Closed mcr closed 3 years ago
I'm not sure what the gap is here. https://ietf-rats-wg.github.io/architecture/draft-ietf-rats-architecture.html#epochids-sec contains security considerations, is this already addressed?
Commenting on 2.) while authenticity proofs of course improve origin authentication and integrity requirements, I am not entirely sure, if we have to spell that out everywhere.
To me, the primary security for the identifiers is availability. I think that the epoch identifier is key to doing the TUDA: if one wants one way attestations coming out only of a nuclear power plant, then the freshness has to get in via some broadcast system, I think.