►
From YouTube: RATS Architecture Design Team, 2020-01-21
Description
RATS Architecture Design Team, 2020-01-21
B
A
A
B
A
Things
I
think
that
Chrome
has
gotten
into
putting
a
big
big
lock
like
a
big
kernel
lock
into
the
browser,
because
when
I
have
a
web,
RTC
running
of
some
kind,
I
will
notice
that
my
browser
completely
locks
up
I
can't
switch
tabs
I
can't
even
like
raise
lower
windows
on
it.
Stuff
like
this,
and
yet
the
audio
continues
to
go
through.
A
Of
your
system,
yep
and
and
it
will
suddenly
it'll
suddenly
unlock
and
everything
will
redraw
and
all
the
commands
that
I
had
type
will
suddenly
execute
and
it
could
take
like
3
or
4
minutes
and
I'm
like
what
is
know
something's,
taking
the
lock
and
forgotten
about
it
clearly.
But
so
it's
a
bit
weird
to
think
that
browsers
are
now
more
complicated
than
kernels.
A
B
B
The
thing
that
I'm
building
right
now
is
closer
to
the
definition
of
was
a
composite
or
combinations
than
the
TCG
definition
of
layering,
and
instead
of
just
creating
a
new
term
for
what
I'm
doing
I'm
trying
to
recreate
text
based
on
the
combinations
and
then
maybe
discuss
what
I
trying
to
do
as
a
group
so
that
we're
not
getting
it
confused
with
the
TCG
definition
of
layering.
Also
a
way
is
on
the
call
to
they're
there
I'm
trying
to
adopt
the
component
descriptions.
He
has
such
as
a
tester
components.
A
B
Could
do
that
the
text
I
have
again
I'm
trying
to
make
sure
that
it's
seen
as
as
mirja
Bowl,
rather
than
starting
to
be
merged.
So
my
take
on
it
right
now
is
that
if
I
can
leave
the
architecture
document
as
simple
as
possible
and
adopt
all
the
terms,
that'd
be
good.
So
I
think
the
more
interesting
thing
would
be
if
I
can
have
text,
which
is
an
example
embodiment
of
the
architecture
using
the
architecture
terms
that
might
be
more
useful
than
trying
to
send
something
in
the
architecture
directly
I.
B
B
B
F
B
A
F
A
A
A
F
G
F
A
D
F
F
E
F
Want
to
make
sure
it's
all
showing
the
updated
ones.
I
just
wanted
to
know
if
there
was
some
non
right.
That's
how
I'm
looking
forward
to
this
to
make
sure
there's
no
some
non
editorial
thing
in
the
outdated.
Some
of
us
need
to
understand
the
rationale
for
changing
that
one
I
want
to
see
what
the
new
wording
is,
the
one
that
used
to
say
NMS
is
it
now
just
say:
there's
only
one
major
out
of
the
connection
to
the
verifier
yeah.
D
F
Okay,
so
this
is
the
I
think
part
of
the
main
discussion
here.
So
in
the
diagram,
it
just
shows
a
testers
on
the
bottom.
You
know
leta,
tester
and
subah
testers
or
whatever
the
other
term
is,
and
the
evidence
comes
up
and
so
I
expected
the
text
to
show
that
meaning.
My
interpretation
of
that
diagram
was
that
the
leta
tester
would
just
collect
all
the
evidence,
put
it
into
some
composite
form
without
doing
any
verification
and
ship
it
up
to
the
verifier
right.
F
So
there's
no
verification,
I
see
now
wayne
was
put
in
this
verifying
environment
optional
in
the
diagram
which
I
haven't
seen
before,
but
the
little
part
in
the
asterisks
in
the
bottom
wasn't
there
before,
and
so
my
interpretation
before
is
what
was
in
the
evidence
of
composite
a
tester
era
that
comes
out.
The
top
was
just
a
collection
of
all
the
evidence
from
all
the
individual
attest
errs
and
it
would
just
shape
them
up
in
some
bulk
combination
form
without
any
verification
in
the
Leda
tester.
F
A
G
It
was
trying
from
the
I
didn't
dive
into
the
history
so
that
I'm,
highlighting
that
so
from
the
top
of
my
head
I,
remember
that
that
was
initially
and
then
they
had
this
two
diagrams
that
were
difficult
to
compare
better
verifier
box
inside
the
tester.
Yes,
I
think
right,
which
I
didn't
understand,
then
either
so
so.
This
is
basically
the
this
is
I'm
trying
to
what
I
thought.
That
meant-
and
this
is
my
deduction
from
it-
I
put
it
into
a
comment
yeah.
G
D
G
Is
it
feasible
to
have
a
tester
roll
in
the
root
it
has
to
Heinrich
here
for
composite
advice
in
order
to
not
convey
all
the
evidence
but
offload
some
of
the
appraiser
procedure
to
the
attest
herself
by
provisioning
it
with
local,
isolated
tester,
assumed
it's
probably
on
some
supervisor
power,
something
on
mainboard
and
then
mail.
It
had
that
component
because
powerful
enough
to
be
partially
a
verifier
for
some
components
only
created
cessation
results,
I
should
follow
my
own
thought
and
then.
G
F
H
F
I
understood
what
Hank
said:
I'm
gonna
repeat
back
what
I
think
you
said
Hank,
because
if
so
I
would
be
fine
with
the
approach
that
you're
saying
you're,
saying
if
there's
a
verifier
in
the
composite
device,
then
that
verifier
generates
attestation
results
which
are
put
into
the
composite
evidence
right.
The
composite
evidence
includes
attestation
results,
and
you
also
said
that
the
appraisal
policy
configured
in
the
composite
device
was
configured
there.
F
H
F
Think
it's
a
different
pattern.
I
think
it
is
another
one
of
the
ways
to
combine
patterns
just
like
the
one
example
that
shows
that
say,
you
know
T
plus
something
else
uses
where
you
have
an
example
of
you
know
background
and
an
example
of
a
passport
in
the
same
overall
topology
and
in
different
places.
H
A
F
A
F
A
So
so
you
are
I,
think
saying
what
I
think
I
spaced
out
when
and
you're
saying,
is
that
that
local
verifier
might
not
be
local?
It
might
actually
be
communicating
with
a
different
verifier
elsewhere,
receiving
attestation
results
and
then
including
them
in
in
its
thing,
and
that,
in
fact,
you
said
was
almost
the
teep
use
case.
Didn't.
A
That
you
go
to
to
verify
or
a
collect
attestation
results
include
that
into
composite
evidence
to
verify
or
be
okay
in
order
to
do
something,
and
that
that's
one
of
the
ways
that
this
compass,
that
device
could
work
where
it
doesn't
actually
have
a
local
verifier.
It's
just
that
the
the
verifier
role
appears
to
verify
or
to
the
second
one
in
the
diagram
to
be
coming
from
within
the
device
when,
in
fact,
there's
no
idea
where
exactly
it
is
that's.
A
F
F
A
F
But
if
you
are
going
to
do
the
same
thing,
regardless
until
you
sent
off
the
composite
evidence
off
to
the
verifier
and
when
we
do
something
after
that
point,
then
of
course
then
you're,
not
a
relying
party
you're,
just
a
verifier,
because
you're
generating
a
blob
of
stuff
and
shipping
it
off
box.
I.
F
A
So
I'm
just
happy
to
put
to
abstract
that
all
into
verifying
environment
and
if
there's
a
verifying
environment
that
can
create
attestations
that
they
would
be
packaged
into
the
composite
evidence
and
that
I
don't
really
care
how
they
get.
From
this
diagrams
point
of
view,
I
don't
really
care
whether
they
they
are
in
that
diagram.
If
I
were
to
term
how
to
draw
it,
I
would
want
to
explain
another
dimension
and.
A
F
So
I
think
you're
you're,
arguing
that
we
deal
with
it
in
a
text
not
in
the
picture
yeah
and
then
it's
just
trying
to
figure
out.
What's
the
right
label
inside
the
asterisk
boxes,
verifying
environment
there
is
that
the
right
label
or
is
there
a
better
label
we
can
come
up
with,
but
I
am
also
fine
dealing
with
it
in
the
text.
F
D
H
There's
a
verifier
and
our
line
implies:
there's
policy
feeding
both
of
those
and
I
I
think
it
makes
sense
to
me
to
say,
but
that
you
know
the
relationship
of
the
the
roles
can
be
applied
in
you
know
in
in
in
this
particular
way
it
places
some.
You
know,
requirements
on
the
on
the
composite
environment
to
do
to
facilitate.
You
know
that
the
complexity
at
it,
but
I,
don't
think
it
makes
sense
to
you
know,
hide
the
complexity
just
so
that
the
diagrams
are
simple.
H
G
Because
we
are
saying
now
that
attestation
results
from
posts
through
a
bundle
and
then
used
as
evidence
are
composite
evidence.
What's
about
the
bulk
evidence
is
just
concatenated
and
maybe
even
just
for
finally
go
signed
again.
That's
the
attestation
results
and
is
also
somehow
composite
evidence.
Are
we
the.
A
A
F
Agree
with
what
you
just
said,
Michael
I,
think
format
wise
right.
Both
the
evidence
and
attestation
results
are
just
sets
of
claims
that
are
then
signed
right,
and
so,
if
you
were
to
just
look
at
a
blob
of
stuff
inside
the
evidence
of
compositive
tester
and
it
had
a
sign
to
claim
set
in
there,
then,
if
just
parsing
the
bits-
and
you
know
Wireshark
or
something
it
might
be
indistinguishable
between
an
attestation
result
in
evidence.
F
F
Yeah
so
watching
like
typing
here,
maybe
I'll
throw
out
if
we
can
start
throwing
out
strawmen
labels.
This
may
be
something
about
because
it
collects
the
claims
from
the
testers
and
so
I,
don't
know
if
it's
a
something
that
uses
the
term
collect
or
collector
or
collecting,
as
one
of
the
words
blames
collector
hay.
F
A
A
F
F
H
F
F
G
F
F
I
G
A
F
F
F
That's
entire
line
here,
yes,
because
if
there
is
no
verifying
environment
on
the
bottom,
then
there
is
of
course
no
such
line,
and
if
there
is
a
verifying
environment
on
the
bottom,
the
endorsements
and
official
policy
may
not
come
from
the
verifier.
They
could
come
from
some
other
completely
different
identity,
and
so
I
think
that
line
that
comes
downwards
is
their
online
identity.
E
A
F
F
H
F
F
F
A
B
Is
there
somebody
who's
test
with
are
going
to
put
the
composite
of
evidence
term
together?
For
me,
the
way
I've
seen
that
in
the
past
is
that
each
bit
of
composite
evidence
should
come
from
an
a
tester
component
which
can
be
verified
to
come
from
that
a
tester
component,
because
you're
gonna
want
to
make
sure
you
have
signatures
from
different
elements,
each
one
of
which
can
be
assembled
into
some
larger
structure.
So
to
me,
the
important
part
of
the
composite
evidence
is
that
you
have
sub
components
which
can
be
independently
verified.
B
B
F
F
F
So
here
I
changed
the
section
title,
because
I
agree
with
things
point
I
think
that
changed
the
section
title
actually
improves
it,
because
replay
prevention
is
a
more
accessible
term
that
people
might
expect
to
find
in
an
arbitrary
document
about
security.
Right
freshness
is
a
way
to
write
exactly
this.
G
F
F
F
A
H
They
think,
in
terms
of
a
watchdog
scenario,
where
you
get
here,
you,
your
attic,
updates,
there's
no
they're,
not
those
aren't
considered
replays,
those
are
just
periodic
updates
and
the
verifier
is
able
to
say
yes,
this
was
good.
You
know
a
minute
ago.
Yes,
this
was
good.
There's
ago.
That's,
that's
freshness
is
just.
H
A
A
G
G
F
H
G
G
H
L
F
H
G
Why
this
is
super
important,
I
think
security
conservation
should
be
aggregated
there
and
and
having
a
short
part
by
basic
saying,
the
method
that
is
there's
some
short
Reznor's
approval,
presentation,
freshness,
sorry
and
satisfiers
replay
intervention.
It
does
not,
though,
will
prevent
delay
attacks,
but
that's
another
part
I
guess
it's
good
with
this
security
conservation.
H
F
E
G
Other
one
is
the
allele,
a
attack
that
you
just
you,
have
a
evidence
from
another
entity
and
pretend
you
are
that
entity
provided
evidence,
and
you
have
evidence
about
this.
This
is
about
registration
provenance.
You
really
have
to
prove
that
the
entity
that
sends
with
the
evidence
is
also
the
entity
that
this
evidence
is
about
if
it
is
not
able
to
show
that
that
you
can
just
basically
steal
away
evidence,
basically
on
the
way,
maybe.
G
F
F
F
F
F
A
section
blah
blah
blah,
but
maybe
you
took
it
out
of
the
other
document.
The
only
thing
that
I
changed
after
the
very
first
version
of
everybody's
commented
on
is
the
words
word
freshness
changed
to
replay
prevention
and
then
I
add
the
change
section
title.
If
you
change
that
back,
then
it's
exactly
what
anybody
here
of
you
did
Hank
anybody
else
has
seen:
okay
I'm,
not.
E
F
A
F
G
A
F
F
F
F
If
you
look
in
Williams
text
right,
he
used,
you
know,
lead
a
tester
and
whatever
else,
and
so
whatever
terms
that
we
use
here
and
in
the
text
that
I
think
Eric
is
writing.
I
know,
I,
said
I
reserve
judgment
until
I
see
Eric's
text
and
we
just
merged
the
first
version
of
the
composite
stuff,
and
so
I
want
to
turn
this
example
in
there.
H
A
Hank,
my
suggestion
to
you
is
to
do
a
run-through
on
the
document
and
tell
us
where
we
would
use
these
terms
like
you
could
make
a
pull
request
with
the
changes,
and
so
we
would
understand
what
it
is.
I,
don't
even
know
what
the
definition
of
entity
would
be
other
than
entity
is
an
entity.
It's
an
empty
box,
but.
G
F
C
C
G
The
future,
so
to
speak,
when
the
text
appears,
for
example,
from
weapon
and
everything
Alliance.
If
not,
we
will
find
out,
but
let's
use
in
any
case,
this
was
an
attempt
to
align
more
with
the
think
you
a
grenade
rolls
on
basically
and
live
with
each
and
make
it
relatively
simple
to
understand
the
context
between
those
two
different
drafts
and-
and
if
that
is
not
an
agreement,
sorry
for
the
presumptuous
interpretation,
yeah
I
didn't
want
to
barge
ahead
with
this.
This
is
basically
from
past
discussions.
I
assume,
so
that's
just
a
fair
bank
memory.
G
So
in
any
case,
maybe
it
really
line
again
to
drew
the
comic
coming
poor
requests
and
then
this
is
fine.
In
any
case
again,
entity
is
defined
by
what
it
must
wait
for
the
night
from
nine
I.
Think
and
it's
everything
you
know
it's
basically
a
concept
or
a
deity
or
an
organization
or
person
or
device,
and
we
are
talking
more
on
the
device
side
of
things.
So
it's
a
little
bit
of
a
a
big
word
for
the
subset
we
are
talking
about,
but
it
would
align
the
each
and
so
there's
that.
G
G
You
could
call
it
a
device
or
a
principle
or
an
entity.
All
of
those
terms
have
merit
I'm,
not
married
to
any
of
them.
Entity
would
align
with
each
parent,
and
so
that
was
my
first
assumption.
That
would
be
a
good
way
to
not
disrupt
things
but
be
inclusive,
but
they
can
call
it
whatever
gosh
it's
just
the
things
you
put
the
balls
I.
H
Think
we're
using
component
and
sub
component
in
the
lot,
the
last
set
of
text
that
we
were
looking
at,
potentially
lots
of
different
terms
that
can
be
applied.
And
so
the
question
is:
does
it
make
sense
to
agree
on
one
term
and
use
it
consistently
or
is
there
value
and
having
different,
slightly
different
terms
that
add
some
context
to
the
so.
L
Now
that
I,
you
know,
I
think
that
term.
That
term
target
is
a
really
valuable
term
now
that
that's
kind
of
coming
into
and
they
use
so
as
I
work
on
the
eight
draft
I'm,
finding
that
term
target
being
really
useful
and
I,
don't
think
I've
fully
integrated
it
into
the
eight
draft.
Yet,
like
I
mean,
are
these
sub
modules
sub
targets,
maybe
so
that
the
orientation
is
around
target
and
a
tester
do.
L
H
H
G
Maybe
again,
I
would
like
for
an
architecture.
What
I
expect
is
to
have
a
concept
for
the
things
that
carry
the
balls.
It
is
something
I
heard
early
on
on
the
list
and
repeatedly
was
voiced
under
lists
or
and
I
would
agree
with
that.
We
have
never
come
up
with
the
name
of
us
to
go
to
every
one,
but
we
will
find
out
it
doesn't
have.
It
doesn't
have
to
be
done
now
we
can
just
we
defer
this
highlighted
and
I
can
check
periodically
if
there
is
now
enough
meat
to
make
a
consensus.