Re: [Rats] Use case -> architecture document

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Wed, 09 October 2019 16:38 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2605C120859 for <rats@ietfa.amsl.com>; Wed, 9 Oct 2019 09:38:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OZYvfsV0mGJE for <rats@ietfa.amsl.com>; Wed, 9 Oct 2019 09:37:55 -0700 (PDT)
Received: from mailext.sit.fraunhofer.de (mailext.sit.fraunhofer.de [141.12.72.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3739B120878 for <rats@ietf.org>; Wed, 9 Oct 2019 09:37:49 -0700 (PDT)
Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.15.2/8.15.2/Debian-10) with ESMTPS id x99GbauV011469 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NOT); Wed, 9 Oct 2019 18:37:37 +0200
Received: from [192.168.16.50] (79.234.112.245) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.468.0; Wed, 9 Oct 2019 18:37:31 +0200
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, =?UTF-8?B?U2Now7Zud8OkbGRlciwgSsO8cmdlbg==?= <J.Schoenwaelder@jacobs-university.de>
CC: "Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com>, "rats@ietf.org" <rats@ietf.org>
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <CAHbuEH7WkqeyUW3sL5bdw5N25B6O7ZEF0Qkx03fE5c42Sd4M5w@mail.gmail.com> <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de> <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de> <CAHbuEH6u-6GsJjK8s0eFQPLeSuGjPMgonhyQkmaeA6Q+rp42kA@mail.gmail.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <9379d880-2b7e-6657-c547-b37bb7a9e466@sit.fraunhofer.de>
Date: Wed, 9 Oct 2019 18:37:30 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <CAHbuEH6u-6GsJjK8s0eFQPLeSuGjPMgonhyQkmaeA6Q+rp42kA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Originating-IP: [79.234.112.245]
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/Tp9mEIMcqNhjhR8yX1l6fT9J_-0>
Subject: Re: [Rats] Use case -> architecture document
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 16:38:01 -0000

Hi Kathleen,
hi list,

while I of course understand your point of "the simpler, the better", I 
am still a bit of at a loss, what the actual issue is. You are proposing 
a solution to a problem that I currently have not seen being described yet.

Maybe we should do things in order and describe the problem better first 
and then see how to resolve it inside the existing document?

That is basically the reason for my request to you on actual issues in 
my last comment. I understand the category of the problem "readability" 
and I assume analogously "comprehensibility", of course, but I think 
that is too vague to actually act on.

What you are describing with respect to workflow diagrams that is using 
the roles - Dave did already provided those and walked us through them 
for example at the first interim, and we are doing ASCII art on them 
currently.

In fact, that very first action item wrt what we are working on (well, 
we paralleled some other items, too) back in early September was:

> * to elaborate on the use of RATS Principals, including more exemplary diagrams of RATS Role composition and interaction between RATS Principals based on the use case document (and by that address a unified mapping to TEEP, RIV, and models that use EAT)

So what am I hearing now is that Dave is now starting to do the exact 
same thing, with the exception of not using the terms defined in the 
architecture. Is that correct? I am still not sure what issues we are 
trying to address here.

Viele Grüße,

Henk

p.s. with respect to pair programming, I really hope that solutions 
drafts simplify that process the same way the first RATS YANG module 
does it today, already.

On 09.10.19 18:03, Kathleen Moriarty wrote:
> 
> I would rather see the architectural patterns come before the specific 
> terminology.  If you look through the slides from Dave's presentation at 
> our previous interim meeting, he laid out several architectural patterns 
> using the same language that is used in SUIT and TEEP.  It is desirable, 
> IMO, to begin with architectural patterns that can be used in necessary 
> use cases.  Additional architectural patterns may arise, but we have a 
> nice starting point.
> 
> See: 
> https://datatracker.ietf.org/meeting/interim-2019-rats-02/materials/slides-interim-2019-rats-02-sessa-teep-and-rats-alignment
> It defines the passport, background check, and verifying relying party 
> architectural patterns for RATS.
> It also provides an illustration of how the OTrP model for device state 
> can fold into each of those 3 RATS architectural patterns.
> 
> What Dave is planning to do is to write text describing these 
> architectural patterns.  It will likely be in the language similar to 
> what's been used in SUIT and TEEP as his slides match the terminology.
> 
> Attestation has countless use cases, and several known architectural 
> patterns to date.  The document would first define these patterns.  
> Then, like SUIT, a high-level description of use cases could be included 
> with pointers to other future WG drafts that more fully define the use 
> cases.  Any additional terminology that is necessary could then be 
> added, but keeping in mind that we do not want unnecessary terms.  If we 
> start from the models, it will be easier to maintain the scope and set 
> of terms.  The terms would come from the current document, but language 
> may be adjusted as needed.
> 
> The specific use case details that map claims could be in a later 
> section with the IANA section defining claims for use cases to be added 
> to the CWT and JWT registry.
> 
> I work for Dell and would like to be able to bring this work forward for 
> PoCs.  However, our teams (like many others) use pair programming.  This 
> means the 2 coders work as a team and in our model, they rotate to a new 
> project every 2 weeks.  This helps with innovation and other benefits.  
> If each pairing team has a significant learning curve, a lot of time 
> will be wasted and the PoC would not make progress.
> 
> If the goal for service providers and others is to use this technology 
> (as is my goal), we need to make it something that is accessible to 
> many.  The developers at many organizations will use crypto libraries, 
> but will not necessarily be security people.  They will be starting from 
> a point where they do not have security specific language nor this very 
> specific set of terms that is being defined.  The simpler we can keep 
> it, the better to gain wider adoption.
> 
> I think if we step back and see what Dave does with the document to 
> define the architectural patterns, then we can decide how we merge 
> content with readability as a goal.
> 
> Best regards,
> Kathleen
> 
> On Wed, Oct 9, 2019 at 10:50 AM Schönwälder, Jürgen 
> <J.Schoenwaelder@jacobs-university.de 
> <mailto:J.Schoenwaelder@jacobs-university.de>> wrote:
> 
>     Hi,
> 
>     I did also look at the use cases document (I think -04) after going
>     through the architecture document and I must admit that I did not find
>     it too helpful to understand things better. I did not see anything
>     architectural in there either. I guess I will read the teep
>     architecture next and perhaps that helps me to get a better clue.
> 
>     For people like me who are not deep into this technology yet, getting
>     used to the rather specific terminology and concepts is a certainly a
>     learning effort and I think the architecture document was on its way
>     to get terms well defined and sorted out. Some more examples or
>     explanations may help the reader further and I believe this can be
>     achieved.
> 
>     /js
> 
>     On Wed, Oct 09, 2019 at 01:55:57PM +0200, Henk Birkholz wrote:
>      > Hi Kathleen,
>      > hi list,
>      >
>      > it would help everybody, if you could explicitly highlight what
>     the exact
>      > issues wrt readability in the current architecture I-D are -
>     always in
>      > comparison with the use-case I-D, if it is doing a better job in
>     that part?
>      >
>      > Jürgen provided a good example of what he found confusing as a
>     first time
>      > reader - and that was really helpful and is resulting in ongoing
>     work.
>      >
>      > Please mind, not everything is fleshed out in the architecture
>     (e.g. the
>      > workflows derived from the use-cases). The plan was to aim for a
>     stable
>      > nucleus, address the issues raised by the list, go through
>     adoption, and
>      > finish the document via the issue tracker in a structured process.
>      >
>      > In summary, without an actual understanding why you (or others!)
>     think the
>      > document is still hard to read, there is no way of compare
>     readability later
>      > on also. It would be really good to get more precise feedback on
>     that.
>      >
>      > Viele Grüße,
>      >
>      > Henk
>      >
>      >
>      >
>      >
>      > On 09.10.19 13:31, Kathleen Moriarty wrote:
>      > > Hi Frank,
>      > >
>      > > Thank you for voicing your concern.  I think some may hold off
>     until the
>      > > updates are provided, but please do voice your opinions.  I
>     agree that
>      > > this work is too important and as such, readability is a
>     high priority.
>      > > If you read through the TEEP and SUIT architecture drafts, they are
>      > > quite easy to follow and understand.  That is critical for wide
>     spread
>      > > adoption.  We may be able to find a balance, but I think this
>     exercise
>      > > may speed progress as we have not decided to adopt this draft
>     yet as a
>      > > working group item.
>      > >
>      > > As it stands, the use case document is not an architecture
>     document, but
>      > > it could be shaped as such and I'd really like to see if we can
>     do that
>      > > in short order to have a comparison prior to an adoption call.
>      > >
>      > > Best regards,
>      > > Kathleen
>      > >
>      > > On Wed, Oct 9, 2019 at 6:53 AM Xialiang (Frank, Network Standard &
>      > > Patent Dept) <frank.xialiang@huawei.com
>     <mailto:frank.xialiang@huawei.com>
>      > > <mailto:frank.xialiang@huawei.com
>     <mailto:frank.xialiang@huawei.com>>> wrote:
>      > >
>      > >     Hi Kathleen,____
>      > >
>      > >     __ __
>      > >
>      > >     I am very concerned with this new direction and I strongly
>     object.____
>      > >
>      > >     __ __
>      > >
>      > >     Current architecture draft goes through a lot discussions and
>      > >     reaches many consensus. Right now, it really helps IETF
>     (Teep for
>      > >     example), FIDO, TCG and many others. The only issues are on
>      > >     readability, the standards track and the completeness (e.g.,
>      > >     passport and background check are still missing). It is an
>     very good
>      > >     document and correct terminology is very important for remote
>      > >     attestation.____
>      > >
>      > >     __ __
>      > >
>      > >     About use cases document, Its goal is just to clarify a
>     sample list
>      > >     of scenarios that remote attestation can apply to and then
>     deduce
>      > >     the requirements and the following concrete protocol
>     drafts. It is
>      > >     not fit to be an architecture.____
>      > >
>      > >     __ __
>      > >
>      > >     The current architecture is too important for telecom and
>     network
>      > >     equipment vendors and service providers. I have strong
>     doubts that
>      > >     current EAT and OTrPv2 alone is suitable for the (virtualized)
>      > >     network infrastructure situation.____
>      > >
>      > >     __ __
>      > >
>      > >     B.R.____
>      > >
>      > >     Frank____
>      > >
>      > >     ____
>      > >
>      > >     __ __
>      > >
>      > >     This e-mail and its attachments contain confidential
>     information
>      > >     from HUAWEI, which is intended only for the person or
>     entity whose
>      > >     address is listed above. Any use of the information
>     contained herein
>      > >     in any way (including, but not limited to, total or partial
>      > >     disclosure, reproduction, or dissemination) by persons
>     other than
>      > >     the intended recipient(s) is prohibited. If you receive
>     this e-mail
>      > >     in error, please notify the sender by phone or email
>     immediately and
>      > >     delete it!____
>      > >
>      > >     __ __
>      > >
>      > >     *发件人:*RATS [mailto:rats-bounces@ietf.org
>     <mailto:rats-bounces@ietf.org>
>      > >     <mailto:rats-bounces@ietf.org
>     <mailto:rats-bounces@ietf.org>>] *代表 *Kathleen Moriarty
>      > >     *发送时间:*2019年10月8日19:25
>      > >     *收件人:*rats@ietf.org <mailto:rats@ietf.org>
>     <mailto:rats@ietf.org <mailto:rats@ietf.org>>
>      > >     *主题:*[Rats] Use case -> architecture document____
>      > >
>      > >     __ __
>      > >
>      > >     Hello!
>      > >
>      > >     I read through the latest version of the ‘use case’ document
>      > >     yesterday and found it very easy to read and understand,
>     meaning I
>      > >     think it is written well and could be easily understood by many
>      > >     without having to climb up a learning curve. ____
>      > >
>      > >     __ __
>      > >
>      > >     First, this could be a very useful document to register
>     claims for
>      > >     the use cases.
>      > >
>      > >     Second, if the workflow for the passport and background
>     check were
>      > >     added and put in terms of the open trust protocol v2 from
>     TEEP, we
>      > >     have a fairly nice architecture document that’s easy to
>     read and may
>      > >     gain adoption.  The workflows cover the various
>     interactions between
>      > >     roles and TEEP has actively broken up OTrP in v2 to
>      > >     accommodate using EAT tokens, this would help create that
>     link and
>      > >     make it very clear.
>      > >
>      > >     The other thing I like about the use case document and think we
>      > >     should expand on is the references to other work items. 
>     This makes
>      > >     it an architecture document that maps out the full plan of
>     the WG.
>      > > One like that was extremely well received by all the ADs that don’t
>      > >     like informational/helpful documents.
>      > >
>      > >     I’m a bit nervous with the terminology being defined and
>     would love
>      > >     to see something like this that’s simplified and more easily
>      > >     adoptable. ____
>      > >
>      > >     __ __
>      > >
>      > >     I appreciate the work done to improve the architecture
>     document, but
>      > >     I do think the structure changes to the use case document as
>      > >     suggested could result in an easier to understand (and
>     therefore
>      > >     easier to adopt) document.____
>      > >
>      > >     __ __
>      > >
>      > >     While the architecture document is more readable, I think
>     we can do
>      > >     better.  Adoption is important and our timeliness matters a
>     lot for
>      > >     this work.  EATs can be used for may use cases with OTrPv2,
>     so let's
>      > >     keep it as simple as we can.
>      > >
>      > >     Thoughts are appreciated.
>      > >
>      > >     Best regards,
>      > >     Kathleen-- ____
>      > >
>      > >     __ __
>      > >
>      > >     Best regards,____
>      > >
>      > >     Kathleen____
>      > >
>      > >
>      > >
>      > > --
>      > >
>      > > Best regards,
>      > > Kathleen
>      > >
>      > > _______________________________________________
>      > > RATS mailing list
>      > > RATS@ietf.org <mailto:RATS@ietf.org>
>      > > https://www.ietf.org/mailman/listinfo/rats
>      > >
>      >
>      > _______________________________________________
>      > RATS mailing list
>      > RATS@ietf.org <mailto:RATS@ietf.org>
>      > https://www.ietf.org/mailman/listinfo/rats
> 
>     -- 
>     Juergen Schoenwaelder           Jacobs University Bremen gGmbH
>     Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
>     Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>
> 
> 
> 
> -- 
> 
> Best regards,
> Kathleen