►
From YouTube: RATS Architecture Design Team, 2020-03-17
Description
RATS Architecture Design Team, 2020-03-17
A
B
C
E
B
A
G
E
C
A
A
A
Think
the
goal
of
this
effort
is
to,
in
the
architecture,
probably
to
provide
wording
for
these
times,
if
appropriate,
and
also
to
make
it
clear
what
kind
of
where
there's
freshness
requirements
or
where
there
is
a
need
for
protocols
to
this
cut,
to
explain
how
they
provide
freshness
or
what
kind
of
freshness
they
provide,
what
the
SLA
on
it.
That
is
maybe.
B
B
B
D
B
D
B
A
In
particular,
we
know
there
might
be
a
tail
a
set
up
or
something
else
which
goes
back
and
forth
to
give
us
privacy,
and
so
there
may
be
there.
May
that
may
be
a
process
by
which
evidences
is
sent
from
the
tester
to
the
verifier,
and
the
exchange
of
the
nonce
is
part
of
that
so
or
the
Tuda
right,
so
I
mean
it
depends
on
all
sorts
of
things.
D
A
So
in
this
case,
though,
look
that
the
time
at
time
T
the
nonce
is
issued.
Okay,
and
that
implies
that
and
that
time
F
the
nonce
is
observed.
That
implies
that
the
signature
must
have
been
done
between
time,
T
and
time,
a
fright
in
the
case
we're
using
a
nots
in
the
case
we're
not
doing
using
an
aunt
nonce.
Then
then
you
only
know
time
F
and
you
know,
and
you
have
something
else
in
the
in
the
signature
that
says
something,
and
you
have
some
other
synchronization
or
not
right.
A
D
A
I
I
agree
with
you
completely
I
agree
with
you
completely,
but
what
I'm
trying
to
say
is
that
that
that
say
that
okay
and
the
state
in
the
time
based
thing
you
don't
know
time
D
and
that's
fine,
it's
not
defined
in
that
protocol
right.
So
anything
that
says
and
I
rely
on
time.
D
to
know
blah
blah
blah
is
broken
and
that's
okay
and
that's,
but
but
we
can
intelligently
now
speak
about
time
to
eat
it's
either
available
or
it's
not
right
and
time.
A
B
A
H
I'm
thinking,
what
makes
sense
is
to
the
architecture
to
it
to
break
these
down.
Have
this
conversation
have
the
nonce
conversation.
So
just
like
the
the
section
of
d
e
and
f,
let
that
be
a
diagram
and
just
talk
about
it
or
let
you
know
G
at
time,
H
and
then
whoever
you
know,
then,
then
you
know
it
goes
to
time.
H.
You
basically
talk
about
the
different
ways
to
represent
time
in
some,
you
know
in
a
simpler
diagram.
That's
the
sort
of
thing
that
would
make
sense
that
way
you
can.
H
B
B
D
First,
impressions
from
the
discussion
so
far
is
that
I
think
C
and
D
should
be
combined
because
I,
don't
think,
there's
a
significant
difference
and
that
whoever
was
showing
the
C
Prime
and
D
Prime
to
use
a
different
letter
than
C
or
D
their
words.
The
nonce
generation
by
the
verifier
in
the
nuts
generation
by
the
relying
party
should
be
different.
You
should
be
denoted
differently,
I,
so
I
liked
non
crimes.
I
think
was
the
original
email.
That
makes
me.
A
I
Because
this
is
gonna
lead,
you
know
the
reader
said
what
you
know.
All
these
other
use
cases
inside
use
cases.
Well
what
happens
if
this
happens?
What
have
you
know
what
I
mean?
This
is
an
architecture
document.
It
was
a
protocol.
You
know
you're,
defining
a
specific
verifier
protocol,
then
yeah,
that's
the
place.
I
tend.
D
F
All
the
time
differences
we
are
going
to
from
a
to
H
yeah
and
if
you
have
also
some
the
rivets
so
so
this
is
this
is
complex,
but
we
are
setting
a
good
reference
point.
If
people
start
to
talk
about
time,
it
will
be
a
confusion
from
the
very
beginning.
So
this
diagram
here
everyone
as
a
guideline
how
to.
F
How
to
refer
to
all
these
times,
I
think
that's
very
important,
because
you
will
always
have
a
time
step
and
nobody
really
knows
what
does
be,
and
this
diagram
really
really
shows
you.
What
it
could
means
so
complex
stuff
could
go
to
the
next
just
give
a
frame
of
reference
if
you're
talking
about
time
stamps
or
reference
points
at
times
here
and
and
and
the
like
that
said,
the
the
abstract
stuff
goes
into
the
architecture
text
directly
and
it
can
be
consumed
by
solutions.
But
by
providing
that
reference
frame.
B
A
Enough
so
I
just
I
wanted
to
go
back
to
your
diagram,
and
then
you
had
this
diagram
and
then
Wade
had
made
this
email,
and
then
we
had
a
more
complicated
diagram.
So
what
I
wanted
to
get
at
was.
Is
this
the
diagram
that
we
think
we
want
to
be
describing
forget
about
how
the
labels
our
labels
are?
Is
this
the
shape
I.
D
D
C
B
B
And
that's
why
I'm
highlighting
here,
because
I
had
a
very
rich
information
method
which
doesn't
really
match
well
to
the
text.
Unfortunately,
the
original
email
was
trying
to
show
straw,
man,
time
definitions
and
then
the
passports
below
it
and
no
test
board
and
the
others
were
functions
to
show
examples
of
how
those
times
were
digested.
I
think
this
gets
to
Dave's
point
that
we
really.
B
We
should
be
focusing
there's,
not
a
single
diagram,
but
instead
at
the
time
where
certain
things
would
be
occurring,
we
can
have
a
million
of
these
times,
but
as
people
mention
C,
Prime
and
D
Prime
are
the
things
about
each
of
those
primes
that
can
be
generalized
to
a
time
of
generation.
The
time
of
delivery.
B
I
do
think
that
a
number
of
these
have
to
be
separated,
because
when
we're
talking
about
random
number
generation,
it
could
be
that
a
random
number
is
generated
further
away
from
a
central
environment
when
it's
then
later
delivered
to
a
device
as
a
month,
because
the
magic
is
not
the
nonce
was
generated.
The
knots
the
magic
is
when
was
a
randomness
delivered
for
the
first
time
to
the
to
the
place,
which
is
going
to
go
ahead
and
put
that
nuts
within
a
side
set
of
evidence.
B
So
the
original
place
to
start
really
I,
don't
think,
is
the
diagram.
Instead,
it's
the
set
of
points
in
time
which
could
be
able
to
unify
across
either
the
models
that
are
being
generated
for
central
passports,
where
they're
not
modified
or
whether
we're
talking
about
the
passport
model
or
whether
we're
talking
about
the
background
check
model
I.
Think
the
right
place
to
start
is
the
points
in
time
which
then
could
be
used
by
various
use
cases
that
I
guess.
D
B
And
that's
what
I
was
trying
to
do
with
the
diagrams
below
is
provide
bounding
examples
of
the
most
simple
to
the
most
complex,
knowing
that
there
are
variations
in
the
middle
I.
Don't
care
if
we
talk
about
this
now
or
later,
but
I
do
agree
that
the
times
themselves,
while
ever
thrown
out
or
the
critical
part,
and
that
those
need
the
most
focus
rather
than
the
that.
D
The
reason
I
agree
was
I
think
the
main
point
of
doing
this
is
to
talk
about
what
security
guarantees
there
are
and
what
things
need
to
be
mitigated
by
other
means.
In
other
words,
you
know
the
difference
between
a
recency
and
freshness.
You
can
easily
explain
using
these
letters
right
that
style
of
discussion,
and
so
it's
the
discussion
text
about
it
and
it's
more
important
to
me
than
actually
the
diagrams
exactly.
B
And
that's
why
I
was
trying
to
insert
that
point
into
the
review
of
this.
I
can
stop
sharing
now,
but
I
think
that's
the
goal
that
we
need
a
discussion
to
talk
about
those
times
in
detail
and
nail
down
those
definitions
in
detail,
so
they're
reusable
across
variations,
so
I'll
stop
sharing
now,
but
that
was
the
original
goal
of
email
and
they
quickly
do
as
it
should
into
the
detailed
flows.
And
that
way
we
actually
have
proof
points
that
we're
able
to
use
them
in
various
contexts.
H
B
What
I
attempted
in
the
strawman
definitions,
I
believe
just
what
I'm
hearing
now
is
gonna
take
people
to
suit
and
digest
the
attempts
which
were
made
at
those
definitions
before
we
can
have
a
meaningful
discussion.
I,
don't
think
we
can
just
knock
them
through
where
people
are
now
just
introducing
themselves
to
the
intent
of
those
times.
It
might
be
more
productive
to
have
people
try
to
ingest
what
those
time
definitions
are
knowing
that
they
need
help
and
then
then,
starting
to
have
that
discussion
later.
With
this
goal
internalized
my.
D
B
A
D
B
A
B
D
D
J
D
K
D
B
D
But
whether
or
not
there
needs
to
be
a
freshness
check
here
is
the
whole
point
of
this
section,
and
so
this
is
where
you'd
say:
do
you
need
a
freshness
check
between
a
verifier
and
a
lying
party
in
the
ground
check
model?
That
is
the
point
of
the
first
dissection
is
to
have
such
discussions.
You
either
say
you
don't
need
it
because
of
X
or
you
do
need
to
because
of
Y,
so
that
that's
the
main
reason
that
I
picked
this
diagram.
D
A
D
I
haven't
read
it
yet,
but
assuming
that
I
read
it
in
other
people,
okay,
I
mean
I'm,
okay,
with
either
doing
it
or
helping
somebody.
Do
it
either
one
okay,
nobody
else
top
I'm
happy
to
make
it
unjust,
based
on
Eric's
text
and
I've.
Seen
enough
of
good
I,
think
I
know
what
I
would
change
to
create.
It.
B
D
Am
happy
taking
the
action
item
to
convert
stuff
can
convert
a
subset
of
things
into
markdown
and
post
it.
What
I
don't
know
was
the
father.
People
would
want
more
than
what
I
would
convert,
but
I
would
take
Eric's
text
a
subset
of
Eric's
text
like
the
stuff
that
he
was
just
projecting
and
that
the
diagram
that
was
just
being
projected
make
a
couple
of
changes
and
then
start
trying
to
write
some
words
based
on
stuff.
That's
what
I
would
be
willing
to
do
or
help
someone
else
do
so.
H
A
H
E
K
B
D
A
A
A
A
K
D
I
A
E
J
D
E
E
K
A
H
D
A
H
And
it's
really
there's
there's
potentially
multiple
bowties
depend
for
each
role,
at
least
up
with
a
relying
party
in
for
verifier
and
if
we
think
about
a
supply
chain
scenario,
where
you
have
multiple
multiple
suppliers,
you
know
potentially
sort
of
consuming
endorsements
from
other
suppliers,
there's
a
potential
for
a
bowtie
and
on
the
endorser
side
as
well
and
given
given
the
composite
device.
Those
there's
potential
for
bowtie
on
the
tester
as
well.
H
D
A
My
my
my
opinion
is
that
a
particular
a
specific
attestation
flow
is
unlikely
to
involve
more
than
two
formats,
but
those
two
formats
may
be
vastly
different
than
someone
else's
attestation
flow.
So
it's
not
like
a
single
verifier
actually
has
to
cope
with
five
plus
formats.
It
probably
has
to
do
to
at
most.
D
A
D
A
Agree
with
you,
but
what
I'm
actually
trying
to
say
Dave,
is
that
yes,
I
agree
with
you
that
the
left
hand
side
may
very
well
have
a
multitude.
If
you're
telling
me
it's
going
to
be
all
four
of
these
plus
three
other
ones,
then
I've
disagree,
that's
probably
not
the
case,
but
more.
What
I'm
trying
to
say
is
that,
even
though
this
there
may
be
a
fair
bit
of
heterogeneity
on
this
side,
the
odds
are
that
the
relying
party
is
that
we
have
a
lot
of
different.
B
A
A
Yes,
I'm
saying
that
exactly
and
that's
that
perfect
I
happen
and
you
don't
have
to
support
things
arcs,
a
at
runtime
that
you've
never
heard
of
yep
right.
So
you
don't
have
to
build
in
a
bunch
of
formats
in
your
verifier
because
something
might
come
along.
No,
if
you're
you're,
if
something's
come
along,
you're
gonna
really
know.
D
H
D
Needed
that's
exactly
the
same
question.
I
was
gonna.
Ask
thinking
it
is
the
Assumption.
This
diagram
is
the
verifier
supports
multiple
formats,
the
attest
or
supports
one.
The
question
that
I
was
gonna:
ask
which
is
basically
identical
to
Ned's
is
other
cases.
We're
in
a
tester
can
support
multiple
formats
and
somehow
has
to
decide
which
one
to
send
to
the
verifier.
D
D
They're,
relying
party
needs
the
attestation
for
am
it
so,
yes,
my
expectation
is
the
relying
party
needs
to
say,
hey
verifier,
please
give
me
attestation
results
and
the
following
thing
right:
it's
a
very
progress
to
make
a
choice
based
on
with
your
lying
parties.
That's
the
errors
on
the
right
that
makes
perfect
sense
to
me.
D
The
left
side
is
more
interesting
to
me,
given
that
I
think
that
I
know
the
answer
on
the
right
side,
which
is
the
relying
party,
gets
to
specify
what
format
it
was
the
attestation
result
in
from
the
verifier
on
the
left
side.
If
the
attest
are
supports,
multiple
of
them,
does
it
just
arbitrarily
pick
one
and
believe
that
the
verifier
has
to
support
everything?
So
let's
say
you
have
an
ax
tester
that
supports
cwt
and
JWT
right.
D
A
I
I
A
I
think
that's
the
interesting
case.
Maybe
is
that
someone
has
a
spec
and
writes
ok
for
this.
For
this
use
case.
In
this
s
hesitation
flow.
We
must
support
the
legacy.
Intel
SGX
things,
however,
going
forward.
We
prefer
to
for
support
eat
now
in
a
tester
that
support
supported
both
needs
to
know
if
the
verifier
always
supports
both
and
I
think
that
the
spec
writer
just
said
the
verifier
will
support
eat.
A
D
D
A
I
A
H
A
D
A
J
A
G
G
So
TPM
the
TPM
format
will
never
carry
claims,
as
you
know,
as
we're
defining
in
eat.
So
that
makes
it
you
know
to
me.
The
TPM
format
is
kind
of
defined
by
the
TCG
that
and
it
does
this
limited
sort
of
thing.
So
it
seems
a
little
bit
of
the
odd
one
out
there
and
I
would
think
we
would
never
want
I'm
gonna.
Well,
we
heard
I
can't
quite
imagine
how
the
station
result
will
ever
be.
Tpm
format.
A
Is
that
potentially
some
legacy
format
where
someone's
basically
just
hasn't
bothered
to
convert
along
the
way
they
have
a
station
flow?
They
want
upgraded
to
eat,
but
they
still
need
to
support
their
legacy.
Devices
which
are
were
in.
We
just
didn't
know
that
there's
another
option,
so
we
just
we
just
sent
them
all
along
I
understand
evidence.
A
Michael's
right,
I
think
Michael's
right.
They
just
just
had
a
library
that
would
interpret
TPM
format
and
they
just
reused
it
and
it's
a
legacy.
Undocumented
attestation
result
format
that
they
that
you
know
Jewish
the
sewage
industry
has
adopted
because
they
didn't
know
anything
about
crypto.
Only
let.
G
A
D
There
are
ways
to
do
it
so
and
I'm
not
saying
we
should
have
any
discussion
in
the
document.
I,
don't
think
we
should
have
any
discussion,
the
document,
but
just
answer
your
question:
if
you
have
a
secure
conveyance
protocol
and
you
either
get
the
TPM
information
that
was
in
the
evidence
or
you
don't
so
you
don't
mic
any
modifications,
you
either
get
it
or
don't
and
getting
it
is
equivalent
to
the
verifier
saying
it's
okay
and
not
getting.
It
is
saying
it's
absent.
That's
an
example
that
actually
doesn't
the.
H
Thing
we're
missing
is
the
semantics
versus
encoding
and
in
the
case
of
a
TPM,
the
TPM
is
an
encoding,
because
all
because
the
TPM
described
the
encoding,
as
as
an
attestation
doesn't
necessarily
make
it
an
attestation,
what
makes
it
an
access
station
versus
a
verification
is
what
goes
in
and
and
the
TPM
doesn't
is
agnostic
as
to
what
information
is
going
in.
If
a
verifier
chooses
to
use
a
TPM
in
order
to
produce
attestation
results,
it's
still
a
test
station
results,
even
though
the
doc
can,
even
though
the
API
is,
might
call
it
active
station.
G
H
A
Quiet
nature,
the
signature
that
comes
out
is
in
a
particular
format
and
the
verifier
has
to
have
a
library
that
interprets
that
format
right.
Okay,
once
I
have
that
library
that
interprets
that
format
I
probably
have
code
that
generates
that
format.
So
I
can
test
my
library
that
interprets
that
format
at
which
point
I
have
a
thing
that
signs
that
format
I
didn't
generate
it
with
a
TPM
on
my
verifier,
but
I
have
a
thing
that
signed
something
never
heard
of
CWT
sjw
T's,
PKK's
CMS,
whatever
I,
don't
know
anything
about
that.
A
G
A
G
E
D
D
Yeah
I
agree:
that's
actually
how
they
are.
It's
the
same
benefit
you
get
from.
You
know
GWT
or
GWT
right.
You
don't
know
what
the
values
are
that
came
into
it,
you're,
just
using
as
a
format
they
get
signed.
You
have
to
have
some
other
external
thing
to
get
security
out.
The
actual
values
of
the
claims
right,
okay,.
A
A
All
right,
all
right,
so
I've
taken
it
as
to
do
to
create
that
text.
I
think
it's
gonna
be,
but
one
paragraph
I,
don't
know
exactly
what
I'll
say,
but
will
be
one
paragraph
and
it'll
go
somewheres
under
after
the
bowtie
explaining
you
know
what
the
verifier
is
not
expected
to
do
everything,
but
they
expect
it
to
be
constrained
by
a
use
case
document.
So
I,
wonder
I,
wonder
if
we
have
another
section
that
we
haven't
done,
which
is
that
we
actually
need
to
have
a
road
map
section
in
the
architecture.
A
A
B
A
A
So
I'm
not
suggesting
a
road
map
document
I'm
suggesting
a
road
back
section
in
the
architecture
which
says
the
following
things:
our
in
scope
for
ITF
rats,
working
group
documents
and
you'll
find
them
here
and
the
following
paint.
Things
are
not
in
scope
for
this
and
they
will
need
to
be
written
by
somebody.
I,
don't
know
who
those
people
are
exactly
how
to
name
them
right.
In
other
words,
don't
expect
to
take
just
the
ietf
documents
and
have
a
working
attestation
flow.
H
D
A
Have
a
session
next
week,
because
the
iesg
essentially
kept
only
the
working
groups
and
boss
Bennett
had
fitted
from
large
attendance,
so
Louis,
boss,
The
Dispatch
groups,
the
plenaries
they
they
kept
a
slot,
a
new
slot.
They
received
a
new
slot
and
the
working
group
chairs
were
asked
to
set
up
virtual
interim.
They
were
given
a
schedule
of
days.
They
should
do
their
virtual
interim,
so
they
were
deduplicate
de-conflicted
and
that
goes
on
until
the
end
of
April,
and
so
those.
A
A
A
which
works
well
in
the
west
coast,
and
works
is
early
morning
in
China,
as
opposed
to
middle
of
the
night
and
basically
said
here's
here,
these
working
groups
will
will
meet
and
then
the
same
sort
of
period
was
suggested
as
a
time
or
but
doodle
pulls
into
the
thing.
So
other
words,
rats
doesn't
have
a
slot
anymore.
Next
week
is
my
understanding
that.
A
F
D
D
K
H
D
You
mean
yeah,
correct,
but
I
don't
want
to
wait
until
the
31st,
where
it's
the
same
day,
to
have
the
first
discussion
of
what
would
be
on
slides.
So
if
we
can
have
either
a
discussion
about
what
should
be
on
slides
or
even
draft
slides,
if
we're
really
ambitious
on
the
24th
but
I
would
be
fine,
was
saying
what
should
be
on
slides
and
make
assignments
for
slides
on
the
24th
and
then
do
that
over
email.
If
we
need
to.
H
D
H
A
A
Okay,
well,
yeah,
do
we
need
to
do
we
want
to
walk
the
working
group?
Think
about
this
question.
Do
we
want
to
walk
the
working
group
through
the
architecture
document
in
the
form
of
five
diagrams
or
something
like
this,
or
do
we
want
to
tell
them
a
status
report
of
where
we
are
go?
Read
the
document.
H
So
I
think
you
know
the
last
time
we've
had
status
reports
that
had
last.
You
know
that
we
had
tutorials
early
on
before
we
actually
had
document
accepted
as
a
draft,
and
so
it's
probably
time
for
a
tutorial
ie,
not
you
know
it's
a
it
would
be
important
to
have
the
draft
in
readable
form
as
well.
In
other
words,
the
tutorial
should
should
not
include
information
that
isn't
also
in
the
draft.
So
if
we
can
get
both
of
those
to
align,
I.
A
Think
that
where
we
have
potential
to
get
the
time
sequence
diagram
in
before
the
the
virtual
interim
I
think
we
can
include
that
I
think
the
rest
of
the
content
is
is
already
there.
I
think
other
value
of
doing
a
tutorial
slides
is
that
they
go
into
the
proceedings
and
become
useful
for
people
in
the
future
to
come
up
to
speed
quickly.
Agree.
D
Like
I
think
that
a
station
of
composite
devices
has
never
been
presented
in
any
working
group
meeting,
that
might
be
a
topic
to
actually
look
mean.
The
things
that
we've
never
talked
about
in
any
working
group
meeting
other
than
the
design
team
here
would
be
things
that
would
get
good
to
report
out
on
right.
So.