diff --git a/draft-ietf-rats-reference-interaction-models.md b/draft-ietf-rats-reference-interaction-models.md index f593ba4..82aca02 100644 --- a/draft-ietf-rats-reference-interaction-models.md +++ b/draft-ietf-rats-reference-interaction-models.md @@ -106,7 +106,6 @@ While the conveyance of other Conceptual Messages is out-of-scope the methods de # Terminology This document uses the following set of terms, roles, and concepts as defined in {{-RATS}}: - Attester, Verifier, Relying Party, Conceptual Message, Evidence, Endorsement, Attestation Result, Appraisal Policy, Attesting Environment, Target Environment A PKIX Certificate is an X.509v3 format certificate as specified by {{RFC5280}}. @@ -165,15 +164,17 @@ In order to ensure an appropriate conveyance of Evidence via interaction models Attester Identity: +: A statement about a distinguishable Attester made by an Endorser without accompanying evidence about its validity, used as proof of identity. + : The provenance of Evidence with respect to a distinguishable Attesting Environment MUST be correct and unambiguous. -: An Attester Identity MAY be a unique identity, it MAY be included in a zero-knowledge proof (ZKP), or it MAY be part of a group signature, or it MAY be a randomised DAA credential {{DAA}}. +: An Attester Identity MAY be a unique identity, MAY be included in a zero-knowledge proof (ZKP), MAY be part of a group signature, or it MAY be a randomized DAA credential {{DAA}}. Attestation Evidence Authenticity: : Attestation Evidence MUST be authentic. -: In order to provide proofs of authenticity, Attestation Evidence SHOULD be cryptographically associated with an identity document (e.g. an PKIX certificate or trusted key material, or a randomised DAA credential {{DAA}}), or SHOULD include a correct and unambiguous and stable reference to an accessible identity document. +: In order to provide proofs of authenticity, Attestation Evidence SHOULD be cryptographically associated with an identity document (e.g. an PKIX certificate or trusted key material, or a randomized DAA credential {{DAA}}), or SHOULD include a correct and unambiguous and stable reference to an accessible identity document. Authentication Secret: @@ -202,9 +203,6 @@ Attester Identity ('attesterIdentity'): : A statement about a distinguishable Attester made by an Endorser without accompanying evidence about its validity - used as proof of identity. -The Attester is issued with a credential by the Endorser that is randomised and then used to anonymously confirm the validity of their evidence. -The evidence is verified using the Endorser’s public key. - Authentication Secret IDs ('authSecIDs'): : *mandatory* @@ -227,7 +225,13 @@ Claims ('claims'): : Claims are assertions that represent characteristics of an Attester's Target Environment. -: Claims are part Conceptual Message and are, for example, used to appraise the integrity of Attesters via a Verifiers. The other information elements in this section can be expressed as Claims in any type of Conceptional Messages. +: Claims are part of a Conceptual Message and are, for example, used to appraise the integrity of Attesters via Verifiers. The other information elements in this section can be expressed as Claims in any type of Conceptional Messages. + +Event Logs ('eventLogs'): + +: *optional* + +: Event Logs accompany Claims by providing event trails of security-critical events in a system. The primary purpose of Event Logs is to support Claim reproducibility by providing information on how Claims originated. Reference Values ('refValues') @@ -243,7 +247,15 @@ Claim Selection ('claimSelection'): : Claim Selections act as filters to specify the exact set of Claims to be included in Evidence. In a remote attestation process, a Verifier sends a Claim Selection, among other elements, to an Attester. An Attester MAY decide whether or not to provide all requested Claims from a Claim Selection to the Verifier. -Evidence ('signedAttestationEvidence'): +Collected Claims ('collectedClaims'): + +: *mandatory* + +: Collected Claims represent a (sub-)set of Claims created by an Attester. + +: Collected Claims are gathered based on the Claims selected in the Claim Selection. If a Verifier does not provide a Claim Selection, then all available Claims on the Attester are part of the Collected Claims. + +Evidence ('evidence'): : *mandatory* @@ -294,7 +306,7 @@ The way these handles are processed is the most prominent difference between the | | ~~~~ -The Attester boots up and thereby produces claims about its boot state and its operational state. Event Logs accompany the produced claims by providing an event trail of security-critical events of a system. Claims are produced by all attesting Environments of an Attester system. +The Attester boots up and thereby produces claims about its boot state and its operational state. Event Logs accompany the produced claims by providing an event trail of security-critical events in a system. Claims are produced by all attesting Environments of an Attester system. The Challenge/Response remote attestation procedure is initiated by the Verifier by sending a remote attestation request to the Attester. A request includes a Handle, a list of Authentication Secret IDs, and a Claim Selection. @@ -326,6 +338,9 @@ The final output of the Verifier are Attestation Results. Attestation Results co .----------. .--------------------. .----------. | Attester | | Handle Distributor | | Verifier | '----------' '--------------------' '----------' + | | | + | generateHandle() | + | | => handle | | | | | <----------------------------- handle | handle ----------> | | | |