IETF Logo Mail Archive

[WIMSE] Re: [Seat] Re: [Rats] Re: Re: Re: Re: Follow-up of meeting 122 presentation (Formal proof of insecurity of Intel's RA-TLS and draft-fossati-tls-attestation)

Paul Wouters <paul.wouters@aiven.io> Fri, 16 January 2026 23:48 UTC

Return-Path: <paul.wouters@aiven.io>
X-Original-To: seat@mail2.ietf.org
Delivered-To: seat@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B5659A8D7704 for <seat@mail2.ietf.org>; Fri, 16 Jan 2026 15:48:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=aiven.io
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UEUP4DZ-xdvY for <seat@mail2.ietf.org>; Fri, 16 Jan 2026 15:48:21 -0800 (PST)
Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 2C503A8D73B7 for <seat@ietf.org>; Fri, 16 Jan 2026 15:45:47 -0800 (PST)
Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-b8710c9cddbso341143966b.2 for <seat@ietf.org>; Fri, 16 Jan 2026 15:45:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aiven.io; s=google; t=1768607146; x=1769211946; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=JslH35NmI0IjHz6/hvhdGo7HVDcKoKEL8JkpEflnIuk=; b=FDmyQrjXFtaKoxlugDGSkT6Snu+3Qh5dfSX3rc84MZe9jJwJpI3bNLb6ZD0NySYtfE 839jsP6LUNdrmh4f9iOEAog/M4XTHCjI3fzAACRZx5r4zMDuiSx4vuDcb3YAl+fnv1HQ 0qjWuwafPTy/zya6dZiZIzltQuXkosLnOQetE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768607146; x=1769211946; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=JslH35NmI0IjHz6/hvhdGo7HVDcKoKEL8JkpEflnIuk=; b=bKqWG55eYWj8Ijobb+iTAf1MOTIGrT4x75Lx58w/SpbdDLeb1koVE6IeYWRsipQCW2 1gLTHTXec+OP+XIOmDSSu1IgHoUli6ytYlHBwMjgoAriSr7cMD3yaH2/djxCKrKe6XzX 4ab1sh2J2cqlWG2fh1+Z6QVVE9XCLT90wseEptlssiE3YDYo+Lmctbaq4R4R+3D28Sie kErB+QiBpOJBDETJejgRizww3vQ9ZwDCdD/eKBY68qvcaOqMXniOr+zda6ByY/gRwGQQ x7mt5B+CvjhQC/6SWexZ7vvJIvIGSev8WuDeWHMwdk3gXZrATgtpODrrTNylqBxGQpL8 bVBQ==
X-Forwarded-Encrypted: i=1; AJvYcCX3KpAmZWoLXfTLrlsLkuhIK/KVPlgX+GmXUQuaBO6PedLq4hN36b1j78DGkCGtAB8k3EXL@ietf.org
X-Gm-Message-State: AOJu0YyOWxbiML7TNIqKc2g3cVzsyiblQxPsNfezaUcV6f5MEi3bLtA3 UTuS4620EqM4WkSg6Lgf27XQBQQyub8p+rSsEOORXbDyK+BCEmvLEuJ3jQdap2Y8kaQ8qnx0U8W zY0jWDw7V317sK3PxHAgZ5uuelcJ+r6m54onLyHmQvg==
X-Gm-Gg: AY/fxX6K5tOAXkpokJ/chXfgLI5CpvlnWmW5iBp+uLUXEDFhRmzqRm+CK55Et4+BfW7 FyS1PPK6BV9IQvndowI37m8iUu+UknDOxVqveAICQkciEleItuW8a28Wb/vfNoJLp8H+gMuIoIt 7iaJQEfcebbOjj8ETzUrbqDgMGfLrraSMHTHFD+fxjh10ppbfLAc3OqnbKJJAo7tVbYeCDcpYRQ r0z9jTSwNQnlTZpSiAvxqF6dNjVQm1blj2lgVKolx5sN8sV02rWxaUFmbvJmJxjAlahfw==
X-Received: by 2002:a17:906:730b:b0:b87:34a0:78a0 with SMTP id a640c23a62f3a-b8796bac990mr302136366b.58.1768607146075; Fri, 16 Jan 2026 15:45:46 -0800 (PST)
MIME-Version: 1.0
References: <CAHu=PL2n26wwEtEECb1VqzshJBTJ+chhbcKTNbLeABmM_+eymg@mail.gmail.com> <CBDD5425-01C7-4A2D-97F6-BF66C0E5A0FE@gmail.com> <CAOgPGoAoserfxs4DjMUpexvSfSxnWUzTedd1MPyc74+QTUC1_Q@mail.gmail.com> <cb5ce7ff-6e7c-4891-a1a6-0e5e8d706184@tu-dresden.de> <92BBB51B-5F89-416C-8684-F0A0011D84F0@gmail.com> <4978e51d-600d-4f1c-98c0-c3a2d2d065c7@tu-dresden.de>
In-Reply-To: <4978e51d-600d-4f1c-98c0-c3a2d2d065c7@tu-dresden.de>
From: Paul Wouters <paul.wouters@aiven.io>
X-Gm-Features: AZwV_QhKJtKAcm6SNbt3L-fJEugdvum8gB-paW7DKnYgV5snkdvncZbqCV2SexQ
Message-ID: <CAGL5yWatSABJ5HUjSBwDeDwEM7-u4h01Zi+Jr4bmXq2KJVHV_Q@mail.gmail.com>
To: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
Content-Type: multipart/alternative; boundary="000000000000b07a7a064889f0d7"
X-MailFrom: paul.wouters@aiven.io
X-Mailman-Rule-Hits: max-recipients
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-size; news-moderation; no-subject; digests; suspicious-header
Message-ID-Hash: MTMHSFGVTKJ4QXMU2IUDK6I3T2KTW5HJ
X-Message-ID-Hash: MTMHSFGVTKJ4QXMU2IUDK6I3T2KTW5HJ
X-Mailman-Approved-At: Sun, 18 Jan 2026 17:18:29 -0800
CC: John Kemp <stable.pseudonym@gmail.com>, Joseph Salowey <joe@salowey.net>, wimse@ietf.org, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Manu Fontaine <Manu@hushmesh.com>, Nathanael Ritz <nathanritz@gmail.com>, Henk Birkholz <henk.birkholz@ietf.contact>, Yaron Sheffer <yaronf.ietf@gmail.com>, Justin Richer <jricher@mit.edu>, Pieter Kasselman <pieter@defakto.security>, wimse-chairs@ietf.org, Sorin Dumitru <sorin@returnze.ro>, rats@ietf.org, seat@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [WIMSE] Re: [Seat] Re: [Rats] Re: Re: Re: Re: Follow-up of meeting 122 presentation (Formal proof of insecurity of Intel's RA-TLS and draft-fossati-tls-attestation)
List-Id: WIMSE Workload Identity in Multi-Service Environment <wimse.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wimse/C40LGZhrJjm9RoD25NHw2owVSsg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wimse>
List-Help: <mailto:wimse-request@ietf.org?subject=help>
List-Owner: <mailto:wimse-owner@ietf.org>
List-Post: <mailto:wimse@ietf.org>
List-Subscribe: <mailto:wimse-join@ietf.org>
List-Unsubscribe: <mailto:wimse-leave@ietf.org>
Date: Fri, 16 Jan 2026 23:48:22 -0000
X-Original-Date: Fri, 16 Jan 2026 18:45:35 -0500

On Fri, Jan 16, 2026 at 6:12 PM Muhammad Usama Sardar <
muhammad_usama.sardar@tu-dresden.de> wrote:

> Could WIMSE clarify which one of the following is intended in its
> attestation?
>
>    1. Software-based attestation *only*
>    2. Any of software-based attestation or hardware-based attestation
>
> This is a false dichotomy. Wimse is trying to keep it generic, without
locking in to anything. Perhaps someone wants to do attestation via the
Horn of Valere, and deem something attested when the horn is blown. It does
not matter. As others also tried to convey, there is no interest to blow
this up with massive amounts of attestation details. It is the wrong place
for that. WIMSE is not SEAT.

Paul

v2.38.3 | Report a Bug | By Email | System Status