Return-Path: X-Original-To: rats@ietfa.amsl.com Delivered-To: rats@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3B44C15109A for ; Fri, 13 Dec 2024 15:41:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.248 X-Spam-Level: X-Spam-Status: No, score=-2.248 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ro-BBhmlFflI for ; Fri, 13 Dec 2024 15:41:40 -0800 (PST) Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8075CC14CE24 for ; Fri, 13 Dec 2024 15:41:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1734133300; x=1765669300; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=jJPGozGx06FYqIf1xP8XemUnZwzSuYLSKX/z5hfR+VY=; b=OgosNPcwkFOgW6kP987kUgdLLM2OYL1ccYHvfhPOD2lp2oerSX2TR+B9 Bu6Co72B1KPc3dANUCr8dt4gBzxYEIFirAWSkNtDm9IVrMN9IP56ejThf FC/snVPDpHiaJubQxXEbUXSccKPqs+kgzR4Mk6eM29O58MdNFlBhADwGL 0a0+FNBRwVj/3ApzjD57NV65KAhD6NPhdgJWHSrwlK00PpLlHrTbdHrl9 JYa1tmK8dq/uDy1TUXxFnfsAHFzcuWwX2HWluzY0dl74cv3hvfkQk871c 1I0Jk+9vSN8YFLFqdlosU8OpuR5N+5n16z4gGzfNERKz6VZfGAtuFp2oE Q==; X-CSE-ConnectionGUID: BdbOreH0S0K4HColzUtXQw== X-CSE-MsgGUID: WqbA+qfeT4COPzgMoQp9fg== X-IronPort-AV: E=McAfee;i="6700,10204,11285"; a="57069692" X-IronPort-AV: E=Sophos;i="6.12,232,1728975600"; d="scan'208,217";a="57069692" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Dec 2024 15:41:40 -0800 X-CSE-ConnectionGUID: 2t+K8hxCTQm9DWo8FSnLxQ== X-CSE-MsgGUID: dyiffE/xT+O1rotjrQ5ZMg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,232,1728975600"; d="scan'208,217";a="127471241" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orviesa002.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 13 Dec 2024 15:41:40 -0800 Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.44; Fri, 13 Dec 2024 15:41:39 -0800 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.44 via Frontend Transport; Fri, 13 Dec 2024 15:41:39 -0800 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.175) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.44; Fri, 13 Dec 2024 15:41:39 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=eWwnBPhY0Ht+aXile9JY21AwDnvGTE1CrWG+O0z/WK01ogXr6UOIhNyxcq16cyk0E733DSolOhuf4UCaC7gYiP4OVrnGlwB0PXzNk3sBaSG53ZSzI1+rpMg5MBJvkcjls6hFmoboGigpI/191REQ+OdZCoDTao6ah4Og69EDbsraMmvRDGO1yzdK4dRaIVi9qhiMkChat2h45+laMq9883U9ZjH3P0J+roAGjFhw2pkpNKPJi4sVE5T8YTKIBIUT348Ss50RAq8JdbFmTQB0jRCIG21TByatR9vWHdgOYXJSlWJJKd3TTVWAO/gjdOc7UKPbsMxgNO2hMnQkYIxOEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4LdHpttUKNa5GqksYALLRl06x4O8prBU2nP2T2X+lxI=; b=YQN2uXWUGfyPO5PQkO2HNjT74eydR/CPD7QDLZ1X8BNsKjdBR+Aj733QJ1K8hoC19oecjOq3zcrA1gdUc9DJJHX3g3u+raWtTZhCd/XbhmMjbNnLUeoetfnmVEWPNLBchsAHxGCdvvMLs6JuAndwkw+oP6If2wRI6qaBCi+FbISRWJgk6ICTR++EhZbMgOF80Q2VgeHsaZ8JtXFi8guaGsscMarOv59Br1ilhr4hx5eYG0QfsujeJoRjNiFHxlWQSJDYurB3VHb8S66b0t740UJ+8VWZ+F5mTVg8PdTBSSrH9bXZHVy5xQard1l/xgMOTNcv/dqVpEpsdgaBjAHdgg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by CY8PR11MB7845.namprd11.prod.outlook.com (2603:10b6:930:72::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.18; Fri, 13 Dec 2024 23:41:10 +0000 Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::9bf0:5425:d055:42b7]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::9bf0:5425:d055:42b7%6]) with mapi id 15.20.8251.015; Fri, 13 Dec 2024 23:41:10 +0000 From: "Smith, Ned" To: Muhammad Usama Sardar , "Michael Richardson" , Thomas Fossati , Henk Birkholz , junzhang , Giridhar Mandyam , lgl island-resort.com , "rats@ietf.org" Thread-Topic: [Rats] Re: Security considerations of remote attestation (RFC9334) Thread-Index: AQHbNH/DYWfSc7u5cEiooLQ1tlKvsrLG8bIAgAAeFQCAAP5NgIAAKOqAgAElFoCAABMygIAABEUAgAHLkYCAABvQAIAAU4CAgACuqgCAAB+FgIAACOqAgAAFOYCAABAJAIAABnYAgAAWDACAAJbbAIAXILGAgAByDeiAACcGeA== Date: Fri, 13 Dec 2024 23:41:10 +0000 Message-ID: References: <4ffdd034-05ec-4565-9cad-b40ff82f83fc@tu-dresden.de> <6ae884d8-b7a2-4e5d-9f36-a819284f7589@tu-dresden.de> <42365842-ea0e-4129-8469-9f8a22ac0c7d@tu-dresden.de> <9006a93d-4fdd-18da-185a-d20606bb3d20@ietf.contact> <196f403d-f95a-4f81-b00e-08aace4976cc@tu-dresden.de> <5073b0a0-e938-4299-936b-0dd644ea3f88@tu-dresden.de> <92b82fe0-34e6-4a35-b265-a29466cda69a@tu-dresden.de> <01ede5ee-6e98-4855-b351-5c3c0961f8d2@tu-dresden.de> <22509.1732828924@obiwan.sandelman.ca> <9656e051-450a-43db-a0f9-6cdd323f255f@tu-dresden.de> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-reactions: allow authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: CO1PR11MB5169:EE_|CY8PR11MB7845:EE_ x-ms-office365-filtering-correlation-id: e86ef339-6ab4-4561-e644-08dd1bcf9f67 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|7053199007|38070700018|8096899003; x-microsoft-antispam-message-info: =?Windows-1252?Q?L4cWXOrhOet1YzwLeVN/Ll10xDDgh+AfC8xb61wy0VeJogoBSFnoOrbK?= =?Windows-1252?Q?sP0uyLaMEuzMOyUcavWGM76Q09wSXsaLkjjsdXYBjbQzQ9uXR+U+xoTT?= =?Windows-1252?Q?+DBO6pJZ98VcDAbfK9aXEU9ssSCtSyxpA6OSJTyFs9eMeG9b9q9HUpVI?= =?Windows-1252?Q?npcwr3t6tMrIir65cJtmqcaB+VZ+Px9NnmEPwVezLDw6Kl+cQc8RmbpV?= =?Windows-1252?Q?lKP7liUXCP3/2hEYtahhNAb79aXj89zIJgDgV/NHn7TUjXhIlSGZCsng?= =?Windows-1252?Q?fZ582FtxLnT6v4mn427lx2kar8Bdcuma30yzTtbsLLXvEd2pbuiIeJRC?= =?Windows-1252?Q?v+WxdAZpR790zLmY9pbT/8I98REPB4c7YM5mfp+uByGqu45Dz9sUbZEQ?= =?Windows-1252?Q?hix9ORBYEuU7aZpvtV446S7jFm3cCgwf1lQp6WdVftGs01ViWYaCd18Y?= =?Windows-1252?Q?qsM8gjc7QUMyO2TGn9jCdgsklaLFxDjUdVGjDsv4qzfXv2U8DDh8pocC?= =?Windows-1252?Q?BUfDGvQNQTplhIOJaoQyzMROVM7+ccdO6gNpPrLh+ZS0t8WIlx1GXEfa?= =?Windows-1252?Q?HeTnHQjLQUPfq9OVpRqggawaeg1aNO7RUAN0tv8qgQsPDt8RonWRsjQY?= =?Windows-1252?Q?+o5wBX2rmmtQDLCTxR91eAxukl2V2Xot2vPxGD2NBDDnswox7QDVwgGp?= =?Windows-1252?Q?L52boxv0xUY3tkBW+HaaGoW0K93KBLRTQGHCTGFVI7ldL7CCCHD72yDO?= =?Windows-1252?Q?jkpIeuErKh9JXJduNQJv4SFhchi52uuVvKO6GkfiPVPfCITSvYzTgYsj?= =?Windows-1252?Q?ldZCTUdMoLxhUzP8B9/7v6jUQUAv/JeS159IxGATL9LIwp7YDT0KdY0Y?= =?Windows-1252?Q?k2okBohOH6yDe7+GN2BA2jm+D2JqyUYydJmEQRwdxTXtT9S1E5E4rHc2?= =?Windows-1252?Q?ZTQ9biE6LjZdAj99Y67W8rof8R9668JkaWCK6j0nVulCU2ItEK0ZmpFc?= =?Windows-1252?Q?zSHwIVIGb0WOlVQ66fpKMg08q5+CFPEoyeSSRKutnBaxhDDLbDhtQO1D?= =?Windows-1252?Q?k+rYXnZCO5bgbQNoib2FCprns4Cm/Dhq9+MR1Cm8+JvBdBWZb/JTKE/q?= =?Windows-1252?Q?7ZUL6XLUQXMWJBj8wAG/wtNgd3GSi3E4T8qqlsbKqycaRfgNz0dOls1k?= =?Windows-1252?Q?519kxIGWR9m/4eBLED4pMsQ5H5gp7o0TvHs7HVNyRajtMJmzm1r7ofk6?= =?Windows-1252?Q?StoFpGAK7Pv3W0ZddzO5KpNVRPQVfZWdxU/wp+hFEtULy+fVRVaZiInB?= =?Windows-1252?Q?ATIRWXCfh5o6qx5ixuUxWfsckoTKFOsr7PYpwHphvVcUScRJA8N/AZ+C?= =?Windows-1252?Q?7ziD7A05uKS0uYSRtRJyoWFXuqdrBKKuNsp2/KsV6J3fxRcIXiduz2jH?= =?Windows-1252?Q?3LToWvSdEPQI77VwpjvoI1hT2bPapb7b5G/TDOTQPaDhnCw2vYX3Hpfg?= =?Windows-1252?Q?y6Vw0CQmOdSR8bWiIrOgJPbVkt7QLA=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO1PR11MB5169.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(7053199007)(38070700018)(8096899003);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?Windows-1252?Q?cHaMQGqOYnXVLjIwssAx1TWMGow2OKbbLZ4MiZaKRERTn89PBlFq6apk?= =?Windows-1252?Q?zD3XPtLRzMmXUZyurNqdLMRsTz074Rh3O/5JYZVEwflQZJmcfvUeCrAH?= =?Windows-1252?Q?VcUxq0HbkbscY5VWIvaGWezbJerKiBYnuLlfrPAePsWEFhnjs50m07Ua?= =?Windows-1252?Q?XjDpjKwzvOy2WGUtTHbYyQk6+cM/nJ+aSzDAt6PRZbxIgGOyjbccuMHy?= =?Windows-1252?Q?i5iRuZZ575FF43M8MKQ4yAERO9sr6NV75HWzIEIxqcmXRZfmlNLpxsxu?= =?Windows-1252?Q?LRR5OEFdine4z+3G/60ZipXyMVPQ57GvD5PQPLfJPl5QM1h1VHLhGkLw?= =?Windows-1252?Q?NzPZ0W54Z8sisPtDHgxMzxZxsFwP2KoBKUUq17QxP/Y31WFvSK5mHoBI?= =?Windows-1252?Q?Y2d1kZhrbrKCAbw1Z57jvzs+Cq0se0IFyqlLZo1GHLKKDAYPLIN+IO0h?= =?Windows-1252?Q?8hZ6wRhNXz4QBssIcSfMstoprNWamWbc3QVvlRlRg+r2SAVmJ8gg7xRj?= =?Windows-1252?Q?YwJj0leW5mwLvztNdUJ0hiKNeMwMpmUJokNm3XYkNQnethwpcw+RmuIa?= =?Windows-1252?Q?rsRfDvetggQyxF0Zqt/O5jVHKUV0SAYxppLK0No2cSR67stRxl8/h1Qh?= =?Windows-1252?Q?ywaR3hgm5UYTTV3Or25CvH5MiZtE8bYuSYbEXyn505CUQjqtJlC2TLeK?= =?Windows-1252?Q?9pMydJqRZG0eextIpz+etJw7KcxbrhBZXxc99CpK/SZniq6qH8wug+Pu?= =?Windows-1252?Q?5wqYNFeeiRVVS0kaVqL+6vniN2u7t78r+iyeZbgOgNDhTyJ3bB0K/UAQ?= =?Windows-1252?Q?uYON+VFe4FfOPh2TJtGrLwJ9pHFFUuxgQCw5tqn1g+54n2Lf80Ukb9JD?= =?Windows-1252?Q?6aY3t6+D29H4jz/D9bg53z+fF+Wa+SjXYUoWRtCfh3Vv/rjBMJPi8+z1?= =?Windows-1252?Q?Uczh8tXuebaLO22D2LsIlNjQGhUVY6lYO26X1+Nxtsq2nwTsCNWM2wBy?= =?Windows-1252?Q?zZ0FwjIRhl6L1jnYFsOTV2xrl9GapKw9zBo9ew3/kih0MtSLhK4qiNbG?= =?Windows-1252?Q?yx/pFHsIb/E6bozekEH5fvQlyqLlWVATHpVrLnkhFWeI/qSBqsWrfCU8?= =?Windows-1252?Q?JtjbUArf9pUJv8aKXg92Y5zKAcGgyMIm/gyPHQfqx+A990VJB49OKpQq?= =?Windows-1252?Q?HisCinq8LhIohAZjl3gsF9aHEKZ1+kkxlAh89ki63NPL2SGDeTGfO4gQ?= =?Windows-1252?Q?XCzFbew+BDkd2jCTp79DG1Gc0tL5Lb6oGsTIp002t43cROI+eR/gyj73?= =?Windows-1252?Q?PWoElA8SJ+763PrR6VDkKInoAOInWY7cCdbcIM8ANTN0f5b5g7c+eJ1g?= =?Windows-1252?Q?R8jlSkbUavxosF1S05Om/RdY0Qi1AGIemzL5F410xGj04hlgIYTxyRTA?= =?Windows-1252?Q?U34Fnd5dI5Vd7HBU5zbuFE1zccUFmXq77uDnmPFrxkA+JjnuUyCliaGI?= =?Windows-1252?Q?caBqnGBSEJwZsc11KJUBIh/A5ZmpXIqRha538YIbLh2GL0T05HJBHEra?= =?Windows-1252?Q?NPQFQqmRBfVrT/hlhKNV/FhK7Ur5p4SJofqnBCV1DTjFINL8PT3Q4/9M?= =?Windows-1252?Q?jk171vSvsMjWpJgFC6iYnG4ZwZPP4JeFl2y5UOcEzYWYXUkh3FUKXetG?= =?Windows-1252?Q?XEBvi5BkKuDyIc2u6GFlPzZ1Z1MrHfJ+ul1Pzq39lUL09/K+VUVXNQ?= =?Windows-1252?Q?=3D=3D?= Content-Type: multipart/alternative; boundary="_000_CO1PR11MB51692C07E2BBB55B6BBF9BA0E5382CO1PR11MB5169namp_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e86ef339-6ab4-4561-e644-08dd1bcf9f67 X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Dec 2024 23:41:10.2815 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ciKkVwTGeU6EPkY6TR1eSUFWCQs7QM/7Axn5C/7zHtfKYjMMlmBVKDHTKa0dbLsyQ2ucA+XygKKMmF6TIBMUUw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR11MB7845 X-OriginatorOrg: intel.com Message-ID-Hash: HTRDH5RE2XVA6RDQEWECZPHMKUN5MMCB X-Message-ID-Hash: HTRDH5RE2XVA6RDQEWECZPHMKUN5MMCB X-MailFrom: ned.smith@intel.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rats.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.9rc6 Precedence: list Subject: =?utf-8?q?=5BRats=5D_Re=3A_Security_considerations_of_remote_attestation_=28?= =?utf-8?q?RFC9334=29?= List-Id: Remote ATtestation procedureS Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --_000_CO1PR11MB51692C07E2BBB55B6BBF9BA0E5382CO1PR11MB5169namp_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable >Pointing to specific text that is =93wong=94 would be helpful I meant to say =93wrong=94 From: Smith, Ned Date: Friday, December 13, 2024 at 13:23 To: Muhammad Usama Sardar , Michael Ri= chardson , Thomas Fossati , Henk Birkholz , junzhang , Giridhar Mandyam , lgl island-resort.com <= lgl@island-resort.com>, rats@ietf.org Subject: [Rats] Re: Security considerations of remote attestation (RFC9334) >I believe the following statement in RFC9334 (Sec. 7.4) is wrong. Pointing to specific text that is =93wong=94 would be helpful since there i= s general consensus that the section as a whole is reasonable. From: Muhammad Usama Sardar Date: Friday, December 13, 2024 at 06:34 To: Michael Richardson , Thomas Fossati , Henk Birkholz , junzhang , Giridhar Mandyam , lgl islan= d-resort.com , rats@ietf.org Subject: [Rats] Re: Security considerations of remote attestation (RFC9334) Hi Michael, On 28.11.24 22:22, Michael Richardson wrote: You can write ten documents, one every 4 months if you like, that *Update* = 9334. I don't think that's a very optimal solution. Also, from the reader perspec= tive, reading RFC9334 first and then finding, "oh wait, what I just read in= RFC9334 has been updated in these 10 documents." They will be very much as legitimate as 9334. I just don't see a reason to re-open the rest of the document to second-system effect today. The WG could disagree I believe some things can be better fixed in RFC9334bis itself rather than = opening a number of new different documents updating RFC9334. For example, = I believe the following statement in RFC9334 (Sec. 7.4) is wrong. Would som= eone disagree? Does WG think I should write a new I-D just to say why this = is wrong? > "A conveyance protocol that provides authentication and integrity protect= ion can be used to convey Evidence that is otherwise unprotected (e.g., not= signed)." Usama --_000_CO1PR11MB51692C07E2BBB55B6BBF9BA0E5382CO1PR11MB5169namp_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable

>Pointing to specific text that is =93wong=94 would be= helpful

I meant to say =93wron= g=94

 

From: Smith, Ned <ned.smith@intel.com&g= t;
Date: Friday, December 13, 2024 at 13:23
To: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>= ;, Michael Richardson <mcr+ietf@sandelman.ca>, Thomas Fossati <tho= mas.fossati@linaro.org>, Henk Birkholz <henk.birkholz@ietf.contact>= ;, junzhang <junzhang1@huawei.com>, Giridhar Mandyam <giridhar.man= dyam@gmail.com>, lgl island-resort.com <lgl@island-resort.com>, rats@ietf.org <rat= s@ietf.org>
Subject: [Rats] Re: Security considerations of remote attestation (R= FC9334)

>I believe the following statement in RFC9334 (Sec. 7.= 4) is wrong.

Pointing to specific t= ext that is =93wong=94 would be helpful since there is general consensus th= at the section as a whole is reasonable.

 <= /o:p>

From: Muhammad Usama Sardar <muhammad_u= sama.sardar@tu-dresden.de>
Date: Friday, December 13, 2024 at 06:34
To: Michael Richardson <mcr+ietf@sandelman.ca>, Thomas Fossati= <thomas.fossati@linaro.org>, Henk Birkholz <henk.birkholz@ietf.co= ntact>, junzhang <junzhang1@huawei.com>, Giridhar Mandyam <giri= dhar.mandyam@gmail.com>, lgl island-resort.com <lgl@island-resort.com= >, rats@ietf.org <rats@ietf.org>
Subject: [Rats] Re: Security considerations of remote attestation (R= FC9334)

Hi Michael,

On 28.11.24 22:22, Michael Richardson wrote:

You can write ten documents, one every 4 months if you like, that *Update* 9334.

I don't think that's = a very optimal solution. Also, from the reader perspective, reading RFC9334= first and then finding, "oh wait, what I just read in RFC9334 has bee= n updated in these 10 documents." 

They will be very much as legitimate as 9334.
I just don't see a reason to re-open the rest of the document to<=
/o:p>
second-system effect today.  The WG could disagree

I believe some things can be better fixed in RFC9334bis itself rather th= an opening a number of new different documents updating RFC9334. For exampl= e, I believe the following statement in RFC9334 (Sec. 7.4) is wrong. Would = someone disagree? Does WG think I should write a new I-D just to say why this is wrong?

> "A conveyance protocol that = provides authentication and integrity protection can be used to convey Evid= ence that is otherwise unprotected (e.g., not signed)."

Usama

--_000_CO1PR11MB51692C07E2BBB55B6BBF9BA0E5382CO1PR11MB5169namp_--