►
From YouTube: RATS Architecture Design Team Meeting, 2020-06-30
Description
RATS Architecture Design Team Meeting, 2020-06-30
A
C
C
Yeah
they
1:12
I'm,
hoping
we'll
be
trivial
in
some
places
it
was
a
station
result
in
the
appraisal
policy.
In
other
places
it
was
attestation
results.
You
can
see
watchdog.
That's
one
word
to
match
the
TCG
spec
in
some
places
you
had
like
evidence,
appraisal
policy
versus
the
price
of
policy
for
evidence,
and
so
and
then
no
it
looks
like
the
last
one
got.
Hey.
I
did
not
intend
for
that
last
one
to
be
in
the
same
one.
C
C
C
C
E
C
D
D
C
C
D
C
Since
we
just
look
at
this,
and
all
this
one
did
ank
was
there
is
consistency,
so
there
was
a
couple
places
that
we
had
appraisal
policy
for
Association
result
versus
attestation,
policy
for
attestation
results
with
an
S,
vs
attestation,
result
appraisal
policy
and
so
I
try
to
make
those
be
consistent
to
always
be
results,
plural
and
in
in
in
all
the
places.
Similarly,
in
in
the
TCG
spec,
that's
called
watchdog
a
lower
case,
and
you
can
see
here
it's
two
different
places.
C
C
C
C
Levin
is
one
where
I
believe
I
have
addressed
everybody's
comments
and
I.
Don't
know
if
I,
if
people
like
the
way
that
I've
addressed
it
but
I
believe
that
11,
which
I
had
comments
in
it
before
I,
believe
that
I
have
addressed
them.
Oh
I'm,
not
it
not
necessarily
exactly
the
same
way
as
people
would
suggest
it,
but
I
do
want
to.
A
C
A
C
It
used
to
say
you
verifying
relying
party,
you
can
see
there
in
the
red,
681
and
now
I
put
a
slash
in
it,
but
I
did
not
accept
the
appraising
slash
or
lying
party
and
change
it
to
verify
or
allowing
party
which
I
thought
was
much
more
correct.
Relying
parties
also
do
appraisal
right,
so
every
relying
party
is
an
appraising
relying
party.
So
that's
why
I
thought
this
was
more
clear
and
the
other
point
that
was
raised
I
think
from
Hank
was
I.
C
C
C
So
the
only
changes
in
here
are
the
ones
which
have
the
verifier
slash.
Relying
party
was
that
change
and
then
the
attest
not
being
used
as
a
verb
any
place
in
the
document.
Those
the
two
changes
since,
since
the
last
time
you
reviewed
it.
Oh-
and
you
see
my
response
to
your
aside,
but
I,
don't
think
it's
the
scope
of
this
PR,
but
it's
interesting
discussion.
F
F
Is
this
is
one
of
the
early
questions
with
the
TPM,
particularly
the
the
ek
certificate
is
signed
by
a
manufacturer,
let's
say
Intel
Corporation
or
you
know
arm
and
if
that's
certificate,
or
that
key
pair
is
used
to
quote
certify
to
co-sign
another
device,
keep
air
that
second
device.
Keeper
is
still
uniquely
bound
to
that
device,
and
so
when,
when
I
use
it
say
to
go
shopping,
you
know
to
send
my
Bitcoin
to
yeah.
So
you
know
absolutely
right,
it's
you
know
the
other
end,
the
recipient.
F
The
RP
is
going
to
be
able
to
correlate
all
my
transactions
right,
and
so
the
question
is
here
is
well.
Is
this?
Is
this
the
right
layer
to
talk
about
PII
because
it's
really
device
behavior
information
versus
my
personal
info?
For
me
when
I,
where
I
live
my
address
and
so
on
so
on,
maybe
we
should
just
limit
the
discussion
to
say
you
know
something
like
you
know,
there's
a
possibility
that
the
device
could
be
correlated,
and
so
you
could
do
you
know
you
know
basically
behavioral
surveillance
right.
A
G
So
let
me,
let
me
say
what
eat
did
it
doesn't
try
to
define
PII
or
have
a
criteria
of
like
sorting
whether
this
is
bi
or
not,
that
that
seems
like
that's
going
to
be
a
problem
because
of
various
quality
by
context?
Much
for
the
things
what
document
says
is
privacy
is
an
issue
and
you
have
to
watch
out
for
it.
Some
things
will
be
privacy
violating
and
some
things
won't.
And
if
you,
you
know,
the
solutions
to
the
privacy
issue
are
either.
Don't
send
the
data?
G
C
F
C
A
Don't
have
a
proposed
text.
The
only
text
here
that
I'm
responding
to
is
that
that
the
tester
must
trust
entities
to
which
you
conveys
evidence
that
they
won't
reveal
it
right,
and
that
text
was
already
in
there.
This
just
moved
here.
So
that's
why
this
is
all
in
a
side,
discussion,
right
right
and
so
so
that
the
side
discussion,
to
my
mind,
is
if
Ana
tester
is
going
to
trust
another
entity
to
not
reveal
things
that
are
sensitive.
Does
the
data
that
sensitive
needs
to
be
marked
as
sensitive
yeah.
C
C
E
In
my
mind,
this
falls
into
sort
of
the
opposite
of
a
lot
of
the
appraisal,
policies
that
you
know
can't
be
dictated
in
this
document.
There's
you
know
this
is
a.
This
is
a
local
policy
at
the
in
tester.
As
to
you
know
what
constitutes
viii.
What
come
you
know
under
what
conditions
are
they
willing
to
share
with
whom
and
so
forth?
That's
sort
of
you
know,
as
as
long
as
it's
clear
that
that's
that's
a
policy
choice
that
an
ax
tester
can
can
make
and
enforce.
I
think
it's
about
the
relying
party.
G
C
What
what
the
the
thing
that
it
conveys
evidence
to
is
the
verifier
right
and
so
the
attest,
rested,
trust
and
that
reveal
sensitive
data
to
unauthorized
parties
and
so
what
sensitive
data
and
who
are
not
authorized
parties
I
think
Paul
is
exactly
right.
If
that
falls
into
the
realm
of
the
appraisal,
policy
is
gets
to
dictate
that.
A
So
let
me
give
you
an
example
where
I
think
it
might
be
useful
to
have
a
flag
right
in
general.
The
hash
or
measurement
of
the
firmware
is
not
is
not
sensitive
data,
because
everyone's
running
the
same
firmware,
I,
hope
right.
That
has
that
device,
except
in
the
case
when
it
turns
out
they're,
running
a
beta
or
something
else,
and
there's
only
six
of
those
people,
and
so
revealing
that
they're
running
the
beta
may
be
revealing.
Who
is
there?
That's.
C
A
Okay,
so
latest
model,
that's
still
in
beta
right.
So
the
point
is
that
in
general
this
is
not
the
thing,
but
the
firmware
says:
oh
yeah
actually
I'm
a
special
firmware
so
actually
I'm
telling
people
what
firmware
I
am
yet
revealed
something
right.
Normally
it
wouldn't,
and
so
the
verifier
doesn't
know
this
necessarily,
and
so
it
I'm
asking
the
question.
Would
it
be
useful
to
mark
that
so
that.
C
A
G
C
H
C
A
A
A
A
C
So
you
got
to
go
through
the
Ness
collation
process,
okay,
emerging
in
any
way
at
the
consensus
of
all
the
rest
of
them,
saying
oh,
it's
been
two
weeks
or
whatever
they're,
completely
non-responsive
or
whatever
so
I've
liked
the
followed
that
process
where
the
editors
are
the
maintainer.
She
sets
what
I'm
used
to
an
open
source
and
III.
C
C
A
Got
any
document
it
actually
confused,
so
so
so
the
the
comment,
the
original
comment
here
right
shows
us
removing
a
bunch
of
stuff
and,
and
then
it
says,
this
ID
is
never
used
in
later
sections
and
I'm
actually
really
unclear
on
which
one
is
you're.
Referring
to
now.
C
C
P,
your
specifically
those
even
after
the
murder
guys
you
can
see
in
Fenway
may
19
comment
there
to
downtown.
They
comment,
I
think
Dave's
meetings
at
the
newly
added
three
events
are
not
using
later
sections.
You
can
see
out
of
those
three,
you
know
he's
right,
then
you
can
see
at
least
one
of
those
was
merged
without
being
referenced,
and
so
that
was
my
point
number
one.
So.
D
C
C
My
point
of
what
number
two
is
two
points:
number
one
I,
don't
think
it's
appropriate
to
replace
a
synchronized
clock
section
right.
Synchronize
clocks
is
a
well-known
technique.
Using
you
know,
security
PPTP,
whatever
it
is,
and
there
was
a
section
that
talks
about
that
that
I
want
to
keep
now
whether
there's
an
additional
section
that
talks
about
handle
distribution
I
would
be
fine
with
if
there's
a
reference
to
pull
something
because
you
know
nonces
are
well
known,
synchronized
clocks
are
well
known.
C
D
E
D
Restful
resource
document,
the
rooftops,
the
document
and
the
subscription
to
Network
Devices
document
that
were
all
reference-
the
Henry
distribution
stuff
form
from
the
action
model,
so
that
is
likely
to
be
adopted
soon.
So
I
would
have
that
as
a
milestone
dependency.
Here,
if
you
want
to
have
this
hold
back,
we
can
also
prepare
text
in
anticipation.
We
can
leave
this
up
to
you.
I,
don't
really
I
only
care
about
not
being
a
blocker,
and
that
could
be
a
blocking
action.
Yeah.
C
So
I
admit:
I
have
not
reviewed,
you
need
to
handle
distribution
stuff,
so
I
am
NOT
up
to
speed
on
Indy
if
there
are
technical
issues
or
forwarding
issues
or
whatever
I'm
not
prepared
to
vote
for
any
review
of
that
part.
Yet,
since
I've
not
reviewed
any
of
the
handle
distribution
text,
that's
in
a
document
now
I,
remember
I've
reviewed
a
long
time
ago,
and
maybe
the
hint
of
the
situation
is
more
recent
than
that
or
maybe
I'm
just
not
remembering
right.
C
But
my
point
is
I
guess
my
preference
would
be
to
leave,
handle
issues
and
text
in
a
unmerged
branch
until
after
there's
a
working
group
discussion
as
opposed
to
putting
into
the
architecture
document
that
has
references
to
things
that
are
not
that's
my
preference.
But
my
main
point
is:
it
should
not
replace
the
synchronized
clock
section.
Yes,.
D
D
D
And
then
we
can
compare
them
next
time,
so
we
have
a
better
understanding
what
princess
and
then
I
think
because
it's
time
synchronization,
we
talked
about
elaborating
a
little
bit
on
that
in
the
example,
because
example,
it
was
basically.
This
is
like
another
example,
with
the
exception
of
two
sentences,
and
that
was
a
little
bit.
Slim
I
think
so.
Maybe
there
was
some
improvement,
a
room
for
improvement
there,
although
I
have
to
admit
I,
do
not
really
remember
right
from
the
top
of
my
head.
So
would
that
be?
D
D
D
C
H
D
A
C
It
was
replaced
with
text
about
handle
distribution
which
the
clock
synchronization
protocols
that
are
referenced.
There
are
not
handle
distribution
protocols,
and
so
now
it
talks
about
handles
being
distributed
and
talks
about
what
like
number
four.
It
talks
about
announces
in
this
section.
That's
labeled
to
be
about
time,
stamps,
right
and,
of
course,
NTP
and
PD
of
you
don't
use
nonces
right
their
time,
stamps
right
and
so
right
now
it
keeps
the
section.
So
once
you.
D
C
D
D
D
C
D
C
This
or
sign
time
stance,
so
the
announces
or
sign
time
stamps
and
centrally
generate
identifiers
is
a
complete
replacement
for
synchronized
clocks
and
the
previous
one,
and
so
that's
why
this
right
here
only
belongs
in
a
different
section,
does
not
belong.
In
my
opinion,
in
the
time
stamp
based
section
yeah.
C
The
my
point
is
that
I
believe
that
example:
three
should
reference
the
standards
and
you
might
have
an
example.
You
know,
for
whatever
the
number
would
be,
that
would
be
handle
distribution
once
there's
something
you
can
reference
there
and
I
would
have
no
objection
of
that.
As
long
as
it's
you
know,
a
working
of
document
or
something
that's
referenceable,
it's
fine,
so
yeah.
D
D
A
C
You
asking
me
yes,
my
personal
opinion
it
is
is
that
it
would
be
easiest
to
go
back
to
the
pre
merged
one
and
I,
meaning
on
the
local
machine,
you'll
sink
back
to
the
pre
merged
one
and
then
generate
this
from
there
and
then
perhaps
rebase
them
on
top
of
the
current
one.
If
you
understand
what
I'm
saying,
in
other
words,
I
I,
would
not
assume
that
those
three
lives
is
the
only
problem.
I
would
assume
that
the
whole
thing
is
a
problem
and
selectively
we
undo
stuff
and
move
everything
else
to
the
branch.
C
C
Some
things
are
trivial
like
was
it
line,
7
973,
which
has
the
period
for
consistency
right?
You
can
see
adding
the
periods,
no
problem
right,
but
otherwise
you
know
adding
lines
into
there.
I
think,
as
part
of
the
other
discussion
that
some
of
those
are
only
referenced
in
the
handle
Tex
and
some
of
them
aren't
referenced
at
all.
So
so.
A
C
C
D
D
C
Think
it
was
Eric
right
that
did
the
Eric
and
I
went
through
it.
We
both
of
us
liked
relayed
better
than
conveyed,
because
relayed
only
when
you're,
not
the
entity
that
created
the
announced
to
begin
with
right
bounce
relayed,
is
only
when
you're
relaying
somebody
else's
nos
we're
conveyed
is
more
generic
and
we're
rate
is
more
specific,
and
since
it's
only
used
in
a
more
specific
case,
we
wanted
to
make
it
as
specific,
as
was
relevant.
Okay.
D
C
D
F
C
D
C
Yeah
well:
okay,
no
I
I!
Do
remember
why
it
was
not
sent
okay,
because
it's
a
nonce
right.
It's
only
a
one-time
use
thing.
If
it
really
is
a
nonce
right,
you
could
in
okay
a
theoretical,
hypothetical
implementation
right.
Hypothetical
implementation
is,
let's
say:
I
boot
and
I
generate
a
pool
of
a
thousand
ounces
and
then
I
selectively
send
them
out
one
at
a
time
across
the
next
three
days.
D
C
D
C
D
D
D
C
C
D
D
C
A
C
C
C
C
D
D
C
I
said
right
now,
my
general
principle
is
that
anything
that
can
be
left
to
a
protocol
doc
should
be
left
for
a
part
call
doc,
and
all
that's
in
here
is
things
that
motivate
requirements
for,
say
the
eat
document,
which
is
a
working
roof
document,
and
so
we
do
put
in
like
Michael's
question
about
the
aside
that
we
talked
about
here.
It's
perfectly
fair
right,
because
that's
kind
of
a
question
about
whether
there's
a
requirement
on
each
to
do
a
particular
thing.
C
I,
don't
see
that
this
has
a
direct
impact
on
bat
in
any
way
that
I
understand
yet
anyway,
and
so
I
think
this
is
the
category
a
better
left
to
a
protocol
document.
If
there's
more
complexity
than
what's
currently
covered,
I
think
the
composite
device
section
right
now
is
already
really
complicated.
D
C
B
One
was
more
thing:
it
doesn't
it
it's
a
request
to
Michael.
Could
you
please
bring
the
point
about
the
PII
annotation
that
you
made
before
on
the
list,
because
this
I
fear
this
says
fall
out
on
on
the
requirements
for
your
test
or
API,
and
it
says
that
I
need
to
provide
API
use
to
selectively
remove
specific
claims
that
are
PII.
You
know
relevant
from
the
report
that
I'm
requesting,
if
that
becomes
a
requirement,
please.