[{"author": "Nancy Cam-Winget", "text": "If you are sharing Akira, I am not seeing it
", "time": "2022-03-21T09:00:22Z"}, {"author": "akira.tsukamoto", "text": "is it showing?
", "time": "2022-03-21T09:00:49Z"}, {"author": "Dave Thaler", "text": "no slides remotely yet
", "time": "2022-03-21T09:02:19Z"}, {"author": "Tsukasa OI", "text": "I'm not seeing (via Meetecho)
", "time": "2022-03-21T09:02:32Z"}, {"author": "Meetecho", "text": "There are no slides shared yet
", "time": "2022-03-21T09:03:09Z"}, {"author": "Christian Veenman", "text": "I see them on Meetecho now!
", "time": "2022-03-21T09:05:54Z"}, {"author": "Dave Thaler", "text": "yes see slides
", "time": "2022-03-21T09:07:25Z"}, {"author": "chenmeiling", "text": "YES
", "time": "2022-03-21T09:07:27Z"}, {"author": "Christian Veenman", "text": "Yes
", "time": "2022-03-21T09:07:28Z"}, {"author": "Tsukasa OI", "text": ":)
", "time": "2022-03-21T09:07:28Z"}, {"author": "akira.tsukamoto", "text": "I see the slide
", "time": "2022-03-21T09:07:32Z"}, {"author": "akira.tsukamoto", "text": "6pm here
", "time": "2022-03-21T09:10:49Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "I am awake!
", "time": "2022-03-21T09:10:51Z"}, {"author": "Christian Veenman", "text": "Glad it's 10 AM here : )
", "time": "2022-03-21T09:10:57Z"}, {"author": "Kohei Isobe", "text": "echoooo
", "time": "2022-03-21T09:12:44Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Looks like Tiru's mic is on
", "time": "2022-03-21T09:12:56Z"}, {"author": "Ira McDonald", "text": "Echo - folks need to mute please
", "time": "2022-03-21T09:13:11Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Hmm, Tiru now shows as muted but the echo is still present ... must be
a room mic, then :-/
", "time": "2022-03-21T09:13:53Z"}, {"author": "Brendan Moran", "text": "Can this be mitigated with attestation?
", "time": "2022-03-21T09:14:01Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "@meetecho: we are getting an echo, possibly from a room mic, is that
something you can look at?
", "time": "2022-03-21T09:14:14Z"}, {"author": "Brendan Moran", "text": "Attestation (local, not remote) should enable the TEE to prove to the user that the stated code is, indeed, resident
", "time": "2022-03-21T09:14:48Z"}, {"author": "Stuart Card", "text": "Or you _may_ be allowed to know that...
", "time": "2022-03-21T09:23:27Z"}, {"author": "Jari Arkko", "text": "I have not followed the discussion before, but Ben I hope it is understood that CC technologies can protect an entity against the owner of the machine, and this entity could of course be a media rights owner etc. but it can also be the end user. Cf approaches to protect end-user data in the cloud against cloud/dns/server provider, with attestations going to the user that his or her data is actually handled as expected, e.g., not leaked for advertising or other purposes.
", "time": "2022-03-21T09:32:43Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Jari: yes, exactly so
", "time": "2022-03-21T09:33:13Z"}, {"author": "Jari Arkko", "text": "Ok good thanks
", "time": "2022-03-21T09:33:20Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "And I think Dave did a good job mentioning those scenarios in the new
text
", "time": "2022-03-21T09:33:31Z"}, {"author": "Brendan Moran", "text": "From RFC8890:Thus, the end user of a
protocol to manage routers is not a router administrator; it is the
people using the network that the router operates within.
", "time": "2022-03-21T09:34:29Z"}, {"author": "Brendan Moran", "text": "The TAM manager must not be an end user, then.
", "time": "2022-03-21T09:34:58Z"}, {"author": "Dave Thaler", "text": "(FYI we started the sesson 10 mins late so I did stick to my allotted time of 30 mins between the two docs :)
", "time": "2022-03-21T09:41:07Z"}, {"author": "Nancy Cam-Winget", "text": "Yes, so noted.! I thought there may be more feedback on the transport too but you made up the time on that!
", "time": "2022-03-21T09:42:01Z"}, {"author": "Dave Thaler", "text": "FYI there's an open source verifier implementation at https://github.com/veraison/veraison which is in the process of becoming a CCC project (contributed by Arm)
", "time": "2022-03-21T09:43:17Z"}, {"author": "Dave Thaler", "text": "I think eat needs eat media types not just generic media types for jwt/cwt
", "time": "2022-03-21T09:44:22Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "If we can get away with not giving people options, it's usually the
right thing to do.
", "time": "2022-03-21T09:45:26Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Isn't RATS undergoing \"active discussions\" about whether or not EAT
gets dedicated media types? :)
", "time": "2022-03-21T09:46:05Z"}, {"author": "Dave Thaler", "text": "i think so, I think EAT should :)
", "time": "2022-03-21T09:47:14Z"}, {"author": "Dave Thaler", "text": "time permitting Nancy, I do have another comment on the background check slide before, but I can wait until the end and see if there's time, since I already provided my comment to Akira before.
", "time": "2022-03-21T09:48:11Z"}, {"author": "Nancy Cam-Winget", "text": "True, though I don't know that we've reached consensus yet
", "time": "2022-03-21T09:48:14Z"}, {"author": "Nancy Cam-Winget", "text": "@Dave: I'd allocated 45min for protocol discussion but if you don't need the full ltime we have a bit of buffer
", "time": "2022-03-21T09:48:58Z"}, {"author": "Dave Thaler", "text": "FYI to all, the topic on this slide is also part of the protocol presentation so can defer addition discussion to the equivalent slide there
", "time": "2022-03-21T09:51:55Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "I believe the intent with the RSA key lengths is that in order to use
the key for anything, you need the actual public key itself. The
length of the key is, well, the length of the key :)
So it was not needed to add additional metadata to the COSE_Key object
or make the algorithms specific to the key length
", "time": "2022-03-21T09:52:07Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Dave, that's the \"share preloaded slides\" vs \"share screen\" features
", "time": "2022-03-21T09:55:20Z"}, {"author": "Brendan Moran", "text": "Will do
", "time": "2022-03-21T09:57:47Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "I agree with what Russ is saying about XMSS signatures
", "time": "2022-03-21T10:05:01Z"}, {"author": "Dave Thaler", "text": "thanks Russ!
", "time": "2022-03-21T10:05:46Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Er, HSS-LMS, I guess
", "time": "2022-03-21T10:05:46Z"}, {"author": "Massimiliano Pala", "text": "I also agree w/ Russ - the table is quite complete and an update will be needed at a later time when we have more clarity on PQC.
", "time": "2022-03-21T10:05:53Z"}, {"author": "Dave Thaler", "text": "connectivity glitching, one moment
", "time": "2022-03-21T10:07:48Z"}, {"author": "akira.tsukamoto", "text": "We lost dave?
", "time": "2022-03-21T10:08:31Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "It seems that Dave is really ahving connectivity issues
", "time": "2022-03-21T10:08:42Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Based on my previous experiences, if the meetecho client detects a
loss of connectivity and reconnects, that will drop any active media
streams or slide shares
", "time": "2022-03-21T10:09:31Z"}, {"author": "Meetecho", "text": "Kaduk: yes, that's correct
", "time": "2022-03-21T10:12:21Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Thank you Hannes! (re profile URI comment in RATS WG ... might be
worth checking if there is already something IANA-managed that could
be used, but the only things I remember off the top of my head are URN
namespace prefixes rather than URIs directly)
", "time": "2022-03-21T10:12:35Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Lost Dave again
", "time": "2022-03-21T10:12:55Z"}, {"author": "Dave Thaler", "text": "it's a teep github issue
", "time": "2022-03-21T10:14:34Z"}, {"author": "Brendan Moran", "text": "I would suggest the \"canonical URI\"
", "time": "2022-03-21T10:20:34Z"}, {"author": "Brendan Moran", "text": "No, that's a specific element
", "time": "2022-03-21T10:21:05Z"}, {"author": "Brendan Moran", "text": "https://www.ietf.org/archive/id/draft-ietf-suit-manifest-16.html#name-suit-reference-uri
", "time": "2022-03-21T10:22:32Z"}, {"author": "Brendan Moran", "text": "Sorry, it's reference URI, not canonical
", "time": "2022-03-21T10:22:40Z"}, {"author": "Ira McDonald", "text": "nibbles of communication w/ Dave...
", "time": "2022-03-21T10:25:13Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "It was a good joke, Akira :)
", "time": "2022-03-21T10:25:36Z"}, {"author": "Penglin Yang", "text": "he may needs to refresh the web page
", "time": "2022-03-21T10:26:01Z"}, {"author": "Kohei Isobe", "text": "dave disconnected?
", "time": "2022-03-21T10:27:24Z"}, {"author": "Brendan Moran", "text": "If evidence is opaque then why would you copy it to the attestation results?
", "time": "2022-03-21T10:27:29Z"}, {"author": "Brendan Moran", "text": "+1 Henk
", "time": "2022-03-21T10:28:03Z"}, {"author": "Dave Thaler", "text": "wondering if we shoudl go to penglin for 10 mins and hope internet improves
", "time": "2022-03-21T10:28:27Z"}, {"author": "Penglin Yang", "text": "I am fine to both choice
", "time": "2022-03-21T10:30:03Z"}, {"author": "Brendan Moran", "text": "@henk: 100%
", "time": "2022-03-21T10:30:38Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Defining the specific policy is out of scope, but stating that a
policy is required in order to do a thing is different, and is what
Henk is asking for
", "time": "2022-03-21T10:30:48Z"}, {"author": "Dave Thaler", "text": "the internet wasn't helping today :( never had that problem before
", "time": "2022-03-21T10:36:42Z"}, {"author": "Dave Thaler", "text": "@Brendan: TEEP never copies anything to attestation results. The point is just to define TEEPs requirements for Attestation Results. (Discussion about evidence is IMO a red herring.)
", "time": "2022-03-21T10:37:52Z"}, {"author": "Dave Thaler", "text": "so I didn't follow Henk's point... i see no issue in Attestation Results having claims about things like what TEE is in the attester.
", "time": "2022-03-21T10:40:50Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "CAN BOF is Tuesday session 1
", "time": "2022-03-21T10:41:17Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "My understanding is that Henk was concerned about *defining* some
attestation results as being a copy of a thing submitted as evidence.
", "time": "2022-03-21T10:41:55Z"}, {"author": "Dave Thaler", "text": "there is no such defining
", "time": "2022-03-21T10:42:13Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "It's okay for the *information content* to be the same, but the act of
converting one to the other requires verification and a specific
policy to do so
", "time": "2022-03-21T10:42:18Z"}, {"author": "Dave Thaler", "text": "@Ben, yes that's what the draft says now (or at least intends to)
", "time": "2022-03-21T10:42:37Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "(I may, of course, be misunderstanding Henk's concern.)
", "time": "2022-03-21T10:42:47Z"}, {"author": "Dave Thaler", "text": "here's what the draft says: \"Section 7 of [I-D.ietf-teep-architecture] lists information that may appear in evidence depending on the circumstance. However, the evidence is opaque to the TEEP protocol and there are no formal requirements on the contents of evidence.
TAMs however consume Attestation Results and do need enough information therein to make decisions on how to remediate a TEE that is out of compliance, or update a TEE that is requesting an authorized change. To do so, the information in Section 7 of [I-D.ietf-teep-architecture] is often required depending on the policy.\"
", "time": "2022-03-21T10:45:01Z"}, {"author": "Dave Thaler", "text": "we can clean it up, and I have some ideas already but the point is that TEEP has no requirements on claims in evidence per se, only claims in Attestation Results.
", "time": "2022-03-21T10:45:49Z"}, {"author": "Brendan Moran", "text": "If TEEP never copies anything to evidence, then any discussion about that should be pruned.
", "time": "2022-03-21T10:45:57Z"}, {"author": "Brendan Moran", "text": "It sounds to me like there is just a requirement on the verifier to provide sufficient information for the TA to be remediated.
", "time": "2022-03-21T10:46:48Z"}, {"author": "Dave Thaler", "text": "correct Brendan
", "time": "2022-03-21T10:47:20Z"}, {"author": "Brendan Moran", "text": "But that doesn't require any specific behaviour from the verifier (such as copying) so that discussion seems unnecessary.
", "time": "2022-03-21T10:47:35Z"}, {"author": "Dave Thaler", "text": "yes, you'll notice the term \"copying\" does not appear in the document discussion
", "time": "2022-03-21T10:48:05Z"}, {"author": "Brendan Moran", "text": ":thumbsup:
", "time": "2022-03-21T10:49:07Z"}, {"author": "kaduk@jabber.org/barnowl", "text": "Sounds like we need to ask Henk to compare the content of the slides
and the content of the draft, and see if he is complaining only about
the slides
", "time": "2022-03-21T10:50:27Z"}, {"author": "Dave Thaler", "text": "I can improve the wording of the text, including adding a clarifying sentence to the arch doc as part of IETF LC
", "time": "2022-03-21T10:51:33Z"}, {"author": "Nancy Cam-Winget", "text": "Henk was reacting to the phrasing of the slide \"might copy...\" which then led him to state that the the verifier? would know if the claim was the orignal vs copy , stating that asa design flow
", "time": "2022-03-21T10:52:57Z"}, {"author": "Dave Thaler", "text": "Filed https://github.com/ietf-teep/teep-protocol/issues/185 as a placeholder, I'd invite folks to add comments/proposals there if they like (or just post on the list, from where we can copy suggestions into the issue)
", "time": "2022-03-21T10:55:04Z"}, {"author": "Dave Thaler", "text": "Agree with Penglin
", "time": "2022-03-21T10:57:05Z"}, {"author": "Dave Thaler", "text": "not specific to CAN
", "time": "2022-03-21T10:57:14Z"}, {"author": "Dave Thaler", "text": "but certainly applicable to CAN so good to share there
", "time": "2022-03-21T10:57:34Z"}, {"author": "Wei Pan", "text": "I feel this is a general use case to combine TEEP and RATS.
", "time": "2022-03-21T10:57:50Z"}, {"author": "Massimiliano Pala", "text": "Thank everyone!
", "time": "2022-03-21T10:57:51Z"}, {"author": "akira.tsukamoto", "text": "Thanks
", "time": "2022-03-21T10:57:56Z"}, {"author": "Kohei Isobe", "text": "Thank you guys. I'm hoping to see at onsite!
", "time": "2022-03-21T10:57:59Z"}, {"author": "Massimiliano Pala", "text": "It is tough being virtual... but it is all for the greater good :) Hoping to be able to be onsite soon in the future.
", "time": "2022-03-21T10:58:36Z"}]