Re: [Rats] how does the Verifier work

Hi Michael,

thank you for putting some attention on this reoccurring pattern that we 
encountered in discussions a few times. I agree with the notion that the 
scope of the architecture document now reached its intended limit and it 
will we be completed with its current content and remaining open issues 
(aka "closing the mic again"). Anything else will have to go in separate 
documents. "The architecture of the Verifier" is one prominent thing we 
should look into next. There are some corresponding and reoccurring 
requirements we will have to take into account, I think. Maybe it helps 
if I elaborate a bit on two major topics that came up repeatedly:

* Implementing RATS requires some kind of defined management logistics 
that effectively make Conceptual Messages move around. For Evidence, we 
have https://datatracker.ietf.org/doc/draft-ietf-rats-yang-tpm-charra/ 
to take on that task, but there are "other arcs in the diagrams" that 
point to the Verifier, too.

* Shedding some light into how appraisal procedures conducted by 
Verifiers actually look like will be very useful to implementers. Some 
experts are already implementing: I'd like to point out this quite open 
and inclusive effort https://github.com/veraison/veraison as an example 
that we can build on.

My expectation is that some of the presentations at the next (virtual) 
meeting will touch these topics already and if time permits, maybe we 
can plan for explicit discussion on these topics.

Viele Grüße,

Henk

On 05.02.21 22:31, Michael Richardson wrote:
> 
> In issue https://github.com/ietf-rats-wg/architecture/issues/210
> and in quite a number of discussions in the design team, we ratholed on
> whether or not we were specifiying a normative description of how verifiers
> worked.
> 
> In the architecture document we want to specify what goes in to the Verifier
> (from the Attester direction!), and what goes out of the Verifier (to the
> Replying Party only).
> https://www.ietf.org/archive/id/draft-ietf-rats-architecture-09.html#dataflow
> 
> We did not want to specify the other arcs (Endorsements, Appraisal Policy for
> Verifiers), but we did need to place some requirements on what was possible.
> 
> For instance, that Evidence would be signed, and that Verifiers could verify
> the signature on it.
> 
> The large X diagram at:
>    https://www.ietf.org/archive/id/draft-ietf-rats-architecture-09.html#name-claims-encoding-formats
> 
> which in many ways started the entire architecture document, remains an
> intentional black box from this document.
> 
> It seems that there is a desire among some participants to more clearly
> articulate how many (but perhaps not all) Verifiers work.  It seems that with
> an appropriate initial narrow scope that such a document could be written by
> the IETF.   For pretty much all the cases of "perhaps not all", then it is
> probably the case that the specifics will be very specific to a vertical, and
> should be written in that technical consortium outside of the IETF.
> 
> This email is basically the concluding recommendation of the design team: we
> aren't going to put this into the architecture document, but we don't object
> if someone else wants to write _Architecture of common Verifiers_, or some
> equivalently titled document.
> 
> --
> ]               Never tell me the odds!                 | ipv6 mesh networks [
> ]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
> ]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [
> 
> 
> 
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats
> 