Re: [Teep] TEEP Architecture Last Call Review

[Mingliang Pei <mingliang.pei@broadcom.com>]

Hi Ines, great, thanks, Ming

Sent from my iPhone

On Oct 19, 2022, at 5:53 AM, Ines Robles <mariainesrobles@googlemail.com>
wrote:


Hi Ming,

Thank you for addressing my comments, I am Ok with them

BR,
Ines.

On Wed, Oct 19, 2022 at 12:11 PM Mingliang Pei <mingliang.pei@broadcom.com>
wrote:

> Hi Ines,
>
> Thank you very much for your review
> <https://datatracker.ietf.org/doc/review-ietf-teep-architecture-18-iotdir-telechat-robles-2022-09-04/>
> of our TEEP Architecture draft
> <https://datatracker.ietf.org/doc/draft-ietf-teep-architecture/>. We have
> created an issue tracker in github for TEEP as #250
> <https://github.com/ietf-teep/architecture/issues/250>. Please see below
> for our comments and a fix that we have adopted. Please also feel free to
> check out the Github issue tracker that has more details about discussions
> and fixes.
>
>
>    -
>
>    Pag 9 - Figure 1: The arrows in the diagram are unidirectional, Are
>    there
>    cases where it could be bidirectional: e.g. the communication of the
>    Agent with
>    the Broker?
>
> Ming: we consider it always unidirectional, and don't find a case where
> we need bidirectional support. A TEEP Agent inside TEE doesn't call back
> and out to a TEEP Broker inside a REE.
>
>    -
>
>    Having an IoT scenario, in your opinion which type of Classes of
>    Constrained
>    Devices (Class 0, Class 1, etc. [RFC7228
>    <https://datatracker.ietf.org/doc/rfc7228/>]) can participate in the
>    TEE as a
>    "Device" in Figure 1.
>
> Ming: we authors discussed and consider the following:
>
> There is no clear spec from RFC 7228 to say which classes of IoT devices
> may fit. We will not specify it and leave such recommendations to the
> adopters. And the TEEP allows any code as long as the capacity fits.
>
>
> Is this fine with you?
>
>    -
>
>    Page 27: "...In some use cases it may be sufficient to identify only
>    the
>    class of the device..." what do you mean with class of device?
>    Perphaps would
>    be nice to add between brackets some examples.
>
> Ming: good suggestion. We provided an example, and a reference to RATS DAA
> as follows:
>
> "In some use cases it may be sufficient to identify
> only the class of the device, for example, a DAA Issuer's group public key
> ID when the attestation uses DAA, see {{I-D.ietf-rats-daa}}."
>
> Is this fine?
>
> Thank you again for your suggestions and reviews. Best,
>
> Ming
>
> This electronic communication and the information and any files
> transmitted with it, or attached to it, are confidential and are intended
> solely for the use of the individual or entity to whom it is addressed and
> may contain information that is confidential, legally privileged, protected
> by privacy laws, or otherwise restricted from disclosure to anyone else. If
> you are not the intended recipient or the person responsible for delivering
> the e-mail to the intended recipient, you are hereby notified that any use,
> copying, distributing, dissemination, forwarding, printing, or copying of
> this e-mail is strictly prohibited. If you received this e-mail in error,
> please return the e-mail to the sender, delete it from your computer, and
> destroy any printed copy of it.

-- 
This electronic communication and the information and any files transmitted 
with it, or attached to it, are confidential and are intended solely for 
the use of the individual or entity to whom it is addressed and may contain 
information that is confidential, legally privileged, protected by privacy 
laws, or otherwise restricted from disclosure to anyone else. If you are 
not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, you are hereby notified that any use, 
copying, distributing, dissemination, forwarding, printing, or copying of 
this e-mail is strictly prohibited. If you received this e-mail in error, 
please return the e-mail to the sender, delete it from your computer, and 
destroy any printed copy of it.