Closed dthaler closed 3 months ago
dthaler
commented
7 months ago @findthomas @henkbirkholz @thomas-fossati Anyone able to contribute anything for this last issue? I won't be able to. I haven't requested time for this draft since there's nothing new to report but if someone else can contribute to this issue then we should ask for a slot.
thomas-fossati
commented
7 months ago Sorry folks, this was merged on error. I meant to create a PR but G-H tricked me somehow ðŸ˜
dthaler
commented
7 months ago Sorry folks, this was merged on error. I meant to create a PR but G-H tricked me somehow ðŸ˜
No worries, it looks good to me. I'm not sure it addresses Laurence's issue though since he seemed to want a lot of text (about what, I'm not sure). Do you (or anyone else) have a suggestion here? Since you've generated PR's, I'd like to list you as a co-author regardless.
dthaler
commented
7 months ago My bad, Thomas Fossati is already a co-author. I was confused since github didn't automatically add you as a reviewer. I meant add folks to CODEOWNERS not the draft itself. Expect a PR shortly.
laurencelundblade
commented
6 months ago Here's a start. Having trouble with cloning and building, so no PR yet, but wanted to share before the meeting.
A RATS verifier receives evidence from an attester that must be considered untrusted until established otherwise. This trust is established using cryptography. Typically, the attester will sign a nonce with a private key it possesses and the verifier will verify it with a public key it possesses. While this is typical, cryptography other than public key may also be used.
Since it is not possible to establish trust in an attester without cryptography, the verifier must have a verification key for each attester. The verification key comes to the verifier in an endorsement from an endorser.
No particularly algorithm or cryptographic protocol is assumed for the verification of the attester. The verification key could be a symmetric key, a public key or something more sophisticated. Thus there is no assumption about the type of verification key in the endorsement.
(In theory the verification key could also come in reference values or appraisal policy, the other inputs to the verifier, but that would not line up with the descriptions in the RATS architecture).
dthaler
commented
6 months ago Thanks @laurencelundblade
There is some wordsmithing I would do to your text but it's a valuable start that we can use. Thanks for posting this!
In the IEFT 117 meeting, Laurence suggested not using the word "identity" but rather "key material for verifying evidence" or "attestation keys". He suggested there might be like 3 pages of stuff to talk about here. I asked if there were volunteers to contribute such text and the recording shows that two people raised their hands (Thomas Hardjono was one, and I think the other might have been Henk).