►
From YouTube: RATS Architecture Design Team, 2020-10-06
Description
RATS Architecture Design Team, 2020-10-06
A
Hello,
sharing
sharing
is
caring,
hello.
A
Don't
really
know
well,
the
best
part
is
teddy
ruxpin
teddy
ruxpin's,
another
character
that
involves
stuffed
animals
and
and
the
best
part
about
it.
Is
that
the
the
villains
that
they're
opposed
to
have
a
union
and
and
when
they
get
to
a
union,
just
fine
break
the
the
villains
they
stop
like
to
go
and
have
a
coffee.
C
A
A
A
A
G
What
can
we
these?
So?
I
think
actually
some
of
these
are
really
hard.
Okay
and
some
aren't,
I
think
the
tester
verifier
one.
I
I
didn't.
I
actually
made
a
comment.
I
don't
know
how
to
deal
with
this
one
today,
because
it
was
so
overloaded
with
different
issues
of
text
and
a
general
disagreement
of
how
this
pr
should
be
handled
in
general,
and
that
was
very,
very
difficult
for
me
to
address
right
now.
G
So
I
made
a
few
comments
and
actually
said:
maybe
we
should
cut
this
up,
and
maybe
we
should
have
an
idea
if
you
want
to
pursue
this
pr,
which
was
provided
by
lawrence.
I
think.
G
A
G
No,
it's
fine,
but.
G
A
Yeah
he's
usually
got
something
else
beforehand
and
I
think
that's
what
he
five
minutes
later.
A
What
what
do
we
want
to
do
with
this?
At
this
point,
then,.
D
So
everything
in
this
document
is
supposed
to
be
about
road
attestation,
although
some
may
apply
to.
D
H
D
Think
your
main
comment
lawrence
is
that
the
word
implicit
you
find
confusing
there,
and
I
would
not
disagree
with
that.
I
think
the
when
you
look
at
the
term
root
of
trust
right,
usually
when
people
talk
about
a
root
and
you
think
about
like
a
certificate
chain
or
the
thing
that
you're,
comparing
against
your
trust,
anchor
list
root
would
be
the
root
of
the
chain.
If
you
are
using
say
endorsements,
then
the
local
hardware
is
in
fact
not
the
root
right.
D
The
endorser
is,
and
so
it
might
be
equally
incorrect
to
refer
to,
in
this
case
the
piece
of
hardware
as
a
route
of
trust,
because
it's
not
the
manufacturer
is
signing
it
and
therefore
it's
not
the
route.
The
manufacturer
is
right,
and
so
that
is
sentence
I
agree,
is
a
little
bit
confusing
in
the
remote
attestation
case.
D
D
D
I'm
saying
we've
never
actually
defined
the
term
root
of
trust
and
to
some
people,
lawrence's
statement
would
lawrence's
problem
with
implicit
would
have
the
same
problem
with
the
term
root
of
trust.
G
Yes,
so
this
is
so
so
this
is
saying
I
I
agree
with
dave
that
this
text
is
basically
still
everything
about.
This
is
a
remote.
I
made
a
comment
in
this
section
here
that
is
closely
not
visible,
just
a
little
bit
down,
and-
and
so
so
this
is
the
first
observation
is
this
is
about
remote
attestation
and
it's
all
applicable
to
even
the
parts
about
hardware
and
level
of
assurance
are
applicable
here.
G
It's
just
elaboration
on
security
conservation
for
the
route
of
trust
that
is
in
hardware,
then
I
would
strongly
advise
not
to
use
the
term
implicit
or
implied
here,
and
I
think
maybe
we
settled
with
vouch
for
and
if
you
could
scroll
down
a
little
bit,
I
made
a
a
a
corresponding.
D
Is
do
we
actually
need
to
use
the
term
root
of
trust,
or
can
we
just
delete
that
line,
because
all
the
rest
of
the
text
is
fine?
This
is
just
trying
to
say
introduce
the
term
root
of
trust.
In
some
way.
Do
we
actually
need
to
use
that
elsewhere
in
the
document?
If
we
never
use
the
term
word
of
trust
anyplace,
we
can
just
delete.
D
D
Okay,
because
that
whole
sentence,
I
think,
was
somebody's
attempt
to
define
in
context
the
term
of
trust,
and
so,
if
we
need
to
use
it,
then
just
deleting
the
term
implicit
as
laurent
suggests
would
be
fine.
So
there's
two
uses.
B
Of
the
word,
implicit
there's,
also
implicit
trust
in
firmware,
and
that's
the
one
that
really
is
has
got
me
confused
or
thinking
it's
local.
D
D
Context
or
about
such
hardware
just
to
match
line
798
where
it
says,
especially
if
such
hardware,
how
about
such
hardware
is
often
referred.
D
B
Okay,
now
there's
there's
this
other
thing
thing
that
says
that
yeah,
it
was
configured
to
implicitly
trust,
firmware
or
or
even
software
that
I
and
I'm
you
know
from
the
conversation
with
ned
or
at
least
comment
ned
made.
I
thought
he
thought
that
was
referring
to
local
attestation
and
I
don't.
A
Think
I
don't
think
it's
referring
to
local
attestation.
I
think
that
that
what
it's
referring
to
is
that
that
bootloader,
whether
it's
a
hypervisor
or
a
one
block
thing
that
thing
that
that
that
measures
itself
is
effectively
the
verifier
puts
some
implicit
trust
that
it
knows
what
it's
it's
it's
work.
It's
doing!
That's
what
I
understand.
D
My
understanding
was
that
the
key
material
that
is
used
in
remote
attestation,
in
the
case
that's
being
talked
about
the
weaker
security
case,
that
key
material
is
not
provisioned
into
the
hardware
that
key
material
might
be
provisioned
into
the
hypervisor
and
say
you
might
have
a
hypervisor
in
dorser
and
so
on,
and
that's
what
you're,
using
in
your
remote
attestation
case.
That's
how
I
read
it
saying
it's
just
not
baked
into
the
hardware
and
so
it's
weak
for
security,
and
that's
why
797
says
it's
stronger
when
you
can
make
it
into
the
hardware.
B
D
No,
what
you're
the
key,
what
what
that
means?
You're,
implicitly
trusting
that
that's
the
correct
key
material
right,
because
you're
not
completely
simplistically
trusting
in
this
exam
in
the
eg
hypervisor
you're,
not
implicitly,
trusting
the
operating
system.
The
hypervisor
is
the
testing
environment.
The
os
is
the
target
environment,
so
the
hypervisor
generates.
The
evidence
sends
it
off
to
the
verifier.
The
verifier
verifies
it
using
the
key
material
that
was
provisioned
at
the
hypervisor.
J
I
Between
you
know,
vms
or
vtls,
or
whatever,
okay,
the
software
t
was
a
little
bit
confusing
yeah.
J
D
D
D
G
Yeah,
no,
it
doesn't
so
you
don't
know
why
they
are
highlighting
this
is
trusted,
so
that
implicitly
gives
the
sentence
some
gravitas
by,
because
now
you
understand
why
this
trust
relationship
is
highlighted.
If
you
remove
implicitly,
you
have
to
add
something
here.
Otherwise
the
sentence:
it's
just
a
weird
fact
that
you
highlighted
you
can
just
remove
the
sentence.
I
think.
D
D
A
D
Trust
perspective,
I
can
tell
you
what
I'm
thinking,
which
is
different
from
what
the
text
says,
and
what
I
can't
tell
is
whether
I
want
to
change
the
text
to
say
what
I'm
saying
or
whether
I'm
missing
some
other
point.
The
text
is
trying
to
get
across
to
me.
The
trust
model
is
you
can
trust,
so
one
approach
is
to
say:
I'm
going
to
trust
the
endorser
and
it's
the
endorser's
job
to
to
tell
me
which
devices
I
should
trust
right.
So
that's
one
model,
and
so
I'm
not
trusting
the
device.
D
D
D
I
implicitly
trust
the
manufacturer
and
I
establish
direct
trust
in
the
device,
and
so
I
get
as
the
owner
of
the
device
that
runs
a
verifier.
In
an
example,
I
get
the
key
from
the
device
I
manually
inspect
the
device
I
go
through
whatever
security
vetting,
and
then
I
put
that
device's
public
key
in
my
trust,
anchor
store.
It
says
I
trust
that
specific
instance,
because
I've
checked
out
this
particular
device
and
think
that
it's
good
independent
of
what
the
manufacturer
says
that
one
you
might
claim
is
weaker.
Some
people
might
claim
it
stronger.
D
I
wouldn't
get
into
that.
I
would
just
say
it's
more
of
a
direct
trust
in
a
device
rather
than
an
indirect
trust
in
a
device
via
the
manufacturer
that
one
does
have
the
property
that
says
just
because
they
device
this
manufacture
manufacturer.
I
don't
trust
it.
I
only
trust
the
ones
that
are
mine,
so
the
three
of
them
that
I
bought
are
the
ones
that
I
trust
not
the
three
that
are
in
the
attacker's
possession
and
so
that's
worth
discussing.
B
D
Is
a
direct
and
there's
an
indirect
indirect
says,
whatever
the
manufacturer
says
is
good
for
me
direct
says
only
the
three
that
I
vetted
myself,
you
know
inspected
to
say
these
are
the
three
keys
that
are
actually
in
my
possession
that
I
have
the
physical
protection
around.
So
nobody
can
do
physical
tampering
on
them
because
I
know
which
ones
these
are,
and
then
I
put
those
three
in
there
and
that's
what
that's.
What
I
might
personally
refer
to
as
direct
trust
and
indirect.
D
Correct
well
often,
yes,
I
don't
know
if
there's
a
case
where
the
answer
would
be
no,
but
my
expectation
would
be
yeah
absolutely
and
I'm
just
using
say
I'm
extracting
the
public
key
when
I
vet
that
device
and
I
buy
it,
and
I
make
sure
that
this
is
the
one
that
I
know,
and
so
I
put
that
say
public
key
into
my
trust-
anchor
store
in
the
verifier
directly,
so
that
I
don't
care
what
the
manufacturer
says
because
he's
going
to
vouch
for
zillions
of
other
devices.
He
made.
D
B
D
D
D
D
J
D
C
J
So
I
think,
there's
another
concept
that
potentially
this
line
is
trying
to
address,
which
is
the
notion
that
we,
that
weaker
trust
is
based
on
complexity.
So,
as
I
kind
of
go
from
a
very
simple
route
of
trust
architecture,
to
a
very
complex
route
of
trust
architecture
based
on
a
hypervisor,
one
could
argue
that
because
of
the
complexity,
it's
weaker
and
so
there's
a
lot
of
implicit
trust
built
around
that
larger
tcb.
If
you
will,
but
you
could
still
have
you
know
an
implicit
trust
in
the
vendor
that
says
I.
J
J
You
could
have
a
but
you,
but
if
you
were
just
talking
about
complexity
and
and
in
the
context
of
complexity
where
in
theory,
everything
is
done
right
right
just
you
know
it's
like
whoever
did
this
knew
what
they
were
doing.
They're
the
smartest
people
on
the
planet.
They
did
it
the
best
way
possible,
but
it's
still
more
complex
and
so
the
complexity.
B
J
A
So
let
so
so
I
removed
the
word
weaker
and
implicitly
became
directly
and
then
I
add
a
specific
device.
I
don't
know
if
I
don't
know.
If
that's
what
I
heard,
you
guys
saying
that
maybe
not
tracking
what
you
were
intending
so
I'm
gonna.
D
I'm
gonna
be
quiet
for
about
five
minutes,
while
I
author
some
text
just
for
you
guys
to
review,
and
so
I'm
not
gonna
change
any
of
this,
I'm
going
to
generate
a
a
a
delta
that
might
add
two
paragraphs
into
here
and
then
we
can
decide
what
to
do
with
these,
whether
to
keep
any
of
mine
whether
to
merge
them
into
here,
whether
whether
you
use
my
replay
stuff
or
whatever,
I'm
not
sure
yet.
But
let
me
I'm
going
to
write
two
paragraphs,
so
I'm
just
going
to
be
quiet
for
five
minutes.
A
Okay,
so
hank
suggested
this
text
down
here
instead
of
the
component
that
is
implicitly
trusted.
He
suggested
this
as
well.
G
H
G
G
Which
is
fine
with
me,
so
that's
why
I
did
this
here
by
editing.
It
might
be
out
of
the
blue
for
most.
G
G
Yeah
theory,
roots
of
trust,
can
be
in
software,
so
practically
they
never
are.
If
you
call
them
that,
but
yeah,
I'm
fine
with
hardware.
G
K
J
G
G
But
that's
not
the
point
here.
I
think
there
can
be
virtual
tpms.
That
would
be
software
root
of
trust
and
yes,
they
need
a
hardware
one
to
really
functions,
for
example,
but
in
theory
they
could
run
on
their
own.
G
G
E
C
J
H
J
B
Right
qualcomm
shift
shift
the
ftpm
that
ran
in
the
tee.
J
G
G
D
D
G
Okay,
that's
what
we
do,
because
that
doesn't
be
half
goal
here
so
now,
as
I
try
to
rephrase
yours
does
it
still,
is
it
did
they
break
it
or
is
it
still?
Okay,.
G
B
I
I
I
still
prefer
my
sentence.
The
help
of
the
endorser
I
mean
I
mean.
The
point:
is
that
the
trust
flows
through
the
endorser
or
the
attester
manufacturer.
J
B
J
A
Don't
like
that,
I
don't
like
endorser,
because
I
think
of
the
reasons
that
that
lawrence
is
given
is
that
I
that
it's
not
necessarily
the
it's
not
necessarily
a
required
role,
but
I
do
like
the
word
endorsement
and
and
where
I
think
lawrence
and
I
differ,
is
that
I
think
that
endorsement
doesn't
isn't
always
signed.
It
sometimes
just
arrives
in
a
trusted
fashion,
because
it's
keyed
into
the
verifier
by
the
verifier's
owner.
Oh
no,
I
don't
know.
I.
A
G
So
somehow
someone
has
to
provide
the
key
material
in
the
end
as
lawrence
always
says,
and
that's
why
only
because
we
don't
describe
the
vehicle
here.
I
think
that
without
the
endorser
this
whole
breaks
down.
It's
not
an
optional
role,
so
the
communication.
J
D
Endorse
yes,
you're
correct
endorsement
is
completely
optional
for
reasons.
I've
explained
about
three
times
would
be
happy
to
do
so
again.
If
I
wasn't
authoring
text
right
now,
so,
okay.
A
So
so
so,
in
my
mind,
endorsement
is,
is
key
and
that
it's
bizarre,
maybe
to
think
that
you
can
have
an
endorsement
without
an
endorser.
But
what
I'm
trying
to
say
is
that
it's
in
it
that
relationship
is
is
one
where
we
we
do
something
cryptographically
and
if
it
just
arrives
by
fedex
on
a
piece
of
paper,
you
can
still
get
an
endorsement.
That
way.
L
A
Exactly
I
I
I
take
your
point
okay,
but
I'm
trying
to
say
is
that
so
what
I
really
did
is
I
made
a
measurement
at
some
point
of
of
some
characteristics
of
that
specific
system,
and
then
I
locked
them
down
on
the
verifier
right
and
that's
that's
what
I
did
and
yes,
I'm
the
I'm
acting
in
the
role
of
the
endorser
there,
but
exactly
but
but
what
I'm
trying
to
say
is
that
I
think
that's
just
that's.
That's
that's
not
neces.
A
I
think
that
it
fogs
the
notion
of
of
the
other,
the
other
way
in
which
the
endorsements
more
typically
arrive,
which
is
through
digital
signature,
on
them
and
and-
and
I
think
that
by
having
to
say
and
or
a
whole
bunch
of
places
that
are.
H
A
Actually
been
we're
not
actually
we're
not
actually
adding
light
understanding
to
the
process.
A
J
K
A
F
J
G
G
Sorry,
if
you're
not
using
an
endorsement
here,
you
are
still
an
endorser,
because
you
configure
the
verifier
to
act
in
a
specific
way.
Then
verify
your
owner
and
dorsa
are
the
same.
D
A
To
be
better,
what's
going
to
be
easy
just
before
we
before
we
do
that,
because
I'd
like
to
close
this
edit
before
I
hit
reload,
I
I
I
will
I
I
we.
We
had
two
sentences,
this
one
and
then
this
two
pieces
and
the
question
was
which
one
did
we
prefer,
and
this
was
lawrence's
original
sentence,
and
this
was
hank's
attempt
to
improve
it.
J
J
Sort
of
broad
observation,
after
having
gone
back
through
version,
six
and
just
reading
kind
of
the
whole
thing
we
seem
to,
we
seem
to
that.
The
text
seems
to
be
inconsistent
about
the
difference
between
an
entity
and
a
role,
and
we
often
use
the
role
name
when
we
mean
an
entity
and
we
sometimes-
and
we
even
say
things
in
the
definition.
Some
of
the
definitions
say
that
a
a
role
is
an
entity
blah
blah
blah,
which
is
wrong.
F
J
A
A
G
So,
which
line?
Did
you
create
your
proposal
for
dave.
D
C
D
I
was
looking
for
that
line
that
had
the
word
implicit
in
it
that
we
had
all
those
comments
on.
I'm
not
792.
J
D
A
suggestion
792
so
right
now
I
have
149
plurecast
149
files
and
792
is
in
the
middle
of
the
conceptual
messages
section.
So
that's
not.
It.
D
D
A
A
A
D
G
I
see
you
generalized
the
association
with
evidence
and
I
think
it's.
G
J
D
D
D
J
D
Because
what
happens
here
and
again,
let
me
tell
you
what
I'm
thinking
and
you
tell
me
how
you
change
the
text.
If
you
want
to
change
in
order
to
do
a
praise
right,
you
need
to
have
a
belief
that
the
tester
can
securely
generate
the
evidence,
and
then
you
have
to
weigh
that
evidence
in
your
term
again
the
values
into
the
evidence
itself
against
the
reference
values.
This
is
only
making
a
statement
about
the
first
part.
D
The
second
part
is
your
tester
may
still
be
using
a
reference
value
provider
to
help
it
appraise
the
evidence,
but
first
you
have
to
figure
out
whether
you
believe
that
it
could
actually
generate
whether
you
should
trust
the
values
that
are
in
the
evidence
themselves.
Is
that
actually
a
correct
statement
of
the
current
state
and
then
you
can
decide
what
that
current
state
matches.
What's
policy.
J
D
My
text
here
is
all
in
the
context
of
whether
you
should
believe
the
evidence
is
a
statement
of
current
state.
You
still
have
to
put
that,
together
with
the
use
of
reference
values
or
whatever,
to
compare
it
against.
You
know
a
desired
stage,
or
you
know
policy
or
whatever
you
want
to
call
it.
But
all
of
this
text
is
about
the
former
part,
which
is
before
you
can
even
do
that.
You
got
to
believe
that
that's
actually
correct
statements
of
the
current
state
and
there's.
D
J
G
It
is
very,
very
updated.
This
is
the
quote:
it's
very
yeah.
L
D
C
D
Yeah
yeah,
I
understand
that's
the
line,
but
not
now
I
got
what
was
your
head
come?
I
think.
G
H
G
D
G
I
read
the
second
paragraph
up
for
that:
okay,.
D
Please
read
all
of
it
because
in
case
where
you
have
the
tester's
key
material
directly
in
there,
I
claim
that
that
is
the
case
where
there
is
no
endorser
and
the
the
difference
has
to
do
with
how
many,
how
many
chains
of
you
know
one
key
signing.
Another
key
are
there
in
the
chain
that
you're
using
to
verify
the
evidence,
and
in
this
case
there
was
one
less
layer
in
that
level
of
you
know,
certificate
chains
and
that
extra
layer
is
the
endorser
that
is
not
present.
D
In
such
case
now
there
may
be
an
endorser,
and
I
talk
about
this
in
line
799,
okay,
and
I
want
to
distinguish
it
from
that
case
because
there
actually
is
an
endorser
often,
but
that
endorser
is
used
at
the
time
that
you're
putting
the
device's
key
or
the
tester's
key
into
the
trust
anchor
store.
D
So
the
endorser
may
be
the
manufacturer,
you
go
to
the
manufacturer,
you
say:
hey:
did
you
create
this
device?
Yes,
okay,
and
this
is
the
device
that
I
bought.
You
created
it,
you
vouched
for
it
or
whatever,
and
so
I
know
that
this
is
a
you
know
intel
inside
and
it's
the
one
that
I
bought,
and
so
I
put
that
key
into
there
and
at
that
point
evidence
checking
no
longer
checked
for
the
endorser,
which
was
still
there
right.
I
just
did
that
one
time
and
not
the
time
that
I'm
doing
the
evidence.
G
D
A
A
That
an
endorser
vouches
for
the
integrity
of
the
tester's
various
capabilities
and
we
wrote
it
that
way,
because
we
didn't
want
to
say
that
that
key
signing
another
key
was
the
only
way
of
implementing
this
that
the
business
such
as
you
described.
A
direct
trust,
was
also
a
form
of
endorsement
where
you
basically
configure
the
three
devices
you
trust
in.
K
D
I
I
find
that
confusing,
but
I
would
prefer
language
that
that
doesn't
get
into
that
point,
but
meaning
if
we
can
find
a
more
generic
general
way
to
phrase
things.
A
Well,
but
that's
why
I
thought
we
said
when
we
wrote
the
definition
of
endorsement.
We
wrote
that
it
was
a
secure
statement.
We
didn't
write,
it
was
a
digital
signature
or
something
we
wrote.
There
was
a
secure
statement
and,
and
that
implied
that
included.
For
instance,
I
loaded
a
configuration
file
with
the
hash
of
the
public
key,
and
that
was
a
secure
statement
as
well
right.
D
D
A
Right
but
but
what
I'm
trying
to
say
is
that
that
I
thought
that
we
wrote
secure
statement
that
it
could
also
include
a
privileged
file
that
only
the
you,
the
owner
can
edit
right.
That
was
the
implication
that
that
that
that
we're
saying
look,
you
can
figure
this
somehow
in
a
secure
way.
J
D
J
A
D
A
J
E
J
Meant
that
that's
what
we
really
meant
was
the
the
testing
environment,
which
one
could
argue
the
very
first
one
in
the
platform
is
the
root
of
trust,
and
we
all
understand
that
the
root
of
trust-
you
know,
can't
speak
for
itself,
and
so
the
endorsement
is
the
thing
that
speaks
for
the
capabilities
in
the
root
of
trust
and
that
doesn't
have
the
statements
that
can
be
made
about
those
capabilities.
Don't
have
to
only
involve
what
key
you
have.
A
It's
not
in
response
to
that.
So,
let's,
let's
go
around
the
room
here
and
I
haven't
heard
from
peter
or
at
all-
and
I
haven't
heard
from
andrew
at
all
and
we
haven't
heard
from
lawrence
lately.
G
So
is,
is
the
in
the
having
the
verifier
the
testers
key.
I
think
it's
boiling
to
back
to
that
again.
Dave
says,
as
an
endorsement
is
only
a
key
signed
by
a
key
know:
the
value
that
doors
is
not
involved
here
and
when
you
say
well,
it's
not
only
that
it
can
be
any
kind
of
endorsement
format.
G
The
conceptual
message
is
only
our
standard
way
to
do
it,
it'll
be
defined
here
you
can
have
them
collapsed
and
they
don't
have
to
communicate
at
all,
and
then
the
doors
are
just
defines
the
key
with
the
the
measure
into
the
key
store
at
the
trust
or
whatever
you
want,
and
therefore
it
is
not
necessarily
an
endorsement
used
here
when
the
roles
collapse
and
they
collapse.
I
think
and
and
therefore
it's
still
there
and
dave
says
no.
That
is
not
the
case,
because
an
endorsement
outputs
only
key
signed
by
keys.
D
B
D
I'm
fine
with
changing
wording
to
to
to
not
have
to
get
into
that
question.
I
think
it's
far
more
interesting
to
get
the
main
point
that
I'm
trying
to
make
across
than
it
is
to
try
to
try
to
argue
about
whether
an
endorser
exists
or
not
or
whatever.
A
D
Sort
of,
although
the
way
that
I
would
break
it
down,
it's
almost
that
you
you're
not
you're,
not
incorrect.
I
would
say
you're
either
doing
it
at
the
time
of
evidence,
generation,
you're,
verifying
that
the
key
chains
up
to
the
endorser's
key,
which
is
sitting
in
your
trust,
anchor
store
right,
that's
or
you're,
verifying
that
it
changes
up
to
the
device's
key.
D
A
D
A
I
would
make,
but
otherwise
yes,
so
yeah,
so
so-
and
it
comes
back
to
this
and
I'm
still
frustrated
in
general-
that
we
don't
have
a
way
of
of
you're,
essentially
talking
about
a
pki
of
order,
zero,
where
you,
where
you
just
configure
the
tester
hey,
I
have
order
greater
than
one
where
there's
some
some
number
of
of
of
of
artifacts
right.
So
right.
A
So
what
you're
doing
is
you're
accomplishing
the
second
process
or
this.
The
second
paragraph,
where
I
have
some
number
of
devices,
decided
that
I
need
to
indirect,
add
a
layer
of
indirection
right,
internal
layer
of
interaction
right,
but
fundamentally
it's
no
different
than
the
other
one.
It's
just
that
I
decided
to
store
it
differently.
Okay,.
D
A
Hang
on
lawrence
hang
on
lawrence,
so
so,
if,
if
we
so,
if
we
all
agree
with
those
two
to
those
mechanisms-
and
I
think
lawrence
wants
to
disagree-
but
let
me
just
finish:
if
we
all
agree
with
those
things,
then
we're
simply
looking
for
an
appropriate
set
of
language
which
maybe
involves
the
word
endorsement
or
endorser
to
explain
those
processes
now
lawrence.
You
want
to
add
a
another
case.
B
A
A
D
A
J
D
Which
indirect
case
you're
referring
to?
Because
it's
before.
H
J
A
What
I
would
like
to
do
is
I
would
like
to
accept
dave's
text
right
now
here:
okay
and
the
other
suggestions
in
this
bat
in
this
batch
and
such
that
we
can
now
comment
on
them,
because
that's
the
only
way
to
do
it.
J
E
J
J
J
A
A
A
G
And
I
think
michael's
comment
on:
you
have
to
touch
every
device
by
yourself
with
a
zero
in
direction,
and
then
you
can
add
levels
and
bless
them
more
than
one.
At
the
same
time
is,
I
think,
a
very
intuitive
way
to
phrase
this.
Maybe
we
can
have
some
introductory
text
somewhere
in
the
scope
that
helps
us
to
ease
into
this
section
here.
A
I
always
wish
that
was
in
like
rc
5280
or
something
it's
not
really.
I
mean
that's
where
we
start
with
pkis
and
stuff,
and
it's
not
there.
Maybe
it's
somewhere
else
in
some
other
document.
A
Yeah,
well,
I
tried
to
start
a
thread
on
sag
or
somewhere
else
about
how
do
you
number
the
levels
of
a
pki
and
because
there's
two
possible
numberings
right,
zero
and
one
based
and
right?
So
so
when,
when
you
do
put
that
when
you
do
configure
that
that
end
device
key
into
your
trust
as
a
trust
anchor,
is
that
a
pki
of
order,
zero
or
one.
A
G
But
the
concept,
I
think
it
was
promoting-
actually
not
hope
we
don't
go
into
the
numbering
thing,
but
direct
versus
indirect
means
has
an
implication
on
how
granular
trust
relationships
has
to
be
established.
I
think
that
is
fine
to
know,
and
I
think
that
makes
this
whole
other
expositional
text
from
dave
it
eases
into
that.
I
think.
A
C
A
Let's
just
briefly
talk
at
the
top
of
the
hour
whether
this
this
the
changes
that
wound
up
to
this
sentence
are
acceptable.
D
If
you
notice,
that's
that
one
sentence
there,
if
this
is
the
sentence
that
I
posted
pasted
stuff
before
my
intent,
was
that
that
sentence
would
be
replaced.
But
that's
up
to
you
as
to
whether
you
agree
with
that
or
not.
D
A
D
J
A
D
Here
I'm
curious
because
this
is
why
I
was
busy:
why
did
you
lowercase
roots
of
trust?
Is
that
no
longer
a
term
that
you
want
to
use
out
from
the
document.
G
Not
in
the
terminology
section
defined
everything
that
is
defined,
there
is
capitalized
with
us.
So
lawrence
made
a
comment
inside
the
terminology.
This
shouldn't
and
I
have
the
story.
It's
right.
A
A
A
D
D
D
Yeah,
I'm
fine
with
that
wording.
I
read
it
three
times
and
everything
I
could
think
of
that.
I
would
have
a
problem
with
this
fixes
so.
E
I
mean
it
isn't
saying
that
no
evidence
about
them
is
a
little
broad.
You
really
mean
that
it
can't
be
created
during
the
attestation
or
it's
part
of
the
attestation
right.
G
E
Just
as
it's
impossible
to
create
evidence.
A
G
Could
you,
when
you're
editing
editing
here,
could
you
exchange,
create
it
and
remove
credit
and
generate
it,
because
you
generate
evidence
all
the
time
and.
J
G
This
is
generated
is
the
term
we
use
generated.
It's
fine.
D
This
is
late
in
the
document
we've
already
talked
about
the
two
types
of
environment.
I
think
what
we
mean
here
is
that
those
components
are
never
a
target
environment.
D
C
D
D
D
D
A
A
And
then
the
concept
was
that
this
sentence
would
go
away,
as
would
this
change
if,
based
upon
what
dave
said,
I
think
that
everyone
wants
to
think
about
that
for
a
minute
unless
we're
all
conclusive
already.
D
G
Are
you
trying
to
accept
this
complete
review
here.
A
A
G
It
can
be
closed
149..
I
think
it
was
my
mistake
to
even
work
on
that.
So
we
show
lawrence.
Would
you
just
close
your
own
pr.
B
G
G
G
D
G
A
G
Yeah,
I
will
have
to
do
a
consistency
pass
at
least
one
probably
two.
If
I
know
for
seeking
for
experience
when
we
conclude
this
meeting
and
then
I
would
hope
that
other
people's
also
do,
but
I
will
certainly
commit
100
to
do
one
before
we
submit
a
document
before
I.
A
J
G
No,
I
have
to
go
through
them
one
by
one.
Actually,
we
had
like
15
over
the
hour.
So
sorry,
but
these
are
some
of
these-
are
actually
reasonable
and
very
very,
very,
have
merit.
A
All
right
well,
so
then
we
need
to
to
have
a
walk
through
them
and
ideally
try
to
turn
some
of
them
into
text.
A
B
D
D
Oh
apparently,
it
picked
up
the
same
one,
my
bad.
That
was
not
intentional.
I
must
have
started
from
that
match.
Let
me
just
go:
do
a
quick
rebase.
C
D
Apparently
it
was
based
on
top
of
the
other
change
and
that,
on
top
of
oh
wait,
it
may
still
not
have
picked
it
up
correctly.
All
right,
you
can.
D
J
J
To
address
like
the
appendix
a
time,
considerations
regressions,
maybe
that's
not
critical,.
A
I
would
say
that,
first
of
all,
if
you
believe
it's
closed
by
a
pull
request,
then
you
should
just
answer
that
and
if,
if
at
least
another
person
agrees,
then
then
close
the
issue
and
that
we
should
spend
next
week
going
through.
All
of
that,
I
have
another
ietf
meeting
at
10
o'clock
on
friday.
Now
so
can't
do
that
and
I
don't
know
what
other
times
are
workable
between
hank
and
and
pacific
coast
times
I'll.
Let
you
guys
decide.
G
Hank
is
typically
available
until
9,
amp,
dt
or
pt,
and
then
I
can
now
allow
for
more.
If
I
can
have
an.
G
A
D
A
Right
so
so
we
might
go
for
the
following
friday,
then,
as
a
additional
day.
Yeah,
that's
okay!
Now.
A
Okay,
so
I'll,
I
will
just
drop
the
calendar
entry
onto
that
as
well.
I
think
we'll
need
the
two
extra
days
for
sure,
okay,
so
that
one's
closed
all
right,
so
let's
come
back.
Anything
we
can
resolve
on
in
between
is
great,
obviously-
and
I
kind
of
wonder
whether
in
some
cases
we
should
take
some
of
these
issues
to
the
mailing
list,
simply
to
hear
what
people
have
to
say.