architecture
architecture copied to clipboard
RATS Architecture
To address incompatibility with existing standards such as https://www.w3.org/TR/webauthn-2/. See https://github.com/ietf-rats-wg/architecture/issues/440.
In https://datatracker.ietf.org/doc/html/draft-ietf-rats-architecture#section-4.1, roles of RP and verifier are defined. RP can only consume attestation results, while verifier can consume attestation evidence. This does not align with the preceding FIDO/Webauthn specification,...
As per discussion at: https://mailarchive.ietf.org/arch/msg/rats/REAexJRlAPnRCofS--8r8Zhcxgo/ consider replacing the chassis example with an a mobile example.
Archived-At: ```` #1 Figure 3 I cannot make sense of Figure 3. I understand the text in Section 3.2, so it might not matter. But for instance the figure does...
> > As a very minor nit, I'm surprised that the numbering of the relying > > parties is not the other way round, since presumably the flow talks to...
> We think that this could sometimes be the case, but we felt that that the > diagram would best be adjusted anyway. > (Yes, we came up with different...
> ** Section 16. Can the thinking of this section be explained. It > seems out of place, and borders on being a solution. The rest of this > document...
** Section 10. [Roman's comment on -13] I found the level of detail on this section on freshness out of place and inconsistent with the level of abstraction found in...
[Roman's comments on -13] I didn't come away from this section with a strong, consistent understanding of which interactions needs which security properties or what considerations are need for which...