Re: [Rats] looking for better terms -- request for bike shed discussion
Michael Richardson <mcr@sandelman.ca> Wed, 08 January 2020 19:34 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A87D1200CC for <rats@ietfa.amsl.com>; Wed, 8 Jan 2020 11:34:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2x3-e8MgkZJ3 for <rats@ietfa.amsl.com>; Wed, 8 Jan 2020 11:34:56 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 575B512011B for <rats@ietf.org>; Wed, 8 Jan 2020 11:34:56 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id C33663897B; Wed, 8 Jan 2020 14:34:33 -0500 (EST)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id CFEE371D; Wed, 8 Jan 2020 14:34:54 -0500 (EST)
From: Michael Richardson <mcr@sandelman.ca>
To: Laurence Lundblade <lgl@island-resort.com>
cc: "Smith, Ned" <ned.smith@intel.com>, =?utf-8?B?IlNjaMO2bnfDpGxkZXIsIErDvHJnZW4i?= <J.Schoenwaelder@jacobs-university.de>, "rats@ietf.org" <rats@ietf.org>
In-Reply-To: <0FB69139-54DE-4F1B-906F-12B83D1EDEED@island-resort.com>
References: <26979.1578413051@localhost> <6291CF16-BBDC-4A12-A0C0-FDFBAB494A31@island-resort.com> <20200107165432.zmpm6yilgr6fogrh@anna.jacobs.jacobs-university.de> <C7744481-277D-477A-8B0A-F7DC9F4CC273@intel.com> <0FB69139-54DE-4F1B-906F-12B83D1EDEED@island-resort.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 08 Jan 2020 14:34:54 -0500
Message-ID: <31998.1578512094@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/W5AXeVkPegOTvg5YEP0ZTo4poEw>
Subject: Re: [Rats] looking for better terms -- request for bike shed discussion
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2020 19:34:58 -0000
Thank you for this very nice text. I rather like it. Laurence Lundblade <lgl@island-resort.com> wrote: > Here’s some rough text: > Conceptually, the “attester” produces a set of “claims” about a “target”. > The claims are known as “attestation evidence” and are sent to the > “verifier”. The verifier additionally takes in “endorsements”, processes > the attestation evidence and produces the “attestation result” for the > final consumer, the “relying party”. > This description left conceptual for easy understanding and discussion. > Actual implementations are usually more complex in at least one or more > of these ways: > * The attester is also the target > * One attester produces claims about several targets (submodules) > * The verifier and the relying party are the same > * Claims may be simple or complex, many or few > * Some claims are measurements and some are not > * Some claims in in the attestation evidence may be simply passed > through the verifier, others may be heavily processed. > * Daisy chaining -- the evidence from one attester goes through a > verifier producing results which are taken as claims that are input > to another attester that outputs a different set of evidence that > goes on through a different verifier. > * Daisy chaining may happen on the device producing the attestations > or in the infrastructure evaluating the device or both. > (Next I’d write a plethoras of simple examples for attester, target, > claims… assuming only the simplest implementation that maps to the > conceptual description ) > I am starting to prefer the basic conceptual / abstract description over one > that is inherently mappable to every possible. > LL
- Re: [Rats] looking for better terms -- request fo… Salz, Rich
- [Rats] looking for better terms -- request for bi… Michael Richardson
- Re: [Rats] looking for better terms -- request fo… Laurence Lundblade
- Re: [Rats] looking for better terms -- request fo… Schönwälder
- Re: [Rats] looking for better terms -- request fo… Smith, Ned
- Re: [Rats] looking for better terms -- request fo… Laurence Lundblade
- Re: [Rats] looking for better terms -- request fo… Michael Richardson
- Re: [Rats] looking for better terms -- request fo… Dave Thaler
- Re: [Rats] looking for better terms -- request fo… Henk Birkholz
- Re: [Rats] looking for better terms -- request fo… Dave Thaler
- Re: [Rats] looking for better terms -- request fo… Henk Birkholz
- Re: [Rats] looking for better terms -- request fo… Henk Birkholz
- Re: [Rats] looking for better terms -- request fo… Smith, Ned
- Re: [Rats] looking for better terms -- request fo… Smith, Ned
- Re: [Rats] looking for better terms -- request fo… Dave Thaler
- Re: [Rats] looking for better terms -- request fo… Panwei (William)
- Re: [Rats] looking for better terms -- request fo… Laurence Lundblade
- Re: [Rats] looking for better terms -- request fo… Thomas Hardjono