IETF Logo Mail Archive

Re: [Rats] Review of <draft-ietf-rats-reference-interaction-models>

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Fri, 01 December 2023 22:36 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 646C1C14F604 for <rats@ietfa.amsl.com>; Fri, 1 Dec 2023 14:36:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sit.fraunhofer.de header.b="hwtqsitY"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="ju/rQLLc"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8rWkc_XDGcdm for <rats@ietfa.amsl.com>; Fri, 1 Dec 2023 14:36:44 -0800 (PST)
Received: from mail-edgeF24.fraunhofer.de (mail-edgef24.fraunhofer.de [IPv6:2a03:db80:3004:d210::25:24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFB7DC14F5F1 for <rats@ietf.org>; Fri, 1 Dec 2023 14:36:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sit.fraunhofer.de; i=@sit.fraunhofer.de; q=dns/txt; s=emailbd1; t=1701470203; x=1733006203; h=message-id:date:subject:to:references:from:in-reply-to: content-transfer-encoding:mime-version; bh=p53PbUYPsc9jj7reKBEARRRNc3L73lV/d+BAZmoP35g=; b=hwtqsitYVmSNi4+KmlD2z06y4tlG96U38fHhp6lXhkLyYrj7G01TCwJo /xdtJ7/AD0kST/F1TS537bQ4y5vdB3u7bWrHbWZEKxUwgPbC+sofzxvKj yXqOH4U4JKddWk38xEov86Ji3xHTRJll/S1B+f7XxKZlz2pMdApF1Bfhq xmfMUpA4uADNwYe39Ccj+WcO2UudPJoPgnm40JteMf6hPcVng0CywrMV9 XkKXVQDfWW31JCIbNFcRZoQqPy9ElJnQYc3g6JeR+0A3TThte9RGvZaaX 1uKSA32z6GBM5P7VnNDUktPBqJ1ymC1BRLb117r2jkV6LqNItuvDGPS40 w==;
X-CSE-ConnectionGUID: pLfIAssiR6+t4qsZBvEqww==
X-CSE-MsgGUID: IEvkD3PMRJ6CaG1HA2osrA==
Authentication-Results: mail-edgeF24.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-IPAS-Result: A2GaBAAnX2pl/xmkZsBaHgEBCxIMQIFEC4I5e4FdhFORNS0DkTuGLIE4gzOCUQMuHwkPAQEBAQEBAQEBCAEuDQkEAQEDBIR/AocrJzcGDgECAQMBAQEBAwIDAQEBAQEBAQIBAQYBAQEBAQEGBgKBGYUvDAYnDYN5gR4BAQEBAQEBAQEBAQEdAg0oDCgBHwEBAQMBASEPAQUIAQEsBgYPCQISBgICJgICJwsXDgYBDAYCAQGCfAGCKgMxFAaUeps5eoEygQGCCQEBBoJmrTsYYIFgAwYJAYEQLoNdhDEBhVmCAoIzFx+BVUSBFScLA4FzgQI+gmEBAQKFOYJohlmCAxUuBQIygQkMCYRVhWiKKF0iBUJwGwMHA38PKwcELRsHBgkUGBUjBlEEKCEJExI+BIFdgVEKgQI/Dw4Rgj8rNjYZSIJbFQw0SnUQKgQUF4ERBGobEx43ERIXDQMIdB0CMjwDBQMEMwoSDQshBVYDQgZJCwMCGgUDAwSBMwUNHgIQGgYMJwMDEksCEBQDOwMDBgMLMQMwVUQMTwNrHzYJPA8MHwIbHg0nIwIyQgMRBRICFgMkFgQ4EQkLKAMvBjsCEwwGBgleJgcPCQQnAwgEAxkOAxkrHUACAQttPRQhCQsbRAInoGaBNIFSFVQ2JgQyEQ4CLywgCgxJBTQqIgmSV488ojQ0B4IzgV+BWgYMnyUGEy+EAYxzhj03kTpkiByQJiCiR0kBAYR9AgQCBAUCDgiBeYIATSRPgmdSGQ+DOopmDBaDVoUUimZ1AgE4AgcBCgEBAwmKYgEB
IronPort-PHdr: A9a23:eLzqyRy7ectoBzDXCzKQy1BlVkEcU8jcIFtMudIu3qhVe+G4/524Y RKMrf44llLNVJXW57Vehu7fo63sCgliqZrUvmoLbZpMUBEIk4MRmQkhC9SCEkr1MLjhaClpV N8XT1Jh8nqnNlIPXcjkbkDUonq84CRXHRP6NAFvIf/yFJKXhMOyhIXQs52GTR9PgWiRaK9/f i6rpwfcvdVEpIZ5Ma8+x17ojiljfOJKyGV0YG6Chxuuw+aV0dtd/j5LuvUnpf4FdJ6/UrQzT bVeAzljCG0z6MDxnDXoTQaE5Sh5MC0ckk9LBRGGtjD8er7D9SvFt9dg2i6ENpX1Z6xzQBny/ 5gzQiLhhQ0pDCMQz1jy358V7upR9RC84AZG56rfRZuqafplQrnaccE5RnhhZJgNRzBDM7KDQ 4cxUu4TY8Rnv4DvowIptAuhKyaCAMzVyxFNqH/93ZQfjf8rAELG5SMlRfYglEz7tPHJLPwUT cOz8pvU1weSVqNo1Rbe6Ir3KQgRo/OcQe5gTY39zEsCL1vllA/Mp7P8GTCM9uEv4nfEv9h4C dudqmMIjxp6gxK13fwUk5TVpYEKzg745QBk+bwSPojrAF4+YMSjFoNXrT3fLYZtX8c+Fnlho z1polVnkZuyfSxPxZgoyjCFN7qJaYGV5BLkWuuLZzt11zppe7O60g676lPoivb9Wc+9zEtQo 2Jbn8PNuHEA212b6sWORvZnuEb08TiV3h3V6uZKLFpykqzeKpU7xaU3mIZVukPGdhI=
X-Talos-CUID: 9a23:lilbmWkcJC1aDyUYMpCgvM76xfTXOWX5wlb5OFS5MzgqVOGMUm265o59jNU7zg==
X-Talos-MUID: 9a23:JtRFWQ+rpyT5ejggMS5vspGQf+ZF/aeCU3goq7dYkMCrbAxZYTCGlh3iFw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.04,242,1695679200"; d="scan'208";a="65360795"
Received: from mail-mtaf25.fraunhofer.de ([192.102.164.25]) by mail-edgeF24.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Dec 2023 23:36:21 +0100
IronPort-SDR: 656a5fdc_9sPmi0pa4d+PSU9R0AaHk0ftna6DA1fuixMXsdQ8/sotFO4 VTU23z/Ztlt1iKzMGFpgayVforVfwQ1Y5y1sVqw==
X-IPAS-Result: A0BKCQAnX2pl/3+zYZlaHgEBCxIMQAkcgR8LgWdSB3RYgQWEUoNNAQGFLYZFgXQtAzgBkQKGLIE4gzOCUQNWDwEDAQEBAQEIAS4NCQQBAYUGAocoAic3Bg4BAgEBAgEBAQEDAgMBAQEBAQEDAQEFAQEBAgEBBgSBChOFOwYnDYZGAQEBAwEBEBEPAQUIAQEUGAYGDwkCEgYCAiYCAicLBxAOBgEMBgIBAR6CXgGCKgMxAgEBEAaUeo9OAYFAAoooeoEygQGCCQEBBgQEgl6tOxhggWADBgkBgRAug12EMQGFWYICgjMXH4FVRIEVJwsDgXOBAj6CYQEBAoU5gmiGWYIDFS4FAjKBCQwJhFWFaIooXSIFQnAbAwcDfw8rBwQtGwcGCRQYFSMGUQQoIQkTEj4EgV2BUQqBAj8PDhGCPys2NhlIglsVDDRKdRAqBBQXgREEahsTHjcREhcNAwh0HQIyPAMFAwQzChINCyEFVgNCBkkLAwIaBQMDBIEzBQ0eAhAaBgwnAwMSSwIQFAM7AwMGAwsxAzBVRAxPA2sfFiAJPA8MHwIbHg0nIwIyQgMRBRICFgMkFgQ4EQkLKAMvBjsCEwwGBgleJgcPCQQnAwgEAxkOAxkrHUACAQttPRQhCQsbRAInoGaBNIFSFVQ2JgQyEQ4CLywgCgxJBTQqIgmSV488ojQ0B4IzgV+BWgYMnyUGEy+EAYxzhj03kTpkiByQJiCiR0kBAYR9AgQCBAUCDgEBBoF5JoFZTSRPgmdPAxkPgzqKZgwWg1aFFIpmQjMCATgCBwEKAQEDCYphAQE
IronPort-PHdr: A9a23:ydwkfxLYXdA7itRKvtmcuClnWUAX0o4cQyYLv8N0w7sbaL+quo/iN RaCu6YlhwrTUIHS+/9IzPDbt6nwVGBThPTJvCUMapVRUR8Ch8gM2QsmBc+OE0rgK/D2KSc9G ZcKTwp+8nW2OlRSApy7aUfbv3uy6jAfAFD4Mw90Lf7yAYnck4G80OXhnv+bY1Bmnj24M597M BjklhjbtMQdndlHJ70qwxTE51pkKc9Rw39lI07Wowfk65WV3btOthpdoekg8MgSYeDfROEVX bdYBTIpPiUO6cvnuAPqYSCP63AfAQB02hBIVgvD9VKgf5HVmxm9ttV85TSYOtP9FbMeRXO7w vd7d0fitS4KHRAC7Ujos+kl38c56Bj0pQE42bfwRIqwLsUjfrjhZ9QWV0lCTOZrCXBRHoGNX rQjA9RcOfQGjbbtrkkK9DynFRaCK83r5QVJqHrY3aY66sF/CgvXnwwZMNdUlFrwlPrtEJsKC uap76/2/ynZXaJviQnxyavIcC96ucGOX6JsLdrtjmUqFS791nWK89DrACqz1f0ttkrK8LUwZ /rzslwGpi5VuTOO7N03sbHQm542yU/Aqxlp5ZsMH/qjHR0zcZulCpxWryaAK85sT9g/R309o C8h0e5uUf+TeSELzNEi2xfxMaHBfZKB/xTjU+icO3F0iSEtdLG+gkOq+FO7gq3nV8ay2UpXt CcNjNTWt34M2hCSosiKQ/dw5AGgjB6BzQnO7OFDL00u063dLp8q2LkrkZQP90/EG0fL
IronPort-Data: A9a23:vN3aCKgU3kLThK3BvuQC5QMgX161HhUKZh0ujC45NGQN5FlHY01je htvUWjXMviONjT9KNwgPNyz9kxVupWGmNRnTAJopSA2FCNjpJueD7x1DKtf0wB+jiHnZBg6h ynLQoCYdKjYdleF+lH3dOKJQUBUjcmgXqD7BPPPJhd/TAplTDZJoR94kobVuKYx6TSCK13L4 Y+aT/H3Ygf/gGcuajtMsMpvlTs21BjMkGNA1rABTa0T1LPuvyF9JI4SI6i3M0z5TuF8dgJtb 7+epF0R1jqxEyYFUrtJoJ6iGqE5auK60Ty1t5Zjc/PKbi6uBsAF+v1T2PI0MS+7gtgS9jx74 I0lWZeYEW/FMkBQ8QgQe0EwLs1wAUFJ0ODNGSWEiJ2r9BPpUGD+kvFuLF0INIJNr46bAUkWn RAZACsIcgjFivK9wPS1UOBxgMQkIsTxeo8S0p1i5WiEVrB3HtaaHPSMvIUHtNszrpgm8fL2Z 8cfanxlbQ7DYxpLKH8MCY54kv2hm3//dDNVshSZqMLb5kCJllYrjei3boS9ltqiVexsxEydp kD832HJIgEgOYeWjjzZ/Sf57gPItWahMG4IL5W4//hsjUbV2ncYCBoYWF26rqzl0lW/VtdSL VdS8S0rhaQ3/VagCNjwQxP+p2SL1jYGUsZLO+w39A/LzbDbizt1HUBdE2UEOYNj7ZBnAGVwi RmXmpXiQzJ1uaCTSXWT+63SoT7a1TUpEFLurBQsFGMty9f5qZw1jhXBQ8wlF6iwj9bvHir3z SzMpy8774j/R+ZRv0li1Qmf22j+lYuDVQMv+ATcU0Ss6w4zNsbvZJWl5RKfpbxMJZqQBAvJ9 nUVudms3MZXB7G0lQuJXLosGpOt7K27KzHyuwNkMKQg0DWPwESdW75szgtwHno0DfZcSwTVO BfSnShz+K5sOGCbaP4rQoCpVOUv46vSNfXkcfH2fNN+W4VDci2H8B4zYkTK7WTmkRUvo5oeI raeS96nVlwBOJRkzR23ZuYT6qAqzSYA3lHuRYj34hCk8LiGbluHYO4hHHrXSc5h94KCggHe0 +gHBvuw0x8FDdHPOHjGw7AcPXUhDCYdB6mvj+d1a+TaAA5tOF95Os/r2bl7JrBUxfVEpNzpo EO4dFRTkmfkpHv9Lg6PVHBvRZXvUbt7rlM5JSYcBkmp6VdyfbeQ6LojSLVvcYkF7OBDydtGf 8sBceiEAdVNTW3j0BYZZp/fsodjVUqKgSSjAimbWwU8LqVQH1HxxtzZfwXU5HYvCAizvpAAu LGO7F7QbqcCYAVAN/zoTsyT4Wm/hlUjvd5jflDpJ4BTcXr88YIxJC3WiOQ2Ev42Kh7C52W70 SCKDTcxuNv9o40824TMjqWq9o2sE/VMG3RLO2zh6Ze3Kijo0W6xyqBQUOuzXG78VUGl3I6Ad Olq3/XHH/lfp2lzsq14CKdN8aIyw/DNto1q5F1oM1uTZmv6F446BGeN2Pd+k5Fkx5hbiFOQY V2O8NwLAoe5EprpP3BJLTV0c9nZ8+8fnwTTyvEHIE/awitT15jfWGVwOyi8sgBsHIFXAqgEn 9h44NU37jahgCUEKtyF1yBY11qdJ0w6DpkIiMsoP5/JuCEKlHd5fp3uOg3n6squavJNEHUQD B26ua7gv4lYl23+KycdNH6VxudMp4U8iDYTxn84Glm5sN7khPg24R5vzQoKXjlllhVq7uYiF VVoZmtUJLqP9QhGnMJsfX6hMCAfCQy7+n7e8UoolmrYRBOsDkjIHnwMCdiQ9W9I9lBsXyVp0 4yZ7E3HUj/aWt778QVveExiqt3lFcdQ8C+bku+ZPs21JbsIShu7vb2LekwztArBPcM9oGblt Nta1r98RoOjPBFBvpBhLZeR0IohbSytJUtAcKlHx7wIF2SNQwOC82GCBG7pc/wcOsGQ11GzD vFvAcd9Vx6e8iKqhRJDDI4uJ45EptIY1OAgSJjKe1Ff66C+qwB3uq3+7iL93W8nY+t/mPYHd 7/+SWiwLXyyt1B1xUn2s8h2Ckipa4IlZSr9/tyP3scnKpYhiNxoIGYOiuaannPMPAVeqkfe+ EuJYqLN1OVtxLh9h4amQO0JGwywLsi1T+iSthy6t9NVd97ULMPSrEUvp0L6OxhNd64kMzite W9hbPastK8dgIsLbg==
IronPort-HdrOrdr: A9a23:SB+BmaizISm26/UJ/+Gnly+pEXBQXzB13DAbv31ZSRFFG/FwyP rAoB1L73PJYWgqNU3I+ergBEDyewK7yXcT2/hsAV7CZniahILMFu9fBOTZsljd8kHFh5VgPO JbAtJD4b7LfClHZKTBkWuF+r8bqbHtmsDY5ts2jU0dNT2CA5sQkTuRYTzrdXGeKjM2fKbRWK Dsgvau8FGbCAsqh4mAdzA4dtmGg+eOuIPtYBYACRJiwA6SjQmw4Lq/NxSDxB8RXx5G3L9nqA H+4kfEz5Tml8v+5g7X1mfV4ZgTsNz9yuFbDMjJrsQOMD3jhiuheYwkcbyfuzIepv2p9T8R4Z HxiiZlG/42x2Laf2mzrxeo8w780Aw243un8lOciWuLm72MeBsKT+56wa5JeBrQ7EQt+Ptm1r hQ4m6fv51LSTvdgSXU/bHzJl1Xv3vxhUBnvf8YjnRZX4dbQqRWt5Yj8ERcF4pFND7m6bogDP JlAKjnlbtrmGuhHj7kV1RUsZ2RtixZJGbHfqFCgL3e79FupgE386NCr/Zv3Uvp9/oGOux5Dq r/Q+ZVfYp1P70rhJJGdZc8qPSMex/wqDL3QRWvyAfcZdc60jT22tvK3Ik=
X-Talos-CUID: 9a23:U82kVGFEpKxPw67DqmI4/nZJIfl0SkaD41TLMR68CUZ1drSaHAo=
X-Talos-MUID: 9a23:30cSPQ29D/UwGCEebs31Fz5V5jUj842XUkoIkbc8m8y0FTxKNmyUyzLrTdpy
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.04,242,1695679200"; d="scan'208";a="222258266"
Received: from 153-97-179-127.vm.c.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaF25.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Dec 2023 23:36:12 +0100
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Fri, 1 Dec 2023 23:36:12 +0100
Received: from DEU01-BE0-obe.outbound.protection.outlook.com (104.47.7.169) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28 via Frontend Transport; Fri, 1 Dec 2023 23:36:12 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FQr2NBC8fGbRntxIqYLbBg8VCk87HHoUZOZwe8KQKHw8qSQTO9bhaMzvhpqp7T7CZAcazck48qyUX/Znj4h/MBc2Z71Kqv2jVzSZFXnR93WdAHqz9vaNgZYdU72z3aUqF2j2XngMuL/y8KuMmMVQUCt5la18Kyw5GY/c8wBJAl1vLDbeHh8e7OudbvzpZ9t9lJgxjVPV09MPgjcvuWy+eLeOdAsF1vwBSgBdnXopezlMzaSeei8721s8iCm/QOygqs1kiHupuz2i/7PXkTGs3KdYpjaHrdeOjIIZlmMKhBuzXpIV5XJrQ/Sy1o/Nl5yl9Fu2fgvQHqPuaAfmnc94Ag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=knq+2InLAZ/hWiUujovc0kBt/qE8xW0bUaeBFSuAWQM=; b=hzO8QEcGXAEQnYNHKLJ4LLmfV3EX8uO+3l828yS//24sgbPWzTF6QWax3Cr04KxCiqEEJRNkqlV8VUGiRHc/W0erpv3ccyULiTYYkdAXlaA19jyD0J8sCm3i8l5yQC0fO9CTn493QN3bnVDGtKadGuXDT/WyDVVav86mf+nLpwRFDssvZTyhJWHsxLrYmDMl2zwYz6CTOlSQtfQ4ncWOXKpfKsqeLKXXgFvqSACjIcHzi7DnPsyyVMAYOvRFAfSYDHwkvIXW0JAs/nqqNJ37V7dBY6jV6Ajj31dUB7klHfcPhWNiRa4XS8Ne3kXiIdZIoySoG3SvpUzXZbU484RdaQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.fraunhofer.de; dmarc=pass action=none header.from=sit.fraunhofer.de; dkim=pass header.d=sit.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=knq+2InLAZ/hWiUujovc0kBt/qE8xW0bUaeBFSuAWQM=; b=ju/rQLLcMrW5hsTrodzKkzHR64xtjYYWDdV5lz6JWxazl1OqxwFGFlGRiFmFhchQM6sby+hQGm2LFLPGpLTp3ntKnVZtrZ9Q8VdIKhjW3pXjjxt4xT/DmjEP0Hr24fWqNkqHmJ9w78Zp4QZIeGLscIBrsSPqutKkwl6TxMuQROs=
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8) by FR3P281MB1773.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:7d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7046.27; Fri, 1 Dec 2023 22:36:11 +0000
Received: from FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::a3df:349f:8d92:1d7f]) by FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM ([fe80::a3df:349f:8d92:1d7f%4]) with mapi id 15.20.7046.027; Fri, 1 Dec 2023 22:36:11 +0000
Message-ID: <ad716d6f-2911-dbcb-e457-c4eaba18a3f7@sit.fraunhofer.de>
Date: Fri, 01 Dec 2023 23:36:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: "Tschofenig, Hannes" <hannes.tschofenig=40siemens.com@dmarc.ietf.org>, rats <rats@ietf.org>
References: <AS8PR10MB7427EC7A44AC90D0D3CB642CEE83A@AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
In-Reply-To: <AS8PR10MB7427EC7A44AC90D0D3CB642CEE83A@AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: FR4P281CA0079.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:cd::9) To FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:4c::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: FR0P281MB2879:EE_|FR3P281MB1773:EE_
X-MS-Office365-Filtering-Correlation-Id: f68eabd0-2129-4463-7885-08dbf2bdeb02
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 3POrT0jcAWRBtRWJJOKeZXUzJm1r6iMeYWkUvV1WYj601aUnfDitlZc9MZ/2xL/RiOO5x0sKGRhWBnhzRtlmsuTzvIYfuF/1pAKdX6pefvTigwlALOBUNL+9VtdAdJzvX9umB1III4k30bBvZLP/9xqWPs4jrqfmDVxbA3SHwxR7y6XxD8Gw1nVa0+qyFVT6xUPWKT4mjhL4HDgzvQAhsUOOczJVwnSGI4NGSMIBszfcHjJ4Vo0fpo8I3VzHVrvS5wrjgSrfe7biRRuk+kNFAjJE1HCc/4bUj2KdkvFPSbACAC649Le03eu0mxLPMG5vyY7mhrWYVRNl9WHYxpbL4kuoAgzeeBEYHq0Esxw8YaOSAY3+s9bikeda3cRXkKZW1Qs89c+KbHHD/1Gyc7CKNH2DRHvD4CY7t2GANwGDdc6a8cA1OGjdiOBepOQtBm5/Dhz2CNvWeK6G/z0rqUzSfZAAU7dKNUDXe8HiLTQBjvrY9dfg0IZBOO22yNKqca3hZe7XCLwEJTS02BZ5oN6PlRFw0QbNHVjxqeg0oK1tID4DIT55WaMjnIAvsnXPHZO6c9ddYg3VbAIO0QOIof5IiAhUttE+jeB48QeK3FKqpT7/dkknQGF0xIyatxhZQIWE6EJhM5sLny35sqlLjHir62UcsNr+EPBjus9HmUtew0RKRpfgM35bQYhBVLOwBA5Y
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(39860400002)(366004)(376002)(346002)(396003)(136003)(230922051799003)(1800799012)(64100799003)(186009)(451199024)(86362001)(53546011)(83380400001)(2616005)(6512007)(6506007)(44832011)(5660300002)(8676002)(8936002)(41300700001)(2906002)(6486002)(966005)(478600001)(110136005)(316002)(66556008)(66946007)(66476007)(31696002)(38100700002)(26005)(82960400001)(31686004)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: qKTnVA8nTPwjvop08cy9omESM5ZxZKP+QIt88iYIiYbbXMt8xSOGYFbQTGteWiUW26GVU0ohPxUaFv/u8LUDdDxpEZhjqNcSKRouzOCBa1VFYiRTzjexk8jEPUWHXtBivPKQhkRkxaj3alQOJRZO63yg3NJDWBXVCBl/SgKKbBIAWuFEDO906y1ECqA6DxDKWyFOqEVajX2gFcQCTBfJk2mwqfxytoKpUbMmbeXeXY7dosimCvnIzxpexBMggwV5dMvFJ0sC3M0cqa5LU9ByYlXI9m2R+8ZqzTw9cdvjpcPGWwwtajxdaL0gu/9/DHBzPds+RD6t9MlSfB2TeXlJte2Dw+hgdr9iuSjrxtg0dMd3RqL/leEObnRSWYufeCiPPZDg0368eDbkzdsII4upIIiYPlU1Ym04pjg3wkpEKyugHldqYuABi8FpQLAFYK6KUbCnUUzToRSF75Jcz5f6vfOTR2OW6uyrVVvfUgtNZ/amoJB7zduAz/V2V12xIxFEl8lqlUqFLGXI5QE3b76KRH18Jr6+UnerMgElUMqv2YvtRKKbylx2jUS2NgTZjMTYJa72aUyBXfB0puJF+BmtsNVZXWoQAxOYz3/gJ74/RAHdlcwtMZBmy3oxJJNkBiYEOhN3oMm1mYGb511PjECv3wyhCOhs+dWepdAHS6OmcSYkLYNfG9hL20uFi9EEAHo9FC8U75CnU6Xs8Ww7eyuIjaTLSsoRgym4QvUbIE05/qWSEztSQk6vTPJUVDdzm25cFe6S8SDdUxdNauZHqi09ODyZUQnr9TnOcb1U1+F+TcMF4H+uVXce9nrvo/k4/fC5SGxJm1vsueW0OKzUCZM7sgF8bDtPIXcetBGMyULvXia606got/A0WlUHA6J2JdY4ok+jInwxOJHtpkuLQrxph9LPhuSqzreDl+p7vx+sX+m0TDvl1lSJp5I4LkVqmnJHamSr0FcUwD/Iay8F8FZpH1AL/9te6LCPsKE/itjloZ82bwm88/S20UES/HwAEd80KBf97mpN/mZomBlpAPoJpRf7euQguEn7GGdWul635R31gTnM1eaQc9g6PiaGptnS2I4xYDPxCYAF2C2aQHrHkvmdXjinEIYvlTuhhW8a5fM7Cuxl60HuCwF43EnZ4adK3E8emRgH/evPqq0hmcPHFouGP+SpkSSHEg2QTRQHiN+jPv6WqnTDMid8mYXP/zbEdBzQ0ayy8m9WG0BsrymKzAQ13aefQ5IhF3Inek/CpRL+r3AePVXc+DdGYk/8MOhV1i+/DvVHrrwG0F0FNyvMXUtFPxdgWb2XpM9iWNDoB8EO5sklCYb4MHsbdCUvaDy+HnS2vxXDQhuAuX1pmlmFUYW8RGU9Jo29ASlFHXSpoJTczm1Yh/TR3cKiqlE81349CCJ+JIdyRVR4VovZgWPXwOn3U5G7H5IIRhdBTJuzc7tITmCON22q087QErySy4IiFPth7a8QWIo7kEFjo01TRyIgEBUs0q07ltYARDrbcJ41alrzLkj81KsomWitrdUG/CaxU7c6/eCdQBwZtEDEJJymBsQ45MAl+XInBtu4T1POjmfUz2BwQxLdXnh10Lae6ayPVcEYjoUWYIyAkEEl0h0LxR5gno3J4Y/Rj1SXeek=
X-MS-Exchange-CrossTenant-Network-Message-Id: f68eabd0-2129-4463-7885-08dbf2bdeb02
X-MS-Exchange-CrossTenant-AuthSource: FR0P281MB2879.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Dec 2023 22:36:10.9773 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Q0Q6M3Q60xGZ4kl8SQw5djTQaPDSg05gQOJsNhuGRwOUUKgU+Pb5dZscv67lVS9h0Rl0NfzCwBJgS+htfSTT2NIGjg1z5xnsAQoRK3nrncc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: FR3P281MB1773
X-OriginatorOrg: sit.fraunhofer.de
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/YnjVfw3We3eIMKmtIT6quJQiD1U>
Subject: Re: [Rats] Review of <draft-ietf-rats-reference-interaction-models>
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Dec 2023 22:36:49 -0000

Hi Hannes,

jumping directly to your questions!

1.) The term nonce was not renamed. The extra-data value used in 
challenge-response interactions (used both as proof of freshness and 
proof of recentness at the same time) is a nonce, yes. But at the same 
in other interaction models, the extra-data value is used by multiple 
entities at the same time: it cannot technically be a nonce, but would 
be an implementation of the EpochID concept. To be uniform across all 
interaction models in this I-D, in early stages the auhtors decided to 
use a "superset-term" for both nonce and EpochID. Please note that 
EpochID also is a name for a conceptual information element and not an 
implementation name, such as nonce.

Maybe the definition of handle should be clearer: handle is a superset 
of specific extra-data that typically is a nonce and or some 
implementation of EpochID (e.g., Epoch Markers).

2.) The availability of the "knowledge of Claims to ask for" is pretty 
usage scenario specific. In your assumption, that knowledge is unlikely 
to be available, but that it not true for all usage scenarios. 
https://www.ietf.org/archive/id/draft-ietf-rats-reference-interaction-models-08.html#section-7.1 
highlights that Claim Selection is not a mandatory thing.

Maybe omission of Claim Selection should result in "an Attester's 
choice" (e.g., per-configured) of Claims to include in Evidence - in 
contrast to the current "by default all Claims that are known and 
available on the Attester MUST be used"?

3.) The availability of the "knowledge about authentication secret
ids" is also pretty usage scenario specific. In your assumption, that 
knowledge is unlikely to be available, but that again is not true for 
all usage scenarios.

Having said that, "Attestation Key ID" is way more precise and we agree 
that it is a much better term. There are of course scenarios where 
multiple Attesting Environments with individual Attestation Key IDs 
exist (see 
https://www.rfc-editor.org/rfc/rfc9334.html#name-composite-device).

What the I-D is currently lacking is better support for usage scenarios 
where the Attestation Key ID is/are unknown. In these cases, available 
Attestation Key IDs could be requested alongside potential Endorsements 
cached by the Attester. Alas, simply requesting Attestation Key IDs from 
Attesters without any kind of authentication seems to open a few attack 
vector, such as linkability or tractability, right?

Maybe we should add corresponding text to the SecConSec?

@Hannes, based on the outcome of this thread, if you could provide us 
with proposals in the form of PRs that would be great!


Viele Grüße,

Henk for all editors

On 29.11.23 17:45, Tschofenig, Hannes wrote:
> Hi all,
> 
> I have read through <draft-ietf-rats-reference-interaction-models> and 
> have a few questions.
> 
> At the core, the document tries to define information elements that are 
> supposed to be used by a Verifier to ask an Attester for Evidence.
> 
> In the request from the Verifier to the Attester, the following 
> information elements are mandatory:
> 
>   * Authentication secret ids
>   * Handle
>   * Claim Selection
> 
> None of these terms are defined in the RATS architecture document. The 
> claim selection is supposed to give the Verifier a chance to tell the 
> Attester what claims to return in the Evidence. The Handle corresponds 
> to the freshness mechanism used (such as a nonce) and the authentication 
> secret id allows the Verifier to tell the Attester what keys to use to 
> sign the Evidence.
> 
> A couple of questions arise:
> 
>  1. Why has the nonce term been renamed to handle?
> 
>  2. How should the Verifier know what Claims to ask for given that it is
>     not likely to know what attestation technology the Verifier
>     supports? The model assumes that the Attester is so flexible to
>     report a subset of the claims and the Verifier also needs to be
>     flexible to know that a certain subset of claims make sense from a
>     processing point of view. Is flexibility really a good approach here?
> 
>  3. How does the Verifier know what values for the authentication secret
>     ids to convey to the Attester given that it is not likely to know
>     upfront what attestation keys the attester will have stored? Do you
>     expect the Attester to have many different Attestation Keys to
>     choose from? Why is the term “Authentication Secret ID” used instead
>     of “Attestation Key ID” or something along those lines?
> 
> The authors seem to make a number of assumptions that need further 
> explanation.
> 
> Ciao
> 
> Hannes
> 
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email