►
From YouTube: RATS Architecture Design Team, 2020-05-05
Description
RATS Architecture Design Team, 2020-05-05
B
A
B
C
E
The
last
comment
actually
got
me:
you
got
it
got
me
kind
of
threw
me
for
a
loop,
but
I
think
it's
okay.
Can
you
open
it
up
Hank
if
you're
sharing
input
the
trust
this
is
Dave
entering
okay,
yeah
go
ahead,
go
all
the
way
down.
We've
been
kind
of
fighting
over
wording
and
I.
Think
if
we
go
up
just
a
little
bit,
I
believe
Ned
sleep,
making
suggestions,
it
might
be
at
the
bottom.
There
keep
going.
You
know.
E
G
E
E
No
doesn't
really
you
know:
how
do
you
talk
to
the
communication
channel?
What
is
the
variable?
How
does
the
verifier
know
about
this
so
I
think
if
we're
happy
with
this
find
a
way
you
know
we
can
find
a
way
to
actually
put
this
into
the
pen.
You
know
the
place,
the
entire
PR
and
put
it
in
just
like
this,
so
what
I
didn't
know
Dave,
because
he
has
the
most
thoughts
on
this
is.
Are
you
happy
with
this
wording
as
it
stands
and
I
think
I
think
we're
kind
of
done,
then.
C
C
H
I
A
C
C
You
that
pretty
good,
let's
leave
this
one
open
until
we
get
the
other
one
just
so
it
makes
it
easy
to
find
the
text
and
stuff
for
people
to
look
back
at
here,
and
if
you
create
a
new
PR,
then
it
sounds
like
we
can
close
this
one
without
committing
it
once
the
other
one
exists.
How
does
that
sound
yeah.
J
C
C
B
Can
report
that
there
is
like
a
related
topic
and
for
sake
of
Lovins
in
theory,
I
would
like
to
give
a
micro
update
on
this,
so
we
were
talking
about
the
UCCS
stuff,
the
Jeremy
and
John
from
Google
platform
or-
and
yes,
we
totally
agree
that
there
should
be
some
implicit
trust
section
about
this
in
the
architecture.
So
this
is
full
support
from
GP
guys
that
also
on
the
fire,
amongst
others.
They
each
draft,
for
example
and
I-
think
that's
very,
very,
very
useful
good.
B
C
B
J
J
C
B
B
I
I
Context
around
role,
role,
hosting
roles
and
role
and
composing
roles
did
that
what
I
found
was
we
didn't
really
have
a?
We
didn't
have
the
right
turn.
We
don't.
We
didn't
have
the
notion
of
of
roles
as
being
identified
early
on
as
a
thing
in
the
architecture,
so
going
back
through
it.
It's
like
there's
a
little
bit
of
reference
to
roles
in
the
introduction,
but
it
doesn't
it
didn't
really
sort
of
capture
this
idea
that
it's
a
that
it's
an
architectural
thing
least
I
didn't
think
so.
I
So
it
kind
of
cleaned
that
up
a
little
bit
and
then
the
terminology
will
I
was
a
little
confused
in
the
terminology
because
it
starts
out
everything
starts
out
with
you
know:
a
knight
Esther
isn't
an
entity
which
I
don't
think
of
it
as
an
entity
Eddings
as
a
role
of
role
as
being
something
that's
separable
from
an
entity
and
I
know.
We've
sort
of
had
this
conversation
a
little
bit
so
I
kept
the
entity
wording
but
tried
to
make
it
more.
I
More
evident
that
that
we're
talking
about
roles
here
and
when
we
talk
about
an
ax
tester
and
a
verifier
and
a
relying
party
mm-hmm,
but
wasn't
sure
people
were
gonna,
have
issues
with
it,
but
trying
to
describe
it
in
such
a
way
that
it
shows
the
relationships
between
the
the
other
roles
and
the
messages
more.
You
know
work
more
consistently
and
then
so
then,
in
the
context
of
the
paragraph,
I
try
to
use
Hanks
ideas
seems
like
that
there
were.
I
I
B
Using
the
term
role
as
a
tangible
term
agreed
about
definitely
was
to
talk
about
a
gesture
and
define
these
yes,
sir
indoors,
and
such
and
and
then
just
use
these
terms
and
not
explicitly
highlighting
them
as
rows,
which
I
thought
was
complicated
because
at
some
point
we
would
try
to
aggregate
them,
and
then
we
are
talking
about
ephemeral
thing.
I
think
this
is
what
countering
here
right
now,
because
now
we
have
to
categorize
these
terms
in
through
something
effectively
rolls
again
and
then
that
you
are
basically
able
to
collapse
them
and
I.
B
Think
probably
an
entity
and
yes,
I,
understand
why
you
don't
want
to
be
specific
about
this
I
see.
I
saw
Dave,
especially
Dave's
comments
about
this
is
probably
not
a
device,
hopefully
not
don't,
try
to
be
specific
about
this.
Remove
the
typically
and
such
and
I
only
said
device
you
to
the
each
focus
and
and
also
entity
is
the
thing
we
can
all
agree
or
kinda
all
agree,
the
one,
but
still
it's
like
weird,
like
having
a
car
architecture
without
the
architecture
compose
and
components
being
named.
It's
like
very,
very
hard.
B
So
so
now
we
are
back
at
that
point
again,
so
we
have
for
my
point
of
view.
We
have
roles
and
entities,
you
combine
roles
of
entities,
the
end,
but
I
think
there's
still
some
pushback
on
using
these
categories.
I
think
very
explicitly
to
say
these.
The
rolls
and
these
are
the
entities
you
use,
and
now
you
build
your
stuff
with
it.
So
my
question
inside
this,
this
monologue
is:
are
we
still
at
that
point?
C
Couple
points
I
have
no
problem
with
if
you're
trying
to
make
things
we
work
on,
create
mentioning
a
device.
I
think
my
comment
is
in
the
work.
Typically,
he
said
an
entity,
for
example
a
device
or
application,
or
something
like
that,
if
you're
trying
to
try
it
to
be
real
I'm
perfectly
fine
with
that.
My
comment
is
on
the
word:
typically
because
in
teep
and
SGX
enclaves
and
things
it's
not
a
device,
it's
an
app
or
a
nun
clave
or
a
trusted
app
or
something.
C
But
it's
not
a
device
right
may
all
be
typical
in
different
scenario
in
the
different
use
cases
in
one
use
case,
that
device
is
typical
in
a
different
use
case
and
unclaimed
is
typical
and
a
different
use
case
and
app
is
typical
and
so
on
it.
So
we
could
mention
multiple.
You
know,
for
example,
a
device
or
application
or
unclear
wouldn't
want
to
have
one
or
more
examples.
That's
fine!
C
Let's
see
on
your
other
questions,
I'll
repeat
my
opinions.
My
opinion
is
that
the
word
entity
is
perfectly
fine
when
needed
in
English
texts
such
as
in
a
definition
of
another
term
like
here,
you
just
trying
to
use,
as
you
know,
something
whose
evidence,
and
rather
than
using
something
you
know
an
entity
just
in
normal
English
text.
I
think
it's
fine
I
am
against
try
to
define
new
terms
in
here,
like
I
would
not
want
to
say
entity.
:
I
try
to
come
up
with
the
definition
of
it.
I
think
it's
used.
C
Okay
in
passing,
when
you
don't
have
a
a
a
term
like
now
something
or
a
thing
or
whatever
an
entity
is
fine.
There
I
think
on
roles.
It's
perfectly
fun
to
use
that
term.
I
think
that
was
another
one
of
your
questions,
and
then
you
asked
a
another
one
which
I
didn't
like
and
I
forget
whatever
term.
What
did
you
use?
Oh
no
I've
coming
down
empty
role,.
B
B
C
Think
roles
is
a
fine
term
to
use
like
here.
You
know:
I
saw
like
Ned's
title
here:
I
think
is
fine.
I
hear
he
capitalized
roles,
I
think
my
preference
would
be
for
lowercase
roles
there
so
that
you
don't
have
to
define
a
term
in
here,
meaning
I.
Think
if
it's
used
in
passing
a
couple
times
I,
don't
think
it
has
to
be
for
more
value.
C
B
C
B
C
B
C
K
C
B
C
Master,
we
already
have
conceptual
messages
as
the
section
heading,
and
so
that's
why
I
said
I
change
this
back
to
match.
What's
in
master
right
now,
because
this
PR
I
don't
know
if
the
I
hadn't
noticed
what
I
made
these
comments-
and
this
is
off
of
issue
55,
not
off
master,
and
so
I
was
comparing
it
to
master
and
in
master
it's
always
called
conceptual
messages.
C
B
B
C
C
C
Typically,
it's
like
I
didn't
come
in
I.
Think
that's
fine,
I
think
you
know
the
here's
are
typically
that
one's
good,
there's
typically
I,
think
that's
good,
because
this
typically
is
they're
all
about
the
endorser
role
right
saying
an
endorser
is
typically
a
manufacturer.
I
think
that's
fine
and
a
relying
party,
you
said,
is
typically
an
application
unless
somebody
else
speaks
up.
I
think
that's
true
in
the
various
use
cases
that
we
have
in
the
use
cases
list
this.
C
C
I
B
C
C
B
B
L
Me,
the
relying
party
is
going
to
make
a
decision
to
provide
service
or
not
provide
service
or
provide
some
level
of
service,
or
not
quite
some
level
of
service,
so
I
would
always
just
put
it.
In
those
terms,
the
relying
party
decides
whether
it's
going
to
provide
the
service
or
not,
based
on
the
the
attestation
result.
The.
C
L
C
Don't
think
that's
true
for
a
verifier,
it's
at
least
for
some
purifiers.
Some
of
them
will
produce
edict
and
explicitly
negative
attestation
result
to
say
this
thing
is
not
trustworthy
because
it
contains
the
following.
You
know
because
it
contains
vulnerabilities
or
because
it's
has
a
time
stamp,
that's
too
old
or
whatever,
and
so
they
may
say
this
should
never
be
trusted.
As
you
know,
it's
a
signed
statement
from
the
verifier.
There
are
verifiers
that
work
that
way.
K
B
L
H
C
There
are
cases
where
GPS
is
used
for
trustworthiness,
for
example,
if
the
GPS
says
the
FET
machine
is
no
longer
in
my
data
center,
I
don't
consider
it
trustworthy
because
it's
been
stolen
or
is
no
longer
in
a
secure
location
and
GPS
can
absolutely
be
about
trustworthiness.
I
can
be
used
in
trustworthiness,
decisions
right,
a
secure
location
versus
not
in
a
secure
location,
anymore.
B
C
I
personally,
do
not
have
any
problem
with
using
that
weren't
trustworthy
in
the
verifier
context.
I
agree
that
it's
not
appropriate.
That
is
it's
it's
better
ways
to
phrase
stuff
in
a
relying
party
context,
but
in
a
verifier
context,
I
think
it's
fine!
That's
why
I'm
trying
to
figure
out
if
somebody
can
convince
me
why
it's
bad
there,
because
I'm
open
to
that
self.
We
have
a
better
suggestion,
but
it
doesn't
seem
bad
to
as
long
as
it's
not
just
trustworthy.
L
You
say
if
it
is
trustworthy,
it's
a
binary
decision.
Verifier
doesn't
produce
a
binary
result.
A
verifier
produces
a
complicated
adaptation
result
that
needs
further
evaluation
by
the
relying
party
in
general.
That's
true,
yeah
I
agree.
You've
got
a
I
mean
to
me.
This
whole
thing,
the
only
the
only
person
that
the
only
thing
that
actually
gets
to
make
any
kind
of
a
binary
decision,
and
yes
or
no
in
this,
the
whole
architecture
is
the
wrong
party,
and
even
there
it's
not
a
binary
decision.
Often
it'll
be
like
okay
yeah.
You
can
have.
L
C
But
I
am
noticing
I
think
I'm,
getting
somebody
else's
point
now
the
phrase
that
I
have
highlighted
right
now
and
move
it
up
a
bit
here.
The
phrase
that
I
have
highlighted
right
now
I
do
realize
is
problematic
in
one
sense,
and
maybe
if
we
fix
that
sense,
it'll
fix
people's
problems
with
trust.
Already
here,
that's
not
mine,
so
this
is
talking
about.
The
evidence
has
to
be
appraised
such
as
when
deciding
whether
the
ax
tester
is
authorized
to
perform
some
operation
right.
C
This
decision
here
is
done
by
a
relying
party
yeah,
the
determining
whether
the
evidence
is
considered
trustworthy
is
something
that's
done
by
a
verifier
okay.
Now,
of
course,
this
is
just
a
such
a
such
as
wind
and
verify
when
it
remind
party
needs
to
decide
stuff.
This
phrase
is
perhaps
problematic
in
terms
of
an
ax
tester
as
phrased
and
I.
C
A
C
Written
you
look
at
the
read
whether
the
entity
is
considered
trustworthy,
so
this
is
about
whether
the
attest
or
is
considered
trustworthy
and
whether
the
ax
tester
is
authorized
to
perform
some
operations.
That's
why,
when
I
said
this,
it
right
here
I
expanded
it
to
match
what
the
original
text
that
you
see.
That's
my
point
down
here,
but.
L
B
B
L
C
B
Only
talking
about
trust,
so
you
decide,
you
want
to
believe
things
that
are
signed,
but
the
signer
by
the
signer.
Then
you
put
trust
into
the
signer
and
Trust
into
the
signature.
That's
a
decision,
then
you
have
content
of
the
thing
that
assigned
that
is
not
binary
most
certainly
and
then
content
of
the
thing
as
assigned
is
about
trustworthiness
and
then
the
verifier
most
certainly
makes
an
assessment
of
the
trustworthiness
and
the
relying
party
still
cannot
take
that
into
account
or
can
take
that
into
account
either
the
trust
severe
fire.
L
I
L
I
C
That's
what
I
said
my
comment
down
here
is
the
the
Green
is
not
correct,
because
Green
changed
it
to
refer
to
evidence
right
being
the
the
last
noun
or
the
the
reference
and
reverting
it
would
go
back
to
the
entity
or
the
ax
tester
to
be
even
work
there
yeah.
But
that's
what
I
comment
it
down
here
right.
I
K
K
I
I
C
Right
now,
my
preference
for
this
PR
as
opposed
to
a
future
one
that
Ned
was
suggesting,
is
that
the
red
text
than
fixing
this,
in
other
words
the
the
whether
trustworthy,
sounds
binary
and
to
determine
the
extent
to
which
is
trustworthy,
I,
would
go
ahead
and
make
that
change
here.
So
I
think
that
isn't,
if
route
went
to
say
it's
not
binary
or
it
is
in
general,
not
binary,
but
other
than
that
I
can
live
with
the
rest
of
the
red
text.
Until
the
IPR
comes
comment,.
B
B
K
I
K
L
G
L
B
C
M
C
That's
what's
already
in
master
right.
Roll
messages
was
some
thing
that
was
only
in
rural
composition.
It's
not
master,
and
people
were
agreeing
to.
The
conceptual
messages
was
at
least
as
good
I
thought.
There
was
a
consensus
on
that.
So
we're
on
the
call,
probably
when,
when
Michael
you
didn't
have
any
ability
Harris
during
that
yeah
I
had.
M
C
486,
okay,
yeah
Nick,
yep,
yeah,
I'm
gonna.
Let
Ned
do
that
because
I
didn't
touch
every
line
so,
for
example,
the
roll
messages
and
conceptual
messages
are
in
there
a
bunch
of
times
that
per
request,
and
you
need
to
be
a
bulk
searching
a
place,
though
so
I
wasn't
going
to
merge
it
right
now.
It's
gonna,
let
Ned
barge
it
into
into
the
Royal
Composition
branch:
okay,
with
people,
okay,.
C
So
I
just
being
explicit
Ned
in
the
issue,
55
range
there's
a
bunch
of
uses
of
roll
messages.
I
only
commented
on
the
first
line
and
it
appears
like
six
times
or
something
like
that,
and
so
you
just
do
a
global
search
and
replace
and
then
go
ahead
and
merge
once
you've
aggressive
editor.
All
things.
C
Merge
into
royal
compositions,
which
is
still
in
the
master
right,
we'll
review
it
on
their
quote:
roll
compositions
branch
into
master
per
request.
So
we
can
review
that
part
next
week.
Does
that
sound
okay
issue,
fifty-five
merged
into
brawl
compositions?
And
then
next
week
we
can
review
the
discs
between
the
enroll
composition,
semester.
J
L
C
We
had
six
minutes
left.
What
do
we
want
to
do
in
the
last
six
minutes?
I
would
love
to
get
people's
opinion
on
the
term.
The
Strummer
interim
that
I
threw
into
85,
which
we
haven't
had
discussion
about.
Yet
I
would
love
to
take
five
minutes
to
just
get
people's
opinions
on
there
to
see
if
they
like
it
or
they
hate
it
or
they
have
a
better
suggestion,
a
different
suggestion,
because
that
would
be
my
own
preference,
but
could.
C
Know
the
I'm
gonna
go
to
the
exchange.
You
can
see
Hank,
we
are
looking
for
a
better
term
than
you
fee
by
us.
Rumors,
there's
a
bunch
of
places
that
said
you
fee,
BIOS
firmware
and
so
the
very
first
a
testing
environment
test
to
ensure
the
integrity
of
the
you
fee,
BIOS
firmware
whatever
that
initially
boots
up
a
composite
device.
Okay
and
so
I
tried
to
come
up
with
a
term
for
that
first
thing:
that's
above
the
hardware.
Okay
I
mean
not.
You
have
Robert,
okay
and
so
I
tried.
C
D
C
E
E
This
is
get
real,
quick,
sorry,
I
mean
that's
a
breaking,
not
I
did
look
through
that
I,
like
the
text.
I
know
what
you
have
what
you
have
intended.
We
just
you
know
in
the
IOT
space,
so
you
know
with
heavily
allowable
code.
We
as
the
attend.
The
rue
des
trust
may
only
be
attesting
something
that's
essentially
our
what
we
would
consider
Hardware
function
so
like,
for
instance,
the
you
know,
there's
one-time
programmable,
there's
one-time
programmable
memory.
E
It
may
just
be
reporting
on
that,
so
it
wouldn't
be
mutable
from
that
perspective
that
a
programmable
part
of
a
important
you
know
a
programmable
part
of
the
environment.
The
target
environment
would
be
so
if
you
want
to
cover
that
time,
if
you
don't
even
you
think
it's
just
going
to
complicate
things,
we
can
leave
that
off
but
decided
to
you
so
start
a
question.
C
E
It
can
be
layer
depending
on
it
can
be
layered
if
the
root
of
trust,
all
it
does.
Is
it
just
it
reports
as
reports
a
hardware
state,
and
then
it
just
triggers
the
it
triggers
a
power
on
above
a
subsystem,
a
target
environment,
but
that
target
environment
you
know
is
basically
all
long
code.
It's
not
really
it.
It
goes
ahead
and
if
it
needs,
if
it's
in
its
verified
its
own
patch,
therefore
it's
just
triggered
a
power
on
of
the
of
the
target
environment.
E
The
target
environment
itself,
though,
is
the
one
that
actually
verifies
it
if
it
verifies
whatever
it
is
the
mutable
aspect
of
its
code,
that's
running
so
I
can
put
this
in
a
comment
on
there,
but
I
mean
it's
a
you
know
it's
actually
when
I'm
describing
is
actually
sometimes
you
see
it
a
lot
in
the
IOT
space.
You
don't
see
it,
you
don't
see
it
really
in
the
PC
space.
So.
E
That's
fine!
That's
why
I
keep
it.
If
we
want
to
say
this
is
clearly
for
PC
BIOS
and
that's
fine
as
it
is
made
it,
then
that
could
point
the
intent
that
we
can
do
it.
We
can
say
the
other.
The
other
point
in
the
other
corner
cases
that
I'm
thinking
about
you
know,
maybe
maybe
you
don't
need
a
lead
and
if.
B
You
could
highlight
a
prominent
French
case
you,
it's
not
French
legal
of
course,
so
a
prominent
use
case
for
it
from
your
side.
I
think
that's
helpful
in
an
issue
tracker,
so
they
lose
this
and
can
make
a
deliberate
decision
on
ok.
This
is
you
don't
have
to
elaborate
on
this.
It's
implicit
enough
I
think
it's
very
important
to
have
this.
The
small
things
are
less
mutable
than
you
think
they
are
here.
C
E
C
L
C
I
C
I
C
L
I
L
L
I
just
haven't
I
haven't
read
the
text
in
detail,
so
I'm
just
I'm,
reacting
and
I'm.
Let
me
say:
first
minimal
environment
you're
trying
to
go
abstract,
you're
you're.
Then
you
start
getting
it,
calling
it
to
question.
What's
mutable,
what's
not
mutable
and
all
kinds
of
it
looks
like
it's
starting
to
look
like
a
definition.
Well,
if
you
say
yuffie
slashed
by
a
slash
framework,
it's
clearly
an
example
and
just
an
example.
It's
very
specific
and
and
clearly
the
world
it
doesn't
all
use
it
use
you
use
UV
and
from
work
clearly
other.
L
C
Right
so
we're
over
time,
but
I
understand
you
saying
you
like
the
red
text,
better,
correct,
yeah,
generally,
yes,
okay,
I,
think
we're
out
of
times,
but-
and
so
I
just
wanted
to
highlight
this.
To
get
your
first
impression,
it's
feel
free
to
go
through
and
review
this
offline
I
just
want
to
highlight
it
and
see
whether
it
was
general
likes
your
general
dislikes
on
this
and
so
I.
Don't
know
that
we
came
to
a
conclusion
and
that's
fine.