJRIEVQ4JoPoJiAQECAYEoARIBIysJCD+CXjmCLolNgnWCBhguBzKBDgwJgQaDXYEYiCIqgQgIXoFqPQINVQsLXYEUgkYCAhE5E0dxGwMHA4ECECsHBC8bBwYJFi0lBlEELSQJExI+BIFngVEKgQY/EQ4RgkUiAgc2NhlLgmMJFUFOdhArBBQYgRQEagUaFR43ERIZDQMIdh0CMjwDBQMENgoVDQshBRRDA0gGSwsDAhwFAwMEgTYFDx8CEBoGDi0DAxlFA0QdQAMLbT01FBsFBGZZBYFaLAYcAhEKCQYRCg8NAQGZW4FGgTcLGUUqglgIXAEDIgsFCRYCFAw7JAYTKxcEBxMKAg8ZIimSPQqDE0eKdUeBQ4wxhlKEF4l7CoQLiXYCggiPF4YkF4QBgVaLGJgOYpZBgWwggi+IRoJMlSYYhH0CBAIEBQIOAQEGgTIxOi0+cHAVO4IzAQEBMQlJGQ+OIAkDDQkWg0CFFIpldgIBOAIBBgEKAQEDCYtIAQE
IronPort-PHdr: A9a23:FB2CoxJt50Jt8z1qBNmcuaoyDhhOgF28FhQe5pxijKpBbeH5uZ/jJ 0fYo/5qiQyBUYba7qdcgvHN++D7WGMG6Iqcqn1KbpFWVhEEhMlX1wwtCcKIEwv6edbhbjcxG 4JJU1o2t2qjPx1tEd3lL0bXvmX06DcTHhvlMg8gPPv0HpLViey81vu5/NvYZAAbzDa4aKl5e Q2/th6Z9tFDmJZrMK831hrPrzNEev8Dw2RuKBPbk0P359y7+9ho9CE4hg==
IronPort-Data: A9a23:PRCQ8ayQc6ntVGDBLYZ6t+dywSrEfRIJ4+MujC+fZmQN5Y4bYwd3l z9ODjyGOv6UIjyiS21FGIy18U0EsMCEy9ZgGwE+/CE3ESkUp8CcVN+QdRr9ZH3JdpaZFBk45 Z4QMISccM5uHyaCrxujbLawpCktifjTTbCU5IIoW8xUbVcMpHAJ0Eo/xbFl6mIRveWEPu+th T/Ti8eHaFWugGN+aTtEsq6OpEgz5auvsT5D5gwzP6sUtgTQvnREV5h3yYNdgJfbrii4OsbgG o4vGZngpjuxEy8FU47jyvCjNBRSHtY+BCDW4lJOQa+unxNekSI716c/JZI0ZFxe49mzt4gZJ O5l69roE2/FAoWWwL5GC0gAQ3knVUF70OavzUaX4JT7I3LuKxMA8902ZGkqMIsR/PpAAG0m3 ZT0/xhUM3hvL8rvqF6KYrEEavYLdaEHD6tD0p1U9gw1ON59KXz1rwom0vcDtNs4rpgm8f8z/ KP1YxI3BPjLS0Un1lv6lPvSkc/w7kQTfQG0p3qnrpZm2GHq8jVDir/EN4aIYPugQchsyxPwS mLupwwVAzkAP9CZjDGC6H/p16nEnDjwX8QZE7jQGvxC2QLIgDdMTkxNEwLn/JFViWbmMz5bA 1YL+y4yqq4a/02wRd67VBq9yJKBlkdFAYcBSbxjsWlhzIL4uBa3FFMmEgVANsYktMUaBgJx/ QaWyoaB6TtH6e3JFi31Gq2vhSm7JTM9LGIea2kDVwRty8PqvJp2hRLGT8x4OK+4ktOzHiv/q xiGtiEwm/ASgNIFkr+y4UuCjjuwjpnEUgBz4R/YNkqk4xh2TI+oe4Lu7kLUhcusN66DRVWH+ XMDgcXbvaYFDIqGk2qGR+Bl8KyVC+itAjbg0GVmJqcYxW6q0nn/IJp3yjVzHRI8WiobQgPBb EjWsAJXwZZcOnq2cKN6C75d7ex3ksAM8vy4CJjpgspyjotZL1DYoXk/DaKE9yW8zxh2yPBX1 YKzKJ70VR4n5bJbIC1artrxPJcxzSw4gGjUX52+nlKs0KGVYzieTrJt3LqyggIRsvjsTOb9q oY32y62J/N3DLWWjs7/qt97ELzyBSJnba0aUuQOHgJ5HiJoGXs6F9jayq47dopuksx9z7mZo ijkAxMDmAam3xUrzDlmjFg9MtsDur4h9RoG0dAEYT5EJlB6O9/0tfdDH3fJVeB5rLILIQFIo wktIpXcXasnpsXv8DUGZp61t515aBmunmqz09mNPlACk2pbb1WRoLfMJ1K3nAFXV3bfnZVl+ dWIiFiEKafvsiw/Vq46ntr1kQPo1ZXc8covN3b1zi57IxS8oNE0dX2t1Jfa4agkcH3++9dT7 C7PaT8wrujWqIhz+97M7Z1oZa/3eweiNiK2x1Xm0Is=
IronPort-HdrOrdr: A9a23:pWuatKtOjQhyRbzirUTTpygf7skCOYAji2hC6mlwRA09TyXGrb HMoB1L73/JYWgqOU3IwerwSZVoIUmxyXZ0ibNhRItKLzOWyFdATbsSorcKpgeQeREWmdQtqJ uIH5IOb+EYSGIK8/oSgzPIXerIouP3jJxA7N22pxwCPGQaD52IrT0JdTpzeXcGPDWucKBJbq Z0kfA33AZIF05nCPiTNz0uZcSGjdvNk57tfB4BADAayCTmt1mVwY+/OSK1mjMFXR1y4ZpKyw X4egrCiZmLgrWe8FvxxmXT55NZlJ/K0d1YHvGBjcATN3HFlhuoTJ4JYczDgBkF5MWUrHo6mt jFpBkte+5p7WnKQ22zqRzxnyH9zTcV7WP4w1PwuwqhnSW5fkN5NyNyv/McTvLr0TtmgDi66t MM44utjesTMfoHplWl2zGHbWAzqqP+mwtQrQdatQ0sbWJZUs4RkWTal3klSqvp20nBmdsaOf grA8fG6PlMd1SGK3jfo2l02dSpGm8+BxGcXyE5y4aoOhVt7ThEJnEjtYcit2ZF8Ih4R4hP5u zCPKgtnLZSTtUOZaY4AOsaW8O4BmHEXBqJaQupUBjaPbBCP2iIp4/84b0z6u3vcJsUzIEqkJ CEVF9Dr2Y9d0/nFMXL1pxW9RLGRnm7QF3Wu4xjzok8vqe5SKvgMCWFRlxrm8y8o+8HCsmeQP q3MII+OY6rEYIvI/c+4+TTYegkFZBFarxhhj8SYSP7nv72
X-Talos-CUID: 9a23:S5FVT2gF/JkxxM4bxMcBm7Rd9zJuQHbhnUzZGnGBOzxuYbrJFEW30qdpqp87
X-Talos-MUID: 9a23:cJK1DQjm3FIGWZZSeQZ0iMMpGJx4zbaVKhw2kMscucmOGW9OYBzEk2Hi
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-2.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Sep 2023 13:19:22 +0000
Received: from rcdn-opgw-2.cisco.com (rcdn-opgw-2.cisco.com [72.163.7.163]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 388DJL0m016571 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 8 Sep 2023 13:19:22 GMT
X-CSE-ConnectionGUID: fC9o8RyMSJmi8nRqzQ9h/w==
X-CSE-MsgGUID: kd4RRmfMQeO+Xkt7oPf4XA==
Authentication-Results: rcdn-opgw-2.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=rwilton@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.02,237,1688428800"; d="png'150?scan'150,208,217,150";a="1533684"
Received: from mail-bn7nam10lp2102.outbound.protection.outlook.com (HELO NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.102]) by rcdn-opgw-2.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Sep 2023 13:19:20 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jAp5tHMwndIOEb7kZDmaF7mbIvg+6v5Y3WdOV1U8cHTzIdbmJ8IHEwaJL68/d6ZPVEAwsQuUICIhDCKEHkF7yXWbEeva3MiKqc38iS+oQeFY3RmKv4mjb73A+43P67iYoXwskNPbTg1QvBUllFI+2gFJ184RAhpO5vcWQyTCxs4XSB3waUblYATsGYYZgcNTKss1TrYUy+a1jvb3o6YzL6ZIR5HK884B5psxESk9s1UMOTOwaWocLrNgjzWvX4wWWH90bhqeBeWRy8konH4wSegve5kYi8rrCXk2BCse9W0ywAwPdd5gD6Bi+DrPFX6LDYc1eYCcicN3sYcEeiKmrA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YRFhwFwT6znRFCaEUUaEFxFGTH/d97rJsIm4EMB1diQ=; b=SN6TLAYQhHWP8P4/KV3AzDqibgsm1Wwm9zJdBVBW4nY8N0jgqR8vYc4Y2kgVw0VB8STrBcnQO1KjGV1u8taW1WPyYZcJFL5FK79nq6zFIfO7KBi+zojNN4PYY8KD2Sgap8CI9lWomv7LeMcIK+Bv/IO4glIL4dHo3iY1eSFbNXV5Wd2Pm6mY49na0d4I56C+tFkB4jUI2JENj4VTXZvaGGR0mt6gnu9ZpMdjsotTA2SlllMZ27h8xFNUN3dwL2R88PqLMpKFC98vQ8sG6LTFWZBrszm459O+bQQf8pYYU+/swVKsBo6PU/Y2Ef+cM/rEhg+vrmBBE/YipRFMm/pgfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YRFhwFwT6znRFCaEUUaEFxFGTH/d97rJsIm4EMB1diQ=; b=M2H2C9RthPDevCWhHTeQXy7SIufIPX1kBKTU1MdIcvCYiSHF2GIE7OTgnFNgjDhJ09loNj09ylazaTdCDv08D7+Csaql4Oy+NrCX/wFdzNQ7ILWocIxTvHRS9H44JTxYUxEa0MPruchejW/2ewN+V8RGupuNKqQwfbEVO2vWh9c=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by SJ0PR11MB5071.namprd11.prod.outlook.com (2603:10b6:a03:2d7::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.30; Fri, 8 Sep 2023 13:19:18 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::3d8c:2037:d8ac:ac5e]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::3d8c:2037:d8ac:ac5e%5]) with mapi id 15.20.6768.029; Fri, 8 Sep 2023 13:19:18 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "lgl island-resort.com" <lgl@island-resort.com>, Roman Danyliw <rdd@cert.org>
CC: "Smith, Ned" <ned.smith@intel.com>, The IESG <iesg@ietf.org>, "draft-ietf-rats-eat@ietf.org" <draft-ietf-rats-eat@ietf.org>, "rats-chairs@ietf.org" <rats-chairs@ietf.org>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)
Thread-Index: AQHZ4YydJvA3mUClZkqH+OTRb2FAdLAPnRiAgAAHOQCAAA4igIABCG+Q
Date: Fri, 08 Sep 2023 13:19:18 +0000
Message-ID: <BY5PR11MB41964D3E5D46199FF851E6E0B5EDA@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <169409219358.34717.10637003445246332249@ietfa.amsl.com> <0362104E-7D7D-4A22-B202-E147073D852D@intel.com> <BN2P110MB110707F866D4E418199B6437DCEEA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <E09F6E69-C299-4798-BB33-9E476F478457@island-resort.com>
In-Reply-To: <E09F6E69-C299-4798-BB33-9E476F478457@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR11MB4196:EE_|SJ0PR11MB5071:EE_
x-ms-office365-filtering-correlation-id: fc947428-b670-4981-ab82-08dbb06e3530
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IebtYoj5mQjqpoXVKYBNzTtsoAGTzDIObS5Y4sfiSvX4Edf8/CF6tJ+oOk8uONJMLIOZVnnHorSo+1UvBdoCyPJ65W0cAvcI1QVEre8b+hznhX2GLx0tLnCwiZrOmJFYVnqxL43YTfLqtxEKsDh1B23wYS6PNEHFSHX6QKC849GInpIl+KQJS+m3VgEWGPWjkMS0N2a8UKmF2f3/aYmBta4fLsEUYI71c8DXhaICI/5NYYcJ6/zBmuyfLNx738qtWq8KiLRMQq8PYDbP8AmfGa68KjHUCOoWt9SnqcQ7+ECrQkgP0951G2wya87e38r0OyVGwwouMozyDkwc4KNtVlRxNGlhrcgWty232Iz/yaQhXuupra6pcSKqHlhQd6rXDZ8kdQ7QYIf74L8CO8NmzQzmyCgiaBSQk4jl3oB6KRmVOEAMN08RZWcQw+L+aD6cNzx0lCTwiJrEFkmLr0nkO+gAwuILd86CQTT0vEoS48Ba0yWFAYWFq51HZ1njOHQ0dcK8pzijw2jjydnjsL7GC+ej0toLrKMkWwtauWKwDfux+3S8LlXzrIgsW4LWUKH12LMC1ykMLkwAojjGmeALV4zH7lSXPDTBEDWPFKypppDFr68nUGr8MaDMY2fnjmTDTXxLUDDsE5YyBiXJ1/qbbQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(376002)(396003)(136003)(39860400002)(346002)(451199024)(186009)(1800799009)(8936002)(8676002)(4326008)(41300700001)(64756008)(110136005)(52536014)(66446008)(54906003)(66556008)(66946007)(66476007)(76116006)(316002)(5660300002)(2906002)(99936003)(122000001)(66574015)(166002)(38100700002)(38070700005)(83380400001)(55016003)(9686003)(53546011)(86362001)(33656002)(966005)(6506007)(7696005)(71200400001)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Kt2CEArMsnJ5zRKAdowQpYampscd/welVRYD9WiXCQXi9v6AJHPXaj9v1TWXaOVel2gEEwyLwAel1Hqhzf8zTxOsTXq1BPD3Xw8/zciHu3pYfEQ/HOdAFbAq4QC4ekEE9ORShd6f1SoTfMrjNke1V7Sf3qfeth+MweSZPzcFxbuta8lpp+7SNI3HgElqxAo8bDuhDl+KPc6EsYjn7uY+T47UPKpHznTcmU5vITRitoWxzczOfTKaSe6XBFbwCCsfaQ+TG2PIupJSWKJOmPX+2sGWQX4+bgCvZ+TKTn+wRsdBzsxi93wmAioHl2WHWdmijDAreNE1TcoNKpo2SqRyRY3c6DXf8z7z4Nfi97iHS4Gn6GvmrTcIJGwK1R05Xt/aG2liTPFr233hlke+zX5VONWYudi020SjAHlm3n1MXFUGT7RT0afmBp5JyIu69jMhSOkO/S0j+TT1XUPi0DvzlsSTvDAGEkOqyWXnDCg6T025fnw6S8ax6SxBsPt0qmDr0KqJl0rdmaHffJixiBfcSbePRRRlDujdwpBhU/eGhKPDNhw9CP1TzaYmStGig9H92DKkR+oN6Qqnj8XxbhyJsirzyqkfoSyyWb/+r5ZPPWqc52NoAHyXIZMjZRxB0vK+9/b3qGseaSsxkVgGTydFJwU2xol2zeUiwyxtXyhS+jQ5lBvdf5g4CCeMsyTI7PPJuCy6uOrAcA/XZRAO+H+2WE6ySeunxcEldYImjpPZgAouUYuSJ6A9AQbEKQceV7xmWSqr1vNxyT+DJFY5rERav5wiK/HRtAveC5aK+ZsOY/goappCJs0Hbfgg1oV3e+ldZGsL9wA9BObQH58dMItXZGlB6iBZLFyURCectqQBrYCAiq43ZzMsoHkVnOUM75kJZzg3OjjjFGUPAzkLh2GcTuoypASIMusfrud8Ny1CkzoqLdPGspKETpuvHbbXsKj8Qy2CEqSMd5smIBes0K7a9syBYf75gEmZz/MkWlqR1KvkiVUurCfLbKWq5h4Fkq8enMYU6TXZUGfbOhUKmgrkt/5KKL1WUh9KKnfi6F3yDHcmCF2QBtBc7iSrWoq/hfiHeLpgK9a1U1QcYbbiu7Ntrlj1jNIrICTkFvTaW62AxzGEVkU91yxOfmQ/1Rd7zmiEfPBHoMd2rptnZaXoX2Xto/EK5//5YtcyZ/ubnd3GJ8cA0Q1D+zXKSmwkSQQGheO1iTp+pPuWzlDGqKAfm015z3lipiogsQMB/doykphwYbvG0n1S9mGdqxKXYDSBYS6n9g4tHNivPkboYLgeKlJgvCRjkhLqNFiIp+80PkOKouiiZOBRjgbSt4PfK17fYkpc34/Uz3j2kkr3oAhw1otisVfR0gYIJlwCQmQOHDWWPXpDx/Dk6HilLZ/WSMQgTNO/oQFKXNqTyiSDpu/6eGX8YSZvcAssxbhp5//XsI+psJeEaiLw1sB8ki8OYut8138iK/p5EiWNgu6uP7JjsaK/IibVBs/ClEfgAK7hLFQgx/8YdQaML7T9lsWShwzuadRYwqNIr+tQNQQ0vPCD/bmDmORGhgkI940ijE2nZla9X4roAjFOEGLsSIEIci160tSCAxE0kMKvlBKhWeMZztXz+lgrFGL0H5qAMd4sLiwFf1E/M1/eFQ35GDgXQR0HKdFE
Content-Type: multipart/related; boundary="_004_BY5PR11MB41964D3E5D46199FF851E6E0B5EDABY5PR11MB4196namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fc947428-b670-4981-ab82-08dbb06e3530
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Sep 2023 13:19:18.8198 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yxzoKG+hyc05LO/fUguZxaRG7oOpoh/14EJR37xvzCuQ3AR+P+1uHEIByiqpl1s2sA9CpEm8wRFhyPLkc4Wasg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5071
X-Outbound-SMTP-Client: 72.163.7.163, rcdn-opgw-2.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Pu0Ji0k0vUquWZOt036bZX1SqQE>
Subject: Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2023 13:19:38 -0000

I’ve cleared my discuss.

Regards,
Rob


From: iesg <iesg-bounces@ietf.org> On Behalf Of lgl island-resort.com
Sent: 07 September 2023 19:40
To: Roman Danyliw <rdd@cert.org>
Cc: Smith, Ned <ned.smith@intel.com>; Rob Wilton (rwilton) <rwilton@cisco.com>; The IESG <iesg@ietf.org>; draft-ietf-rats-eat@ietf.org; rats-chairs@ietf.org; rats@ietf.org
Subject: Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with DISCUSS and COMMENT)

Makes it normative

Update to 9334

LL


[cid:image001.png@01D9E247.CDDD5450]
RATS.Architecture -> RFC9334 and normative by laurencelundblade · Pull Request #410 · ietf-rats-wg/eat<https://github.com/ietf-rats-wg/eat/pull/410>
github.com<https://github.com/ietf-rats-wg/eat/pull/410>





On Sep 7, 2023, at 10:49 AM, Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>> wrote:

Hi!


-----Original Message-----
From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> On Behalf Of Smith, Ned
Sent: Thursday, September 7, 2023 1:24 PM
To: Robert Wilton <rwilton@cisco.com<mailto:rwilton@cisco.com>>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>
Cc: draft-ietf-rats-eat@ietf.org<mailto:draft-ietf-rats-eat@ietf.org>; rats-chairs@ietf.org<mailto:rats-chairs@ietf.org>; rats@ietf.org<mailto:rats@ietf.org>
Subject: Re: [Rats] Robert Wilton's Discuss on draft-ietf-rats-eat-21: (with
DISCUSS and COMMENT)

BTW: [RATS.Architecture] is now RFC9334. Regardless of whether it is
informative or normative, the reference should be updated.

Agreed.


I believe it is informative because RFC9334 is an informative RFC.

The status of RFC9334 won't dictate whether it is normative or informative in this document.  Referenced normatively in this document just makes RFC9334 a "DownRef" (i.e., a "higher status" proposed standard document referencing a "lower status" information document)

Borrowing from https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/, the key question is whether [RATS.Architecture] is needed to implement this RFC.

The text in Section 9.3 of this documents meets that threshold of being "required reading" by pointing this document to the security considerations in [RATS.Architecture].

==[ snip ]==
9.3.  Freshness

  All EAT use MUST provide a freshness mechanism to prevent replay and
  related attacks.  The extensive discussions on freshness in
  [RATS.Architecture] including security considerations apply here.
==[ snip ]==

Roman


On 9/7/23, 6:11 AM, "RATS on behalf of Robert Wilton via Datatracker" <rats-
bounces@ietf.org<mailto:bounces@ietf.org> <mailto:rats-bounces@ietf.org> on behalf of
noreply@ietf.org<mailto:noreply@ietf.org> <mailto:noreply@ietf.org>> wrote:


Robert Wilton has entered the following ballot position for
draft-ietf-rats-eat-21: Discuss


When responding, please keep the subject line intact and reply to all email
addresses included in the To and CC lines. (Feel free to cut this introductory
paragraph, however.)




Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-
ballot-positions/
<https://www.ietf.org/about/groups/iesg/statements/handling-ballot-
positions/<https://www.ietf.org/about/groups/iesg/statements/handling-ballot-%0bpositions/>>
for more information about how to handle DISCUSS and COMMENT positions.




The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-rats-eat/
<https://datatracker.ietf.org/doc/draft-ietf-rats-eat/>






----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------


Hi,


Thanks for this document. Sorry, I didn't have time to review this document
that closely. I have flagged one issue for discussion to change the reference
to the architecture document to being a normative reference. This would mean
a
downref, but should otherwise be an easy change to make. The rest of my
comments are non-blocking.


(1) p 71, sec 11.2. Informative References


[RATS.Architecture]
Birkholz, H., Thaler, D., Richardson, M., Smith, N., and
W. Pan, "Remote ATtestation procedureS (RATS)
Architecture", Work in Progress, Internet-Draft, draft-
ietf-rats-architecture-22, 28 September 2022,
<https://datatracker.ietf.org/doc/html/draft-ietf-rats-
<https://datatracker.ietf.org/doc/html/draft-ietf-rats-<https://datatracker.ietf.org/doc/html/draft-ietf-rats-%0b%3chttps:/datatracker.ietf.org/doc/html/draft-ietf-rats->>
architecture-22>.


"From section 1.3, EAT follows the operational model described in Figure 1 in
[RATS.Architecture].". This, along with other references indicates that the
RATS architecture should be a normative reference.




----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


(2) p 0, sec


An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with
attestation-oriented claims.


This is probably contentious, but given that this is a new spec, I wonder
whether it wouldn't be better (i.e., encourage wider interop) if only CBOR,
COSE and CWT were used/allowed.


(3) p 20, sec 4.2.6. swname (Software Name) Claim


The "swname" claim contains a very simple free-form text value for
naming the software used by the entity. Intentionally, no general
rules or structure are set. This will make it unsuitable for use
cases that wish precise naming.


I found it interesting, and slightly surprising, that the hardware model claim
is opaque, but the software name claim is not.


(4) p 24, sec 4.2.11. uptime (Uptime) Claim


The "uptime" claim MUST contain a value that represents the number of
seconds that have elapsed since the entity or submodule was last
booted.


Relative to other claim descriptions, the MUST in this description seems
strange. Perhaps better as just "The "uptime" claim contains a value ..."


(5) p 88, sec Appendix B. UEID Design Rationale


A UEID is not a UUID [RFC4122] by conscious choice for the following
reasons.


Note that the UUID spec is currently being updated (it is also on this week's
telechat review), so some of the concerns being described here may no longer
be
valid. It is still only 128 bits though, and 6 bits are spent identifying UUID
format and version.


(6) p 89, sec Appendix B. UEID Design Rationale


Note also that that a type 2 UEID (EUI/MAC) is only 7 bytes compared
to 16 for a UUID.


Note that the paragraph at the end of appendix B.1. states that UEIDs are a
minumum of 128 bits ...


Regards,
Rob






_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org> <mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats
<https://www.ietf.org/mailman/listinfo/rats>



_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats
_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email