IETF Logo Mail Archive

[WIMSE] Re: [Seat] Re: [Rats] Re: Re: Re: Re: Follow-up of meeting 122 presentation (Formal proof of insecurity of Intel's RA-TLS and draft-fossati-tls-attestation)

Paul Wouters <paul.wouters@aiven.io> Sat, 17 January 2026 17:14 UTC

Return-Path: <paul.wouters@aiven.io>
X-Original-To: wimse@mail2.ietf.org
Delivered-To: wimse@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 43C12A90E789 for <wimse@mail2.ietf.org>; Sat, 17 Jan 2026 09:14:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=aiven.io
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dW0001RkMrl1 for <wimse@mail2.ietf.org>; Sat, 17 Jan 2026 09:14:04 -0800 (PST)
Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E7AECA90E655 for <wimse@ietf.org>; Sat, 17 Jan 2026 09:13:45 -0800 (PST)
Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-b86f81d8051so509048366b.1 for <wimse@ietf.org>; Sat, 17 Jan 2026 09:13:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aiven.io; s=google; t=1768670025; x=1769274825; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=KQ4PYgTnTZ8nZ9olZY99uXJ5tpl2Wc2q66XNwD0dqkM=; b=g5vOCLYoi+K7QPl0j8deBlm8iCMXnYey3dtiSFtdK07olDg9mP3ObJw+qiHFsiMj/m JmSxtCc5h9WRopD9JViVjV4qTJwbRrGyCfjTrP7KMlBaRLxzwvj8nD2SYsCxambUAwCa nhRP+ZyTwy1ILJIoQn0cp1QFucsJtBuBFG3HA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768670025; x=1769274825; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=KQ4PYgTnTZ8nZ9olZY99uXJ5tpl2Wc2q66XNwD0dqkM=; b=TLduRtI/Bh6hG1ExVOx/Dh0KNA65uK8K/gT58ULvNXUDKr1DptIc97/7Fn2shuYgJ9 czLFQSB3sqtVB4REGPcK7cnGPDzB2hkIsjemIntUWzd/zN52fH7iC1kTqrNKpCgsXwsj x2DX278tKYytHK1qFl90tJntduf7Koxrowdn18obWDJngE48w7QPJgNiWMGTIxIv0Wkt 5Vl2GgH9M4MlrDs0djofQKScpZLvKu6PC21107f9rwkR6X8gSVpz9SglGlGiyy4C4SIH c5H7IL5gsaEtPP7IwI1WCu9G+xIqnFI6tL/NWRQ6sA+kbyu3d5MEwrfFS/Y4xLk3CBuy IKeA==
X-Forwarded-Encrypted: i=1; AJvYcCXnH0nJZKr1iZRnKMbgbyHAq5Q/np7cksg0a4RYp8vGd0TzGut4/cjEA/21nWMFylpGcBZR8Q==@ietf.org
X-Gm-Message-State: AOJu0YzNs8vPS0ChWKhhFZkrbBN00vdn8tDBnQP3ntnIK+ukeJ/CJdK8 ZIqxyvGKyDel4V7Ilh/oUyp51J/suHDCIsWryc1jmYVvmPtZzIZafOedGt9vjYdd7txu/7MnEfQ 2in8Xo+LXGhObR50jr/bIkNIC6u5pJORJct4iAZailg==
X-Gm-Gg: AY/fxX7KwAhbf/ro6XSxCwcIGYGifeDw/1cjB5dP6++X2R8U5xMIkYDtejWif2TtMXN oLxaj94jjfd1pptA9Aj38G99b9ItYJtfPhUEuGJG4MEvg0T0V7YlnwLT86CoASBuEkwSNrEkxQ4 FKoMevH/3Os00hdh6Kgk3UwdV19FNVCYO8/0fjgo/vnTxpvD49bEYnGUHIx6mGCa4xcThoaAAnQ C0aJ2xbItuTSY9jwv9nqENKONRtmIUA0g4rFmBejIY13/W3Nf233psEfsa1xNyyy6CUtQ==
X-Received: by 2002:a17:906:7309:b0:b80:16:850b with SMTP id a640c23a62f3a-b879347fe78mr760641666b.0.1768670024996; Sat, 17 Jan 2026 09:13:44 -0800 (PST)
MIME-Version: 1.0
References: <CAHu=PL2n26wwEtEECb1VqzshJBTJ+chhbcKTNbLeABmM_+eymg@mail.gmail.com> <CBDD5425-01C7-4A2D-97F6-BF66C0E5A0FE@gmail.com> <CAOgPGoAoserfxs4DjMUpexvSfSxnWUzTedd1MPyc74+QTUC1_Q@mail.gmail.com> <cb5ce7ff-6e7c-4891-a1a6-0e5e8d706184@tu-dresden.de> <92BBB51B-5F89-416C-8684-F0A0011D84F0@gmail.com> <4978e51d-600d-4f1c-98c0-c3a2d2d065c7@tu-dresden.de> <CAGL5yWatSABJ5HUjSBwDeDwEM7-u4h01Zi+Jr4bmXq2KJVHV_Q@mail.gmail.com>
In-Reply-To: <CAGL5yWatSABJ5HUjSBwDeDwEM7-u4h01Zi+Jr4bmXq2KJVHV_Q@mail.gmail.com>
From: Paul Wouters <paul.wouters@aiven.io>
X-Gm-Features: AZwV_QjUukfii1_XnwWpFzMOpFYHF4jzPH_EAZPwqeQFR1GdT_Ckn0HuRPKxBH8
Message-ID: <CAGL5yWYjLM4jyepmP49+23hOPufTxd_U_5_FA7i6X2zTscdoLQ@mail.gmail.com>
To: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
Content-Type: multipart/alternative; boundary="00000000000090b2530648989490"
X-MailFrom: paul.wouters@aiven.io
X-Mailman-Rule-Hits: max-recipients
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-size; news-moderation; no-subject; digests; suspicious-header
Message-ID-Hash: DXKHZ5R75TZTFMVY4MRZRFSXEE76D4IR
X-Message-ID-Hash: DXKHZ5R75TZTFMVY4MRZRFSXEE76D4IR
X-Mailman-Approved-At: Sun, 18 Jan 2026 17:18:29 -0800
CC: John Kemp <stable.pseudonym@gmail.com>, Joseph Salowey <joe@salowey.net>, wimse@ietf.org, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Manu Fontaine <Manu@hushmesh.com>, Nathanael Ritz <nathanritz@gmail.com>, Henk Birkholz <henk.birkholz@ietf.contact>, Yaron Sheffer <yaronf.ietf@gmail.com>, Justin Richer <jricher@mit.edu>, Pieter Kasselman <pieter@defakto.security>, wimse-chairs@ietf.org, Sorin Dumitru <sorin@returnze.ro>, rats@ietf.org, seat@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [WIMSE] Re: [Seat] Re: [Rats] Re: Re: Re: Re: Follow-up of meeting 122 presentation (Formal proof of insecurity of Intel's RA-TLS and draft-fossati-tls-attestation)
List-Id: WIMSE Workload Identity in Multi-Service Environment <wimse.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wimse/X14w9SdYPr_kBwTnthDeFbH5U_M>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wimse>
List-Help: <mailto:wimse-request@ietf.org?subject=help>
List-Owner: <mailto:wimse-owner@ietf.org>
List-Post: <mailto:wimse@ietf.org>
List-Subscribe: <mailto:wimse-join@ietf.org>
List-Unsubscribe: <mailto:wimse-leave@ietf.org>
Date: Sat, 17 Jan 2026 17:14:05 -0000
X-Original-Date: Sat, 17 Jan 2026 12:13:33 -0500

All,

I would like to apologize for my previous message. I let my frustration get
the upper hand and could and should have written a more professional
message.

My apologies,

Paul

On Fri, Jan 16, 2026 at 6:45 PM Paul Wouters <paul.wouters@aiven.io> wrote:

>
> On Fri, Jan 16, 2026 at 6:12 PM Muhammad Usama Sardar <
> muhammad_usama.sardar@tu-dresden.de> wrote:
>
>> Could WIMSE clarify which one of the following is intended in its
>> attestation?
>>
>>    1. Software-based attestation *only*
>>    2. Any of software-based attestation or hardware-based attestation
>>
>> This is a false dichotomy. Wimse is trying to keep it generic, without
> locking in to anything. Perhaps someone wants to do attestation via the
> Horn of Valere, and deem something attested when the horn is blown. It does
> not matter. As others also tried to convey, there is no interest to blow
> this up with massive amounts of attestation details. It is the wrong place
> for that. WIMSE is not SEAT.
>
> Paul
>

v2.38.3 | Report a Bug | By Email | System Status