Re: [Rats] AD Review of draft-ietf-rats-architecture-15

Dave Thaler <dthaler@microsoft.com> Sun, 24 July 2022 18:55 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BBECC13C52A for <rats@ietfa.amsl.com>; Sun, 24 Jul 2022 11:55:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.693
X-Spam-Level:
X-Spam-Status: No, score=-2.693 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bscOoj9I4Z3S for <rats@ietfa.amsl.com>; Sun, 24 Jul 2022 11:55:38 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-centralusazon11021016.outbound.protection.outlook.com [52.101.62.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78E7BC157908 for <rats@ietf.org>; Sun, 24 Jul 2022 11:54:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=obb17+o8eIB6wz9eMEbLw+tDokQaIA4as14j3NS8LN3UnNUtesDV9AnyYyQlmxnwjIqaznA8wwArAsD+G3ZDxpEbs4EyxdvfrQMAshdv7zb7T/TxZwMWhTAkz4V/u3m1XMvac4yZ2XOv2HQfzcKcGTDec30JBPMb2Flan4qb8RKqeeU/v5S6ZDyAcbh3C7hQYSeIJBAULKg9ihBHmVnrWwH1zyAGSeSwGRAu/JAj9XyXF8oEuEWRZrmWSdadPGlSs3X8ZVz09R7cSvkkhExHOEPOTsii5+LgMwb7IxNBI1hsQI2jtTuU2cX08MFs8aWH6sFlR3IkBqhqtC9n9QNUZA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YXy/iLNxF79X5gSKYOAwBCj41Z8ySOBhGAbYe0ETKdY=; b=ArtCzdl2WXV5N0TG8T0vHUJRajgd8yQBPg3bHVbGrKG5Som4MNXKYVaOMLGtFVnYT/P7la/R0IQa7eQGcJ5ZjVH3z+jLhdbhUWNDMOajn1loULYvl9ZHC/Z/2FmZd/nXjcWyoiB3yYOyRU4ILXhQWkO0B4LEsYgUsuhLEhxpBaPJNggZ8lPpPJkEUSKiT7O+krmHQhcsuwoBkqtGxZ8Jc5ryvCA9hjqC1r+tt4jke4/7FE+wYg7p1Q71M+uiKi36jN3miJ7j34VWsHm21L0iEoMCT2V6Wbi1j+Bt6qtgxbptzR1K+PHs4KZz8s2wKWmVuIDbTVDmz6jujtggQHgKxQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YXy/iLNxF79X5gSKYOAwBCj41Z8ySOBhGAbYe0ETKdY=; b=MFYgYhvaVjq+gA6XSgNrsy2Vrhj01d3fufu/dHW31lcLl45XAb6ui1oDO8MzLSKpH1AvTE+FHXiUIOIh7a+/zLGCq1C+u6+fVe4X2BPtIW+48Gp5LNz2vfDY1vrrVQk39f78bkwOwdriGDeboMBHLFKBpDfOKWLbhmqNhtC0pzc=
Received: from CH2PR21MB1464.namprd21.prod.outlook.com (2603:10b6:610:89::16) by LV2PR21MB3372.namprd21.prod.outlook.com (2603:10b6:408:14e::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.1; Sun, 24 Jul 2022 18:54:26 +0000
Received: from CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::8514:302e:6ed4:8002]) by CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::8514:302e:6ed4:8002%6]) with mapi id 15.20.5504.002; Sun, 24 Jul 2022 18:54:26 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] AD Review of draft-ietf-rats-architecture-15
Thread-Index: AdhfNo/YbgZCs0OMSiqFXlqIAvRN0wAmn8KAA+7EkoALbMRJ0ABi9CCAAAX/t4AAKtAzsA==
Date: Sun, 24 Jul 2022 18:54:25 +0000
Message-ID: <CH2PR21MB14648FCEA64389E0FCE5CFDFA3929@CH2PR21MB1464.namprd21.prod.outlook.com>
References: <BN2P110MB110748C2C81E515E5E7277C5DCC09@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <3256.1651680451@localhost> <dabb272d-1e69-8a0e-ba91-4d5d85cfb8ab@sandelman.ca> <BN2P110MB11077E3694C78ACBA39F2F3ADC919@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <33343.1658604777@dooku> <45465.1658615083@dooku>
In-Reply-To: <45465.1658615083@dooku>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=a1a9755b-646e-48dd-8144-ff8a995d829a; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-07-24T18:50:35Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4ff30a1f-cf49-4b43-3e8f-08da6da5ee38
x-ms-traffictypediagnostic: LV2PR21MB3372:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LIc0hEagon8ihz9lCe/TFmSZGM8Bi6o6XEj/35toVI5XKLv2qW/OTwheBm6Txr9dXEQ7+JnWLZHuYki8lxAEMlp6Dz39AOShoFKLZ79/cH10o0c5sDK3mXEdGqE7LqaMcDb3fiB52I5izxcwuRAMib9Nt5q0L1UUnY4CDFqENP6EtGueXsRCFbEjhLPmd2aNjUn20AKgslaBLrAkMQVkfkHy5yTiu8DgMbdltTduNeginLaiv1wtWJhypvkPSUnWLxH1/c5zGNxRLskNui58SoH/paJinMky13dFLCUlekaWFrdR0C7CFqCoUfhtaJ78eIpcy77s7gug5bpfAjCWJpSM+kfDrTYfmW3XU9lfn5YpvTBIw9o7Ehig08W/ksbQUpUNabOsjLuHlid/jQzMEMGvYCVUXBo00MM2JlkqdjlqLJJJnm786+uiMDNderid0LSkIVHUdQNLjm6d0e7RCN7gWfLtoXM/w8+a3+QufMxMyqdx61ePuDuuyWNb7+eO+OMiQP3bM4h+r++osBpgYVkQv6dkGLX2zTGnoTActFeNYAORQB/SkcEw83Iy4GymkXQp1E+7daxVaP4rLNOsn4t6xEuDFxWc3YsEwIFvWVla+JOd0Ox2PtlO1YqYB6PWTuUeLu71j0qi/acUZ3wd80sdCkY2DfDpSqz4prnwAzgPAeH3n1tkZBVLaMv3ya4BNh3l9xzxPXplJvWsbHqY96GC3BAQu8eoSNjl+WnPOA4aTpehfctQbV+d/2y1w+tCE9gucpfZWaAyZWW0kt1uxc/jA39aiBpedH+7rswc1TXbTxHj4t9E1nMSXhV9fZGiDSk3w8Anu1crv6xLCm3URyLL2UKe6fC9beH4UGdEOxW72Bj+Q+y0KjM6Kcvgkh2inKWR86JOrD7AWiZHZWq7wDuUdn5BjzFdmOOCVd32zEA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR21MB1464.namprd21.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(136003)(346002)(366004)(39860400002)(396003)(451199009)(6916009)(33656002)(316002)(966005)(10290500003)(53546011)(478600001)(9686003)(7696005)(41300700001)(2906002)(55016003)(66946007)(71200400001)(6506007)(86362001)(8990500004)(66446008)(8676002)(66476007)(66556008)(64756008)(76116006)(186003)(8936002)(5660300002)(38100700002)(52536014)(38070700005)(82960400001)(82950400001)(122000001)(83380400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: JXqdJAfppqV/e1c9zuk6K2z+EPcVqLvBjQYfoao8Na1HIgTG+/c0UqYpAcgAk+z1pdgZfChatpuMOH7v3f3mKx4dgujlzIRs8hbGhKJ4zbFOPj6H42mfbmsAluTBVYGEXzOJyUguXwCrH0SlCkTFuW/fyiGoZnGjvID6gjqJtBOoJhr/cvmGn6TfAStavJgaB64paS32cmzy6YLlzFe8cG+9iYnmOJ8hq2YLQbhCCWVMrYWVvJGLoT33f3jjfQ66LfIG1g6Dl3WPlNOOwiYT1K07J8i5Sf8aoHjSHe0HdrV6dEKO4wwPJr/hBhFwRUKydjsN6l87HDmZ8ZFxMAW09PV7eiSSQ0ZiY2MnYROf9xz1gM3WVdqA2WiK3amQvtMd9gAIgxQuG1bxDvJ715b2BfUdOzD3whHwTezZGM9fYbrgy+rpJ7U3GSdQIhenB6dVvWKJXAMopPmkIeh+yzJezHXkOkV8fzjJwAr9+wvGY+DjjAIu1G3NGuo0onZzQ07vHxP5ZVM2VPUxtt04dgiKgR81AgSncDHTK5fRxj5KyP0uD6OjasTZcDONmoGpQwQMUm8yVpxzWfe1ADiFWoJxpeDjxOi2vGVzJQqR3YQFt0ikG/wiJ98m0ti4ECMBro9HqaFtivS9OfTxKuCKyLH6PK0bfk++PyGL7IeqYMm8OMpk2kiSCGpvAriGiHTEPbMdfggzmifRCXU/Csg7lUXZGcjssaMZCnRaZbQ8njyWK8UTCAVoL4Et60SDho8TT0dP85Idtmn82BT/Y2l6lwRJ2SdXIyUCzTOsmhe3RNah6uS0ZbIwunINVnRj/4NYhn0rxtRh3pbCrzEztD4qIdmb2fDoRaC/HbLx71DOQh9FEUwOASknM35UE089bilBArHqhc/KivJ9wTqRtaJa/OiBjAqL0V2g11dXWrF38pBW813/8XG5bKAJAcyD+39ABo/M++5kF7onKERzlRHKxiTLaZxOlmMPj/NaGjH2WJRtdqkywdutexGVyo6DtQPAzjkoOAtA0/7upfRlHR56H3BRalwJv3BBQ9lqx4A6rGCyLy0jfUX2pJE8o5s+B34hACECn3QUBcdKE9qLuldJTJSPdl8CQ9NJSCTscE0IcjPyjgYpnsnwuCvbGqrmnC4diIMQ7ePP8dYRj0UDcHFvsORhAYeCUtG7+kIg6BA6Cq+9ge8j2UN0w3TQdlYBgYrxyqUkwCmzZa5x2sLS8kppuQcy7AHtiCqx+s2CbwiUkFyQ/gdN5u7j3x0+ugnEwiRL26lalmOdC1jUKWt8L29F0psDP2E4M/r7nALfOe5gaZKTIAXuj8O79ghOz/r4gLIgviYbPiOAtpkjpWKdHAvPapbpwP7Uph4V679FKqIqP59Wp2Caq8F6BVxFxX5pAnoo5S/XAjiu7JibTx7lB9lfI5AV7k2hXgkzscJ6fL2oInOUOaKlZZ0gJrM2B2M4GHH+bJ+i1kd4jxJJ1L3hbhKwuxQ6Im40sTAU9sI3rVKTS32ax9Ajof4B5w4riNB1xz/hmEk1rb9g8nsev5X/X1p65/kkcL4OOd+wMBzuk64v/3JiMtAXQqCyBLV0JDLnbb0cPdLSmvzqRMWU+o02uDQVb6TJDL9r6eyYnxAsV6Judc5dNBb3+G4Z37Vn8vSWXxyFMKwK2EpbRdABU3Fngxk2i1V0Jg==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR21MB1464.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ff30a1f-cf49-4b43-3e8f-08da6da5ee38
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2022 18:54:25.9572 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vIQknHkcdZpYfwokKyVkxfetRYmzO/nJ1RbskEXZTZVDIch5XtLVnpvlrtzoHWSKbCCdpbhzFvx4WGUXgVupQZa9rlFuGYm963TcuYsZeMA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR21MB3372
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/BWDrNV8yftQ5TP2MIU8ioxKttko>
Subject: Re: [Rats] AD Review of draft-ietf-rats-architecture-15
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jul 2022 18:55:42 -0000

> -----Original Message-----
> From: RATS <rats-bounces@ietf.org> On Behalf Of Michael Richardson
> Sent: Saturday, July 23, 2022 6:25 PM
> To: rats@ietf.org
> Subject: Re: [Rats] AD Review of draft-ietf-rats-architecture-15
> 
> 
> Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>     > I really don't think section 5 is that mysterious that it needs more
>     > introduction.  I would really like some more opinions from the WG.
> 
> The design team has prepared a few slides to deal with this question.
> It would be very useful if people could review Roman's comments at:
> 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmaila
> rchive.ietf.org%2Farch%2Fmsg%2Frats%2FK_sU1kLQybiywE1nax9SJRgw_UI&a
> mp;data=05%7C01%7Cdthaler%40microsoft.com%7C7124cb2995874cadc5d80
> 8da6cfa2e0c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C6379421
> 19614679539%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIj
> oiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sd
> ata=CSWhM%2BifxUcMziitBDqzLAbEdH3lbaggS4dccAaj%2F8U%3D&amp;reser
> ved=0
> and the text at:
> 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.
> ietf.org%2Farchive%2Fid%2Fdraft-ietf-rats-architecture-18.html%23name-
> topological-
> patterns&amp;data=05%7C01%7Cdthaler%40microsoft.com%7C7124cb29958
> 74cadc5d808da6cfa2e0c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0
> %7C637942119614679539%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C
> %7C&amp;sdata=y7KR5jFbEnGyNLXyJdn5MBCbUPsIhoqIEP6L%2B%2FSkNFY%
> 3D&amp;reserved=0
> 
> And consider if we have adequately described the interactions for
> Attestation Results (Passport model), and Evidence (Background check).

I drew the short straw of being the presenter tomorrow so will be up in front for Roman and others to throw things at 😊

I am in full agreement that the freshness mechanisms appendix is needed as is.

I also agree with the other co-authors and WG participants who have stated that we believe the document is already quite explicit about producing, consuming, caching, and forwarding of Evidence or Attestation Results (and yes all those verbs are explicitly used in the text to explain the diagrams).

Dave