Reframing Section 3 "Overview"

[muhammad-usama-sardar]

In general, the presentation of this section is very confusing and can be significantly improved. Specifically, there are a number of options that the draft discusses, and it is not always clear which specific combination is being discussed in this section. For example:

• Topological Pattern: Background-Check/Passport Model
• Key exchange mode for TLS: (EC)DHE-only/PSK-only/PSK with (EC)DHE
• TLS Client vs. Server as Attester: TLS Client as Attester/TLS Server as Attester/Mutual attestation
• Evidence Extensions: Attestation-only/Attestation alongside X.509 certs

Here are some specific suggestions:

• The following sentence leaves me wondering why nonce is not a part of the Evidence itself? For example, KAT will already contain the nonce provided by the challenger.

  The newly introduced extensions allow evidence and nonces to be exchanged.

• The first paragraph does not add any new knowledge. Section 1 already explained all that is said here in the first paragraph. So please remove it to make the draft concise.
• RATS is (and was also at the time of draft-3) a standard. So please replace the reference of RATS-ID by RFC9334.
• There are currently no subsections in this section, so please remove the following:

  The subsections below explain the difference in their interactions.

• The third paragraph seems to be discussing what is not the focus of this draft, as stated in Introduction:

  This document does not define how different attestation technologies are encoded.

I suggest removing this paragraph to make the draft concise.

• The penultimate paragraph is not necessarily applicable for TLS Server as Attester. So it needs to be clarified. Moreover,

  key attestation token

could simply be replaced by KAT, as the abbreviation was defined in Section 1 already.