►
From YouTube: RATS Architecture Design Team, 2020-02-04
Description
RATS Architecture Design Team, 2020-02-04
A
A
A
E
A
A
E
F
A
A
So
we
actually
removed
this
box
claims
collector
completely
and
the
place
we
put.
The
word
collecting,
claim
the
bottom
and
put
testing
environment.
The
way
had
some
comments
and
you
know
folder
cut.
So
what
I'm
going
to
do
is
I'm
just
going
to
merge
this
one
and
then
we
need
to
maybe
we
can
go
two
ways:
pull
request
that
I
can't
get
morning.
A
E
E
Okay,
because
and
way,
I
see
you're
on
you
can
you
can
hear
me
yes,
yeah
is
I,
think
the
a
wait
for
Michael
to
pull
it
back
up
on
the
screen,
but
the
wording
was
something
like
before
receiving
the
evidence
from
the
other
testers
and
in
the
back-and-forth
comments
you
and
I
had
the
order
that
you
receive
the
evidence
in
is
not
important.
I
thought
what
you're
talking
about
is
about
receiving
a
reasonable
policy
and
endorsements,
or
something
and
so
215
talks
about
before
receiving
and
I
think.
E
That's
the
part
that
everything
from
before
up
to
the
comma,
sorry
up
to
the
to
increase
the
security
comma
is
the
part
that
didn't
make
sense
to
me
and
so
I'm
still
confused
I
get
what
your
point
is
down
below,
although
in
your
response
but
see
Michael,
can
you
expand
upward?
So
we
can
see
a
couple
lines
above
212.
Let's
push
on
the
left,
there's
a
little
up
arrow
right
above
the
212
down
right
above
the
number
212
yeah
that
one.
E
So
the
plan
tentacle
statement
in
209
to
210
is
the
one
that
talks
about
using
endorsements
and
appraisal
policies
obtained
the
same
way
as
any
other
verifier
I.
Think
that's
what
you're
talking
about
way
is
the
endorsements
and
phrasal
policies,
you're
obtained
the
same
way
as
any
other
verifier
and
that's
you're.
In
the
same
case,
the
leta
tester
has
an
internal
verifier
and
so
on
so
I
think
you're
talking
about
that
part.
If
I'm
understanding
your
point
quickly,
yeah.
G
G
Yes,
I
just
want
to
say
that
the
case
that
the
leader
tester
has
an
internal
verify
and
it
has
to
be
trusted
to
receive
the
endorsements
and
the
appraiser
policy.
So
this
sentence
I
added,
but
it
I
hope
you
can
understand
my
purpose,
but
though
the
word
of
the
sentence
may
be
not
very
like
you
know,
so,.
E
Relationship
between
the
endorser
and
the
verifier
and
since
there's
no
verifier
in
the
picture,
this
is
just
in
text
right
and
by
the
verifier
meeting.
The
internal
verifier
right
so
he's
saying
that,
in
order
to
get,
if
you
have
a
verifier
in
order
to
get
appraisal
policy,
for
example,
into
the
internal
verifier,
there
has
to
be
trust
between
the
would
you
caught
the
verifier
owner
or
something
like
that:
yeah
verify
our
owner
I'm.
Looking
at
your
response
right,
you
call
it
to
verify
our
owner.
E
There
has
to
be
trust
between
that
and
the
internal
verifier
and
the
parenthetic
part
is
yeah.
That's
the
same
as
for
any
other
verifier.
There's
nothing
special
here!
So
I
don't
disagree
with
you,
but
it's
not
the
point
that
we're
calling
out
here
everything
that's
true
for
a
regular
verifier.
It's
true
there
too
right.
B
E
G
A
E
C
This
is
Hank,
I
am
fine,
spelling
out
the
verifier
should
do
the
exact
same
thing,
but
we
have
to
all
take
will
be
aware
of
it
that
a
lot
of
burden
I
always
like
to
call
it
the
burden
of
appraisal
and
so
presses
hard.
So
if
we
allow
a
composite
device
verified
to
conduct
a
complete
verifiable
procedure,
it
will
take
a
lot
of
effort.
It
is
way
less.
C
C
So
that's
that's
a
very
domestically
composed
at
Esther's
and
and
supposedly
I
assume
in
a
composite
device
that
in
the
hierarchy
of
a
Chester's
at
the
bottom
of
the
tree,
the
leaves
there
will
be
a
more
simplicity
because
they
are
smaller
and
so
always
means
to
have
this
oppressive
policies.
Maybe
they
are
very
small.
Maybe
they
are
very
big.
C
So
there's
a
spectrum
here
and
I
think
you
have
to
spell
that
out,
because
if
we
have
to
say
that
the
verifier
on
a
composite
device
root
has
the
same
capabilities
as
every
verify
will
be
burden
it
with
the
complexity
of
big
big
under
domestic
oppressor
procedures,
and
that's
something
we
have
to
spell
out,
because
that's
that's
something.
Some
people
don't
wanna,
say
right.
B
In
the
the
result
of
that
is
attestation
results
and
I
think
that
if
we
blur
the
law,
we
sort
of
muddied
the
line
between
what
an
a
tester
the
line
between
collection
and
verification.
We
get
we
get
into
this
weird
space
where
we
lose.
We
lose
track
that,
maybe
it's
actually
very
calm.
Attestation
results
that's
coming
out
as
opposed
to
a
composite,
something
or
other,
and
that's
what
I'm
concerned
about
in
this
section
where
we
were
trying
to
assert
that
there's
a
verifier,
but
we
don't
call
it
out
as
a
verifier.
B
E
One
of
the
things
that
we
had
a
discussion
about
was
am
I
needed.
No
thank
you
shook
area
was
the
difference
between
attestation
results
and
evidence
may
not
be
a
strict
lying
between
them.
In
other
words,
if
you're
using
say
in
eat
for
both
formats,
then
the
only
difference
may
be
whether
it
has
a
specific
claim
in
it
or
not,
for
example.
So
in
other
words,
what.
B
But
the
the
semantics
are
what's
important,
and
so
we
need
to
know
that
even
if
it
isn't
eat-
and
it
has
a
claim-
a
neat
defined-
claim-
it's
still
a
result
of
a
verifier
which
has
processed
some
policy,
and
so
there's
some
decision
was
made
based
on
policy
and
the
next.
The
next
verifier
is
line
somehow
has
to
connect
the
dots
and
saying,
oh,
this
other
verify,
which
I
trust
to
do
to
verify
things
on.
My
behalf
is
the
one
is
the
verifier
that
did
that
and
I
trust.
C
I
think
so
too
they
eat
is
the
transport
and
it
should
be
a
simplest
possible
to
take
on
Lawrence's
head
yeah,
sorry
and
but
still
the
decision
or
the
process
or
procedure
whatever
you
want
to
call
it
behind,
the
creation
can
differ
so,
having
included
a
that's
I
think
about
it.
A
present
policy
is
something
worthwhile
to
note
in
the
resulting
output
and
if
the
output
becomes
the
content
of
evidence.
C
Yes
in
each
it's
the
same
structure,
but
still
maybe
we
need
a
indicator
here
to
highlight
this
is
the
output
of
a
very
vast,
complex
appraisal
policy.
Then
you
can
imagine
it's
not
just
some
claim
collected
so
that
that's
the
important
thing
yeah
I
suppose,
because
without
that
you
cannot
ever
estimate
the
irrelevance.
Although
the
complexity
of
the
procedure
behind
it
and
therefore
never
ever
be
able
to
infer
trustworthiness,
so
I
assume
that
some
small
hint
yeah
does
not
hurt
I'm.
A
I
think
that
a
lot
of
what
you
said,
Hank
is
a
very
big
statement
and
I'm
not
saying
it
shouldn't
be
saying:
I
I
think
that
the
point
is
to
to
make
this
it's
clear
that
this
is
a
there.
I
wanted
to
kind
of
follow
up.
I
think
it
was
way
that
this
was
some
of
the
text
that
you
felt
was
gone
here
in
the
pink
here.
A
This
isn't
a
poll
question
Rafi,
so
we
actually
do
have
inside
that
this
sentence
inside
the
leta
test
in
the
optional
verifier,
actually
that
that
actually
up
again
elsewhere
further
down
this
is
the
other
situation.
Neda
temperatures
claim
structure
has
an
internal
verify,
so
I
think
we
lose
that
around
and
maybe
that
some
of
the
paragraph
that
you
thought
went
away
didn't
go
away
as
much
as
they
did.
I'm.
C
Not
kind
of
I'm
keeping
of
for
myself
some
somebody
I'm
just
talking.
Okay,
so
I
do
not
contest
the
structure
of
this
text
because
it's
starting
with
a
quite
simple
scenario
and
then
goes
into
the
composite
scenario.
And
now
you
switched
the
view.
But
but
there
are
two
paragraphs:
yeah
yeah,
the
the
2080
or
20-something
paragraph.
The
small
paragraph
above
is
about
the
simple
scenario
and
the
207
paragraph
below
is
about
the
more
compound
X
in
it
and
I.
Think
that's
a
good
way
to
phrase
this
so
going
from
small
to
complex.
That's.
B
A
B
Right
site,
in
the
case
and
case
where
we
say
that
it
does
include
a
verifier,
is
that
any
different
from
any
other
scenario,
where
you
have
a
verifier
as
feeding
I
mean
it's
not
really.
The
question
is
the
composite.
A
tester
isn't
attesting
to
the
verifiers
result,
because
the
verifier
is
a
testing
it
is,
is
asserting
its
on
its
own
accord,
that
it
it
did
this
verification
and
produce
this
result.
The
the
compositive
tester
is
not
taking
over
the
role
of
a
verifier
of
the
other
verifier.
It's
it's
like.
B
F
F
B
Agree
with
you
I
think
composite
evidence
makes
more
sense
than
not,
but
the
diet,
the
diagram
just
I,
can't
see
the
diagram
so
I
don't
know
what
we
ended
up
with,
but
it's
you
can.
If
we
we
can.
It's
like
the
is
okay
to
have
like
a
section
heading
that
that's
sort
of
you
know
the
compositor
testers
section
and
we
describe
how
to
generate
composite
evidence.
Whether
or
not
the
diagram
includes
the
word
composite.
A
tester
or
just
a
tester
fine
I
mean
I,
don't
know
I.
A
A
B
A
F
F
B
E
E
C
B
B
B
So
I
mean
if
we
look
at
the
role
section:
it's
an
ax
tester.
You
know
evidence
comes
from
an
ax
tester
and
goes
into
a
verifier.
That's
what
we
said
that
level
of
decomposition
that
should
that
would
argue
that
this
device
should
be
a
tester
and
then
inside
of
an
ax
tester.
We
have
the
notion,
a
testing
environments
and
target
environments,
in
which
case
we
could
describe
leta
tester,
a
as
a
testing
environment,
a
and
a
testing
environment,
B
and
C.
Now
and.
F
B
Creates
this
sort
of
interesting
notion
of
a
composite
scenario
where
you're
producing
composite
evidence,
because
you
have
multiple
attesting
environments
in
the
same
tester
and
that
data
to
have
the
conversation
in
the
context
of
roles
and
not
mixing
it
with
other
other
concepts
like
devices.
And
it's
not
incorrect.
But.
F
F
B
B
B
A
B
A
E
A
E
E
E
I
was
interpreting
the
outer
box
as
being
the
what
is
physically
local
versus
physically
remote,
like
the
verifier
on
the
top.
Is
a
remote
verify
right?
Everything
else
is,
is
you
know
local,
like
different
chassis
zort?
There
you
know
cards
inside
the
same
physical
device
connected
by
you,
know,
cables
and
so
on.
That's
that
you
know
via
internal
links
or
network
connections,
the
parenthetical
in
the
middle
there,
the
word
internal,
its
internal
dawat
internal
to
that
outer
box.
E
C
Is
true
so
if
that
is
the
only
difference,
we
could
maybe
I
think
I've
seen
this
in
TCG
I
have
local
dab
again,
I
think
TCG
somehow
differentiates
between
local
and
remote
conveyance.
So
this
would
be
the
difference
here.
So
as
we
can
remove
the
outer
box
and
just
say
that
this
commences,
where,
if
I
can
be
local
or
remote,
and
then
we're
done
with
that
help,
we're.
B
Trying
to
we're
trying
to
Curt
describe
the
scenario
of
how
compiled
something.
That's
a
composite
device
or
a
composite
thing.
Right.
Is
this
whole
notion
of
composite,
so
we
have
to
define
what
that
means
and
I
think
it
only
makes
sense
in
the
context
of
a
composite
device
that
consists
of
multiple
attesting
environments.
B
So
it
probably
makes
sense
to
create
that
that
that
context,
and
so
actually
I'm
going
to
reverse
my
opinion
and
say
I,
think
it
should
say
device
or
composite
device
and
not
a
tester,
because
we
already
have
we
have.
We
have
the
whole
idea
is
there's
multiple
attest,
occurs
or
multiple,
a
testing
environments
inside
the
same
box,
and
so
we
need
to
draw
a
circle
around
the
box.
Yeah.
C
E
Think
this
picture
doesn't
necessarily
dis,
allow
it
per
se,
but
the
one
word
on
the
picture
that
might
be
a
problem
with
you
were
to
do
that
so
Eric.
If
I
understand
right.
One
of
your
examples
would
be,
let's
look
at
say,
a
test
RB
and
there's
the
line
that
comes
out
to
the
left
right.
Well,
let's
pretend
in
one
of
your
examples
that
tester
B
is
following
the
passport
model.
E
So
if
tester
B
goes
off
to
some
remote
verify
are
not
shown
and
gets
back
in
at
that
station
result,
and
the
thing
that
points
over
to
the
left
out
of
a
tester
B
is
the
attestation
result.
He
got
back
from
the
road
to
tester
from
his
own
remote
verifier
right,
and
so
the
word
that's
problematic
goes
underneath
those
three
lines.
It
says
evidence
of
a
testers
right
now,
maybe
that's
the
same
problem
as
we
had
with
the
composite
evidence.
E
F
E
Here
we're
saying:
there's
an
external
verifier
that
might
be
you
know:
bees
external
verifier
doesn't
communicate
directly
Lia
testing
environment,
an
example
that
I
gave,
which
I
think
is
what
you
have
in
mind-
is
a
tester
bees,
the
only
one
that
knows
about
their
own
verifier.
That's
the
passport
model.
He
goes
off,
gets
back
in
attestation
result
and
then
supplies
that
across
the
internal
link.
So.
B
E
You
know
this
goes
back
to
what
I
was
saying
earlier
in
the
call
which
is,
if
you
look
at
I'm,
gonna,
give
the
analogy
of
the
composite
evidence
line
right.
So,
even
if
the
composite
evidence
line
includes
something
that
well
that
they
send
earth
included
as
an
attestation
result,
the
receiver
is
a
verifier
at
the
verify
receives
evidence
he's
going
to
get
a
set
of
claims.
E
The
may
include
claims,
it
would
normally
appear
in
a
mecha
station
result
and
he's
going
to
treat
it
the
same
way
as
evidence,
which
is
he's
going
to
run
the
appraisal
policy
for
evidence
over
that
lot.
That
point
is
saying
the
receiver
treats
it
as
evidence.
Now,
if
we
look
at
the
line
coming
out
of
be
evidence
of
a
testers,
it's
the
same
right.
The
attesting
environment
is
going
to
treat
it
as
evidence
to
go
in
that
composite
evidence.
E
C
E
The
reason
that
I
like
device
know
that
you're
talking
about
that
either
device
your
composite
device,
which
is
how
it's
on
the
screen
right
now
is.
If
you
look
at
the
line
that
goes
all
the
way
up
to
the
top
to
the
remote
verifier,
the
line
does
not
come
from
the
device
box.
It
comes
all
the
way
down
into
the
testing
environment
box.
So
that
means
that
whatever
the
label
is
in
the
outer
one,
the
outer
one
is
not
the
thing
that
sends
the
composite
evidence.
That's
the
inner
box.
E
C
F
Tester
be
a
tester,
see
or
verifier.
The
reason
these
things
are
different
is
that
you're
able
to
differentiate
them
in
the
composite
evidence.
In
other
words,
they
all
have
some
private
key
which
is
going
to
assign
their
evidence.
So
my
major
consideration
is
being
able
to
identify
assembled
bits
of
evidence
which
can
be
assigned
to
a
particular
originating
a
tester
and
as
long
as
we
cover
that
I'm,
happy
I
think.
The
major
thing
here
is
the
composite
evidence
always
is
going
to
include
items
that
can
be
associated
with
a
subsystem
and
that's
subsystem.
A
A
C
C
E
A
C
E
C
A
E
A
E
E
Okay
with
that
Dave
I'm
thinking,
I'm,
okay
enough
with
it.
A
E
I
put
the
day
that
you
probably
haven't
had
a
chance
to
meet.
I
briefly
did
now.
I
will
point
out
that
almost
all
of
the
text
in
this
one
here
was
in
the
source
draft
mode,
I
think
almost
all
that
came
from
mine
since
people
said
tempered
that
they
tend
to
understand
it.
So
I
used
that
as
my
primary
one
I
mean
terminology
changes
and
so
I'm
guessing
a
lot
of
your
questions.
Also,
a
player
apply
to
the
original
draft
failure,
arc
doc,
I
say.
A
E
A
You
said
a
bunch
of
stuff
I'll
put
the
whole
comments
on
the
screen
in
a
moment.
If
you
like
briefly
says
about
how
they
you
know,
you
could
take
that
the
off
that
you
know,
even
just
knowing
what
the
device
was
might
be
enough
for
some
lot
people,
some
relying
parties
inkless
where
it's
where
we
were
to
to
make
an
authorization
decision,
and
it
just
seemed
like
to
me
that
you
were
using
a
lot
of
words
to
say
that.
A
E
Suspect
you're
right
I'd
have
to
read
through
it
again,
but
I
suspect
offhand
that
you
are
correct
and
again,
I
was
trying
to
not
make
changes
significantly
in
this
as
no
way
steel
text
as
much
as
possible
if
you'd
like
to
propose
a
change,
feel
free,
but
I
was
not
trying
to
rewrite
paragraphs
unless
I
had
to
the
only
things
that
I
tried
to
rewrite.
Are
things
the
word
that,
where
we
changed
terminology
based
on
these
meetings,
sure.
A
Okay,
oh
so,
okay,
so
I,
I
and
incentives.
You
have
to
get
people
over
the
head
and
solid.
This
is
allowed.
Yes,
we
didn't
say
it's
forbidden.
It
is
allowed
because
they
don't
they
don't
listen
to
that
part.
So
I'm
still
I'm
still
uncomfortable
with
the
word
remediation
in
the
way
that
the
teeth
uses
it
because
I
it
feels
like,
in
the
teeth
case,
being
remediated,
means
to
be
upgraded
and
that,
in
the
case
of
you,
know
film
of
mouth
malware.
That's
not
not
necessarily
the
remediate
act.
What
you
want,
but
this.
E
One
is
worth
discussing,
perhaps
to
me
remediation
is
to
bring
back
into
compliance,
and
so,
if
you're
out
of
compliance,
then
that's
a
problem,
and
you
have
to
remedy
that,
whatever
you
have
to
do
to
remedy
that
is
whatever
remediation
is,
and
that's
independent,
whether
it's
a
te
e
or
not
right.
That's
just
the
generic
to
remedy
the
fact
that
you're
out
of
compliance
is
to
bring
yourself
back
into
compliance.
That's
it
nothing
more.
It.
C
Trigger
remediation,
actually,
this
trigger
is.
This
may
be
the
thing
we're
leaving
off
and
and
and
we're
providing
to
the
the
post
process
here,
but
as
we
have
established
that
Rhett's
is
going
through
phrases.
So
to
speak,
sorry
it
might
become
at
some
point
a
conversion
point
to
tea
and
we
have
to
think
about.
That's
practically
I
think
so
we
cannot
cannot
cannot
provide
text
that
totally
inhibits
this.
E
You
look
at
line
461,
it
doesn't
actually
say
you
do
remediation.
It's
just
saying
that
if
you
fail
at
a
station
results,
you
may
be
in
need
of
remediation
makes
no
statement
as
to
how
you
do
remediation,
so
whether
it's
tea
for
anything
else,
it's
just
saying
you're
out
of
compliance.
You
got
to
remedy
that
and
it
doesn't
make
any
statements
about
that.
So
it's
a
negative
statement
about
remediation
or
sorry.
It's
the
absence
of
a
statement
about
remediation.
It
says
you
need
remediation
of
some
sort
right,
I,.
A
Michael
I
think
that
that,
because
the
term
in
this
context,
shows
up
from
teeth,
I'm
getting
polluted
by
that
term
and
because
of
that
I'm
asking
actually,
the
question
is
actually
I
would
be
happy.
If
we
put
the
word
remediation
in
the
architecture
document,
and
we
then
said
remediation
is
out
of
scope
just
so
that
nobody
comes
to
this
and
thinks
that
it's
always
the
teeth,
meaning.
That's
really.
My
discomfort.
C
E
The
same
peer
would
be
I
didn't.
It
would
still
be
exactly
true
if
there
is
no
t'ee
you're
just
using
this
about
the
REE
or
there's
no
distinction
right,
just
your
your
device
right,
it's
your
regular
class,
your
you
know
your
you
fee
and
Linux
or
whatever
your
native
remediation
is.
Nothing
keeps
specific
about
this
paragraph.
Absolutely
I
totally
got
that
the.
A
Point
I
was
trying
to
say
is
that
I
was
just
I
felt
uncomfortable
that
that
the
word
might
get
watered
down
for
people
that
have
only
seen
teeth.
That's
what
I'm
worried
about
okay,
so
I
think
that
remediation
in
many
cases
that
the
big
oblique,
like,
oh,
my
goodness,
something
terrible's
happened.
This
is
a
big
problem
right,
so
I
don't
want
to
I.
Don't
want
that
word
to
be.
You
know
just
a
remediation
or
problem
right.
A
C
B
In
our
in
our
model,
the
relying
party
is
making
the
decision
whether
or
not
the
ax
tester
is
trustworthy.
If
we
use
words
like
authorized
or
out
of
compliance
or
whatever
it's
it's
somebody
else's
vocabulary,
we
only
care
about
trust
or
trustworthiness
and
that's
the
result.
It's
either
trustworthy
or
it's
not
trustworthy.
Okay,.
E
A
E
No,
that's
not.
That
may
be
wrong
that
that's
wrong
in
the
point
of
this
paragraph.
The
point
of
this
paragraph
is
that
a
relying
party
is
gonna
have
to
do
something
with
a
result.
You
know,
grant
access
to
a
resource
whatever
it
is.
It's
gonna
have
to
do
something
it
has
to
make
an
authorization
decision,
and
trustworthiness
is
an
input
into
that
decision,
but
at
the
end
of
the
day,
it's
gonna
have
to
make
some
decision
there.
B
There's
a
line
in
the
middle
of
the
relying
party
where
you,
where
you
go
from
trustworthiness
to
the
rest
of
what
they
ought,
the
relying
party
is
doing,
which
is
an
application-specific
context,
which
is
outs
of
scope
for
rats.
We're
really
when
rats
talks
about
relying
party.
It's
only
talking
about
the
first
half
of
the
relying
party,
not
the
second
half
of
the
relying
party.
C
Yeah,
that
is
true,
so
the
the
responsibility
of
rats
of
speakers
I
think,
is
to
provide
or
trustworthy
evidence
and
whatever
you
do
visit
with
the
relying
party.
That's
the
other
half
of
a
lying
part
is
up
to
you,
so
you
can
disregard
all
of
that
or
you
can
take
it
into
account.
That's
up
to
you.
That's
not
the
scope
of
read
yeah.
E
A
In
more
in
context,
as
you
just
said,
you
guys
scroll
down
I
think
I'm
just
trying
to
figure
out
what
what
what
the
do
difference,
what
the
to
look
views
are
and
how
they
differ
and
I
got
it
now.
So
I
think
that's
easier
to
look
at
this,
because
it
gives
us
more
context,
so
I'm
happy
with
what
your
proposal
put
the
put
the
period
before
that's
after
authorize,
I,
think
Ned.
B
So
I
need
to
I
need
to
read
more
of
this
in
context,
but
right.
It's
done
that
one
paragraph
I
I,
think
there's
a
line
between
trustworthiness
and
other
words
that
are
like
authorized
and
so
forth.
That
I
think
is
stepping
over
the
boundary
of
rat
scope
and
whether
we
want
to
sort
of
go
to
that
look
and.
A
I
think
I
think
that's
funny,
I
think
he's
actually
done.
The
right
thing
does
I
think
that
walking
it
through,
and
that
was
part
of
my
complaint
about
using
so
many
words
about
kind
of
beating
people
over
the
head.
This
is
your
your
your
a
lot.
Your
the
relying
party
you
can
do
whatever
you
want
and
kind
of
beat
people
over
the
head
with
that.
You
can
do
extra
watch
that
okay,
I
think
it's.
B
E
So
this
is
the
paragraph
that
starts
in
464
that
the
one
they
just
got
scrolled
off
the
bottom
of
the
screen
is
the
one
that
talks
about
the
relationship
between
no.
Once
you
decide
something
is
trustworthy,
then
you
can
do
the
rest
of
the
authorization
decision
right.
That's
what
that
person.
Okay
and
so
that's.
E
Why
I
was
thinking
about
your
point
about
whether
the
previous
paragraph,
where
it
says
the
attest
or
should
not
be
treated
as
authorized,
and
maybe
you
needed
for
mediation
and
I
said,
let's
just
delete,
and
maybe
you
need
of
remediation
because
I
don't
think
it
changes.
The
point
of
that
paragraph
and
you'd
ask
whether
authorized
should
be
trustworthy
or
something
like
that
and
I
would
say:
terminology
wise,
an
ax
tester
is
authorized.
The
claims
are
treated
as
trustworthy
and
so
I
feel
it's
correct
as
phrased.
A
I
haven't
had
a
chance
to
be
done,
I
mean,
let
me
go
for
it.
The
next
point,
I'm
gonna
probably
sees
too
many
words.
I
realized
reading
this
I
look.
You
know
the
date
of
birth
on
your
passport.
Your
driver's
license
actually
may
be.
It
may
be
part
of
you
look
thinking,
thinking
about
how
it
used
right.
It's
used
differently
by
different
parties,
I.
E
A
Can
apply
to
any
other
claim,
so,
let's
say
I
no
I'm
not
arguing
about
the
computationally
about
the,
but
what
both
an
aged
persons
that
what
I
might
be
asking
is
that
the
bartender
at
the
bar
wants
to
know.
Can
you
drink
and
the
evidence
the
evidence
he
uses
for?
Can
you
drink?
Is
your
your
date
of
birth,
okay
and
the
the
attesting
party?
A
A
They
actually
use
it
to
verify,
match
my
passport
to
my
person
right
and
so
actually,
the
fact
that
that
age
is
put
in
there
is
not
necessarily
for
the
bartender's
benefit
and
I
think
that
there's
some
I'm
worried
that
that
that
particular
thing
I'm,
not
sure
whether
it's
evidence
or
result
is
what
I'm
trying
to
say
or
problem.
With
with
the
example.
Then
I
am.
A
B
A
Laws
the
the
the
bartender
starts
with
the
picture,
compares
me
to
the
picture
and
then
based
upon
the
this
attestation,
get
some
evidence
about
my
date
of
birth.
Out
of
it,
attestation
result
about
that
date
of
birth
right
and
it
comes
from
a
governor,
they're,
good.
Okay,
when
I
get
to
the
border,
the
cusp
of
the
immigration
officer
doesn't
care
whether
I'm
old
enough.
What
they
care
about
is
do
I.
Look
like
I
need
that
in
my
passport,
okay,
yes,
they
actually
use
that
as
part
of
an
action
endorsement.
It's
not
it's
not
an
access.
A
E
Call
that
endorsement
the
way
that
I
would
treat
this
is
in
both
cases,
meaning
both
of
the
bar
and
the
border.
There
is
an
appraisal
policy
for
attestation
results,
okay
in
the
appraisal
policy
at
the
bar.
It's
against
it's
a
comparison
against
a
known,
good
value.
You
know
this
is
a
greater
than
or
less
than
21.
Okay
at
the
border,
it's
not
comparing
it
against
a
strict
value.
E
It's
comparing
against
the
value,
that's
obtained
dynamically
based
on,
say
your
you
know
the
the
camera
or
the
person's
view
of
what
they
think
your
age
is,
and
so
it's
a
comparison
against
an
external
piece
of
data.
In
both
cases.
It's
comparison.
It's
still
appraisal
policy
which
is
go
ahead
and
compare
the
value
of
this
claim
against
foo,
where
food
was
either
a
hard-coded
number
or
it's
something
obtained
dynamically.
That's
the
difference
in
those
two
cases,
fair.
A
E
So
that
one
that
yeah
I
commit
to
here,
so
this
is
one
we
actually
discussed
in
the
working
group
like
two
meetings
ago,
which
was
and
I
was
the
proponent
for
who
the
that
rats
defines
the
criteria
or
creating
new
claims.
But
the
rats
is
not
responsible
for
creating
the
complete
set
of
claims.
Other
claims
could
be
created
by
other
working
groups
or
even
by
external
entities
like
you
know,
OPC
or
whatever
else
I.
C
A
E
F
A
C
Examples
and
therefore
by
architecture,
sorry
influenced
decision.
Steering.
Yes,
oh
so
now
you
think
about
extra
four
nine
and
eat,
and
that's
all
you
do
so:
there's
no
arbitrary
way
to
Fido
or
to
do
whatever
other
proprietary
solutions.
That's
what
provides
a
bomb
where
other
solutions
yeah
so
I
have
a
little.
You
ask
me
they're,
creating
reading
a
data
format,
relationship
here.
C
E
A
C
We
want
to
use
data
models
which
the
architecture
should
not
be
concerned
about.
That's
the
only
thing
I'm
saying
yeah
highlight
at
a
single
point:
there
is
diverse
whatever
ecosystem,
and
we
have
this
this
octopus
diagram
that
has
a
lot
of
inputs
and
outputs
and
various
data
formats
as
an
example,
and
we
leave
it
at
that
and
I
think
in
the
text.
You
should
not
go
down
to
that
level.
B
E
The
primarily
the
latter
also
the
former
as
a
separate
point,
but
the
main
point
of
the
section,
because
this
is
we
previously
put
in
the
diagram
that
Hank
referred
to
as
the
octopus
diagram.
There's
no
text
before
us
right.
This
is
what
the
text
is.
That,
then,
motivates
you
can
say
what
is
it
540,
the
following
diagram
right,
so
this
is
the
text
that
leads
up
then
motivates
that
diagram,
okay,.
C
E
E
We
and
you
know
JWT
es
and
c
w
TS,
and
so
we
need
some
way
of
abstracting.
That
and
at
least
the
architecture
document
didn't
have
to
go
into
that
detail,
but
I
had
to
motivate
the
need
for
it
and
that's
what's
going
on
here
is
you're
trying
to
motivate
the
need
for
head
and
that's
the
this
motivates
having
a
common
information
model.
That's
524!
That's
that
paragraph.
It
says
here's
why
we
need
the
ability
to
encode
the
same
information,
multiple
formats
here
and
then
there's
the
diagram
that
illustrates
it.
B
A
A
Bit
expert
review
and
we
go
well,
it
sure
sounds
like
you
want
to
encode
or
or
convey
a
CWT
in
a
new
other
in
a
DCP
option.
Maybe
that's
all
you
need
you
don't
need
to
re-encode
it
in
DCP
format,
right
I
simply
want
to
have
people
come
to
the
IETF
and
be
a
little
get
a
little
bit
expert
review
before
they
do
something
specific.
That's
what
I'm
trying
to.
E
That's
great
and
I:
don't
disagree
with
with
your
intent
and
I
and
I
think
one
of
the
things
that
is
not
mentioned
explicitly
in
this
text.
Right
now
and
maybe
should
be,
is
what's
the
relationship
to
pre
existing
vendor
specific
formats,
and
so
the
Etsy
here
is
often
a
pre-existing
vendor
specific
format,
they're
already
sending
claims.
So,
for
example,
until
already
has
SGX
attestation,
it
has
things
that
would
be
equivalent
to
claims
that
are
in
there
right
now
it's
been
shipping
for
years.
E
A
Okay,
so
oh
hang
on
here
so
I've,
because
I
think
I
will
suggest
some
text,
but
not
immediately.
What
I
want
to
know
is:
are
we
happy
enough
with
this
text
to
merge
it?
What
I
would
like
to
do
is
merge.
It
generate
a
new
route
of
the
draft
post
it
tonight
and
someone
who
I
hope
maybe
me
will
will
go
through
the
dips
against
last
time
and
make
a
slide
or
two
for
tomorrow's
meeting.
Okay.
This
is
Hank
just.
D
C
If
you
are
talking
about,
this
should
be
an
exception.
The
exception
should
be
condensed
text
wise
around
the
diagram
about
all
the
different
formats
which
I
sorry
called
about
for
octopus
diagram.
The
test,
modern
it
arms,
I,
know,
and,
and
so
so
I
would
not,
but
I
would
like
to
have
is
not
to
have
sprinkles
examples
of
formats
around
the
text,
and
this
is.
C
A
C
D
E
With
that
idea,
Dave
I
disagree
with
some
of
the
stuff
that
Hank
said,
but
I'm
perfectly
fine
with
C
diagram.
You
know
see
figure
whatever
the
number
is
is
the
turn
thetic
apart
here
and
I
agree
with
everything.
So,
yes,
everything
else
that
you
said
Michael
some
of
the
statements
that
Hank
said
I
don't
agree
with,
but
that
particular
change
I
have
no
problem
with
okay.
C
A
A
A
C
B
Did
I
hear
you
volunteer
to
make
a
slight?
What
is
that
I
would
make
I'll
make
two
slides
or
something
with
we
have
five
minutes.
We
have
five
minutes
for
both
architecture
and
use
cases
and
I.
Think
Nancy
wants
to
have
a
discussion
about
the
use
cases
in
terms
of
what
it
means
to
adopt
so
I'm.
So
it's
two
minutes
for
architecture
and
three
minutes
for
use
cases.