IETF Logo Mail Archive

Re: [Rats] [Last-Call] Intdir telechat review of draft-ietf-rats-eat-21

"Smith, Ned" <ned.smith@intel.com> Tue, 05 September 2023 20:10 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7651C15199D; Tue, 5 Sep 2023 13:10:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8Hn0RU_kAEdK; Tue, 5 Sep 2023 13:10:40 -0700 (PDT)
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F967C15198B; Tue, 5 Sep 2023 13:10:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1693944640; x=1725480640; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ObQ5LryNvfBM6TQlwa3NnYB+K/Kf7eJ9w2RcbZrwgO0=; b=EjrJg6qmsRFeYtgbfzWjj/0p0wvjHZvwI2GNZ+ws/keoq3BcQRCSalp5 jszd/VsVbbNRRYhTJKYtIvLgbNFY4vPoM+MODRd66tKl0deJD4GBjieIM 0AViNP4E72HlSI9EDkGWh7d6wK2zWA//Qmp+wbVovRGs60jL5L8iB+/AF Vvq3hf5gL72JcGNZl6gdOa/6zrh68weyhPt0/zIECsNnfjjGRv1Ntk2ED 1NGO8wjOCYTf2qhxFZ5QQd67LsjMdW8Wdg4kD7jXSn69PBdjXAklpcWS/ wZaSPEJNnyS2b/waVtkW3WCNiYUousbwDwJl2laYJ2a5j1DYy0JC8wJdm A==;
X-IronPort-AV: E=McAfee;i="6600,9927,10824"; a="443282460"
X-IronPort-AV: E=Sophos;i="6.02,229,1688454000"; d="scan'208,217";a="443282460"
Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Sep 2023 13:10:39 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10824"; a="831378033"
X-IronPort-AV: E=Sophos;i="6.02,229,1688454000"; d="scan'208,217";a="831378033"
Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by FMSMGA003.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 05 Sep 2023 13:10:38 -0700
Received: from orsmsx602.amr.corp.intel.com (10.22.229.15) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Tue, 5 Sep 2023 13:10:38 -0700
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Tue, 5 Sep 2023 13:10:38 -0700
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.171) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.27; Tue, 5 Sep 2023 13:10:37 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fmz2PgLiJXOFvubXBFVswl32cH9kjJeMc+ECnzCyQUWatzbsJho/qH6mNcRVqBFLzGQFrCjHNwzW0YTVxKX14F593OYdkyIYyvCX/7qz24OValI0OElVIQR71H6HZ/eCGHl7ZtoufCaMw3RZsWr1ErQtZzrAH3cpULKDnIJ51B1McLWuB4uFtDi0Mgzoajx/WMMd94UEamhtmRh27Zgwj0qg+9/jKByoW2xEA1UHsnE8VMug3m5O1Ri9cNiJBD9XTgwyM90je7DZ8R533/0RpMXBY3JO8zIqvyiTSO4Yb48cykEVSwiKYigHTlVbA0ccTbYnUgteOEX2f1GIeiASfQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ObQ5LryNvfBM6TQlwa3NnYB+K/Kf7eJ9w2RcbZrwgO0=; b=lW2lpRw7xM6MKRU8ssk6NXg4KT2dTURG4a62KI7/UYSrscnP+QhmXrGaXdcHogrkjXIXeacJkrzQ8VExaL5GMUKBx/JnO5Q2RsRmI96n3NaYhLYuZgtvnMSn5KO8VA7KEsBUNN7ZJECf6mdbOIEoeP1G4FQFRL7h5I99gJek0YNaYbLRBz29H1bLFv3Q0reo8gLXoDzKe31F1bZJSgt24KNKYj2g1ojqpoQjE06sfClmjhwvo02wLjXHhckY+y7BaF58ihUNKjWGvGQknZThW3VVxQ4uxZymEAGFoJ4+LlHuVS+ukHikOvsAaXoIJ/7YLNr4gVr1XNPvEFHKaFggJQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by PH7PR11MB7480.namprd11.prod.outlook.com (2603:10b6:510:268::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.32; Tue, 5 Sep 2023 20:10:35 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5fb6:7200:97a4:b7e9]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::5fb6:7200:97a4:b7e9%7]) with mapi id 15.20.6745.030; Tue, 5 Sep 2023 20:10:35 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: "lgl island-resort.com" <lgl@island-resort.com>, Haoyu Song <haoyu.song@futurewei.com>
CC: "int-dir@ietf.org" <int-dir@ietf.org>, "draft-ietf-rats-eat.all@ietf.org" <draft-ietf-rats-eat.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Last-Call] Intdir telechat review of draft-ietf-rats-eat-21
Thread-Index: AQHZ4CeUP0+M3ZzFfUOEUZX8O7deXLAMpqGA//+NxoA=
Date: Tue, 05 Sep 2023 20:10:35 +0000
Message-ID: <C5B396EE-2B95-454A-B4D0-B2EB03A44D78@intel.com>
References: <169393884613.30037.10568711888766281@ietfa.amsl.com> <8F0B7E08-9524-41D5-8922-3E8B8F4A8E47@island-resort.com>
In-Reply-To: <8F0B7E08-9524-41D5-8922-3E8B8F4A8E47@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.76.23082700
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO1PR11MB5169:EE_|PH7PR11MB7480:EE_
x-ms-office365-filtering-correlation-id: 10588533-80c9-47b1-df21-08dbae4c2a76
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: lb6utpC1h5bW6n3YVnls5wc2DkXf1ofMdqd8xqVGOdc/7D2T1OfkUVqKH7TT5aGchQW545j7fplRvaqTccxL7gfYVqoBMST2amxnBq3F8nDBXOMNGL4/9wAhvGav/xC2n2r2tnPSddfRUiQ0ZlavOGxw3xOwceOd/w/QKUM57HGhBPWvYOCtIgSg6xHAclm0K06z4Nkuni50Vgz+VX8UJzsanWjVAvjMIVWCnmX1fe2fEXrghrElp9eO3G0Fa0GpE8S7+Iya1h3fUWOtCaNi5RVEjr3rb5atSKbcS5utqBEOX0L/m8VwaWsNiwF0ic5jjGdBF51KIhTenYnjY6+MZPQU++zizJ8G6dDt9mhsDCXP5Sedyqwvq40pZxbreEkjqP2IbbIQcmy0VoiZqJ+85C7XRVTZ5xHZm8SRPBIK5Uh7Yny+qYhQavuAYNG8My2qLmP0Io6TyKpmT7zRE1+1RTH9/Du0g+ORCLjjnAwhzH8VgCHi8fKUrJK64kTHj4AC/4CgmI+T0Zzqzl2XkSM4PckJCdrt+VVDVu7bMNBgE+pSmd5+eE0Fzjftqnsjw/CHuSr6D5dJ9fWkzPMhlETzRTpNdVyePjFcgYYxp4vpA4/uvllbNV5rjb1oH4dBwPamOuJChvH6w/6+eMD5hBvgt9SYSqRy4DWSLdt7vX3ocQfMjd9Clg+CO57+JDE2iX5w
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(396003)(376002)(366004)(346002)(39860400002)(451199024)(1800799009)(186009)(66574015)(8676002)(4326008)(26005)(8936002)(166002)(71200400001)(83380400001)(2616005)(5660300002)(6486002)(53546011)(41300700001)(6506007)(110136005)(54906003)(66446008)(64756008)(66476007)(66946007)(66556008)(38100700002)(82960400001)(6512007)(33656002)(316002)(38070700005)(86362001)(478600001)(76116006)(966005)(36756003)(2906002)(122000001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: uQCoQtK4MF7mddVonI80N8nOepSNDlh3P64xGr7ZuRWZ15Q07ipHyB+r0lRBtKPs89fozsC8iBoeAMjtG5FsiCAyGQuwvMMoKtl7vL9eO8C7bJrWem3Xvvs0TeedwOjxNFv7ds2hhUt+XOySQ2U07ooJPkLd12Qu2M0yOoDWZpZsK7vRDiu+2zF11QOZxV2Hp4vxOVv/Mx+rgczRSK4srgvPkvEMlFkuu+uxcSwjwCy3WZiyHxy+cSsf+CfgkjJMFimc7I9AdGI2Wmd/XRvmESY1nU+3mD7mxCyF0D4FtSmv4fiLNdfx4Y6bcWlczHvgKw5BDvRcAbax4Tm4SuY/puQaj4QcSk0mkHkHrXuY97ClAWmKczlSBVE1SB+dRmv+cEwzrduX+aju4C2JT43hPOmEbVGodGSWA+XKwfa+LAV91pajNL5UnyW0LIfFdJCeU1vdDzofIaZLUxPZyQzIvTKjYodXZzJ5XHt8t8erO4XfuOyCgpHdjfEToUd2Me+Xy5LbJmSHnIsAsf1ZOiK/D/OPFlWhwqdxGpB5dpMFz+VvQ82lkhauSyybqJ5nm+MBSKGXAtVqF7NgVWE4J9v4yF9jomIak1x4Cr5f4spR+9zJ8S/NcvbBbcyJCvzP0gQx0+74ETAQjWM1XAaj6Vh/j0spVkj6394+LEgSsJbY69qe6Z0/u+39WFsFDKiUSEK8jyot4yP21/17RWpau9Yng2rtywMofll3yI3xqoKLdBR02M8GDEjAPEFJCsAHZLGH8EUot54UomNSIpD81wh2GNEynyVSB4674Q90fRQ3tFBNT/OlqBQoKbcGIdtTct6yQl2Mu56eH+PIk2uazpksOAMht4jwcrIQ1UGG4uf806DJ/Abxkd4+SE557CzT6shxC1tbiK0dJLIErN1Y8dWMt4G2HsuLFXzwPXi7UrrTlOvK1J7o4VynNSkQechgqi01SI2u+W2+WyAZCdLbEz+4rCq27WL2OSXBGQSZ6XeofaD6F+P/mAYF4ChfDX8RBcgtCeCCkM3lIGIg7MaczvSQRU2w7BWLqt4fmdDvz+m41S+NzB50tJU/OHSf8/z3b7v2AFX8YxLdmxs/n7+qnvMGlhBgOGVB91SwAJ9BypE3HZ2c+utrrD5EXaX6mbHqLk9gPzcUcBfo0bC5x/q2mNTRp3rek8roHDxTQHEv/gXeI9mlBYIgtAGGm8rlpe45Kxw2vsmn6+QTUcKEyukaHBc2Nd9BbeITJY8UJfTWmId2/yQqTVDF5dtfTFCYDtH5Gn0s658BUo1wVOhxcwNIQOL0crd+HI7FYELIiy903QHwollnRa2yW61byFkVboW6uT68Ri6YZ5FKsjM3zw+jB/N71o90hXeNwxFXjWrZsLxpissl9HSz2gUIKywf7WzM0QC/BtHoIJb/wlDXov+wGUVWZgFXjtzsdYX50tANlIQW029s8fbFVmXAZQhgdGLnxArzQD0x5meQxErcwuWZu3Yn0JhgBIGToDkrxo7e6EyQPwfgHIsaAaB26v7yj1Umcga7ATHqkV6scaBhwcZmN8tnQudEQ4oR03DGMP7x6FJr63WKvf4wgbDBNeAJDmevdcoZiUqxIVNCnDRnAIZZoKmQew==
Content-Type: multipart/alternative; boundary="_000_C5B396EE2B95454AB4D0B2EB03A44D78intelcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 10588533-80c9-47b1-df21-08dbae4c2a76
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Sep 2023 20:10:35.6004 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 1+J4ZCk4kpPq5xkdZkJD/ouyVo05o3cnQlI1Ve+CX9vBpvB8LlgmL9QXRGjZh1x2NU74N2QsQBlWb7O/o/7uSQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB7480
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/_3gBnBM-enNK9asJQ0DOwl4rp4c>
Subject: Re: [Rats] [Last-Call] Intdir telechat review of draft-ietf-rats-eat-21
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2023 20:10:44 -0000

> Acronyms should be spelled out on first use
+1

From: "lgl island-resort.com" <lgl@island-resort.com>
Date: Tuesday, September 5, 2023 at 1:05 PM
To: Haoyu Song <haoyu.song@futurewei.com>
Cc: "int-dir@ietf.org" <int-dir@ietf.org>, "draft-ietf-rats-eat.all@ietf.org" <draft-ietf-rats-eat.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "rats@ietf.org" <rats@ietf.org>
Subject: Re: [Last-Call] Intdir telechat review of draft-ietf-rats-eat-21
Resent-From: <alias-bounces@ietf.org>
Resent-To: <carl@redhoundsoftware.com>, <mandyam@qti.qualcomm.com>, Nancy Cam-Winget <ncamwing@cisco.com>, <lgl@securitytheory.com>, <rdd@cert.org>, <ned.smith@intel.com>, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, <jodonogh@qti.qualcomm.com>, <paul.wouters@aiven.io>
Resent-Date: Tuesday, September 5, 2023 at 1:02 PM

Hi Haoyu,

Quick questions / answers below. Others to follow.

LL



On Sep 5, 2023, at 11:34 AM, Haoyu Song via Datatracker <noreply@ietf.org> wrote:

Reviewer: Haoyu Song
Review result: Ready with Issues

This review is done as requested by the Internet Area Directorate. Document
editors and WG chairs should treat these comments just like any other last-call
comments.

The document needs an introduction or references to the background and related
work pertaining to the problem domain. Without understanding the status quo and
the state-of-the-art solutions, it’s difficult to evaluate what the proposed
framework has improved and the value of it compared to the existing solutions.

Was the RATS architecture document, RFC 9334<https://datatracker.ietf.org/doc/html/rfc9334>, insufficient for the background you were seeking? It is referenced early in the document to provide this background.



More than 30% of the document content is in the appendix. Are these topics
considered non-essential and can be ignored? How do the authors plan to treat
these materials in the published RFC?

We put the appendices in so they will be published with the document. We think they are all useful. Note that RFC 8446, TLS 1.3 has a similar proportion.


P8 “The claims set includes a nonce or some other means to assure freshness.”
Should these means be explained in more detail? The concept and mechanisms are
not obvious to readers.

The document supplies a set of claims and profiles for EAT. As long as EAT is
motivated as necessary in real use cases, I don’t see a reason to block the
advance of this document.

Some editorial suggestions:
Acronyms should be spelled out on first use. It’s better to also provide
references. This applies to all the acronyms throughout the draft (e.g., TEE,
CDDL, COSE, JOSE, ...)

P9 “For example, measurements in evidence may be compared to reference values
[and?] the results of which are represented as a simple pass/fail in
attestation results.”



--
last-call mailing list
last-call@ietf.org
https://www.ietf.org/mailman/listinfo/last-call

v2.23.0 | Report a Bug | By Email