Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

First draft of adding Interaction Model examples #46

Merged
merged 8 commits into from
Jan 26, 2022
+68 −0
Merged

First draft of adding Interaction Model examples #46

Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
1882627
First draft of adding Interaction Model examples
yogeshbdeshpande Jan 25, 2022
c6ab50b
Minor tidy up for further alignment
yogeshbdeshpande Jan 25, 2022
d56dbd1
Fix some indentation
yogeshbdeshpande Jan 25, 2022
37e5a3d
Incorporating review comments
yogeshbdeshpande Jan 25, 2022
cb76f64
Incorporating review comments
yogeshbdeshpande Jan 25, 2022
e918295
Fixing minor typo
yogeshbdeshpande Jan 25, 2022
8e2b32c
Fix typos
yogeshbdeshpande Jan 26, 2022
23bc4c5
Fix typo
yogeshbdeshpande Jan 26, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 17 additions & 18 deletions draft-ietf-rats-reference-interaction-models.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -327,8 +327,7 @@ Appraisal procedures are application-specific and can be conducted via compariso
The final output of the Verifier are Attestation Results. Attestation Results constitute new Claim Sets about the properties and characteristics of an Attester, which enables Relying Parties, for example, to assess an Attester's trustworthiness.

### Models and example sequences of Challenge/Response Remote Attestation
According to RATS Architecture Document{{-RATS}}, two reference models for Challenge/Response Attestation has been proposed. This sections highlights the
information flow bewteen the Attestor, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.
According to RATS Architecture Document, two reference models for Challenge/Response Attestation has been proposed. This sections highlights the information flow bewteen the Attestor, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
According to RATS Architecture Document, two reference models for Challenge/Response Attestation has been proposed. This sections highlights the information flow bewteen the Attestor, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.
According to the RATS Architecture , two reference models for Challenge/Response Attestation have been proposed. This sections highlights the information flows between the Attester, Verifier and Relying Party undergoing Remote Attestation Procedure, using these models.


1. Passport Model

Expand All @@ -348,24 +347,24 @@ then gives back an Attestation Result to the Attester, which simply caches it. I
| | |
collectClaims(claims, claimSelection) | |
| => collectedClaims | |
| | |
| | |
generateEvidence(handle, authSecIDs, collectedClaims) | |
| => evidence | |
| | |
| evidence, eventLogs -------------------------------------> | |
| | |
| appraiseEvidence(evidence, eventLogs, refValues) |
| | |
| attestationResults <----------------------------------- | |
| | |
| attestationResults(evidence, results) ----------------------------------------------------------> | | | |
| appraiseEvidence(evidence, eventLogs, refValues) |
| | |
| attestationResults <----------------------------------- | |
| | |
| attestationResults(evidence, results) ----------------------------------------------------------> | | | |
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there seems to be a problem with NL here

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure thanks Thomas, will look into this later today!

| | | | | | appraiseResults()
| | |
| | |
~~~~

2. BackGround Check Model

The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attestor conveys Evidence to the Relying Party. Upon receiving evidence the Relying Party initiates a session with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier, compares the received Evidence to its appraisal policy for evidence and returns an Attestation Result to the Relying Party. The Relying Party then compares the
The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attestor conveys Evidence to the Relying Party. Upon receiving evidence the Relying Party initiates a session with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier, compares the received Evidence to its appraisal policy for evidence and returns an Attestation Result to the Relying Party. The Relying Party then compares the
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attestor conveys Evidence to the Relying Party. Upon receiving evidence the Relying Party initiates a session with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier, compares the received Evidence to its appraisal policy for evidence and returns an Attestation Result to the Relying Party. The Relying Party then compares the
The background-check model is so named because of the resemblance of how employers and volunteer organizations perform background checks. In this model, the attestation sequence is initiated by a Relying Party. The Attester conveys Evidence to the Relying Party, which does not process its payload, but relays the message and optionally checks it's signature against a policed trust anchor store. Upon receiving the evidence the Relying Party initiates a with the Verifier. Once session is established, it forwards the received Evidence to the Verfier. The Verifier appraises the received Evidence according to its Appraisal Policy for Evidence and returns a corresponding Attestation Result to the Relying Party. The Relying Party then checks the

Attestation Result against its own appraisal policy.

~~~~
Expand All @@ -380,20 +379,20 @@ Attestation Result against its own appraisal policy.
| | |
collectClaims(claims, claimSelection) | |
| => collectedClaims | |
| | |
| | |
generateEvidence(handle, authSecIDs, collectedClaims) | |
| => evidence | |
| | |
| evidence, eventLogs -------------------------------------> | |
| | |
| | |
| | handle, evidence, eventLogs -------> |
| | |appraiseEvidence()
| | |
| | attestationResults <--------------- |
| | (evidence, results) |
| | |
| appraiseResults(evidence, results) | |
| | |
| | |
| | attestationResults <--------------- |
| | (evidence, results) |
| | |
| appraiseResults(evidence, results) | |
| | |
~~~~

## Uni-Directional Remote Attestation
Expand Down