Re: [Rats] AD Review of draft-ietf-rats-architecture-15

Michael Richardson <> Sun, 05 June 2022 19:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 77633C14CF10 for <>; Sun, 5 Jun 2022 12:10:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.585
X-Spam-Status: No, score=-3.585 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, NICE_REPLY_A=-1.876, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=neutral reason="invalid (public key: not available)"
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id KVbvMr11R-cA for <>; Sun, 5 Jun 2022 12:10:16 -0700 (PDT)
Received: from ( []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id 2643EC14CF08 for <>; Sun, 5 Jun 2022 12:10:15 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id CB8A338F0C; Sun, 5 Jun 2022 15:25:22 -0400 (EDT)
Received: from ([]) by localhost (localhost []) (amavisd-new, port 10024) with LMTP id lICDZKbYLLTX; Sun, 5 Jun 2022 15:25:21 -0400 (EDT)
Received: from ( [IPv6:2607:f0b0:f:2::247]) by (Postfix) with ESMTP id 590F438F06; Sun, 5 Jun 2022 15:25:21 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1654457121; bh=yDy9usmsn556zFySFWqLscHAXbt00GLKGrqPxN95U6s=; h=Date:Subject:To:References:From:In-Reply-To:From; b=oLx15UckGmfYHMUbhjH9H/E4dGiAy/4VM1mcj++SqSgzm9vIkJiasMiVXxUFBvbSE iliWQnQzvEeKxdnFdEAIncr4fk9O9IZbIAY1agHpLm7+Di8FVmkmOvNKL5Uy3T2Hvh 57Pn12j8kVX5YZ5FOY6+TcSomG0wOvDQ9lOq45pgLWDiJNC5uNRTgi9MfCYvvd8eWT JBjKIiz16Kb4bra5ieErwD+3ejL+AJIMqIsY9cjyxgjIyWz9daB+VPBZgwNFlcZKxh ipMCEopXEIQXYvdXhMQBpwf1K3/h8CUzMRs2/Ojm/mEgNQ9gL0G4Vt1x+2un/SRQzz OB12LkIEs3lyQ==
Received: from [] (localhost []) by (Postfix) with ESMTP id BD59D35D; Sun, 5 Jun 2022 15:10:12 -0400 (EDT)
Message-ID: <>
Date: Sun, 05 Jun 2022 15:10:12 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.6.1
Content-Language: en-US
References: <BN2P110MB110748C2C81E515E5E7277C5DCC09@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
From: Michael Richardson <>
In-Reply-To: <BN2P110MB110748C2C81E515E5E7277C5DCC09@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------ffD0kXqfN1dnuDIu6muaxcwa"
Archived-At: <>
Subject: Re: [Rats] AD Review of draft-ietf-rats-architecture-15
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 05 Jun 2022 19:10:20 -0000

On 2022-05-03 17:53, Roman Danyliw wrote:
> I performed an AD review of draft-ietf-rats-architecture-15.  This is a follow-up to the early review I did on -13 per  Issues previously mentioned against the -13 not mentioned here can be considered resolved -- Thank you!

Roman, we have posted -17 of the architecture document, which contains a 
few additional edits to deal with the renaming issues.

1. You had some issues with our references to RFC4949, in particular 
with our use of Compare.  First, we have changed this to "Compare:"
Second, we want to point out that RFC4949 instructs to do exactly this

Third, we added the following paragraph as introduction:

    [RFC4949] has defined a number of terms that are also used in this	 

    document.  Some of the terms are close to, but not exactly the same.	
    Where the terms are similar, they are noted below with references.
    As explained in [RFC4949], Section 2.6 when this document says	
    "Compare:", the terminology used in this document differs
    significantly from the definition in the reference.

2. To further clarify some of the concerns about the freshness appendix, 
we have repeated two sentences about how neither the Attester (Passport 
model) nor the Relying Party (Background)) does not consume Attestation 

3. You asked why the Epoch Distributor does not appear in any of the 
core diagrams.  There are three reasons for this.
   a) Epoch distribution is just *one* way to get freshness.  Adding it 
to Figure 1 or 2 will not help the reader to understand the core aspects 
of the RATS architecture.  Using Explicit Nonces via TLS Exporter is 
another way, and we also don't show that.
   b) There could well be *different* freshness methods between Attester 
and Verifier, and between Verifier and Relying Party.   That really 
would be a mess.
   c) Freshness is very much a third dimension on these diagrams.

4. About Security Considerations and Endorsers and endorsements, 
Reference values.   As previously reported, we changed the title of one 
section, and we noted that some of this is outside of the charter (or 
was).  We recognize that there is a very very deep hole of trust that 
one can wander into, and we are looking for appropriate external 
references to include.

At this point, we believe that we have completed all the changes 
necessary for your review.  We have not heard back from you on our 
previous updates, and we'd appreciate acknowledgement.