IETF Logo Mail Archive

Re: [Rats] CoTS and CoRIM

hannes.tschofenig@gmx.net Thu, 14 December 2023 13:02 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80FDDC14F618 for <rats@ietfa.amsl.com>; Thu, 14 Dec 2023 05:02:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.102
X-Spam-Level:
X-Spam-Status: No, score=-7.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LyqW3--63nL1 for <rats@ietfa.amsl.com>; Thu, 14 Dec 2023 05:02:19 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B785FC14F60F for <rats@ietf.org>; Thu, 14 Dec 2023 05:02:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1702558930; x=1703163730; i=hannes.tschofenig@gmx.net; bh=2bAell/7FJyVLJhXn+IwQ3WrJXpD/ipa8vhy4GVWwa0=; h=X-UI-Sender-Class:From:To:References:In-Reply-To:Subject:Date; b=GsieQERASGAXhhpwRo7v6CidnUDVb6LTyNU8N/kKuEyJatahXel773IpKpZ/3HIk JIZoiKCJhnwkhOciFjfa09uy1Mj75BvUbcaZ28+Dx6IJk9WOesLMMD3Q0ueFmlNkt C5TbSjr+tfspTZ320t/voX3cBvSpW4gQTKZRQGkk5SmgiBmMONAMFDaiuI76LS1xS ooJPmtlkMaKRSB9oNpwQ3vQIF9Ser/3ewQX9DoPBTtyMFfw5+o/ActI77+MgH5Ivw 9TYajACrvmkM9kJaVlvu2epKjgwGw4GhfiB/QmHmia71JQOTNoHT/KWJi8y8jX3qO PldVeKcSzNrJrN7HNQ==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from Surface ([185.104.138.31]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MvK0X-1rVQlF3o0H-00rLA6; Thu, 14 Dec 2023 14:02:10 +0100
From: hannes.tschofenig@gmx.net
To: 'Yogesh Deshpande' <Yogesh.Deshpande@arm.com>, "'muhammad_usama.sardar'" <muhammad_usama.sardar@tu-dresden.de>, rats@ietf.org
References: <005701da2e02$6acec900$406c5b00$@gmx.net> <84e6047b-b87b-4053-8e5a-fb2c8347defc@tu-dresden.de> <AM6PR08MB43257B9CB8ECD1BF6768D2138E8CA@AM6PR08MB4325.eurprd08.prod.outlook.com>
In-Reply-To: <AM6PR08MB43257B9CB8ECD1BF6768D2138E8CA@AM6PR08MB4325.eurprd08.prod.outlook.com>
Date: Thu, 14 Dec 2023 14:02:04 +0100
Message-ID: <013001da2e8d$bf3c08a0$3db419e0$@gmx.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0131_01DA2E96.210070A0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQIypL3ao4eyVP6NJJEK319/7y0r6wE/ZkIpAqYEAjmv2KWJoA==
Content-Language: de-at
X-Provags-ID: V03:K1:cCRLRPG7SlpjZCnnVsn8JFz/SZ/ikgM1wmo0YMjuGop/wJ40iPr Esf4cwAHShP/TfWsw5xTXNITDu5GWLHqHzgpGW5qQTMtc4sKuiiMo2iIb1GEJwr4ysXEcwS 4+tObt8WWvv1CyoWlGni/BvcKoiwVpt/mjneKM9iQfQnwUKWBs6MrQ1Js4c8gcqY9NmyDoZ zndCKnCyXRQ2SsmKqNs/w==
UI-OutboundReport: notjunk:1;M01:P0:GtgliDzDnjw=;cm27A7zktSuf2iglHIiCpmBKm63 So5uNcL3Xl+GPe6VX5v/E/TvC6537qfTmLBdl1sxni9XuHHFh/51H3QEv9UL5COLWx34a6ejz iM7q3Za7kzVZG0DQQCMa2aZ9n5HCZivdosbgKFOM5Af3HZjXulqZdroxFZ8iYgt/eBg44mLoT X9M/V99ieWkatftW/oJ4lgeT5cEW3KRdsfFZ023agYFOjlPz4ALMC/c5RSwpYxwUVuO/sJJtC 3xP9+GjSmPHAu12Hm+qrBqfKilDmZkUAk0ZCYfOZdbsKTLmSzCVmt+FopUKwDypw+7UuWXxrz cqlFNgh+St2zbakOyqfRJCEGe0KgBEVt2acnPQdSwtpQHEvfeqzSsOht2KeVmeavQGiAsO6Ny weoFivfbWFUKeND8ajfX9KmdjtGGBMtlFFMrwvPRCX+qzZsJE3PMyX/sRu7/jNkvwNhV3DOL9 mPW/jQT78aVH99IJYgC7OPEIEflRXXfo22Ui5d5OFLdo57m06wQ/iDsADTjuUM6LFD6EtO51H XCYobGcTnB7s4335ONItNhe5F+4a/yB1J4GEj7NvZIBUJ4OvqNQ5JkmBqLIRd4u8YGVOVrAu2 pT25QGTbO/M+Kr8cBgmPFH7/rH4kubvDPGaE2OaJGTYu7GNWdocmvZ+cwDnKWiBYSqVK9mqB+ OeBBjRBRGibna2S+oe/O87JgLpCY1KxYn2IsXAs1ETsvG4nskNfsvXEFdiIVqK+UevVFlUuEb spznG7ql4xnkpPpk/wg4sDEGIBlRAe7N6w3ZwX13egd3kgVIkOYUVyozOn96wRD7vXhPAKnYW AbzQxEdh2c+UAsSFcXHcztriKA3Ia66uJJ5NJfLYo56wx48yQe2MWOVFo1YhJRkMJ/5YX67hC lTEkc4h9a/IC6JmK3JfXYWTNSba0+yQ6IbK2niMbvoaW5z7dKf+E/GAAEkY6bp3D5sQFkevRe nCXqZd5ktvHrKFsf/0/Bv6TzKgI=
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/qRIrA89-t3y53teENmvf_MaLyBw>
Subject: Re: [Rats] CoTS and CoRIM
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2023 13:02:23 -0000

Thanks for the quick response, Yogesh. 

 

Two points:

 

*	The reason why I believe that the trust anchor functionality should be part of CoRIM is that it is a core feature rather than an extension. I understand that there is some history about how these documents came into existence but this should not prevent us from doing the “right” thing.

 

*	Using trust anchors under the umbrella of endorsements makes sense to me. This needs to be more clearly articulated in the documents though.

 

A word about the process: Decisions about the directions the document take should be made on the mailing list rather than in private meetings. The chairs should be more strict about this. 

 

Ciao

Hannes

 

From: RATS <rats-bounces@ietf.org> On Behalf Of Yogesh Deshpande
Sent: Donnerstag, 14. Dezember 2023 12:31
To: muhammad_usama.sardar <muhammad_usama.sardar@tu-dresden.de>; rats@ietf.org
Subject: Re: [Rats] CoTS and CoRIM

 

Hi Hannes,

 

To your question:

 

I am wondering why the two documents <draft-ietf-rats-corim> and <draft-ietf-rats-concise-ta-stores> aren’t merged.

 

The work on Cots started at different point in time (by different authors) and hence the CoRIM base document does refer Cots but is not fully integrated.

 

We will discuss the possibility and implications of such in our regular CoRIM meetings.

 

Regarding Trust Anchors as per RATS document (RFC 9334) to the best of my knowledge it comes under the heading of Endorsements.

https://datatracker.ietf.org/doc/html/rfc9334#name-endorsements

 

RATS treats Trust Anchors as a type of Endorsements.

 

Hope this information is helpful.

 

Regards,

Yogesh

 

From: RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org> > On Behalf Of Muhammad Usama Sardar
Sent: Thursday, December 14, 2023 8:21 AM
To: rats@ietf.org <mailto:rats@ietf.org> 
Subject: Re: [Rats] CoTS and CoRIM

 

Hi Hannes,

On 13.12.23 21:24, hannes.tschofenig=40gmx.net@dmarc.ietf.org <mailto:hannes.tschofenig=40gmx.net@dmarc.ietf.org>  wrote:

I am wondering why the two documents <draft-ietf-rats-corim> and <draft-ietf-rats-concise-ta-stores> aren’t merged. Reading through the RATS drafts I often get the impression that trust anchors have somehow been forgotten and were added later, as an afterthought. The RATS architecture RFC does not list trust anchors as an item in Figure 1. In some other document trust anchors are then portrait as belonging to reference values – somehow. That does not feel right to me either.

I think it is completely wrong to consider trust anchors as Reference Values. Can you name the document which presents this view? 

 

Ciao

Hannes

Cheers,

Usama

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email