You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-rats-reference-interaction-models.md
+5-8Lines changed: 5 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -703,16 +703,13 @@ In scenarios with large numbers of Attesters and Verifiers, the publish-subscrib
703
703
With publish-subscribe, clients typically *connect* to (or *register* with) a publish-subscribe server (PubSub server or Broker).
704
704
Clients may *publish* data in the form of a *message* under a certain *topic*.
705
705
*Subscribers* to that topic get *notified* whenever a message arrives under a topic, and the appropriate message is forwarded to them.
706
-
Depending on the particular publish-subscribe model and implementation, clients can be either publishers or subscribers or both.
706
+
Depending on particular publish-subscribe models and implementations, involved roles can be publishers, subscribers or both.
707
707
708
-
The Broker and Handle Distributor are considered to be Trusted Third Parties (TTPs) for all participating entities, including Attesters and Verifiers (see also {{security-and-privacy-considerations}}).
709
-
These entities must establish a trust relationship with the Broker and handle distributor, as these components are responsible for the secure and reliable dissemination of critical protocol information such as Handles and Attestation Results.
708
+
The Broker and Handle Distributor are considered to be trusted third parties (TTPs) for all other participating roles, including Attesters and Verifiers (see also {{security-and-privacy-considerations}}).
709
+
All roles must establish a trust relationship with the Broker and Handle Distributor, as those are responsible for the secure and reliable dissemination of critical protocol information, such as Handles and Attestation Results.
710
710
711
-
The trustworthiness of the Broker and handle distributor is essential, as they manage the flow of sensitive attestation data and are pivotal in maintaining the integrity and confidentiality of the attestation process.
712
-
This trust can be established through mechanisms such as pre-shared keys, certificates issued by a trusted certificate authority, or through a secure registration process that validates their authenticity and reliability.
713
-
714
-
Ensuring the security of these entities is vital, as any compromise could undermine the entire attestation process.
715
-
Therefore, the deployment of Brokers and Handle Distributors should include stringent security measures to protect against unauthorized access and to ensure that they operate as trustworthy facilitators within the attestation framework.
711
+
Ensuring the security of these trusted third parties is vital, as any compromise could undermine the entire remote attestation procedure.
712
+
Therefore, the deployment of Brokers and Handle Distributors requires stringent security measures to protect against unauthorized access and to ensure that they operate as trustworthy facilitators within the remote attestation framework.
716
713
717
714
In the following sections, the interaction models *Challenge/Response Remote Attestation over Publish-Subscribe* and *Uni-Directional Remote Attestation over Publish-Subscribe* are described.
718
715
There are different phases that both models go through:
0 commit comments