The device is at the CVM level or the platform level?
", "time": "2026-02-09T15:07:45.000Z"}, {"author": "Carl Wallace", "text": "Re: concatenated DER certs, why not use certs-only SignedData (which is widely used for this kind of thing) or define a SEQUENCE OF Certificate, which would also have no intermediate padding but would allow use of standard DER decoding tools to process.
", "time": "2026-02-09T15:16:44.000Z"}, {"author": "Deb Cooley", "text": "queue?
", "time": "2026-02-09T15:17:02.000Z"}, {"author": "Giridhar Mandyam", "text": "Device can have access to CVM memory
", "time": "2026-02-09T15:18:01.000Z"}, {"author": "Giridhar Mandyam", "text": "TDI must be bound (at least in SNP) for device to be able to DMA into CVM memory
", "time": "2026-02-09T15:18:29.000Z"}, {"author": "Henk Birkholz", "text": "I am unable to assess completeness
", "time": "2026-02-09T15:30:29.000Z"}, {"author": "Henk Birkholz", "text": "Can anyone here answer Usama's question in principle?
", "time": "2026-02-09T15:31:07.000Z"}, {"author": "Deb Cooley", "text": "Thanks Kathleen. I wondered the same. This seems like the work belongs in seat.
", "time": "2026-02-09T15:36:03.000Z"}, {"author": "zhang jun", "text": "what is the suitable scenario that one private key is leaked and another one is not leaked?
", "time": "2026-02-09T15:42:17.000Z"}, {"author": "zhang jun", "text": "if you assume the private key in tpm is leaked, it is game over for rats
", "time": "2026-02-09T15:43:19.000Z"}, {"author": "Deb Cooley", "text": "I would think so.
", "time": "2026-02-09T15:43:57.000Z"}, {"author": "Carl Wallace", "text": "clarifying whether the evidence attests to hardware provenance of the key would be good. if that is the case, the notion that the attestation key has not leaked seems not that interesting.
", "time": "2026-02-09T15:46:34.000Z"}, {"author": "Deb Cooley", "text": "because you can prove that the key processing came from the hardware, and not something external?
", "time": "2026-02-09T15:47:30.000Z"}, {"author": "Carl Wallace", "text": "and non-exportable usually
", "time": "2026-02-09T15:48:19.000Z"}, {"author": "Deb Cooley", "text": "'supposed' to be non-exportable.
", "time": "2026-02-09T15:48:41.000Z"}, {"author": "Thomas Fossati", "text": "Note that if the private TLS key leaks from the cVM, the confidentiality of the TEE is compromised and confidential computing is also broken.
", "time": "2026-02-09T15:50:18.000Z"}, {"author": "Thomas Fossati", "text": "Isn\u2019t this a SAAG thing rather than RATS?
", "time": "2026-02-09T15:53:53.000Z"}, {"author": "Henk Birkholz", "text": "No opinion
", "time": "2026-02-09T15:54:26.000Z"}, {"author": "zhang jun", "text": "the guideline will result in single-point-failure
", "time": "2026-02-09T15:54:31.000Z"}, {"author": "Henk Birkholz", "text": "I am confused about the scope of a tcb in Section 8 though
", "time": "2026-02-09T15:55:13.000Z"}, {"author": "zhang jun", "text": "The Tao that can be spoken of is not the eternal Tao. The name that can be named is not the eternal name.
", "time": "2026-02-09T15:56:26.000Z"}, {"author": "Michael Richardson", "text": "At IETF124, I asked Usama to create a Security Considerations outline/template. I pointed to https://datatracker.ietf.org/doc/draft-ietf-roll-applicability-template/ as an example. Has that occurred? I see no point in going further without that. So in rough consensus terms, I'm a BLOCK.
", "time": "2026-02-09T16:00:31.000Z"}, {"author": "Michael Richardson", "text": "step by step... so I'm waiting for that step 0.
", "time": "2026-02-09T16:00:50.000Z"}, {"author": "Henk Birkholz", "text": "I think the aggregation of any of those ideas is a centralized silo of guidance. Applicability will vary vastly and I do not understand the actual problem being solve, tbh.
", "time": "2026-02-09T16:02:31.000Z"}, {"author": "Kathleen Moriarty", "text": "Michael, I had structured security consideration formats for Usama in the meeting. He does not recall this and I need to go back to the recording and find the time where I said this to help remind him of the structure that aligns to IETF work. I provided guidance that he could do an updates draft that includes text that gets added to existing drafts with gaps and then he could create a template for use in other drafts similar to what is done for YANG.
", "time": "2026-02-09T16:02:37.000Z"}, {"author": "Thomas Fossati", "text": "alternatively, since this information is bound to evolve over time, it should be a live document on the RATS wiki pages rather than a document intended for publication
", "time": "2026-02-09T16:02:55.000Z"}, {"author": "Deb Cooley", "text": "This is likely dated, but: https://wiki.ietf.org/group/sec/typicalSECareaissues
", "time": "2026-02-09T16:03:14.000Z"}, {"author": "Kathleen Moriarty", "text": "Thomas - Yes, the wiki can be used to keep the template for security considerations
", "time": "2026-02-09T16:03:44.000Z"}, {"author": "Henk Birkholz", "text": "A wiki could function as a test balloon, maybe. I am not convinced... many wiki die after a short time
", "time": "2026-02-09T16:04:14.000Z"}, {"author": "Paul Howard", "text": "+1 for wiki suggestion
", "time": "2026-02-09T16:04:16.000Z"}, {"author": "Henk Birkholz", "text": "\"likely date\" underlines my point, I think
", "time": "2026-02-09T16:04:49.000Z"}, {"author": "Henk Birkholz", "text": "*d
", "time": "2026-02-09T16:05:01.000Z"}, {"author": "Deb Cooley", "text": "It does...
", "time": "2026-02-09T16:05:05.000Z"}, {"author": "Michael Richardson", "text": "Thomas Fossati said:
\n\n\nalternatively, since this information is bound to evolve over time, it should be a live document on the RATS wiki pages rather than a document intended for publication
\n
wiki or I-D which is never published, does not matter. the roll template predated the wiki being useful, but also it was in a form which one would just copy and paste into your I-D.
", "time": "2026-02-09T16:05:48.000Z"}, {"author": "zhang jun", "text": "according to my experience in forums, the threat will be kept by who stay in the internet longer.
", "time": "2026-02-09T16:06:10.000Z"}, {"author": "Henk Birkholz", "text": "+1 to Jun. That is actually already a problem with actively developed documentes (rarely, but happens)
", "time": "2026-02-09T16:08:01.000Z"}, {"author": "Thomas Fossati", "text": "I haven't checked the contents yet, but could some of these be treated as errata to the specific document?
", "time": "2026-02-09T16:08:45.000Z"}, {"author": "zhang jun", "text": "remember this history, https://en.wikipedia.org/wiki/XZ_Utils_backdoor
", "time": "2026-02-09T16:12:06.000Z"}, {"author": "Thomas Fossati", "text": "for example re:RFC9783, what is suggested is a typographical correction. I believe that (in this case, at lesat) an editorial errata would be more appropriate than an update...
", "time": "2026-02-09T16:12:17.000Z"}, {"author": "Carsten Bormann", "text": "Thomas: You could send the errata report and make this point mute
", "time": "2026-02-09T16:14:01.000Z"}, {"author": "Carsten Bormann", "text": "folks aren't we spending too much time on this?
", "time": "2026-02-09T16:16:57.000Z"}, {"author": "Carsten Bormann", "text": "Yes.
", "time": "2026-02-09T16:17:29.000Z"}, {"author": "Kathleen Moriarty", "text": "Thomas - many won't be in China, so hallway time is missed. Our next speaker was a no show as well
", "time": "2026-02-09T16:17:54.000Z"}, {"author": "Kathleen Moriarty", "text": "Better to get this addressed
", "time": "2026-02-09T16:18:07.000Z"}, {"author": "Thomas Fossati", "text": ":wave:
", "time": "2026-02-09T16:19:52.000Z"}, {"author": "Henk Birkholz", "text": "Thx all! Thx chairs. Bye!
", "time": "2026-02-09T16:20:37.000Z"}, {"author": "Yuxuan Song", "text": "thanks bye!
", "time": "2026-02-09T16:20:58.000Z"}]