You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-rats-reference-interaction-models.md
+10-6Lines changed: 10 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -134,9 +134,10 @@ Analogously, a general overview about the information elements typically used by
134
134
# Introduction
135
135
136
136
Remote ATtestation procedureS (RATS, {{-RATS}}) are workflows composed of roles and interactions, in which Verifiers create Attestation Results about the trustworthiness of an Attester's system component characteristics.
137
-
The Verifier's assessment in the form of Attestation Results is produced based on Endorsements, Reference Values, Attestation Policies, and Evidence -- trustable and tamper-evident Claims Sets about an Attester's system component characteristics -- generated by an Attester.
137
+
Verifiers generate assessments in the form of Attestation Results that are based on Endorsements, Reference Values, Appraisal Policies, and Evidence -- trustable and tamper-evident Claims Sets about an Attester's system component characteristics.
138
138
The roles *Attester* and *Verifier*, as well as the Conceptual Messages *Evidence* and *Attestation Results* are concepts defined by the RATS Architecture {{-RATS}}.
139
-
This document illustrates three main interaction models that can be used in specific RATS-related solution documents:
139
+
This document illustrates three main interaction models between various RATS roles, namely Attesters, Verifiers, and Relying Parties that can be used in specific RATS-related specifications.
140
+
Using Evidence as a prominent example, these three interaction models are:
140
141
141
142
1. *Challenge/Response Remote Attestation*:
142
143
A Verifier actively challenges an Attester and receives time-fresh Evidence in response.
@@ -195,7 +196,7 @@ Generally, it is marked by the handoff from the final bootloader or initial OS k
195
196
This document:
196
197
197
198
* outlines common interaction models between RATS roles;
198
-
* illustrates interaction models focusing on conveying Evidence about boot-time integrity from Attesters to Verifiers;
199
+
* illustrates interaction models using the conveyance of Evidence about boot-time integrity as an example throughout this document;
199
200
* does not exclude the application of those interaction models to runtime integrity or the conveyance of other RATS Conceptual Messages;
200
201
* does not cover every detail about Evidence conveyance.
201
202
@@ -228,16 +229,19 @@ In order to ensure Evidence is appropriately conveyed through the interaction mo
228
229
229
230
Authentication Secret:
230
231
231
-
: An Authentication Secret MUST be exclusively available to an Attesting Environment of the Attester.
232
+
: An Authentication Secret MUST be established before any RATS interaction takes place, and it must be made available exclusively to an Attesting Environment of the Attester.
232
233
233
234
: The Attester MUST protect Claims with this Authentication Secret to prove the authenticity of the Claims included in Evidence.
234
235
The Authentication Secret MUST be established before RATS take place.
235
236
236
237
Attester Identity:
237
238
238
-
: A statement made by an Endorser about an Attester that affirms the Attester's distinguishability. (Note that distinguishability does not imply uniqueness.)
239
+
: A statement made by an Endorser about an Attester that affirms the Attester's distinguishability.
239
240
240
-
: The provenance of Evidence for a distinguishable Attesting Environment MUST be unambiguous.
241
+
: In essence, an Attester Identity can either be explicit (e.g., via a Claim in Evidence or Endorsement) or implicit (e.g., via a signature that matches a trust anchor).
242
+
Note that distinguishability does not imply uniqueness; for example, a group of Attesters can be identified by an Attester Identity.
243
+
244
+
: The provenance of Evidence SHOULD be distinguishable with respect to the Attesting Environment and MUST be unambiguous with respect to the Attester Identity.
241
245
242
246
: An Attester Identity MAY be an Authentication Secret which is available exclusively to one of the Attesting Environments of the Attester.
243
247
It could be a unique identity, it could be included in a zero-knowledge proof (ZKP), it could be part of a group signature, or it could be a randomized DAA credential {{DAA}}.
0 commit comments