[secdir] draft-ietf-rats-eat-measured-component-10 ietf last call Secdir review
Joseph Salowey via Datatracker <noreply@ietf.org> Sun, 25 January 2026 19:17 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@mail2.ietf.org
Received: from [10.244.6.51] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id 4496CACC8B7D; Sun, 25 Jan 2026 11:17:03 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joseph Salowey via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.57.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <176936862315.654369.5917172471131730378@dt-datatracker-77f8b84995-z4hzn>
Date: Sun, 25 Jan 2026 11:17:03 -0800
Message-ID-Hash: OMSNHKFQLSY2IZFNU5FIZ2NFK6VEXLSC
X-Message-ID-Hash: OMSNHKFQLSY2IZFNU5FIZ2NFK6VEXLSC
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-rats-eat-measured-component.all@ietf.org, last-call@ietf.org, rats@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Joseph Salowey <joe@salowey.net>
Subject: [secdir] draft-ietf-rats-eat-measured-component-10 ietf last call Secdir review
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/pAVgEfB0WRzvpptDGjHbHU2Z5kY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
Document: draft-ietf-rats-eat-measured-component Title: EAT Measured Component Reviewer: Joseph Salowey Review result: Has Issues I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is the document is mostly ready, but I would like some clarification. The document is well written and has good security considerations, however I am unclear as to the purpose of the "authority" field. The authority field points to a public key used for a digital signature. Where is the definition of the signature and how it is generated? Is this the signature on the EAT? If so why does the authority need to be defined here? No doubt this is explained in another RATS document, but I was not able to find in a quick read of some of the documents.
- [secdir] draft-ietf-rats-eat-measured-component-1… Joseph Salowey via Datatracker
- [secdir] Re: draft-ietf-rats-eat-measured-compone… Thomas Fossati
- [secdir] Re: draft-ietf-rats-eat-measured-compone… Thomas Fossati
- [secdir] Re: draft-ietf-rats-eat-measured-compone… Joseph Salowey
- [secdir] Re: draft-ietf-rats-eat-measured-compone… Thomas Fossati
- [secdir] Re: draft-ietf-rats-eat-measured-compone… ned.smith.ietf@gmail.com