Re: [Rats] Use case -> architecture document

Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Wed, 09 October 2019 14:50 UTC

Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40243120110 for <rats@ietfa.amsl.com>; Wed, 9 Oct 2019 07:50:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GQy8OyaVYuxS for <rats@ietfa.amsl.com>; Wed, 9 Oct 2019 07:50:11 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on0606.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::606]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 941E41200E0 for <rats@ietf.org>; Wed, 9 Oct 2019 07:50:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S7iy9Q/dTzZH+vdT5MukZQ46YxEuF1OGFN1m8EiFIOBISNO6OgCbotDaPhkiwPk1GHef3DCpLKeHugidQYjvjK/4AghKPmpHQWwb7WKzX+yixfiHsllhBZRoEDUzetpRX0ENoBbMLlL3Fd9HWWGGeGR/F1djTrOdNGuFTuToRZ5b+L4gcbUGjzyVFJp4z73ErLlvirrSZiMYjHfOqUNqCz25dToIofPKxxHUtS3xj9NgXGl8MVnxHc791UqC4jYT6ZGKfHOR3defLPQWe1bjg6NbwH19DiIu8tGIo5r1grj+exLoKViN6EEKVkNBwufEYVDrDn5lD3/hp86Dq+Am1Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F2lrFdbTB1bVLNpBD0NAJjhY7FbRvubPgKUXyUnALMQ=; b=J1TPJKN6NEKxHYjeC+N/wKbPb6Sy5iSgFekMniexxqW+1fhc6Tm17KIrzRM5kJfPtqTBRZGxzE6AKZe6+NKMJrTAtwBAy6Z/HxUtYhTBF1LQgh8Wh+T0VU3pnOZ5R4IzYR/M1psix2tOGbbp4Foy0NGoxZPgKPi/5ndBc4MijSluTJW+jGdeCiuwhNHctzr5qCrUEgw5GOohkU6w6+/O7TY3E7dj2UbmFYQne/pO3RGnj6QuAAc/OMhqvn/lnVP7UOde99VELaeoT7PShLtbmFZ4bjnLLkarQpFPNBFMdWzH+pQcLEDVCVDMzqrrX9ZtopfUwZjTjGm7ttWGPeVq/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F2lrFdbTB1bVLNpBD0NAJjhY7FbRvubPgKUXyUnALMQ=; b=jgkTgDzIT88Toz3+N1GycagW5mawt2wC0sGn778bJS2BauuqFBtCMeyMlaLXjn/0pgPqkry5mxe/9ot4mijBe0NRnYRkw1kQzxVHWIXaf+dcaZltQW5s3fFFVjrsqJu47AfQwofKTbitWpoTlBwz5SjTgHDB+2lqTXs/jKGK4zE=
Received: from AM4P190MB0179.EURP190.PROD.OUTLOOK.COM (10.172.220.12) by AM4P190MB0097.EURP190.PROD.OUTLOOK.COM (10.172.219.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.16; Wed, 9 Oct 2019 14:50:07 +0000
Received: from AM4P190MB0179.EURP190.PROD.OUTLOOK.COM ([fe80::e1ed:15cb:ad74:db5c]) by AM4P190MB0179.EURP190.PROD.OUTLOOK.COM ([fe80::e1ed:15cb:ad74:db5c%7]) with mapi id 15.20.2327.026; Wed, 9 Oct 2019 14:50:07 +0000
From: =?utf-8?B?U2Now7Zud8OkbGRlciwgSsO8cmdlbg==?= <J.Schoenwaelder@jacobs-university.de>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
CC: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Use case -> architecture document
Thread-Index: AQHVfpUtedcuT2wbS0SCyHTQ7+elcqdSM9uAgAAwqAA=
Date: Wed, 9 Oct 2019 14:50:07 +0000
Message-ID: <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de>
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <CAHbuEH7WkqeyUW3sL5bdw5N25B6O7ZEF0Qkx03fE5c42Sd4M5w@mail.gmail.com> <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de>
In-Reply-To: <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de>
Reply-To: =?utf-8?B?U2Now7Zud8OkbGRlciwgSsO8cmdlbg==?= <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: AM0PR0102CA0066.eurprd01.prod.exchangelabs.com (2603:10a6:208::43) To AM4P190MB0179.EURP190.PROD.OUTLOOK.COM (2603:10a6:200:63::12)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0349be09-8fe8-42a8-4aaf-08d74cc7f9b1
x-ms-traffictypediagnostic: AM4P190MB0097:
x-ms-exchange-purlcount: 2
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM4P190MB0097B20736206A45FC867FF2DE950@AM4P190MB0097.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 018577E36E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(376002)(346002)(366004)(39850400004)(396003)(199004)(189003)(478600001)(1076003)(7736002)(786003)(4326008)(316002)(2906002)(25786009)(8936002)(6486002)(81166006)(14454004)(229853002)(81156014)(76176011)(52116002)(46003)(486006)(8676002)(66574012)(966005)(6116002)(6436002)(71200400001)(71190400001)(6246003)(99286004)(86362001)(3450700001)(446003)(54906003)(256004)(5024004)(43066004)(85202003)(11346002)(14444005)(85182001)(476003)(66476007)(66946007)(186003)(66446008)(66556008)(64756008)(305945005)(6512007)(5660300002)(6916009)(386003)(6506007)(6306002)(102836004)(53546011)(777600001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4P190MB0097; H:AM4P190MB0179.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tgRMhXrNgyqhLFP5ydflo3IMGjadXz3cNSvJMnoToa/92p3qThx9Mxzknxg3YedLBf5XKafWSkBmS6mkae7odn1Qtx817P+WQIzsP/acuYacI0z31IEsIxvAWzMM2exQ3kKztAUSOwbi2fvYAasauaxztYxDLtxPf6uOjW5rbXXkpS7KS+5hckPF/6+QgqMM7pEMHhxf7CQXmhuhQCx9quPDCoc8pKvsbjGpsWP9KGMuBXhnAvoIHBdSOtvxAS2pdK5VmH3KffjtXW6BP7qWiOPynLivaXEfuMSAuKBSV+fEpVKbdkAJdHu2SULgMs3gMiQ/l7+uyRmS12xEiUfgx0UpDEXRxIAY7cif0HiCxRibraEMPnWoM9KiCvBjNLWinnWwJWX1fEZ3YJhfJPCngY1tyXhXBUol7+08cgwnKq4IfgTofyXlh2n2tgKtEOv9IJcMgER7ACeaVY/O+MAKhA==
Content-Type: text/plain; charset="utf-8"
Content-ID: <D37AA85516E4714C878D062217486268@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 0349be09-8fe8-42a8-4aaf-08d74cc7f9b1
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Oct 2019 14:50:07.0231 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Rcus20EYAeDQmgz5vrJ9HH43jvGW/+4Bxv51hD5ePdWAIRW4Uu08O2Mbq/C2CB1JW2oOEd41uarZriTy6Ipc3aaqratsy29l2itdcT2E2AM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4P190MB0097
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/_akH6T_w9wR_1Q9tXDSod2l29gs>
Subject: Re: [Rats] Use case -> architecture document
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 14:50:15 -0000

Hi,

I did also look at the use cases document (I think -04) after going
through the architecture document and I must admit that I did not find
it too helpful to understand things better. I did not see anything
architectural in there either. I guess I will read the teep
architecture next and perhaps that helps me to get a better clue.

For people like me who are not deep into this technology yet, getting
used to the rather specific terminology and concepts is a certainly a
learning effort and I think the architecture document was on its way
to get terms well defined and sorted out. Some more examples or
explanations may help the reader further and I believe this can be
achieved.

/js

On Wed, Oct 09, 2019 at 01:55:57PM +0200, Henk Birkholz wrote:
> Hi Kathleen,
> hi list,
> 
> it would help everybody, if you could explicitly highlight what the exact
> issues wrt readability in the current architecture I-D are - always in
> comparison with the use-case I-D, if it is doing a better job in that part?
> 
> Jürgen provided a good example of what he found confusing as a first time
> reader - and that was really helpful and is resulting in ongoing work.
> 
> Please mind, not everything is fleshed out in the architecture (e.g. the
> workflows derived from the use-cases). The plan was to aim for a stable
> nucleus, address the issues raised by the list, go through adoption, and
> finish the document via the issue tracker in a structured process.
> 
> In summary, without an actual understanding why you (or others!) think the
> document is still hard to read, there is no way of compare readability later
> on also. It would be really good to get more precise feedback on that.
> 
> Viele Grüße,
> 
> Henk
> 
> 
> 
> 
> On 09.10.19 13:31, Kathleen Moriarty wrote:
> > Hi Frank,
> > 
> > Thank you for voicing your concern.  I think some may hold off until the
> > updates are provided, but please do voice your opinions.  I agree that
> > this work is too important and as such, readability is a high priority.
> > If you read through the TEEP and SUIT architecture drafts, they are
> > quite easy to follow and understand.  That is critical for wide spread
> > adoption.  We may be able to find a balance, but I think this exercise
> > may speed progress as we have not decided to adopt this draft yet as a
> > working group item.
> > 
> > As it stands, the use case document is not an architecture document, but
> > it could be shaped as such and I'd really like to see if we can do that
> > in short order to have a comparison prior to an adoption call.
> > 
> > Best regards,
> > Kathleen
> > 
> > On Wed, Oct 9, 2019 at 6:53 AM Xialiang (Frank, Network Standard &
> > Patent Dept) <frank.xialiang@huawei.com
> > <mailto:frank.xialiang@huawei.com>> wrote:
> > 
> >     Hi Kathleen,____
> > 
> >     __ __
> > 
> >     I am very concerned with this new direction and I strongly object.____
> > 
> >     __ __
> > 
> >     Current architecture draft goes through a lot discussions and
> >     reaches many consensus. Right now, it really helps IETF (Teep for
> >     example), FIDO, TCG and many others. The only issues are on
> >     readability, the standards track and the completeness (e.g.,
> >     passport and background check are still missing). It is an very good
> >     document and correct terminology is very important for remote
> >     attestation.____
> > 
> >     __ __
> > 
> >     About use cases document, Its goal is just to clarify a sample list
> >     of scenarios that remote attestation can apply to and then deduce
> >     the requirements and the following concrete protocol drafts. It is
> >     not fit to be an architecture.____
> > 
> >     __ __
> > 
> >     The current architecture is too important for telecom and network
> >     equipment vendors and service providers. I have strong doubts that
> >     current EAT and OTrPv2 alone is suitable for the (virtualized)
> >     network infrastructure situation.____
> > 
> >     __ __
> > 
> >     B.R.____
> > 
> >     Frank____
> > 
> >     ____
> > 
> >     __ __
> > 
> >     This e-mail and its attachments contain confidential information
> >     from HUAWEI, which is intended only for the person or entity whose
> >     address is listed above. Any use of the information contained herein
> >     in any way (including, but not limited to, total or partial
> >     disclosure, reproduction, or dissemination) by persons other than
> >     the intended recipient(s) is prohibited. If you receive this e-mail
> >     in error, please notify the sender by phone or email immediately and
> >     delete it!____
> > 
> >     __ __
> > 
> >     *发件人:*RATS [mailto:rats-bounces@ietf.org
> >     <mailto:rats-bounces@ietf.org>] *代表 *Kathleen Moriarty
> >     *发送时间:*2019年10月8日19:25
> >     *收件人:*rats@ietf.org <mailto:rats@ietf.org>
> >     *主题:*[Rats] Use case -> architecture document____
> > 
> >     __ __
> > 
> >     Hello!
> > 
> >     I read through the latest version of the ‘use case’ document
> >     yesterday and found it very easy to read and understand, meaning I
> >     think it is written well and could be easily understood by many
> >     without having to climb up a learning curve. ____
> > 
> >     __ __
> > 
> >     First, this could be a very useful document to register claims for
> >     the use cases.
> > 
> >     Second, if the workflow for the passport and background check were
> >     added and put in terms of the open trust protocol v2 from TEEP, we
> >     have a fairly nice architecture document that’s easy to read and may
> >     gain adoption.  The workflows cover the various interactions between
> >     roles and TEEP has actively broken up OTrP in v2 to
> >     accommodate using EAT tokens, this would help create that link and
> >     make it very clear.
> > 
> >     The other thing I like about the use case document and think we
> >     should expand on is the references to other work items.  This makes
> >     it an architecture document that maps out the full plan of the WG.
> > One like that was extremely well received by all the ADs that don’t
> >     like informational/helpful documents.
> > 
> >     I’m a bit nervous with the terminology being defined and would love
> >     to see something like this that’s simplified and more easily
> >     adoptable. ____
> > 
> >     __ __
> > 
> >     I appreciate the work done to improve the architecture document, but
> >     I do think the structure changes to the use case document as
> >     suggested could result in an easier to understand (and therefore
> >     easier to adopt) document.____
> > 
> >     __ __
> > 
> >     While the architecture document is more readable, I think we can do
> >     better.  Adoption is important and our timeliness matters a lot for
> >     this work.  EATs can be used for may use cases with OTrPv2, so let's
> >     keep it as simple as we can.
> > 
> >     Thoughts are appreciated.
> > 
> >     Best regards,
> >     Kathleen-- ____
> > 
> >     __ __
> > 
> >     Best regards,____
> > 
> >     Kathleen____
> > 
> > 
> > 
> > -- 
> > 
> > Best regards,
> > Kathleen
> > 
> > _______________________________________________
> > RATS mailing list
> > RATS@ietf.org
> > https://www.ietf.org/mailman/listinfo/rats
> > 
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>