Re: [Rats] Question about WG Procedure -- Re: 答复: Use case -> architecture document

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Wed, 16 October 2019 15:55 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CABB2120164 for <rats@ietfa.amsl.com>; Wed, 16 Oct 2019 08:55:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=SCsUWumX; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=W6y/cglQ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RZhM_f7IlYkw for <rats@ietfa.amsl.com>; Wed, 16 Oct 2019 08:55:47 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 381B7120120 for <rats@ietf.org>; Wed, 16 Oct 2019 08:55:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=60211; q=dns/txt; s=iport; t=1571241347; x=1572450947; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=Inecm9U9ieB5Jmij6FpQa2fzdYAStY9gU0fc2y9kBwE=; b=SCsUWumXok2GY/NLI3TfXXohn58zncrefWeym+um2zY+6hG2UQ5xPKuI 0lKnaschpwmES+RuXz6xm65bZFlB3KUT3RD7M6sG/83gy9V4FxVGaYrAM EVeMbKwwmF8jb/4LLI9N5qHjzye+sNAXNjF0PjoQc7uxc4/3ERwXzG3Uj 0=;
X-Files: image001.png : 15294
IronPort-PHdr: =?us-ascii?q?9a23=3AC4wvfhem63iqkV9urnUW/J50lGMj4e+mNxMJ6p?= =?us-ascii?q?chl7NFe7ii+JKnJkHE+PFxlwGQD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFn?= =?us-ascii?q?pnwd4TgxRmBceEDUPhK/u/aSczGdtDUlBN9HCgOk8TE8H7NBXf?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0D5AADgPKdd/4QNJK1mDgsBAQEBAQE?= =?us-ascii?q?BAQEBAQEBAQEBAREBAQEBAQEBAQEBAYF7gRwvKScFbFcgBAsqhCWDRwOKT02?= =?us-ascii?q?BaiWXfoFCgRADVAIHAQEBCQECAQEjCgIBAYRAAheCZCQ4EwIDCQEBBAEBAQI?= =?us-ascii?q?BBQRthS0MhUsBAQEBAwUBDBECAgYBEgEBKgEJBA8CAQYCDgMBAgEBAQYBAQE?= =?us-ascii?q?YAQYDAgICBRABDgwUAwMDCAIEAREBBggUgwABgkYDLgEOA5JtkGICgTiIYXV?= =?us-ascii?q?/M4J9AQEFgTQBE0GCfhiCEAcDBoE0hRWFW4EeGIF/JmsnDBOBTn4+gmEBAQM?= =?us-ascii?q?BgSoBCwYCAScWAQcGCYJYMoIKIop+gXMlgl2FOYESiB2FFoJkhg5uCoIihXQ?= =?us-ascii?q?BMWSOERuCOodPhCyLDYNEdYhFgTKIJJEYAgQCBAUCDgEBBYFpImdxcBU7KgG?= =?us-ascii?q?CDQEzUBAUgU8MFxUbVAECgkmFFIUEO3SBKY1NglQBAQ?=
X-IronPort-AV: E=Sophos;i="5.67,304,1566864000"; d="png'150?scan'150,208,217,150";a="426750800"
Received: from alln-core-10.cisco.com ([173.36.13.132]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 16 Oct 2019 15:55:45 +0000
Received: from XCH-ALN-018.cisco.com (xch-aln-018.cisco.com [173.36.7.28]) by alln-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id x9GFtjqS018046 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 16 Oct 2019 15:55:45 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-018.cisco.com (173.36.7.28) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 16 Oct 2019 10:55:44 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 16 Oct 2019 10:55:43 -0500
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 16 Oct 2019 10:55:43 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oalphppmwTNDfQRCNliJfscorO+RmSTrsKRqy23F/FR3+UEP8/DD0jyZcD81qZJHl431pQXsZfIAC9KqrVrctCMwjYjcAyIz8sxgKzP8JXKUkikyUfOL+K5WnQvsOV5Gwolbpu8ieOzjKzt+2rfACb/Ewi1l6Ww79qUkv21hNg7PT+ZYrnzOH7WRbTa1DFmSEPx8tN1BMlwHUJ2tE1IQpWBz+hirX07F6/1jJeCJy/5ZeipdixNER/ozAfuMOhiIX0fTU5P/QIksAH2/+BqiTuzHnartMTkfvHYtbz/VkQZnNmVGLr0/P5WrWf5T4r1fmW12nEzaOgOdh9g2pJE8Yg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8+7BJOlMKIBdKTHb9NB7ehG8dc7zhMnfNc/JGeIShKA=; b=fmTDJ9ixoXQyy3qN/LYAbwvTjG8hjgpMAFRVrWenv1QuyDeuDiNnv0dQmalwCcr31ZvibkNCRP4i2/BFfJ1vs05nkYYbO/bKzmIfKmX2mNWKocO59jL3n2AcRqk64Mv7H9mquypkP2XghzoiaqClooBsT3SAerwokQhsC9YDiOBMcIWIj5TdWW2Fn0yruIA+lQ5bBuQcyLKnxzQmVaixQOOYLZ+OyOtRkPzrIQOV9bXUYPy1qRnCn0+e4ZSQicoibGY88QBZN2eqLZb+niyRIvAdLPNV+HLQ4nz8quymwnWJXb78ZhWLbS1Q0YUKGkBbsWEcNSpE7yqOik0h2P3m1g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8+7BJOlMKIBdKTHb9NB7ehG8dc7zhMnfNc/JGeIShKA=; b=W6y/cglQE49aEhZ41buAUt/eGKhhUjR7/ecNAuQp/UaBbX5ILhSFBNOV/FgLE64bmAPlEiaMcpjuDYJ8iPCyZtSpBKaIASvB1zk1/gSrY/2yYV+1ql+8JpZcOfx7F+oBTkTvoMcPP6OedFmPDdwqkQwjJzltmSJOaOhpQMc0YEQ=
Received: from MWHPR11MB1791.namprd11.prod.outlook.com (10.175.53.138) by MWHPR11MB1871.namprd11.prod.outlook.com (10.175.54.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.16; Wed, 16 Oct 2019 15:55:42 +0000
Received: from MWHPR11MB1791.namprd11.prod.outlook.com ([fe80::9da4:e2c6:9050:68f7]) by MWHPR11MB1791.namprd11.prod.outlook.com ([fe80::9da4:e2c6:9050:68f7%5]) with mapi id 15.20.2347.023; Wed, 16 Oct 2019 15:55:42 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Roman Danyliw <rdd@cert.org>, Thomas Hardjono <hardjono@mit.edu>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: =?utf-8?B?W1JhdHNdICBRdWVzdGlvbiBhYm91dCBXRyBQcm9jZWR1cmUgLS0gUmU6ICA=?= =?utf-8?B?562U5aSNOiAgVXNlIGNhc2UgLT4gYXJjaGl0ZWN0dXJlIGRvY3VtZW50?=
Thread-Index: AQHVg5hQvRpQoWoT+U6y/fjuccraaKdc98aA
Date: Wed, 16 Oct 2019 15:55:42 +0000
Message-ID: <C8430918-B20B-40E5-8480-3C1D90F94B0E@cisco.com>
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <1571169312645.46550@mit.edu> <359EC4B99E040048A7131E0F4E113AFC01B3489497@marathon>
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFC01B3489497@marathon>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.e.190909
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ncamwing@cisco.com;
x-originating-ip: [2001:420:c0c8:1002::3ea]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5763ef0b-f6a9-44b4-3422-08d752514c7f
x-ms-traffictypediagnostic: MWHPR11MB1871:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <MWHPR11MB1871A92716A0185F429DFB1DD6920@MWHPR11MB1871.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0192E812EC
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(376002)(396003)(346002)(366004)(39860400002)(189003)(199004)(78114003)(76176011)(236005)(6512007)(33656002)(54896002)(7736002)(186003)(606006)(99286004)(8936002)(6486002)(25786009)(6506007)(2906002)(2501003)(53546011)(224303003)(229853002)(6306002)(733005)(6436002)(256004)(102836004)(11346002)(14444005)(5024004)(58126008)(478600001)(76116006)(2616005)(64756008)(91956017)(66556008)(36756003)(446003)(71190400001)(99936001)(71200400001)(81156014)(46003)(110136005)(2171002)(9326002)(66446008)(966005)(316002)(66476007)(5660300002)(476003)(66946007)(14454004)(66616009)(6116002)(486006)(790700001)(86362001)(6246003)(81166006); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1871; H:MWHPR11MB1791.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hPdMIrXLkrZyhw/96bW1umpboAf4yyePgEowa1BV2MrDTBZxtB9D6QSdRedMnkPx8ePZAEz0l+TiRsvN/SIgN528Us0B4rzJSlZ3toS9B9WniyrLS8GkrB0b4XX40ykkXx7tdcUH/ftUsbfz6JgfBhX0rSZzjJNb0JofGp3RGPgO3wR5X/mPrNU7BDWruZJf89bk7thp/lA+7c37KxGXNU+4QPUZ7PvNraQIRPL2bVRrDxkvRmYejVM9ov+NN+m6m/7O04sDS8/WAtlA4lzP1Ir21r3QdXE2AW054/A3sbu1fj2M+vWrqVNPUZKOxN2VBDX65WfssajoU4ZroeVO1bdQKCefm787vMUKAJcv+8iP/cZN7Hm1p9o9hWbF5rBq3IiOwjioPIbJRP9dT/IMEHnGpy0rIwSww8iteWfchTKskHUsPOWE5IHlDKlxoQfu49YQD5R/5yaes1cIWMWHIg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/related; boundary="_004_C8430918B20B40E584803C1D90F94B0Eciscocom_"; type="multipart/alternative"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 5763ef0b-f6a9-44b4-3422-08d752514c7f
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Oct 2019 15:55:42.4328 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yA0/RVOt1CAbiqZ6lcEkZxErl0dk4+V8n6XcmcRQQH/ZqIUxKzajhuuUCpBaGQ8+2GqW4xuigF8c2R1Iww8E0w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1871
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.28, xch-aln-018.cisco.com
X-Outbound-Node: alln-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/igqgENtgTEXILFiNoqPI11xcrQg>
Subject: Re: [Rats] =?utf-8?q?Question_about_WG_Procedure_--_Re=3A__=E7=AD=94?= =?utf-8?q?=E5=A4=8D=3A__Use_case_-=3E_architecture_document?=
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 15:55:51 -0000

Hi Thomas,
I echo Roman’s comments and pointedly, to the role and responsibilities of the WG chairs….those are described in RFC2418.

As chairs, we do have to ensure we can continue to stimulate discussion so as to keep progress moving forward.  The intent discussed at the virtual interim was that there needed to be readability of the architecture draft.  Options were also discussed on how to proceed were made and as Dave volunteered to provide draft text, he has done so but as an individual contribution as an alternate architecture draft.

In the end, the chairs are guided by the working group consensus to adopt or move forward any of the documents which has already been stated.

I am trying to catch up on all the emails as I do think there are points of agreement on the general concepts in Henk’s architecture draft which I’m trying to figure out how to craft a response for now that there’s another architecture draft, e.g. Dave’s.

Best, Nancy

From: RATS <rats-bounces@ietf.org> on behalf of Roman Danyliw <rdd@cert.org>
Date: Tuesday, October 15, 2019 at 13:37
To: Thomas Hardjono <hardjono@mit.edu>du>, "rats@ietf.org" <rats@ietf.org>
Subject: Re: [Rats] Question about WG Procedure -- Re: 答复: Use case -> architecture document

Hello Thomas!

From: RATS [mailto:rats-bounces@ietf.org] On Behalf Of Thomas Hardjono
Sent: Tuesday, October 15, 2019 3:55 PM
To: rats@ietf.org
Subject: [Rats] Question about WG Procedure -- Re: 答复: Use case -> architecture document


​

My apologies that this email is late.  I'm just catching up on the reading RATS mail-list.



In her 10/8th email Kathleen has suggested some major changes to the direction of the RATS architecture as a whole, which may have dramatic impact on the applicability of RATS to broader scenarios.



So I have a question about WG procedure: what is the role/capacity and weight of a co-chair when the person makes statements.



[Roman] As to procedure, WG consensus will decide which drafts get adopted into the WG, the content of these drafts, and when they are “done”.  I’m repeating what both Kathleen [1] and Henk [2] have already noted.  Additionally, the WG charter [3] guides scope and the milestones [4] hint at timing.



Regards,

Roman

(as the responsible AD of RATS)



[1] https://mailarchive.ietf.org/arch/msg/rats/CVH91BCKrU1SxraM4M_aHpYMx-U

[2] https://mailarchive.ietf.org/arch/msg/rats/5Z505xW0PWgWHbPfMwdPnpJsMzk

[3] https://datatracker.ietf.org/doc/charter-ietf-rats/

[4] https://datatracker.ietf.org/wg/rats/about/









I'd also like to hear from the other two co-chairs on this matter.





Apologies again for the delay.





-- thomas --



​

________________________________
From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> on behalf of Xialiang (Frank, Network Standard & Patent Dept) <frank.xialiang@huawei.com<mailto:frank.xialiang@huawei.com>>
Sent: Wednesday, October 9, 2019 6:53 AM
To: Kathleen Moriarty
Cc: rats@ietf.org<mailto:rats@ietf.org>
Subject: [Rats] 答复: Use case -> architecture document


Hi Kathleen,



I am very concerned with this new direction and I strongly object.



Current architecture draft goes through a lot discussions and reaches many consensus. Right now, it really helps IETF (Teep for example), FIDO, TCG and many others. The only issues are on readability, the standards track and the completeness (e.g., passport and background check are still missing). It is an very good document and correct terminology is very important for remote attestation.



About use cases document, Its goal is just to clarify a sample list of scenarios that remote attestation can apply to and then deduce the requirements and the following concrete protocol drafts. It is not fit to be an architecture.



The current architecture is too important for telecom and network equipment vendors and service providers. I have strong doubts that current EAT and OTrPv2 alone is suitable for the (virtualized) network infrastructure situation.



B.R.

Frank
[cid:image001.png@01D58375.826CD340]

This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!

发件人: RATS [mailto:rats-bounces@ietf.org] 代表 Kathleen Moriarty
发送时间: 2019年10月8日 19:25
收件人: rats@ietf.org<mailto:rats@ietf.org>
主题: [Rats] Use case -> architecture document

Hello!

I read through the latest version of the ‘use case’ document yesterday and found it very easy to read and understand, meaning I think it is written well and could be easily understood by many without having to climb up a learning curve.

First, this could be a very useful document to register claims for the use cases.

Second, if the workflow for the passport and background check were added and put in terms of the open trust protocol v2 from TEEP, we have a fairly nice architecture document that’s easy to read and may gain adoption.  The workflows cover the various interactions between roles and TEEP has actively broken up OTrP in v2 to accommodate using EAT tokens, this would help create that link and make it very clear.

The other thing I like about the use case document and think we should expand on is the references to other work items.  This makes it an architecture document that maps out the full plan of the WG.  One like that was extremely well received by all the ADs that don’t like informational/helpful documents.

I’m a bit nervous with the terminology being defined and would love to see something like this that’s simplified and more easily adoptable.

I appreciate the work done to improve the architecture document, but I do think the structure changes to the use case document as suggested could result in an easier to understand (and therefore easier to adopt) document.

While the architecture document is more readable, I think we can do better.  Adoption is important and our timeliness matters a lot for this work.  EATs can be used for may use cases with OTrPv2, so let's keep it as simple as we can.

Thoughts are appreciated.

Best regards,
Kathleen--

Best regards,
Kathleen