search

ietf-rats-wg / architecture

RATS Architecture
Other
15 stars 10 forks source link

section 16 - Freshness details #411

Open mcr opened 2 years ago

mcr commented 2 years ago 
> ** Section 16.  Can the thinking of this section be explained.  It
> seems out of place, and borders on being a solution.  The rest of this
> document talks about notional roles and architectures.  This text is
> focused on a particular nuance of message flow.  I'm wondering if we
> need it.  My thinking was to move this text to
> draft-birkholz-rats-epoch-markers.  As an aside, I did notice that
> draft-birkholz-rats-epoch-markers is using the amount of text on this
> topic in this document to motivate it's existence.
mcr commented 2 years ago 
> My concern is that this text begs questions such as
  1. Why isn't a nonce or getting treatment in Section 4 as a consumer/producer if this is going to be first order item being exchanged?
  2. Why isn't an Epoch ID Distributor depicted any role or architecture diagram? (Not a comprehensive list) The flows depicted in the Examples don't align with the roles in Section 4.
  3. Example 1 and 2, an Attester is shown here as consuming attestation results. Example 5 shows a Relying Party producing Evidence.
mcr commented 2 years ago

Eric Voit says:

I believe there is value in Section 16 remaining in the architecture
document.  An example of this comes from draft-ietf-rats-ar4si where Section
2.4 says:
"All freshness mechanisms of [I-D.ietf-rats-architecture], Section 10 are
supportable by this specification."    As I-D.ietf-rats-architecture Section
16 provides examples of how to accomplish what is highlighted in Section 10,
it helps ar4si readers understand the possibilities.  (Note that all three
of the Section 16 examples are valid embodiments of draft-ietf-rats-ar4si
Section 3.2 which detail a "Below Zero Trust" state machine.)
mcr commented 2 years ago
  1. Why isn't an Epoch ID Distributor depicted any role or architecture diagram?

The Epoch ID distributor is just an example of other entities that might also participate. It could go into the diagram, but it would just make the diagram busy. It could go into the prose to explain more items, but maybe we don't even need to do that. We also don't show any certification authorities.

nedmsmith commented 2 years ago

The DAA draft introduces a role that manages anonymous groups that isn't in the arch draft.