►
From YouTube: RATS Architecture Design Team, 2022-05-24
Description
RATS Architecture Design Team, 2022-05-24
C
A
D
B
So
maybe
give
it
one
minute,
I
guess
everyone
found
the
new
urls
that
I
I
discovered
that
the
webex
url
that
was
in
the
calendar
invite
was
stale.
I
don't
know
how
that
happened,
but
anyway,
I
guess
you
all.
At
least
all
of
you
found
the
url
I
updated
with,
so
we
I
I
don't
so
of
the
the
romans
editorial
comments.
B
B
Okay,
so
we'll
go
through
them
so
just
before
we
do
that.
Let
me
just
make.
B
So
I
wanted
to
just
find
out
if,
if
we're
all
okay
with
this,
there
were
some
comments
on
the
call
two
weeks
ago
that
not
everyone
liked
this
and
that
they
wanted
to
remove
the
word
active.
B
I
don't
agree
with
that,
because
I
believe
that
active
on
path
attacker
is
a
term
that
we're
going
to
see
we're
going
to
use
more
and
more
as
opposed
to
passive,
on
path
attacker,
which
is
someone
who
can
see
but
not
replace
traffic
and
no
one.
I
believe
up
to
this
point,
no
one
is
sure
if
a
man
in
the
middle
can
always
replace
delete
traffic
or
not
anyway,
I
had.
E
Between
red
and
green
only
because
the
rest
of
the
sentence
says
who
may
observe
yes
change
or
misdirect,
and
so
the
rest
of
the
sentence
is
obvious.
It
says
that
it's
active,
so
I
can
live
with
it,
either
red
or
green
right,
an
active
one.
E
A
E
E
B
Yes,
that
was
roman's
complaint.
He
didn't
want
to
use
that
term
anymore,
and
I
don't
know
if,
if
you
know
that
I've
had
proposed
a
cup
a
year
or
so
ago,
a
document
in
sag
to
essentially
you
know,
clearly
define
some
of
the
terms
didn't
go
anywhere
in
sag.
No
one
was
particularly
enthusiastic
about
it,
but
that
doesn't
mean
anyway.
D
D
Where
I
had
actually
prefer
the
man
in
the
middle
of
years
of
people
understanding
what
that
term
is
and
to
just
do
away
with
it
in
place
of
another,
one
doesn't
seem
to
really
serve
much
purpose.
B
So
the
the
the
counter
argument
is
that
the
term
actually
has
been
vague
over
the
years
and
which
is
why
we've
had
to
clarify
who
may
observe
change
or
misdirect
misdirect,
because
it
wasn't
always
clear
that
they
could
do
more
than
observe
and
anyway,
so
of
those
who
have
reviewed
them.
Did
you
review
them
with
the
with
the
term
active
was
preferred
or
not.
C
E
Or
not,
I
I'm
saying
the
rest
of
the
sentence
makes
it
clear
what
we're
talking
about,
because
the
main
point
is
meaning.
I
agree
you
have
exactly
the
same
meaning
if
you
deleted
all
of
the
words
except
for
attacker
right.
That's.
My
point
is
that
what
you
put
in
front
of
attacker
is
kind
of
superfluous
to
me,
because
what
you
call
it
active
or
not,
or
on
path
or
not
or
man,
in
the
middle
or
not.
The
main
point
is
an
attacker
who
may
observe
change
or
redirect
evidence.
E
A
Active
is
fine
on
path
is
fine,
so
I
would
ignore
the
removal
of
active.
B
You're
fine
with
it
either
way,
then
I
I'm
gonna
just
go
with
the
the
term
active
on
path
attacker,
because
I
think
that
that
is
a
term
that
is
been
encouraged
as
the
consensus
replacement
for
the
word
man
in
the
middle
and
there's
quite
a
few
people
that
don't
understand
what
man
in
the
middle
means.
Who
are
you
know
less
than
our
age.
There.
E
Don't
really
care
if
I
had
to
flip
a
coin
I'd
land
on
make
roman
happy
because
he
seems
to
have
a
preference.
A
E
A
A
Known
so,
and
and
in
the
end.
A
E
B
B
So,
malcolm
in
the
middle,
yes,
is
the
tv
show
and
we've
also
had
mallory
in
the
middle
and
there's
been
many
other
interesting
expansions
that
keep
the
the
acronym.
Well,
while
changing
the
term
massachusetts.
B
Yes-
and
they
are
known
to
be
in
the
middle-
often
of
many
controversies
right.
B
It's
the
home
of
of
of
of
richard
stallman,
originally
right.
So
there
you
go
right,
many
controversies
and
those
okay.
B
All
right,
so
I'm
just
gonna
walk
through
these.
I
don't
know
if
there's
any
good
order,
so
oh
yeah,
so
this
was
let
me
pull
up
the
text.
B
Integrity
protection:
where
did
it
go
here?
We
go
12.2.
So
this
refers
to
the
title
of
this
section.
We
had
a
conversation
last
time
about
this
and
we
had
a
couple
of
suggestions,
system,
integrity,
message,
authenticity
comments
that
nobody's
going
to
worry
about
the
section
title
itself:
peter
talked
about
the
integrity
of
the
integrity
system
and.
D
So
basically,
there
was
that
that
if
we
were
going
to
include
that
to
address
his
suggestion
directly
that
we
were
going
to
have
to-
or
we
really
should
include,
the
integrity
of
lots
of
other
things,
including
the
integrity
system
and
things
that
go
into
protecting
the
integrity
system-
and
I
didn't
want
to
open
that
kind
of
worm.
So
I
was
really
a
proponent
to
not
opening
it
and
keeping
it
more
or
less
the
way
we
had
it.
B
A
On
your
small
screen,
yeah,
of
course
I'm
pretty
prepared.
So
actually
I
I
feel
peter
because
verifiers
should
be
trustworthy
and
why
don't
they
do
rats,
because
it's
another
layer
of
red,
so
it
would
be
red
layers
all
the
way
down.
Basically,
so
where
do
you
terminate
so
yeah?
You
would
use
the
same
mechanism
again
and
again
and
again
so
that
doesn't
really
work.
So
I
wouldn't
open
the
can
of
worms
and
I
would
agree
with
the
future
yeah.
D
Yeah
I
mean
I,
I
would
have
loved
to
have
opened
that
can
of
worms
earlier
on
in
the
process
to
discuss
these
issues
about
how
you,
how
roots
of
trust
really
come
into
to
breaking
that
chain
that
you
mentioned,
and
I
think
in
the
long
term,
in
terms
of
trusting
these
kind
of
mechanisms
we're
going
to
have
to
address
them.
But
I
I
think
yeah.
A
Well,
there
is
this
one
one
opportunity
we
could
take
on
because
kathleen,
and
that
is
a
like
a
miracle
to
me
at
some
point
said
we
should
define
root
of
frost,
which
came
as
such
a
surprise
to
me
that
I
read
the
sentence
twice
and
so
yeah,
so
that
would
address
that
problem.
I'm
also
aware
that
another
document
does
define
of
trust
now
in
rats.
I
alluded
me
which
one
it
was,
but
I
think
it
was
hannes's
new
one
I
I
forgot,
but
some
new
document
actually
defines
root
of
trust.
A
Now,
so
are
we
happy
with
that?
First
of
all,
if
not,
should
we
fix
it
here
this
to
kasleen,
I'm
not
entirely
sure
I
would
love
to
notch
and
go
many
cans
by
taking
into
account
kathleen's
comment
and
the
fact
that
is
now
defined
somewhere
else
here
in
this
working
group.
It
makes
me
a
little
bit
uneasy
to
be
honest.
E
A
A
Will
never
file
an
issue.
We
have
to
do
it
for
her.
E
E
So
I'm
trying
to
get
back
to
the
question
at
hand.
I
agree
that
we
should
change
the
title
from
integrity
protection
to
something
else.
I
see
the
suggestions
from
14
days
ago,
system,
integrity
or
message
authenticity
where
I
can
get
where
you're
going
with
both
of
those.
A
Okay
and
the
the
the
protection
part
would
be
a
good
symmetry
to
unprotected
things
like
uccs,
and
so
I
protect
it
should
be
in
it.
Yes,
I
think,
that's
that's
a
good
choice.
B
B
E
No,
I
actually
liked
integrity
there,
which
was
the
original
word
before
any
changes
right,
because
we're
saying
under
message,
protection,
there's
a
lot
of
subcategories
of
things.
It's
integrity,
protection,
there's
replay,
attack
protection.
There's
you
know
encryption,
which
is
basically
confidentiality,
protection,
there's
dot
and
so
on.
All
these
are
different
properties
of
of
the
conceptual
message
protection.
E
It
does
then
talk
a
little
bit
about
some
system,
stuff
too,
where
it
talks
about
the
the
strength
at
the
root
of
trust
and
so
on,
but
I
think
it's
fine
for
all
that
to
be
under
the
subcategory
of
conceptual
messy
protection,
just
elaboration
on
the
bullets
above,
so
that's
why
I
think
cons
it's
fine,
as
you
show
it
on
the
screen
right
now,.
E
A
E
E
A
E
My
philosophy
is
the
only
person
that
have
commented
on
this,
at
least
that
we're
going
through
is
roman
and
we
should
try
to
scoop
it
as
narrowly
to
what
romans
said
as
possible,
because
all
the
rest
is
past.
Working
group
last
call
right
so
minimal
changes,
except
for
when
somebody
points
out
an
actual
problem.
E
Okay,
so
that's
what
we
have
here:
yeah
in
some
other
concert
like
hank
and
I
are
in
like
the
the
company
community
consortium
and
stuff
and
so
there's
the
mantra.
Minimum
viable
governance
we'll
hear
minimum
viable
changes
right
so.
B
Okay,
all
right,
so
we've
changed
the
title.
I'm
going
to
commit
this
one.
B
C
B
I'm
gonna
leave
the
editorial
comments
for
the
last,
because
I
think
that
there's
more
substantial
stuff
to
go
into
here.
B
E
I
thought
that
was
the
architecture.
Roman
was
one
of
the
people
that
was
arguing
that
what
one
of
hank's
documents
or
whatever
needed
a
charter
change
or
whatever.
So
it's
interesting
he's
asking
about
these
things
that
we
said
was
out
of
scope,
given
the
charter,
so.
A
It
will
be
in
scope
in
june
3rd,
so
maybe
he's
preempting
this
I
don't
know.
You
know
hope
for
document
update.
Then.
A
A
Is
fine,
so
I
I
would
I
would
be
okay
with
this.
I
would
just,
but
we
have
to
establish
these
editors
or
group,
consents
and
then
put
that
to
the
list
and
say
no.
Are
we
doing
this.
B
A
B
Them
up
there
yeah.
I
can
think.
E
Of
is
you
could
say
that
that
the
following
items
are
things
that
are
left
to
be
covered
in
security
considerations
of
any
particular
solution.
C
But
it
isn't
as
if
they're
ignored,
so
just
not
in
the
in
scope
for
yeah
it's
just
they
saying
the
security
considerations
are
not
describing
endorsements
and
reference
values,
but
in
fact
it
is
section.
12.2
does
describe
them.
B
So
all
right,
so,
first
of
all,
let
me
ask:
do
you
before
we
start
worrying
about
text
changes
that
I'm
trying
to
capture
a
little
bit?
Do
you
think
we
does
anyone
think
we
should
make
some
change
here.
A
C
E
I
think
so
I
just
reread
this
one
like
like
for
the
third
time
here
romance
comments
here.
I
wonder
if
all
at
his
main
point
is
that
there's
a
bunch
of
bullets
in
12.2,
but
it
sounds
like
it
wasn't
clear
to
him
or
just
one
way
of
reading
this
is
it
wasn't
clear
to
him
which
of
those
bullets
refer
to
which
of
the
lines
in
the
conceptual
architecture?
E
One
answer
would
be
all
of
them
reply
to
all
of
them.
Okay,
if
it's
anything
other
than
that,
then
maybe
he
wants
more
elaboration,
but
if
we,
if
we
just
respond
in
an
email,
the
only
answer
that
I
can
think
of
is
that
all
the
bullets
apply
to
all
the
lines
in
the
diagrams.
D
Yeah
they're
all
things
that
play
into
whether
or
not
you
as
a
relying
party
should
trust
the
integrity
of
the
system.
This
is
really
relates
to
the
idea
of
what
other
stuff
should
be
included
in
evidence,
and
I
I'm
going
to
remake
the
comment
before.
If
you
start
talking
about
this,
it
gets
complicated
and
there's
lots
of
room
for
people
to
say.
Well
what
about
this
situation?
What
about
that
situation?
And
it's
just
not
going
to
get
done
right.
D
Yeah
yeah
in
the
long
run.
I
believe
that
as
these
mechanisms
emerge
and
become
more
relied
upon,
we'll
have
to
revisit
trustability
and
what
needs
to
be
included
in
evidence
for
attestations.
And
what
are
the
mechanisms
that
we
need
to
do
that,
but
we're
a
long
way
from
being
able
to
argue
that
we
need
that
complexity.
C
D
I
think
that
if
we
were
to
engage
in
that,
we
would
have
to
do
a
lot
more.
Writing
get
a
lot
more
reviews
and
really
open
ourselves
up
to
wow.
This
whole
mechanism
is
just
not
worth
it
forget
it
right
right,
and
so
I
I
I
don't.
B
We're
we're
trying
to
we're
trying
to
walk
before
we
run
here
and
and
get
some.
You
know
kind
of
some
some
level
of
a
more
minimal
acceptance
that
we
have
to
do
this
kind
of
thing
before
we
get
into
the
well,
it's
even
more
complicated
yeah.
D
I
I'm
of
the
opinion
that
if
we
were,
as
a
you
know,
global
community
to
have
widespread
adoption
of
affectation
mechanisms
as
we've
described
them,
we've
done
a
pretty
good
thing,
but
there's
still
a
lot
of
holes
that
we
have
to
do.
D
There's
a
lot
of
people
that
will
be
making
trust
decisions
based
on
this
permission,
that
will
not
be
sound,
and
I
think
that
when
we
have
the
mechanism,
we
can
start
looking
at
ways
to
address
that,
to
point
out
the
flaws
and
and
mechanisms
to
do
it
that
we
might
be
more
amenable
to
the
complexity
needed
to
solve
those
issues.
B
D
So
I
mean
the
answer:
is:
is
certainly
yes
yeah
right
and
so,
but
that's
not
going
to
stop
implementations
from
from
combining
these
things
into
single
entities.
So
what
are
the
the
implications
on
the
ability
to
trust
if
you
do
and
and
that's
the
discussion
that
needs
to
be
had
if
you
want
to
go
and
go
down
this
hole,
all
right
and
and
so
then
then
the
question
is:
how
do
you
believe
what
you've
done
to
address
the
trust
issues
and
again
that
opens
up
another
can
of
worms.
G
So
I'm
going
to
label
this
as
won't
fix
and
I'm
going
to
we're
going
to
reply
to
the
list
on
this
okay.
So
let's
just
talk
about
this
one
then.
E
E
E
A
In
summary,
eric
was,
I
think,
commenting
on
the
appendix
detail
and
thomas
was
commenting
on
the
section
10
3
detail.
E
B
E
Stuff,
but
at
least
he
said
because
I
think
here
he's
saying
well,
you
went
to
this
level
of
detail
for
this
one.
What
about
all
those
other
issues?
I
called
out
on
section
12
right,
and
so
I
think
his
main
point
is
you
go
to
the
level
of
detail
here,
but
not
over
there,
and
we
either
remove
this
or
edit
there
right
and
we're
saying.
Well,
we
don't
want
to
do
the
other
stuff,
and
the
working
group
feels
like
this
is
useful.
So.
D
B
E
Okay,
so
we'll
bring
out
figure
five
for
a
second,
and
so
here
all
right.
So
I
think
what
he's
talking
about
is
the
fact
that
the
vertical
attestation
result
line
terminates
at
a
tester,
a
different
way
of
drawing.
That
is
a
line
that
goes
through
a
tester
and
then
out
the
right
side
right,
where
the
main
point
that
the
section
is
trying
to
make
is
the
attester
here.
E
E
G
So
I'll
just
switch
the
sharing
here
again.
D
B
D
The
value
of
the
passport
model
is
that
you
have
a
passport
and
you
can
use
it
when
you
need
it,
and
if
it's
still
good,
you
can
use
it
again,
and
the
verifier
is
only
involved
in
like
really
the
obtaining
of
the
passport
right.
If
I.
D
E
E
Okay,
so
yeah
peter's
making
me
think
that
maybe
the
line
isn't
the
right
thing.
It
requires
a
sentence.
You
have
a
preference
peter.
D
E
Okay,
all
right
so
peter's
convinced
me,
because
the
the
main
point
is
that
vertical
line,
the
horizontal
line
can
be
at
very
different
times
with
a
significant.
You
know.
Caching,
delay
in
between
subject
of
the
freshness
guarantees
the
attestation
results
right,
but
yeah.
D
An
important
concept
for
the
passport
model
and
really
one
of
the
main
attractiveness
of
it
there's
some
high
time
kind
of
life
to
a
passport,
and
as
long
as
it's
still
good,
you
can
use
it.
E
E
B
So
in
this
model,
sorry,
let
me
go
back
to
the
okay.
B
E
B
B
B
E
It's
shown
as
two
different
lines,
because
it's
consistent
because
it
doesn't
consume
it
and
it
shows
two
lines
because
it
might
cache
it.
D
Again,
I
I
think
words
have
meaning,
and
I
read
the
words
there
and
it
says
what
we
meant,
so
it
doesn't
really
need
to
be
changed.
That
being
said,
I
find
oftentimes
readers,
don't
see
the
meanings
of
words,
and
you
know
maybe
breaking
the
paragraph
would
help
that.
I
don't
know.
D
B
B
D
E
C
F
F
B
That
it's
cached
rather
than
consumed,
and
you
know
so
that's
why.
A
D
D
I
I
agree
that
if
we
don't
actually
specifically
say
that
that
it
can
be
re
reused
in
in
other
attestations,
even
to
a
different
relying
party,
then
we
should
that.
That's
a
that's
a
worthwhile
change.
E
I
was
just
rereading
to
see
if
that
said
at
any
place,
and
it
does
not,
and
so
plus
one
to
people's
wording.
A
A
There's
some
really
really
stones
here.
I
have
to
fix
this.
B
It
can
say
because
then
present
the
to
relying
party,
okay,
the
a
tester.
D
You
know
the
tester
may
use
that
the
the
evidence,
in
other
attestations,
even
to
a
different
relying
party.
He.
B
They
also
use
the
attestation
results.
Also
may
also
may
may
also
make.
B
D
E
B
Me,
let
me
let
me
write
that
down
and
then
let
me.
D
But
it's
in
a
session
called
the
passport
model.
I'm
gonna
toss
this
out
for
an
idea
saying
that
you
can
basically
say
the
verifiers
at
the
station.
Results
are
in
the
form
of
a
passport
which
then
is
stored
at
the
tester
for
use
in
any
attestation
that
it
wants.
B
Okay,
so
this
is
what
I
did
here
all
right.
First
of
all.
Well,
this
is
a
irrelevant
because
I
just
unwrapped
the
paragraph
so
ignore
that
sorry
about
that.
But
the
important
part
is
that
I
started
a
new
paragraph
here.
B
The
tester
can
then
present
the
attestation
results,
possibly
and
possibly
additional
claims
to
relying
party
which
then
compares
that's
old
text.
The
tester
may
also
present
the
attestation
results
the
passport
to
another,
relying
party.
So
maybe
the
word
passport
needs
to
be
introduced
further
up.
E
E
E
It
actually
is
consistent,
not
using
s,
except
for
where
you
actually
mean
it
in
a
way
that
could
be
plural
all
the
rest.
The
document
uses
it
without
the
s
when
specifically
meaning
singular
evidence
is
odd
because
evidence
you
know
is
is
both
singular
and
plural
right
yeah,
but
at
the
station
result
you
can
use
the
s
to
be
chrome,
plural,.
B
A
D
E
D
If,
if
an
attester
has
presented
evidence
of
some
sort
to
relying
party
and
I've
saved
it,
there's
a
question
of
the
freshness
of
the
policy,
that's
used
to
check
it,
so
the
verifier
may
have
looked
at
it
and
said:
yeah,
you're,
fine
and
now
the
verifier
may
have
new
information,
and
then
it
would
need
to
be
checked
again.
So
so
I
guess
maybe
it's
not
unreasonable
that
a
relying
party
would
represent
evidence
to
a
verifier
without
going
back
to
the
tester
to
say,
represent
your
evidence
to
me.
E
I'm
thinking
the
same
thing
that
having
a
cache,
so
let's
say
you
have
a
long
live
channel
between
the
attester
and
buying
party,
but
you
know
five
seconds
after
it
gets
established.
Then
it
goes
down
because
you
know
some
network
glitch
happened
for
three
seconds.
It
then
comes
back
up.
Do
you
have
to
re-go
through
the
attestation
stuff?
Or
can
you
bring
up
your
your
channel
with
a
new
tcp
session
without
having
to
re-go
through
that?
E
D
So
you
see
you
might
express
this
in
terms
of.
Is
this
two
separate
policy
decisions
that
the
relying
party
is
making
is
the
evidence
that
the
attesture
gave
to
me
fresh
enough
to
use
right?
Do
I
do
I
trust
it
and
then
then
there's
a
a
second
question
that
needs
to
say:
do
I
check
do
I
trust
the
verification
results
that
have
been
made
in
the
actual
background
check
and
then,
if,
if
I
trust
the
evidence,
but
I
don't
trust
that
I'm
going
to
then
just
send
it
off
again.
D
Right
and
then
sometimes
I
don't
trust
it,
I
have
to
go
back
and
get
new
evidence
and
then
have
it
verify,
because
it's
new
evidence.
So
so
I
think
this
there's
a
rational
reason
to
have
all
of
them.
You
know
even
where
the
relying
party
doesn't
have
to
go
to
either
one
of
them
to
assert
that
the
attestation
is
is
is
okay,
because
I
trust
the
evidence
is
fresh.
I
trust
the
results
from
the
verifiers
fresh.
Let
me
just
respond
to
whoever,
for
whatever
condition
I'm
having
that
the
attestation.
B
To
to
to
validate
the
evidence
as
fresh,
the
relying
party
would
do
that.
D
Of
the
verifier,
it's
two
things:
it
knows
about
the
freshness
of
the
evidence
from
the
attester,
as
well
as
the
freshness
of
the
result
from
the
verifier,
so
it
doesn't
really
need
to
bother
either
one
of
them
to
answer
the
question:
whatever
the
reliant
party
was
doing,
if
either
one
of
them
is
not
fresh,
it
needs
to
go
to
them.
B
D
I
I'm
a
big
believer
in
the
idea
for
if
this
is
a
security
architecture,
idea
that
every
entity
has
its
own
policy
decisions
that
it
acts
upon,
so
it
should
never
blindly
take
the
results
from
the
verifier.
So
again,
this
is
a
question
of
trust.
Do
you
trust
that
the
evidence
that
you
have
from
the
attester
is
fresh?
D
I
don't
need
to
check
again,
then,
whatever
I
was
going
to
do
an
association
for
I
can
just
assume
that
I
would
get
the
same
answer
and
reuse
it,
and
so
I
I
I
think
this
is
still
an
area
of
active
research
to
say.
Under
what
conditions
can
I
can?
I
trust?
When
does
it
make
sense
to
to
do
that?
So
how
should
I
write
that
policy.
B
B
For
that
connection,
let's
say
the
tcp
connection
from
the
attester
relying
parties
making
a
request
and
it's
provi
and
and
if
that
connection
goes
down
that
or
is
re-established
or
is
mo,
is
is
mobility
brings
it
to
a
different
ip
address,
or
something
like
this
that,
it
might
say
the
relying
party
says:
oh
yeah
yeah.
I
know
I
have
to
start
over
again
with
with,
and
I
might.
D
Need
myself
conditions
where
you
might
start
over
and
you
might
not
have
started
over,
you
might
have
to
only
partially
go
back
to
the
appraiser.
You
might
have
some
notion
that
the
so
the
verifier
might
have
some
sort
of
notification
mechanism
to
say
that
hey
my
means
of
verification
of
evidence
has
changed
this.
This
would
be.
You
know,
a
general
access
control
idea.
There's
some
policy
in
effect,
any
kind
of
policy
decision
that's
been
migrated
into
mechanisms
needs
to
be
revalidated.
D
When
the
policy
decision
engine
itself
has
changed,
and
so
you
may
have
to
go
back
and
invalidate
caches
and
do
whatever.
So
from
a
mechanism
point
of
view,
all
those
things
need
to
be
built
in,
but
if
you're
gonna
you're
gonna
do
this
right.
B
C
D
D
B
Exactly
the
opposite
up
to
this
point,
so
so
so,
first
of
all
I
did
put
in
this
arrow.
You
may
not
like
the
exact
nature
of
the
arrow,
but
I
did
put
that
in
just
before
a
moment
ago.
We're
talking
so
we
can
discuss
whether
that
belongs
or
not.
Okay,
and
where
I
I
started
a
paragraph
here
which
was
started
here,
okay,
but
it's
says
it's
merely
forwarded,
so
that
says
that
it's
not
cached
or
anything
else.
B
E
D
So
I
I
I
I
can
kind
of
agree
to
that,
because
I
think
to
really
drive
home.
The
kinds
of
things
I've
been
saying
requires
the
introduction
of
a
lot
of
descriptive
texts
that
is
subtleties
in
it
that
should
go
in
their
their
implementation.
Details
that
will
go
for
the
quality
of
each
of
these
entities
agreed
things
that
don't
take.
B
The
evidence
you're
basically
talking
about
about
about
the
you
know
appraisal
policy,
the
quality
of
the
appraisal
policy
here,
and
I
think
that's
what
you're
saying
is
that
that
there's
some
there's
some
deep
details
that
the
appraisal
policy
has
to
put
in
and
we're
not
in
a
position
in
this
document
comment
on
it.
I.
D
Think
there's
there's
a
lot
of
implementation
details
that
will
go
to
affecting
trust
and
then
there's
a
lot
of
issues
of
what
you
request
for
evidence
about
different
mechanisms
that
will
affect
trust
and
the
policy
that
you
are
going
to
have
at
a
relying
party
to
say
whether
or
not
the
attestation
was
successful
right.
D
That's
a
very
vague
kind
of
notion,
but
it's
all
in
the
beholding
of
the
the
relying
party
itself,
one
relying
party
might
look
at
the
same
mechanism
and
say
hey:
this
is
a
failure
and
somebody
else
might
say
hey.
This
is
okay.
It
was
good
enough
for
me
all
right
and
I
I
don't
know
that.
That's
something
that
comes
out
in
general,
that
you
know
that
there
isn't.
A
B
G
B
C
A
we
basically
have
you
know
a
stick
figure
diagram
and
we're
arguing
over
what
does
a
line
mean
yeah
and
we're
you
know,
there's
there's
always
going
to
be
layers
of
complexity
and
and
so
forth
that
you
can
add
to
a
line.
C
A
C
And
who
consumes,
which
conceptual
messages
we're
trying
to
say
that
that
that
doesn't
change?
Even
though
we
have
these
different
topology
models?
In
other
words,
the
tester
producing
evidence
that
is
consumed
by
the
verifier
is
still
true,
even
though
it
passes
through
the
relying
party.
We're
not
saying
that
the
relying
party
is
the
entity
that
asserts
evidence.
B
C
E
E
B
So
I'm
going
to
respond
to
them
and
say
you
didn't
quite
read
the
text,
but
we
fixed
it
a
little
bit
so
that
you
could
see
better
where
the
text
you
know
already
said
this,
and
I'm
not
sure
I
even
understand
this
last
paragraph
here
it
interacts
the
discussion,
the
following
purpose:
only.
B
D
Take
these
different
entities
and
roll
them
together,
and
we
could
name
them
or
not.
Name
them,
and
you
know
it
really
goes
to
some
of
it
is
the
the
question
of.
Are
there
entities
that
do
more
than
one
of
the
functions
or
take
out
more
than
one
of
the
roles
and,
and
you
start
to
get
different
shapes,
that's
the
that's.
The
word
that
we've
adopted
is
that
you
have
shapes
of
attestation
and
that
there
are.
B
So
I'm
just
going
to
stop
fuss
here.
I've
reopened
this
issue.
I
think
we
should
come
back
to
it
next
week.
We
have
a
couple
more
issues
to
deal
with
and
so.
D
C
B
Yeah
you
have
memorial
day,
but
I
had
yesterday
off,
we
have
a.
We
have
half
the
city
out
of
power.
We
had
a
major,
a
major
thunderstorm
on
saturday
afternoon
that
literally
took
out
half
the
city's
power
and
still
still
not
fixed,
so
schools
cancel
today.
Even
so
anyway
have
a
good
day.