From nobody Wed Nov 1 17:52:32 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6366913946F for ; Wed, 1 Nov 2017 17:52:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.02 X-Spam-Level: X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6yEi9y-G1Atl for ; Wed, 1 Nov 2017 17:52:29 -0700 (PDT) Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0126.outbound.protection.outlook.com [104.47.33.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1C7D1386A1 for ; Wed, 1 Nov 2017 17:52:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=a/0OjARmNYr4mp2/in4DkylYxwwKh6stAsoeQ0gIOi8=; b=ZfobDwQoFVoEnUXPC9K3RtFC9H+FrQpPiSnKp8/qGG0upu+V25Zd/aKowxXVnv0pq0qyuCTYpdhLFTfgORd7bmQfwUUwVc4vv3BB7oUUN/kHH0Ywr/f69N7/jbrfQoM3DBT1oaAVUbrdHnJbe9Nd/ScUI3t0bk9A1M0+h/E/srw= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0471.namprd21.prod.outlook.com (10.172.121.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.2; Thu, 2 Nov 2017 00:52:27 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Thu, 2 Nov 2017 00:52:27 +0000 From: Dave Thaler To: "teep@ietf.org" Thread-Topic: Transport Protocol Thread-Index: AdNTc/cpI1w7NN5kSdeI/9LBOiUlew== Date: Thu, 2 Nov 2017 00:52:27 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [167.220.1.216] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0471; 6:XWOTWInQut/H4OUN+aWhTISip461ya7ff07a5o6xnFxUiyKdYH39o6AU4A6SnnhnOlCeh/HjRrhtjQRmoNpq9SQE8MAfZl8bG4U6A7KfQXoTF3+T0GX7t9JUeEapAs7l1CVFFWRQK60OsZi1AG4CE+FDrf+HsWCTr82nUEyrlsv+F+/KXVGWLcmpaVg2PzD4+eMfKnZ1vERkkgUjAtx2K3rFts5qqcrcOidcE/9sO3MV8refnS9vbI84wt+AbhYSZ1S4/54mWapgDVnhjKIG9w5bhj8fWQfqmg8zHM18c+rnG+do4CrLEDkK0zU+OnUAz0N9+XUBlCiVMx+9sGU17LBL5MeVk6fTsWdx0Mq+B5g=; 5:NDuCRyQm0IsMJ7CqayFXwnpTRMI/lvvnq4GaqCfmAW/KBt/jCtzDo/uJo+ZN0jHhzJZSGLpjC06QDoE8KyaqPz6masBQdU5OSLAmyOxpKgG5v7n65iU1BvDbbETtcunyXCS7S7Hd1pwLQAXT5eBQ+cMjB49kcWwE3UR08bfw9FA=; 24:/K7LKVmw1C7zOU0amBHhQdWNKuSMi6Mop0a9TawoJPMBQOGPJIHO6uPTJIoSelranLCV5ApTtZkIkA0S6xJrEWufoJcewOOGXHmi5f9FBjA=; 7:HBLFK1dCi0YTCT0Jqe6DkDw2yLfmHU63Zf+jF8T2hZOv0w20fZcSH28oJCL+dmA0VfknKaE0skTRGDdFbfewoNHfRa/s0lxRSl/F/81FH/hwDFE3V5xTUJV1wY5meuRoNvOf1XD8b2Vk7tdzmB9WZODZeQCgW92/iPCpvOcaYZThzcR8MFAc2X/LgCaDQJtycQbv8vSbW2Yfow0E9hr5NoDNF3TjSQ7TksN/xBf1SKxZYFXFztw0unr+Je6LXJ+T x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 30e9026f-c4e0-4bf2-a86c-08d5218bfd12 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603238); SRVR:CY4PR21MB0471; x-ms-traffictypediagnostic: CY4PR21MB0471: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155)(17755550239193); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(3231020)(10201501046)(3002001)(100000703101)(100105400095)(6055026)(61426038)(61427038)(6041248)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123562025)(20161123555025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0471; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0471; x-forefront-prvs: 047999FF16 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(39860400002)(47760400005)(199003)(189002)(3905003)(8990500004)(1730700003)(478600001)(53936002)(53546010)(7696004)(10290500003)(606006)(7116003)(81156014)(7736002)(81166006)(236005)(86362001)(6506006)(6306002)(74316002)(8936002)(9686003)(99286004)(77096006)(6116002)(790700001)(6916009)(3480700004)(3846002)(86612001)(54896002)(55016002)(189998001)(966005)(8676002)(102836003)(68736007)(101416001)(5630700001)(2501003)(50986999)(10090500001)(2900100001)(3660700001)(66066001)(54356999)(6436002)(97736004)(221733001)(5640700003)(316002)(22452003)(33656002)(105586002)(106356001)(5660300001)(2351001)(25786009)(14454004)(2906002)(3280700002)(12290500005)(15398625002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0471; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0856F853925AA8D7DFA75147A35C0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 30e9026f-c4e0-4bf2-a86c-08d5218bfd12 X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2017 00:52:27.1728 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0471 Archived-At: Subject: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 00:52:31 -0000 --_000_CY4PR21MB0856F853925AA8D7DFA75147A35C0CY4PR21MB0856namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. Section 1: > This specification defines message payloads exchanged between devices > and a TSM but does not mandate a specific transport. Section 5: > The communication method of OTrP Messages between a TSM and TEE in a > device is left to TSM providers for maximal interoperability. I disagree, the lack of any spec for a transport results in lack of maximal= interoperability. The TSM and the TEE may be from different vendors as the draft nicely expla= ins earlier. So bindings to one or more transport protocol (the thing that carries the J= SON messages inside it) must be standardized. Otherwise, in my view there's little value in standardizing the payload for= mats. Such a transport protocol binding might be in the same spec or in a differe= nt spec, but either way I think specifying at least one is mandatory. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave --_000_CY4PR21MB0856F853925AA8D7DFA75147A35C0CY4PR21MB0856namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

As promised when I posted my review, I am starting s= everal email threads for discussions on specific technical topics.

This is one of them.

 

Section 1:
> This specif= ication defines message payloads exchanged between devices

> and a TSM but does not mandate a specific transport.

 

Section 5:
> The communi= cation method of OTrP Messages between a TSM and TEE in a=

= > device is left to TSM providers for maximal interoperability. 

 

I disagree, the lack of any spec for a transport res= ults in lack of maximal interoperability. 

The TSM and the TEE may be from different vendors as= the draft nicely explains earlier. 

So bindings to one or more transport protocol (the t= hing that carries the JSON messages inside it) must be standardized.

Otherwi= se, in my view there’s little value in standardizing the payload form= ats.

&n= bsp;

Such a = transport protocol binding might be in the same spec or in a different spec= , but either way
I think specifying at least one is mandatory.

&n= bsp;

Dave

&n= bsp;

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.org>
Subject: Review of draft-pei-opentrustprotocol-04

 

I’ve finally made it through a detailed review= of draft-pei-opentrustprotocol-04 and my marked up copy is at

https://www.= microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-pei-opentrust= protocol-04.pdf

 

I have lots of editori= al fixes throughout, and a number of technical comments/questions/issues.

 

I’ll start separ= ate email threads for some of them over the next several days.

 

Dave=

--_000_CY4PR21MB0856F853925AA8D7DFA75147A35C0CY4PR21MB0856namp_-- From nobody Wed Nov 1 17:57:18 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6312B13F560 for ; Wed, 1 Nov 2017 17:57:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.02 X-Spam-Level: X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mcMi0Q8FR5s5 for ; Wed, 1 Nov 2017 17:57:15 -0700 (PDT) Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0133.outbound.protection.outlook.com [104.47.41.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB8001386A1 for ; Wed, 1 Nov 2017 17:57:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=htDGki19kEnhxUiA0sfiDm8GTtsD9dq/ZimBUVO/wbw=; b=jPEd0npfC9rk/fxIP6vYyioibH+0d/os9Z/G2rXARAlQ2KDHZc/z1B97VzCDZRgpPN6Y63ym844OlttJi946QPBi4Fq/flWw4LNxW/Nxd3Dat9YA5jE3Ep12jJCJSlQ/W2/QyCTtZJnA6Ol4LbKu/pZVEO7GMouw4+p5Iga67Cc= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0759.namprd21.prod.outlook.com (10.173.192.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.4; Thu, 2 Nov 2017 00:57:13 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Thu, 2 Nov 2017 00:57:13 +0000 From: Dave Thaler To: "teep@ietf.org" Thread-Topic: Applicability to constrained environments Thread-Index: AdNTdOZ6iyC7pPpFQ8SNCrUyHWCPbg== Date: Thu, 2 Nov 2017 00:57:13 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [167.220.1.216] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0759; 6:+joWB2iP4XGyyfcFurW1iOlJGTmQcDvz0wewBa9VN4EuiAeBrIjbrj2VhtiHTRMA5+GNyyPMr4GqLMSk70PyG3fc5mlYMe7Vfp64T8O+5ZByPmso3ORQltwsr2dXtmLHOlmhuY4HYARQ8HbJy+XtfPrWZdc6ubtFiQfbSl+nTOToG0qVYkQl0oQ9OhmppCRRpPs/EMc1Qo79CtK3a5oyM27KhKqNr9p6ssQcqfG7BKX9Fv07hWsEM1x6KoEOLG+MPE2XVjuodMJ52KGTmJ2dTajP/3J+ioXeXr9C5ibyuEXANlJlHSZ7Pkc12WceivfvJGeVewMpUvQDyZL97YW/DncBn2+V9XjVEI237VT0vM0=; 5:WUXgVxh8826OcUVkD6c1e+/XHkeUtClxX9+L1P4m824AfrXBQnUsQnYJ3kUHAZOW6/jpVCNGbqForyHoLbUfi+ptfusM/ppufDecBiNDySd2pmrRK0sV1fWGGeRolb1v60/0n8u7lnUbY5wTsvXJv5+OgIo9yRpvii/MTMcHYms=; 24:A7SNnDfZJIUVbFEq2m7sSh3DKvu5qc9+0Pf/u8n/sXuwIlQf871e0nBCt1Lto/Y24MbE0Wp9ltJdz+WxugNjmDNsQ/Be2zF68f394hoe+9c=; 7:6jlHvnhSNfs6eUKSWSnx/PLFCJS1mfoO6XgsZiJzSmsXa75I9mp7v6khmTQwpA3vqS/EABkmKRDxPqigNKH1DXLKqCZm8627LT3OHpKG74fjrcljyfjr2UlstKYvE4a4fpyNSQt+JIjdw0EqZeSEZU0BIho2lN4/teSAKq3C7y/iUy7CEebcueNvld/+VKa2E51hG5S2i8wykXrLPwnnCBC+/RC9dHvv+a83S+kBFvCee4fOkbWdR9Gfn5PxHYA/ x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: c4654e8d-ec1b-4d3e-7ea9-08d5218ca7a7 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603238); SRVR:CY4PR21MB0759; x-ms-traffictypediagnostic: CY4PR21MB0759: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(8121501046)(5005006)(10201501046)(3231020)(3002001)(93006095)(93001095)(100000703101)(100105400095)(6055026)(61426038)(61427038)(6041248)(20161123560025)(20161123558100)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0759; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0759; x-forefront-prvs: 047999FF16 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(376002)(346002)(47760400005)(189002)(199003)(3905003)(2351001)(81156014)(8936002)(81166006)(8676002)(106356001)(7736002)(2900100001)(1730700003)(66066001)(5640700003)(189998001)(33656002)(14454004)(5660300001)(99286004)(7696004)(6436002)(86612001)(86362001)(97736004)(74316002)(6916009)(478600001)(3660700001)(966005)(9686003)(53546010)(3480700004)(3846002)(54356999)(77096006)(6306002)(50986999)(25786009)(2501003)(8990500004)(55016002)(22452003)(54896002)(236005)(101416001)(790700001)(316002)(5630700001)(10290500003)(2906002)(3280700002)(105586002)(68736007)(53936002)(102836003)(606006)(10090500001)(6116002)(6506006)(12290500005)(15398625002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0759; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB08568047852A09809BE2FF40A35C0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: c4654e8d-ec1b-4d3e-7ea9-08d5218ca7a7 X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2017 00:57:13.3297 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0759 Archived-At: Subject: [Teep] Applicability to constrained environments X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 00:57:17 -0000 --_000_CY4PR21MB08568047852A09809BE2FF40A35C0CY4PR21MB0856namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. TEEs are critical in many IoT environments, as is the ability to install ap= ps after the device is originally provisioned, so I would want OTrP to be applicable (or said more generally, I would want= IoT environments to be one of the use cases in scope for TEEP). JSON is notably inefficient for IoT environments because of its verbosity, = and CBOR is often used instead. So I think a CBOR encoded version is needed. That may be as simple as spe= cifying it in JSON and then saying CBOR can be used simply by using the CBOR that you'd get when converting JSON to CBOR, = which mapping is fairly well specified. It could also be done as part of a specific transport protocol binding, but= my preference would be to keep it separate. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave --_000_CY4PR21MB08568047852A09809BE2FF40A35C0CY4PR21MB0856namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

As promised when I posted my review, I am starting s= everal email threads for discussions on specific technical topics.

This is one of them.

 

TEEs are critical in many IoT environments, as is th= e ability to install apps after the device is originally provisioned,<= /o:p>

so I would want OTrP to be applicable (or said more = generally, I would want IoT environments to be one of the use cases

in scope for TEEP).

 

JSON is notably inefficient for IoT environments bec= ause of its verbosity, and CBOR is often used instead.

So I think a CBOR encoded version is needed. &n= bsp; That may be as simple as specifying it in JSON and then saying CBOR ca= n be

used simply by using the CBOR that you’d get w= hen converting JSON to CBOR, which mapping is fairly well specified.

 

It could also be done as part of a specific transpor= t protocol binding, but my preference would be to keep it separate.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.org>
Subject: Review of draft-pei-opentrustprotocol-04

 

I’ve finally made it through a detailed review= of draft-pei-opentrustprotocol-04 and my marked up copy is at

https://www.= microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-pei-opentrust= protocol-04.pdf

 

I have lots of editori= al fixes throughout, and a number of technical comments/questions/issues.

 

I’ll start separ= ate email threads for some of them over the next several days.

 

Dave=

--_000_CY4PR21MB08568047852A09809BE2FF40A35C0CY4PR21MB0856namp_-- From nobody Wed Nov 1 18:01:45 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F10DB13F826 for ; Wed, 1 Nov 2017 18:01:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.01 X-Spam-Level: X-Spam-Status: No, score=-3.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QGk4LqvqGhnf for ; Wed, 1 Nov 2017 18:01:42 -0700 (PDT) Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0128.outbound.protection.outlook.com [104.47.32.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0923F13F816 for ; Wed, 1 Nov 2017 18:01:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=qFdDcSwOynkbkKrinS5aE359T9W2HbLslmuDNqCPasQ=; b=FGIYUofzh2Kbf4rWKOJDuRvDZ82uJ1QqmzNJWd5BGzmMDXoWmxOqUpS0Vdu1u3ff0cAurpRFznsWzP1gcxxjCVizmdgoytVsg7AzBvXIkYH8YKiTLC9BOh8tyMy/SK2dJhPmlPgNGYQ0Ce4nv/RlC8ZjqSr+Yq3kLRHgM92xUCQ= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0278.namprd21.prod.outlook.com (10.173.193.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.2; Thu, 2 Nov 2017 01:01:40 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Thu, 2 Nov 2017 01:01:40 +0000 From: Dave Thaler To: "teep@ietf.org" Thread-Topic: Multiple SPs under the same TSM Thread-Index: AdNTdbvYAf9fRhxaT3i374boYhrPxQ== Date: Thu, 2 Nov 2017 01:01:40 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [167.220.1.216] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0278; 6:o05l3YY5cjRwWVpy/NpOlDLMoqlyx+udvQEgLcOXcf9JmFWhzMD3XihBagGgiAYf5ZSjFK7D5oeagt1KoxERV72achJlAOwsSLtvl2oGS9+edsOvsm3kfjF/KiKMyq33+99+q/HMmdGoxyE2boWB4ONxSV+WWbPBlINuunkgWWTnT5RDy/c2qQOfbegX+gqsgCWQc80qJ7Mytg3XrHuTetA0PrmooIZbLvfCe4seLC6Bxf8pEGt2teU4naOOfk/DJkf9Oq14CI2/enNkRqHTThjxP3z4P4LeW9nrIzeuO1MUEVLcHlGQLwLGVkvRhpwX8jHE2BP/WFaToiz8toraw9tL5idKYwXdA9p6mmhjnZM=; 5:EnvABhaP1gXzfPXMBdZ+TUS5e84OBsCT0NxNR2r7YUGt3Qxi2kvheI0Tttirhr4WoMZjC+wKCzJEoFrfXNi9AWWOsdv4DHguzZL882uprSofJ//62Dds3GDzpo34dvJ1K4Ea4attY1pX2CoqA1mRztfNbuPSDiranSHsZeNd7Qw=; 24:kY3s3+IXR1iICZ9WJl7QnygAbD95JFbYHS30U3q3TT34mzJTPcBdxDR9O+q1XuhAanL+pCuyEfyB4yTxCAlydh4OuGH3zT0MLsuzJAtVZxk=; 7:O9LpTvJj7v4MeNdGScBOAOwHCEbt1kkbbJeHuMWZkGSMotcJVyXgjpCk1AaReBj6h4GPgdj0hopIilMGljj6hr9aNrT92frVW6fqnK2VR9yZYT2SDKLjSIM4QcFR8C8oS/K+FGrKFwkZvHLavO4/arQd6LMsk9xrlmh5D51f8+IvGY9NiG7cvIkHtW9bqh3SuepTv3FBo1yXTl5b714glX/wUJpsvoiedmEUNWceqX31L8GXKF/uvUclT/Kj6VrB x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 4c7dd678-d2fb-4994-276f-08d5218d46eb x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603238); SRVR:CY4PR21MB0278; x-ms-traffictypediagnostic: CY4PR21MB0278: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(100000703101)(100105400095)(3231020)(93006095)(93001095)(6055026)(61426038)(61427038)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123562025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0278; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0278; x-forefront-prvs: 047999FF16 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(346002)(376002)(47760400005)(3905003)(189002)(199003)(2906002)(8676002)(5630700001)(50986999)(54356999)(3280700002)(53546010)(3660700001)(105586002)(33656002)(106356001)(478600001)(10290500003)(2351001)(966005)(68736007)(1730700003)(81166006)(4743002)(606006)(8936002)(2501003)(81156014)(54896002)(6306002)(9686003)(101416001)(55016002)(236005)(5660300001)(790700001)(3846002)(6116002)(102836003)(66066001)(53936002)(6916009)(74316002)(8990500004)(7736002)(25786009)(14454004)(7696004)(189998001)(86612001)(2900100001)(10090500001)(316002)(86362001)(97736004)(22452003)(6436002)(6506006)(99286004)(5640700003)(77096006)(12290500005)(15398625002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0278; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB085601C7959C4DEF54D0CD9FA35C0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4c7dd678-d2fb-4994-276f-08d5218d46eb X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2017 01:01:40.4995 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0278 Archived-At: Subject: [Teep] Multiple SPs under the same TSM X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 01:01:44 -0000 --_000_CY4PR21MB085601C7959C4DEF54D0CD9FA35C0CY4PR21MB0856namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. The draft talks about multiple Service Providers (SP) under the same Trust = Service Manager (TSM), and then specifies a bunch of extra complexity to deal with that case. But it neve= r motivates why such a case is important. Why is the extra complexity needed? Wouldn't it be simpler to just say the= re's one TSM per SP? If there's a real-world scenario that requires the extra complexity, what i= s it? (And the draft should be updated with motivation) Alternatively, it would simplify the protocol to remove = the extra complexity. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave --_000_CY4PR21MB085601C7959C4DEF54D0CD9FA35C0CY4PR21MB0856namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

As promised when I posted my review, I am starting s= everal email threads for discussions on specific technical topics.

This is one of them.

 

The draft talks about multiple Service Providers (SP= ) under the same Trust Service Manager (TSM), and then
specifies a bunch of extra complexity to deal with that case.   B= ut it never motivates why such a case is important.

Why is the extra complexity needed?  WouldnR= 17;t it be simpler to just say there’s one TSM per SP?

 

If there’s a real-world scenario that requires= the extra complexity, what is it?   (And the draft should be upd= ated

with motivation)   Alternatively, it would= simplify the protocol to remove the extra complexity.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.org>
Subject: Review of draft-pei-opentrustprotocol-04

 

I’ve finally made it through a detailed review= of draft-pei-opentrustprotocol-04 and my marked up copy is at

https://www.= microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-pei-opentrust= protocol-04.pdf

 

I have lots of editori= al fixes throughout, and a number of technical comments/questions/issues.

 

I’ll start separ= ate email threads for some of them over the next several days.

 

Dave=

--_000_CY4PR21MB085601C7959C4DEF54D0CD9FA35C0CY4PR21MB0856namp_-- From nobody Wed Nov 1 18:06:13 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0F6F13F5C4 for ; Wed, 1 Nov 2017 18:06:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.02 X-Spam-Level: X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2J30bbJYliXB for ; Wed, 1 Nov 2017 18:06:09 -0700 (PDT) Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0138.outbound.protection.outlook.com [104.47.33.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E03113F43E for ; Wed, 1 Nov 2017 18:06:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=zqHFEv2BwbzrcZTCf1Dh3A4xqEG3JZsChU2R2FSWLag=; b=GePDcXU02JJ0X1rXJhpAZ5SELL5e32UrOjmM7HB13VaDr3e1vsR0A9eapkvAKXFXkCMRBvumyMiMDSy+IdHyR5YB5Oc3ufg8sfW/SECQg/TjpIxKalhT0IDH3DaoLhUId6s7vpskXIKi/RUxB3ENtkZQfsWywiRc8Dk1eDezqVo= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0118.namprd21.prod.outlook.com (10.173.189.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.2; Thu, 2 Nov 2017 01:06:07 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Thu, 2 Nov 2017 01:06:07 +0000 From: Dave Thaler To: "teep@ietf.org" Thread-Topic: APIs Thread-Index: AdNTdlAJsBLWo7dNQWGrqlk2K6ELrw== Date: Thu, 2 Nov 2017 01:06:07 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [167.220.1.216] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0118; 6:hnGTIZysakw4685mZN70WA3z0hgP0pb34f8qKGcsx0zWuP11XY6/cnXDnOi48c/+8xnrrK21cVlCI3R95bVH+yXbXEBFP0+bfrqFfv6tTVQP7V7gaTiCT+6XgxJFAbFddfuyleRWfJ6/KEuzr+BwouoEwW/Zx+GvebnBM5qIX986lPcSVFU8npIF1h4Wm8W7qfi+Zlcizo2v2fRyDqi25TbnA1xjPpFXe7iWsNYa4K5CAhG/zSn7udCVfr2m53eeLDkCffFxwkhl7f0oDC/QAW8aSDf3sn7ytooI6UGcJSjjeNrKPzepmSfZZ4Bpk7y/AZQgqSKj23RclTWCP1BcgCpIKtJSQibBeE0jlcB9yBU=; 5:SqT3weSLFBETlfQCgZjt+QZ8brqweyy6QRUhp2Ra1UqcC4kXPJIWwE6B1jrioLbWVzl5LbIfl+yiqqemCRjk1qJ2L4z25We2JnUUfi17rQ8gExinDq37Zx5Rtnz8kYZcE2xGpIf+Ohxn49i39tov5KZjK9sgNTeflFVwbs9GdJI=; 24:Z78/pftC1LF+YY+WhWJ3dYvrCidDvkYK78s1LWbxnubv5C2eiuneC2v/zC0okLaSvjIDOIqG2jFX3UW+iVVnTJlakLHxb5iPRMCqqJP/rT4=; 7:8uPOEZPl5y3x3UtpAipsD8YBv4S/kFSmaUFPrkR6Fwm2IuwWc7sQNGc8AXhUCNyV+1e4mRK6UMnj3S5ulnYv8P5ckOegbW5dZ0cqyQXRQDOpwNno1Qf1r5+bZzxxlnVyhcJpNLvSg4+qlGkhdoFxGSPxhN9WIjjRsfJoVDB52bqBgFaLiO8EKMGVvD9dQDdkQAAiDUV6hMzgi5d9oHYRUElvuZOSyxYESsZuTde7gDEJhFS5uE+OQbiTEU+qeCJ2 x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 95040b63-103c-46ee-6b0a-08d5218de5f8 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603238); SRVR:CY4PR21MB0118; x-ms-traffictypediagnostic: CY4PR21MB0118: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(8121501046)(5005006)(3231020)(100000703101)(100105400095)(10201501046)(3002001)(93006095)(93001095)(6055026)(61426038)(61427038)(6041248)(20161123560025)(20161123555025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0118; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0118; x-forefront-prvs: 047999FF16 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(39860400002)(47760400005)(199003)(189002)(3905003)(966005)(478600001)(53936002)(1730700003)(606006)(8676002)(7696004)(74316002)(53546010)(10290500003)(7736002)(7116003)(81156014)(81166006)(236005)(6506006)(86362001)(8936002)(6306002)(54896002)(9686003)(77096006)(6116002)(790700001)(3846002)(102836003)(8990500004)(6916009)(3480700004)(55016002)(189998001)(86612001)(5630700001)(68736007)(101416001)(50986999)(2501003)(10090500001)(25786009)(66066001)(14454004)(6436002)(97736004)(54356999)(2900100001)(221733001)(316002)(5640700003)(22452003)(33656002)(3660700001)(106356001)(105586002)(2351001)(5660300001)(2906002)(3280700002)(99286004)(12290500005)(15398625002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0118; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB085634E072E84CFD5E0A2237A35C0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 95040b63-103c-46ee-6b0a-08d5218de5f8 X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2017 01:06:07.3598 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0118 Archived-At: Subject: [Teep] APIs X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 01:06:11 -0000 --_000_CY4PR21MB085634E072E84CFD5E0A2237A35C0CY4PR21MB0856namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. Currently the document specifies both a protocol and an API. The IETF tod= ay does not really do concrete APIs (i.e., APIs in specific programming languages), just abstract APIs. Other orgs o= wn concrete APIs, like W3C does JavaScript, the POSIX standard covers C, etc. GlobalPlatform does do concrete APIs, s= o one potential way forward would be to *concrete* API portion out of the draft, let GlobalPlatform do that, and ke= ep the protocol and an *abstract* API in the IETF. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave --_000_CY4PR21MB085634E072E84CFD5E0A2237A35C0CY4PR21MB0856namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

As promised when I posted my review, I am starting s= everal email threads for discussions on specific technical topics.

This is one of them.

 

Currently the document specifies both a protocol and= an API.   The IETF today does not really do concrete APIs (i.e.,

APIs in specific programming languages), just abstra= ct APIs.   Other orgs own concrete APIs, like W3C does JavaScript= ,

the POSIX standard covers C, etc.   Global= Platform does do concrete APIs, so one potential way forward would be to

*concrete* API portion out of the draft, let = GlobalPlatform do that, and keep the protocol and an *abstract* API = in the IETF.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.org>
Subject: Review of draft-pei-opentrustprotocol-04

 

I’ve finally made it through a detailed review= of draft-pei-opentrustprotocol-04 and my marked up copy is at

https://www.= microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-pei-opentrust= protocol-04.pdf

 

I have lots of editori= al fixes throughout, and a number of technical comments/questions/issues.

 

I’ll start separ= ate email threads for some of them over the next several days.

 

Dave=

--_000_CY4PR21MB085634E072E84CFD5E0A2237A35C0CY4PR21MB0856namp_-- From nobody Wed Nov 1 18:14:00 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07BBB13F459 for ; Wed, 1 Nov 2017 18:13:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.02 X-Spam-Level: X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H8FC8Aw6kuCz for ; Wed, 1 Nov 2017 18:13:57 -0700 (PDT) Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0123.outbound.protection.outlook.com [104.47.33.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AF4D1386A1 for ; Wed, 1 Nov 2017 18:13:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=MUTaqdUw/IJCqBrj1Z7KevvTmJhm9QgnTt1hmL0Rb2E=; b=C9m0NFaBmcdgnccyOj4qY1i9fm/qv8lIu7ZYO2zBTW7tnUEN10Pi8b2mgCml/fKVZIQdoa1e+lJcVruFt4LpzQzHOhvFWmLsvqG0KJ9kQ6k3efoLUFBeY+9s1vd8LQfQBn2GW5mULHz/lBOhBL0evW/mbdEqri/aGz0d7guy7Rs= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0744.namprd21.prod.outlook.com (10.173.189.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.1; Thu, 2 Nov 2017 01:13:55 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Thu, 2 Nov 2017 01:13:55 +0000 From: Dave Thaler To: "teep@ietf.org" Thread-Topic: Trusted vs untrusted error codes Thread-Index: AdNTdvHWL5c38y4xQe295EaJoss3hQ== Date: Thu, 2 Nov 2017 01:13:55 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [167.220.1.216] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0744; 6:mCKQTER+SvrHdX+mg7yrn41fR5/5Fu64fNZsBBVTpgVP16eHaAjRgvob55ocr93mfTuyiWEhHn8LOFj5JrnMYh6E/32GBO3jbvduomuhfR+406mnbcX3fcr+988oG6YHT7wQe6xjVyniiW3F9zLm4iC5LbPnlJe/B781vTbCERSwD5xnIrg2WsLkynoAM3ruBBUl23PwIqt0f0hT0WSsxO1djdmQ7gP3wax4I2rl+6HKyduLi7TJkU7ASrp+PGJ2ZUXlk19BWHrxmEF6HTIqi8jvxQql3q1bc5wfPd0B/7/mZ7r541Mbmq/t/U6bzULP7Gv9dxRhkNtNvmce313aBOA+93lBy8uDdAd2Z8c/jlA=; 5:JHzLrpk5HVBRazXh0pbNirCcutq0yU5SCyl2woPzfwVXZyYgCUNJEaow3ExlHbZFsY5x9hJGeLuD2miq64LzCPe4OT/9b/cIt1Zomo41aUvn9Ij+uOTkqxaJr/jdgHccwWP7bLzzzl+c/mIYV7VDd0vk4Yt5KX/u04lo7kAAKZ0=; 24:sNdb8ne49EFjphsnQ9VaSw652w+TR4jnyr2G3le7ogO9Qjd8TGtjsfbhhDfTpblYpCZLDt/2fs6sRE0bf84JFoyGYUMB6DjF5y2hce1AvAg=; 7:ocNF7CWFZHRGl/MRhfOho1GoGc95MzdzJl4UTMZHmj+X/svNNpjQXTMqitFblmCXxSD7sRTlw174ecJC8Fs47G+Wq7rIQBcC7RTyAEChG2+s08bbemR4XHBlDqQvRzAaGhJ60gJkhaltNEfe6rZ79LSm9U8WWAAsngdJ463DKb+erABjrB05cTEe8HRVkuX8GTx/xzAU4zEibPrGI+mk+nLQwGELSk9jmtkEePw4oP9zVLONZG+vinn/Crj2OzH5 x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 315927d2-061b-4c4f-ddd6-08d5218efcf4 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603238); SRVR:CY4PR21MB0744; x-ms-traffictypediagnostic: CY4PR21MB0744: x-exchange-antispam-report-test: UriScan:(43050042349365)(192374486261705)(21748063052155)(17755550239193); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(100000703101)(100105400095)(3231020)(93006095)(93001095)(6055026)(61426038)(61427038)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123562025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0744; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0744; x-forefront-prvs: 047999FF16 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(39860400002)(346002)(47760400005)(189002)(3905003)(199003)(101416001)(5660300001)(2501003)(606006)(25786009)(5640700003)(10090500001)(316002)(10290500003)(22452003)(54356999)(8936002)(478600001)(50986999)(97736004)(105586002)(2351001)(5630700001)(6506006)(14454004)(106356001)(99286004)(68736007)(77096006)(53546010)(6116002)(3846002)(102836003)(790700001)(33656002)(8990500004)(6436002)(2906002)(81156014)(1730700003)(3660700001)(53936002)(74316002)(236005)(66066001)(81166006)(86612001)(2900100001)(8676002)(6916009)(6306002)(3280700002)(86362001)(7696004)(189998001)(54896002)(9686003)(55016002)(7736002)(966005)(12290500005)(15398625002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0744; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB085611503068F4C50107815CA35C0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 315927d2-061b-4c4f-ddd6-08d5218efcf4 X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2017 01:13:55.4521 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0744 Archived-At: Subject: [Teep] Trusted vs untrusted error codes X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 01:13:59 -0000 --_000_CY4PR21MB085611503068F4C50107815CA35C0CY4PR21MB0856namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. Currently section 8.1.6 of the draft specifies some cases where the TEE res= ponds with errors, and some cases where code outside of a TEE (in an OTrP Agent) responds with errors. In the former ca= se, you can have strong trust in the error since it can be signed by code in the TEE. In the latter case, you can't have st= rong trust in it because it was generated outside the TEE. That's probably ok, as long as you can distinguish between them and treat "= untrusted" errors as simply hints that might have been spoofed, rather than authoritative. But ERR_TEE_FAIL for exampl= e says it's used in both cases. I'd instead recommend that there be separate error code ranges for trusted = vs untrusted errors so they can be treated differently, even for unrecognized errors (for future compatibility). The security association should terminate inside the TEE, so that the OTrP = Agent outside the TEE is not part of it, it's just a message router. In that sense, OTrP errors are much like ICMP= errors, where they might come from an intermediary or from an authoritative endpoint. So I'd like to not repeat the same mis= takes as ICMP made. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave --_000_CY4PR21MB085611503068F4C50107815CA35C0CY4PR21MB0856namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

As promised when I posted my review, I am starting s= everal email threads for discussions on specific technical topics.

This is one of them.

 

Currently section 8.1.6 of the draft specifies some = cases where the TEE responds with errors, and some cases where code

outside of a TEE (in an OTrP Agent) responds with er= rors.  In the former case, you can have strong trust in the error sinc= e

it can be signed by code in the TEE.  In the la= tter case, you can’t have strong trust in it because it was generated= outside

the TEE.

 

That’s probably ok, as long as you can disting= uish between them and treat “untrusted” errors as simply hints = that might

have been spoofed, rather than authoritative. &= nbsp; But ERR_TEE_FAIL for example says it’s used in both cases. =

 

I’d instead recommend that there be separate e= rror code ranges for trusted vs untrusted errors so they can be treated
differently, even for unrecognized errors (for future compatibility).<= /o:p>

 

The security association should terminate inside the= TEE, so that the OTrP Agent outside the TEE is not part of it,<= /p>

it’s just a message router.   In tha= t sense, OTrP errors are much like ICMP errors, where they might come from = an intermediary

or from an authoritative endpoint.   So I&= #8217;d like to not repeat the same mistakes as ICMP made.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.org>
Subject: Review of draft-pei-opentrustprotocol-04

 

I’ve finally made it through a detailed review= of draft-pei-opentrustprotocol-04 and my marked up copy is at

https://www.= microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-pei-opentrust= protocol-04.pdf

 

I have lots of editori= al fixes throughout, and a number of technical comments/questions/issues.

 

I’ll start separ= ate email threads for some of them over the next several days.

 

Dave=

--_000_CY4PR21MB085611503068F4C50107815CA35C0CY4PR21MB0856namp_-- From nobody Thu Nov 2 01:10:57 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C591513FA6F; Thu, 2 Nov 2017 01:10:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IRZQ2fxDAuvX; Thu, 2 Nov 2017 01:10:53 -0700 (PDT) Received: from out0-193.mail.aliyun.com (out0-193.mail.aliyun.com [140.205.0.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BC1313FA70; Thu, 2 Nov 2017 01:10:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1509610248; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type; bh=Mv7zfTpuez6O0KXA7sO7+6zCBWtFh8MZm7MjjChERpg=; b=EdiryZ6KRDOMEy7MDMX0ONR2yPS/IbSUgZDGuysK9auZma0FDwCPI6MOY2PZPacZoWU4Zj4u0i+Kw3LxaVLCZ2MaBW05+fwjwlrOYfgDjVDxuk5Pc2HqxdH5QTAhZk5gqbIDT+z3PKzGzlQgm0IE3Lkgz1W1wT9HQHx2Tq9tyKM= X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R101e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03271; MF=max.ldp@alibaba-inc.com; NM=1; PH=DW; RN=2; SR=0; TI=W4_5094153_v5_0AC26464_1509610084872_o7001c343l; Received: from WS-web (max.ldp@alibaba-inc.com[W4_5094153_v5_0AC26464_1509610084872_o7001c343l]) by e01l07389.eu6 at Thu, 02 Nov 2017 16:10:47 +0800 Date: Thu, 02 Nov 2017 16:10:47 +0800 From: "=?UTF-8?B?5YiY5aSn6bmPKOm5j+aIkCk=?=" To: "TEEP" , "teep@ietf.org" Reply-To: "=?UTF-8?B?5YiY5aSn6bmPKOm5j+aIkCk=?=" Message-ID: X-Mailer: [Alimail-Mailagent][W4_5094153][v5][Chrome] MIME-Version: 1.0 References: CY4PR21MB08568047852A09809BE2FF40A35C0@CY4PR21MB0856.namprd21.prod.outlook.com In-Reply-To: CY4PR21MB08568047852A09809BE2FF40A35C0@CY4PR21MB0856.namprd21.prod.outlook.com x-aliyun-mail-creator: W4_5094153_v5_M3LTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTBfMikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzYxLjAuMzE2My4xMDAgU2FmYXJpLzUzNy4zNg==vN Content-Type: multipart/alternative; boundary="----=ALIBOUNDARY_60392_57e39940_59fad307_184a70" Archived-At: Subject: Re: [Teep] =?utf-8?q?Applicability_to_constrained_environments?= X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 08:10:56 -0000 ------=ALIBOUNDARY_60392_57e39940_59fad307_184a70 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: base64 SGVsbG8gRGF2ZSwKV2UgaGF2ZSBhIGRyYWZ0IHRoYXQgcHJvcG9zZXMgdG8gdXNlIENCT1IgZm9y IE9UclA6wqAgwqBodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtbGl1LW9wZW50cnVz dHByb3RvY29sLWNib3ItMDBZb3VyIGNvbW1lbnRzIGFyZSB3ZWxjb21lZC4KVGhhbmtzLFJlZ2Fy ZHMsRGFwZW5nIExpdS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLURhdmUgVGhhbGVyIDxkdGhhbGVyQG1pY3Jvc29mdC5jb20+ MjAxN+W5tDEx5pyIMuaXpSjmmJ/mnJ/lm5spIDA4OjU3dGVlcEBpZXRmLm9yZyA8dGVlcEBpZXRm Lm9yZz5bVGVlcF0gQXBwbGljYWJpbGl0eSB0byBjb25zdHJhaW5lZCBlbnZpcm9ubWVudHMKQXMg cHJvbWlzZWQgd2hlbiBJIHBvc3RlZCBteSByZXZpZXcsIEkgYW0gc3RhcnRpbmcgc2V2ZXJhbCBl bWFpbCB0aHJlYWRzIGZvciBkaXNjdXNzaW9ucyBvbiBzcGVjaWZpYyB0ZWNobmljYWwgdG9waWNz LlRoaXMgaXMgb25lIG9mIHRoZW0uwqBURUVzIGFyZSBjcml0aWNhbCBpbiBtYW55IElvVCBlbnZp cm9ubWVudHMsIGFzIGlzIHRoZSBhYmlsaXR5IHRvIGluc3RhbGwgYXBwcyBhZnRlciB0aGUgZGV2 aWNlIGlzIG9yaWdpbmFsbHkgcHJvdmlzaW9uZWQsc28gSSB3b3VsZCB3YW50IE9UclAgdG8gYmUg YXBwbGljYWJsZSAob3Igc2FpZCBtb3JlIGdlbmVyYWxseSwgSSB3b3VsZCB3YW50IElvVCBlbnZp cm9ubWVudHMgdG8gYmUgb25lIG9mIHRoZSB1c2UgY2FzZXNpbiBzY29wZSBmb3IgVEVFUCkuwqBK U09OIGlzIG5vdGFibHkgaW5lZmZpY2llbnQgZm9yIElvVCBlbnZpcm9ubWVudHMgYmVjYXVzZSBv ZiBpdHMgdmVyYm9zaXR5LCBhbmQgQ0JPUiBpcyBvZnRlbiB1c2VkIGluc3RlYWQuU28gSSB0aGlu ayBhIENCT1IgZW5jb2RlZCB2ZXJzaW9uIGlzIG5lZWRlZC7CoMKgIFRoYXQgbWF5IGJlIGFzIHNp bXBsZSBhcyBzcGVjaWZ5aW5nIGl0IGluIEpTT04gYW5kIHRoZW4gc2F5aW5nIENCT1IgY2FuIGJl dXNlZCBzaW1wbHkgYnkgdXNpbmcgdGhlIENCT1IgdGhhdCB5b3XigJlkIGdldCB3aGVuIGNvbnZl cnRpbmcgSlNPTiB0byBDQk9SLCB3aGljaCBtYXBwaW5nIGlzIGZhaXJseSB3ZWxsIHNwZWNpZmll ZC7CoEl0IGNvdWxkIGFsc28gYmUgZG9uZSBhcyBwYXJ0IG9mIGEgc3BlY2lmaWMgdHJhbnNwb3J0 IHByb3RvY29sIGJpbmRpbmcsIGJ1dCBteSBwcmVmZXJlbmNlIHdvdWxkIGJlIHRvIGtlZXAgaXQg c2VwYXJhdGUuwqBEYXZlwqBGcm9tOiBEYXZlIFRoYWxlciAKU2VudDogU2F0dXJkYXksIFNlcHRl bWJlciAyMywgMjAxNyAxMjoyNCBQTQpUbzogJ3RlZXBAaWV0Zi5vcmcnIDx0ZWVwQGlldGYub3Jn PgpTdWJqZWN0OiBSZXZpZXcgb2YgZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29sLTA0wqBJ4oCZ dmUgZmluYWxseSBtYWRlIGl0IHRocm91Z2ggYSBkZXRhaWxlZCByZXZpZXcgb2YgZHJhZnQtcGVp LW9wZW50cnVzdHByb3RvY29sLTA0IGFuZCBteSBtYXJrZWQgdXAgY29weSBpcyBhdGh0dHBzOi8v d3d3Lm1pY3Jvc29mdC5jb20vZW4tdXMvcmVzZWFyY2gvd3AtY29udGVudC91cGxvYWRzLzIwMTcv MDUvZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29sLTA0LnBkZsKgSSBoYXZlIGxvdHMgb2YgZWRp dG9yaWFsIGZpeGVzIHRocm91Z2hvdXQsIGFuZCBhIG51bWJlciBvZiB0ZWNobmljYWwgY29tbWVu dHMvcXVlc3Rpb25zL2lzc3Vlcy7CoEnigJlsbCBzdGFydCBzZXBhcmF0ZSBlbWFpbCB0aHJlYWRz IGZvciBzb21lIG9mIHRoZW0gb3ZlciB0aGUgbmV4dCBzZXZlcmFsIGRheXMuwqBEYXZlCg== ------=ALIBOUNDARY_60392_57e39940_59fad307_184a70 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: base64 PGRpdiBjbGFzcz0iX19hbGl5dW5fZW1haWxfYm9keV9ibG9jayI+PGRpdiAgc3R5bGU9ImxpbmUt aGVpZ2h0OjEuNztmb250LWZhbWlseTpNaWNyb3NvZnQgWWFoZWk7Zm9udC1zaXplOjEzLjBweDsi PjxkaXYgIHN0eWxlPSJjbGVhcjpib3RoOyI+PHNwYW4gIHN0eWxlPSJmb250LWZhbWlseTphcmlh bDtmb250LXNpemU6MTQuMHB4OyI+SGVsbG8gRGF2ZSw8L3NwYW4+PC9kaXY+PGRpdiAgc3R5bGU9 ImNsZWFyOmJvdGg7Ij48YnIgPjwvZGl2PjxkaXYgIHN0eWxlPSJjbGVhcjpib3RoOyI+PHNwYW4g IHN0eWxlPSJmb250LWZhbWlseTphcmlhbDtmb250LXNpemU6MTQuMHB4OyI+V2UgaGF2ZSBhIGRy YWZ0IHRoYXQgcHJvcG9zZXMgdG8gdXNlIENCT1IgZm9yIE9UclA6Jm5ic3A7ICZuYnNwO2h0dHBz Oi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1saXUtb3BlbnRydXN0cHJvdG9jb2wtY2Jvci0w MDwvc3Bhbj48L2Rpdj48ZGl2ICBzdHlsZT0iY2xlYXI6Ym90aDsiPjxzcGFuICBzdHlsZT0iZm9u dC1mYW1pbHk6YXJpYWw7Zm9udC1zaXplOjE0LjBweDsiPllvdXIgY29tbWVudHMgYXJlIHdlbGNv bWVkLjwvc3Bhbj48L2Rpdj48ZGl2ICBzdHlsZT0iY2xlYXI6Ym90aDsiPjxzcGFuICBzdHlsZT0i Zm9udC1mYW1pbHk6YXJpYWw7Zm9udC1zaXplOjE0LjBweDsiPjxiciA+PC9zcGFuPjwvZGl2Pjxk aXYgIHN0eWxlPSJjbGVhcjpib3RoOyI+PHNwYW4gIHN0eWxlPSJmb250LWZhbWlseTphcmlhbDtm b250LXNpemU6MTQuMHB4OyI+VGhhbmtzLDwvc3Bhbj48L2Rpdj48ZGl2ICBzdHlsZT0iY2xlYXI6 Ym90aDsiPjxzcGFuICBzdHlsZT0iZm9udC1mYW1pbHk6YXJpYWw7Zm9udC1zaXplOjE0LjBweDsi PlJlZ2FyZHMsPC9zcGFuPjwvZGl2PjxkaXYgIHN0eWxlPSJjbGVhcjpib3RoOyI+PHNwYW4gIHN0 eWxlPSJmb250LWZhbWlseTphcmlhbDtmb250LXNpemU6MTQuMHB4OyI+RGFwZW5nIExpdTwvc3Bh bj48L2Rpdj48YmxvY2txdW90ZSAgc3R5bGU9Im1hcmdpbi1yaWdodDouMHB4O21hcmdpbi10b3A6 LjBweDttYXJnaW4tYm90dG9tOi4wcHg7Zm9udC1mYW1pbHk6VGFob21hLEFyaWFsLFNUSGVpdGks U2ltU3VuO2ZvbnQtc2l6ZToxNC4wcHg7Y29sb3I6IzAwMDAwMDsiPjxkaXYgY2xhc3M9ImNsZWFy OiBib3RoIiBzdHlsZT0iIj4tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS08L2Rpdj48ZGl2IGNsYXNzPSJjbGVhcjogYm90aCIg c3R5bGU9IiI+RGF2ZSBUaGFsZXIgJmx0O2R0aGFsZXJAbWljcm9zb2Z0LmNvbSZndDs8L2Rpdj48 ZGl2IGNsYXNzPSJjbGVhcjogYm90aCIgc3R5bGU9IiI+MjAxN+W5tDEx5pyIMuaXpSjmmJ/mnJ/l m5spIDA4OjU3PC9kaXY+PGRpdiBjbGFzcz0iY2xlYXI6IGJvdGgiIHN0eWxlPSIiPnRlZXBAaWV0 Zi5vcmcgJmx0O3RlZXBAaWV0Zi5vcmcmZ3Q7PC9kaXY+PGRpdiBjbGFzcz0iY2xlYXI6IGJvdGgi IHN0eWxlPSIiPltUZWVwXSBBcHBsaWNhYmlsaXR5IHRvIGNvbnN0cmFpbmVkIGVudmlyb25tZW50 czwvZGl2PjxkaXYgY2xhc3M9ImNsZWFyOiBib3RoIiBzdHlsZT0iIj48YnIgPjwvZGl2PjxzdHls ZSA+PCEtLSAgQGZvbnQtZmFjZXtmb250LWZhbWlseTpDYW1icmlhIE1hdGg7cGFub3NlLTE6MiA0 IDUgMyA1IDQgNiAzIDIgNDt9e2ZvbnQtZmFtaWx5OkNhbGlicmk7cGFub3NlLTE6MiAxNSA1IDIg MiAyIDQgMyAyIDQ7fXAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWx7bWFy Z2luOi4waW47bWFyZ2luLWJvdHRvbTouMHB0O2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6 Q2FsaWJyaSxzYW5zLXNlcmlmO31hOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5re21zby1zdHlsZS1w cmlvcml0eTo5OTtjb2xvcjojMDU2M2MxO3RleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fWE6dmlz aXRlZCwgc3Bhbi5Nc29IeXBlcmxpbmtGb2xsb3dlZHttc28tc3R5bGUtcHJpb3JpdHk6OTk7Y29s b3I6Izk1NGY3Mjt0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO31wLm1zb25vcm1hbDAsIGxpLm1z b25vcm1hbDAsIGRpdi5tc29ub3JtYWwwe21zby1zdHlsZS1uYW1lOm1zb25vcm1hbDttc28tbWFy Z2luLXRvcC1hbHQ6YXV0bzttYXJnaW4tcmlnaHQ6LjBpbjttc28tbWFyZ2luLWJvdHRvbS1hbHQ6 YXV0bzttYXJnaW4tbGVmdDouMGluO2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6Q2FsaWJy aSxzYW5zLXNlcmlmO31zcGFuLkVtYWlsU3R5bGUxOHttc28tc3R5bGUtdHlwZTpwZXJzb25hbDtm b250LWZhbWlseTpDYWxpYnJpLHNhbnMtc2VyaWY7Y29sb3I6d2luZG93dGV4dDt9c3Bhbi5FbWFp bFN0eWxlMTl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7Zm9udC1mYW1pbHk6Q2FsaWJy aSxzYW5zLXNlcmlmO2NvbG9yOndpbmRvd3RleHQ7fS5Nc29DaHBEZWZhdWx0e21zby1zdHlsZS10 eXBlOmV4cG9ydC1vbmx5O2ZvbnQtc2l6ZToxMC4wcHQ7fUBwYWdlIFdvcmRTZWN0aW9uMXtzaXpl OjguNWluIDExLjBpbjttYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fWRpdi5Xb3JkU2Vj dGlvbjF7cGFnZTpXb3JkU2VjdGlvbjE7fS0tPjwvc3R5bGU+PGRpdiBjbGFzcz0iV29yZFNlY3Rp b24xIiBzdHlsZT0iIj48cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0iIj5BcyBwcm9taXNlZCB3 aGVuIEkgcG9zdGVkIG15IHJldmlldywgSSBhbSBzdGFydGluZyBzZXZlcmFsIGVtYWlsIHRocmVh ZHMgZm9yIGRpc2N1c3Npb25zIG9uIHNwZWNpZmljIHRlY2huaWNhbCB0b3BpY3MuPC9wPjxwIGNs YXNzPSJNc29Ob3JtYWwiIHN0eWxlPSIiPlRoaXMgaXMgb25lIG9mIHRoZW0uPC9wPjxwIGNsYXNz PSJNc29Ob3JtYWwiIHN0eWxlPSIiPiZuYnNwOzwvcD48cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHls ZT0iIj5URUVzIGFyZSBjcml0aWNhbCBpbiBtYW55IElvVCBlbnZpcm9ubWVudHMsIGFzIGlzIHRo ZSBhYmlsaXR5IHRvIGluc3RhbGwgYXBwcyBhZnRlciB0aGUgZGV2aWNlIGlzIG9yaWdpbmFsbHkg cHJvdmlzaW9uZWQsPC9wPjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSIiPnNvIEkgd291bGQg d2FudCBPVHJQIHRvIGJlIGFwcGxpY2FibGUgKG9yIHNhaWQgbW9yZSBnZW5lcmFsbHksIEkgd291 bGQgd2FudCBJb1QgZW52aXJvbm1lbnRzIHRvIGJlIG9uZSBvZiB0aGUgdXNlIGNhc2VzPC9wPjxw IGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSIiPmluIHNjb3BlIGZvciBURUVQKS48L3A+PHAgY2xh c3M9Ik1zb05vcm1hbCIgc3R5bGU9IiI+Jm5ic3A7PC9wPjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0 eWxlPSIiPkpTT04gaXMgbm90YWJseSBpbmVmZmljaWVudCBmb3IgSW9UIGVudmlyb25tZW50cyBi ZWNhdXNlIG9mIGl0cyB2ZXJib3NpdHksIGFuZCBDQk9SIGlzIG9mdGVuIHVzZWQgaW5zdGVhZC48 L3A+PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9IiI+U28gSSB0aGluayBhIENCT1IgZW5jb2Rl ZCB2ZXJzaW9uIGlzIG5lZWRlZC4mbmJzcDsmbmJzcDsgVGhhdCBtYXkgYmUgYXMgc2ltcGxlIGFz IHNwZWNpZnlpbmcgaXQgaW4gSlNPTiBhbmQgdGhlbiBzYXlpbmcgQ0JPUiBjYW4gYmU8L3A+PHAg Y2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9IiI+dXNlZCBzaW1wbHkgYnkgdXNpbmcgdGhlIENCT1Ig dGhhdCB5b3XigJlkIGdldCB3aGVuIGNvbnZlcnRpbmcgSlNPTiB0byBDQk9SLCB3aGljaCBtYXBw aW5nIGlzIGZhaXJseSB3ZWxsIHNwZWNpZmllZC48L3A+PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5 bGU9IiI+Jm5ic3A7PC9wPjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSIiPkl0IGNvdWxkIGFs c28gYmUgZG9uZSBhcyBwYXJ0IG9mIGEgc3BlY2lmaWMgdHJhbnNwb3J0IHByb3RvY29sIGJpbmRp bmcsIGJ1dCBteSBwcmVmZXJlbmNlIHdvdWxkIGJlIHRvIGtlZXAgaXQgc2VwYXJhdGUuPC9wPjxw IGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSIiPiZuYnNwOzwvcD48cCBjbGFzcz0iTXNvTm9ybWFs IiBzdHlsZT0iIj5EYXZlPC9wPjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSIiPjxhICBocmVm PSIjdGhpcyIgbmFtZT0iX01haWxFbmRDb21wb3NlIj4mbmJzcDs8L2E+PC9wPjxkaXYgc3R5bGU9 IiI+PGRpdiAgc3R5bGU9ImJvcmRlci1yaWdodDpub25lO2JvcmRlci1ib3R0b206bm9uZTtib3Jk ZXItbGVmdDpub25lO2JvcmRlci1pbWFnZTppbml0aWFsO2JvcmRlci10b3A6MS4wcHggc29saWQg I2UxZTFlMTtwYWRkaW5nOjQuMHB4IC4waW4gLjBpbjsiPjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0 eWxlPSIiPjxiID5Gcm9tOjwvYj4gRGF2ZSBUaGFsZXIgPGJyID48YiA+U2VudDo8L2I+IFNhdHVy ZGF5LCBTZXB0ZW1iZXIgMjMsIDIwMTcgMTI6MjQgUE08YnIgPjxiID5Ubzo8L2I+ICd0ZWVwQGll dGYub3JnJyAmbHQ7dGVlcEBpZXRmLm9yZyZndDs8YnIgPjxiID5TdWJqZWN0OjwvYj4gUmV2aWV3 IG9mIGRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0wNDwvcD48L2Rpdj48L2Rpdj48cCBjbGFz cz0iTXNvTm9ybWFsIiBzdHlsZT0iIj4mbmJzcDs8L3A+PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5 bGU9IiI+SeKAmXZlIGZpbmFsbHkgbWFkZSBpdCB0aHJvdWdoIGEgZGV0YWlsZWQgcmV2aWV3IG9m IGRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0wNCBhbmQgbXkgbWFya2VkIHVwIGNvcHkgaXMg YXQ8L3A+PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9IiI+PGEgIGhyZWY9Imh0dHBzOi8vd3d3 Lm1pY3Jvc29mdC5jb20vZW4tdXMvcmVzZWFyY2gvd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDUv ZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29sLTA0LnBkZiIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBz Oi8vd3d3Lm1pY3Jvc29mdC5jb20vZW4tdXMvcmVzZWFyY2gvd3AtY29udGVudC91cGxvYWRzLzIw MTcvMDUvZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29sLTA0LnBkZjwvYT48L3A+PHAgY2xhc3M9 Ik1zb05vcm1hbCIgc3R5bGU9IiI+PHNwYW4gIHN0eWxlPSJjb2xvcjojMzMzMzMzOyI+Jm5ic3A7 PC9zcGFuPjwvcD48cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0iIj48c3BhbiAgc3R5bGU9ImNv bG9yOiMzMzMzMzM7Ij5JIGhhdmUgbG90cyBvZiBlZGl0b3JpYWwgZml4ZXMgdGhyb3VnaG91dCwg YW5kIGEgbnVtYmVyIG9mIHRlY2huaWNhbCBjb21tZW50cy9xdWVzdGlvbnMvaXNzdWVzLjwvc3Bh bj48L3A+PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9IiI+PHNwYW4gIHN0eWxlPSJjb2xvcjoj MzMzMzMzOyI+Jm5ic3A7PC9zcGFuPjwvcD48cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0iIj48 c3BhbiAgc3R5bGU9ImNvbG9yOiMzMzMzMzM7Ij5J4oCZbGwgc3RhcnQgc2VwYXJhdGUgZW1haWwg dGhyZWFkcyBmb3Igc29tZSBvZiB0aGVtIG92ZXIgdGhlIG5leHQgc2V2ZXJhbCBkYXlzLjwvc3Bh bj48L3A+PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9IiI+PHNwYW4gIHN0eWxlPSJjb2xvcjoj MzMzMzMzOyI+Jm5ic3A7PC9zcGFuPjwvcD48cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0iIj48 c3BhbiAgc3R5bGU9ImNvbG9yOiMzMzMzMzM7Ij5EYXZlPC9zcGFuPjwvcD48L2Rpdj48L2Jsb2Nr cXVvdGU+PGRpdiAgc3R5bGU9ImxpbmUtaGVpZ2h0OjIwLjBweDtjbGVhcjpib3RoOyI+PGJyID48 L2Rpdj48L2Rpdj48L2Rpdj4= ------=ALIBOUNDARY_60392_57e39940_59fad307_184a70-- From nobody Thu Nov 2 13:30:58 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A388513F92A; Thu, 2 Nov 2017 13:30:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.031 X-Spam-Level: X-Spam-Status: No, score=-0.031 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GSazOj25x6gy; Thu, 2 Nov 2017 13:30:53 -0700 (PDT) Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0093.outbound.protection.outlook.com [104.47.41.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F7F513F692; Thu, 2 Nov 2017 13:30:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=AH/YR6wR43rLro68li402Uq+ETV/LZ5Es5T+GPAITqE=; b=BLo+nfeSDYaTSLLB+PTk2HZBYVtASisu2z9x176yq5FhLYwa8mVEO64e8lJC/+YWQevcXFud3d5mke9a2DC0C9Vatz9VgAz6oCdYZl2uYY/g5PlNYtqTzwXUD7W4a/onFdCZ0/zGlnBXuul5wi03IcqGrYBbK5iF2suk6e3dRuk= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0167.namprd21.prod.outlook.com (10.173.192.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.2; Thu, 2 Nov 2017 20:30:51 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Thu, 2 Nov 2017 20:30:51 +0000 From: Dave Thaler To: =?utf-8?B?5YiY5aSn6bmPKOm5j+aIkCk=?= , TEEP , "teep@ietf.org" Thread-Topic: [Teep] Applicability to constrained environments Thread-Index: AQHTU7IeYbPmogPZtEqqYd7L39QYtKMBi1yw Date: Thu, 2 Nov 2017 20:30:51 +0000 Message-ID: References: CY4PR21MB08568047852A09809BE2FF40A35C0@CY4PR21MB0856.namprd21.prod.outlook.com In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [167.220.0.91] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0167; 6:hHktKx8TPUlMCi2gL5vv9r+1XJoKwZbKWL8ZYrZTcxqsfQO0oZMQnGiEzj9sqBS9aeRmClGfZGGaDBJPuiKzH0/jt1aBB0c1i8KTXtJvKbFqVkAo6FJcBSw3wLoABmZESTHksDN1dhmqdBtflbS8smcGGJHd3JPQoPNqW70F9O37IqLr8Hi7wH5GyI/6I3DeAOaM6QXmabXz8jRHuS4nHIBXKjpTtUPN5pjx0eKKFR+PVXw9ytOZVppMD4jmuRo9iZeBKMcpdq2G9xkTXe6jiHgxeciGaQ9EFmUuSsl5rFnFjaYAfqOfYwnxYX8GUYxzECGFHt8qjJYRnGk8L5rLu0oR28QyGLSzSXX+cagqyzw=; 5:28X8Cjk5txjHx87Uli7PNvpuVUuzivWhfnp5yvuQ2qg6VzxbyPag14GuiyWieILLLQUd9GPpnIJ5xcUQdSXZjREhgKo+8gO+4Mgi6Kgl1JNsAEZkGRxZ8SAYGnJ83oUmHBeF1ErQPrVO9E2MMkbcUXDntz8NzAgNSFslZffZ5hE=; 24:wTSnJ7zpRaXfm7ktSHqv4PCnC4q1SHJZeKGRZ+rxHCRljBPJVKgmfDrz6II04MJI/vQOQZ7kgtaEEC43jagvQ1LVJuWDSmu8zghfq6HQCUM=; 7:uquDiP7lmH73LIer4GpWXg0uawgHrfjCOZUiczkzMzg/KtwlESXCS2nJIxyVKT3KZ3Vy5UQxDJsjYuNGnYpLZkDKjYG1fdg/JWqWW2ThtAku5uk50cMQV86XpglSZ1QIDW9NtGv4L+d8XIjibpq7SzQrKFxXiwCpbsOyCW18TJT3pVDl3Acr44dMFAczoH7vmDRweEhFNX1tFuoQeuO3WDRBrKt1gxuX+b0sOuUzPy/j/hWkhdVBHncDmMtH10kh x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 3d73b108-c045-4df5-b55b-08d522309c26 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(2017052603238); SRVR:CY4PR21MB0167; x-ms-traffictypediagnostic: CY4PR21MB0167: x-exchange-antispam-report-test: UriScan:(43050042349365)(89211679590171)(189930954265078)(219752817060721)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(100000703101)(100105400095)(3231020)(6055026)(61426038)(61427038)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123564025)(20161123562025)(20161123558100)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0167; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0167; x-forefront-prvs: 047999FF16 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(39860400002)(47760400005)(3905003)(189002)(199003)(105586002)(478600001)(6306002)(54356999)(50986999)(236005)(106356001)(76176999)(66066001)(9686003)(10290500003)(97736004)(101416001)(606006)(53936002)(33656002)(6246003)(53546010)(7696004)(3280700002)(2906002)(22452003)(2501003)(316002)(25786009)(54896002)(5660300001)(966005)(6506006)(14454004)(110136005)(2950100002)(3660700001)(81166006)(8936002)(6436002)(77096006)(68736007)(86362001)(81156014)(10090500001)(8676002)(86612001)(189998001)(2900100001)(229853002)(3846002)(102836003)(8990500004)(6116002)(790700001)(7736002)(99286004)(55016002)(74316002)(12290500005)(15398625002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0167; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0856CCECDA67D19427055FA3A35C0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3d73b108-c045-4df5-b55b-08d522309c26 X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Nov 2017 20:30:51.5256 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0167 Archived-At: Subject: Re: [Teep] Applicability to constrained environments X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2017 20:30:56 -0000 --_000_CY4PR21MB0856CCECDA67D19427055FA3A35C0CY4PR21MB0856namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 VGhhbmtzLCBnbGFkIHRvIGhlYXIgaXQuDQoNCkJ1dCBpdCBhcHBlYXJzIHRvIHJlc3BlY2lmeSB0 aGUgZm9ybWF0IG9mIGVhY2ggbWVzc2FnZS4NCldoeSBub3QganVzdCBzYXkgYWxsIGZvcm1hdHMg YXJlIHRoZSBDQk9SIGVxdWl2YWxlbnQgb2YgdGhlIEpTT04/DQoNCkZyb206IFRFRVAgW21haWx0 bzp0ZWVwLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiA/Pz8oPz8pDQpTZW50OiBUaHVy c2RheSwgTm92ZW1iZXIgMiwgMjAxNyAxOjExIEFNDQpUbzogVEVFUCA8dGVlcC1ib3VuY2VzQGll dGYub3JnPjsgdGVlcEBpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtUZWVwXSBBcHBsaWNhYmlsaXR5 IHRvIGNvbnN0cmFpbmVkIGVudmlyb25tZW50cw0KDQpIZWxsbyBEYXZlLA0KDQpXZSBoYXZlIGEg ZHJhZnQgdGhhdCBwcm9wb3NlcyB0byB1c2UgQ0JPUiBmb3IgT1RyUDogICBodHRwczovL3Rvb2xz LmlldGYub3JnL2h0bWwvZHJhZnQtbGl1LW9wZW50cnVzdHByb3RvY29sLWNib3ItMDANCllvdXIg Y29tbWVudHMgYXJlIHdlbGNvbWVkLg0KDQpUaGFua3MsDQpSZWdhcmRzLA0KRGFwZW5nIExpdQ0K LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tDQpEYXZlIFRoYWxlciA8ZHRoYWxlckBtaWNyb3NvZnQuY29tPG1haWx0bzpkdGhh bGVyQG1pY3Jvc29mdC5jb20+Pg0KMjAxN+W5tDEx5pyIMuaXpSjmmJ/mnJ/lm5spIDA4OjU3DQp0 ZWVwQGlldGYub3JnPG1haWx0bzp0ZWVwQGlldGYub3JnPiA8dGVlcEBpZXRmLm9yZzxtYWlsdG86 dGVlcEBpZXRmLm9yZz4+DQpbVGVlcF0gQXBwbGljYWJpbGl0eSB0byBjb25zdHJhaW5lZCBlbnZp cm9ubWVudHMNCg0KQXMgcHJvbWlzZWQgd2hlbiBJIHBvc3RlZCBteSByZXZpZXcsIEkgYW0gc3Rh cnRpbmcgc2V2ZXJhbCBlbWFpbCB0aHJlYWRzIGZvciBkaXNjdXNzaW9ucyBvbiBzcGVjaWZpYyB0 ZWNobmljYWwgdG9waWNzLg0KVGhpcyBpcyBvbmUgb2YgdGhlbS4NCg0KVEVFcyBhcmUgY3JpdGlj YWwgaW4gbWFueSBJb1QgZW52aXJvbm1lbnRzLCBhcyBpcyB0aGUgYWJpbGl0eSB0byBpbnN0YWxs IGFwcHMgYWZ0ZXIgdGhlIGRldmljZSBpcyBvcmlnaW5hbGx5IHByb3Zpc2lvbmVkLA0Kc28gSSB3 b3VsZCB3YW50IE9UclAgdG8gYmUgYXBwbGljYWJsZSAob3Igc2FpZCBtb3JlIGdlbmVyYWxseSwg SSB3b3VsZCB3YW50IElvVCBlbnZpcm9ubWVudHMgdG8gYmUgb25lIG9mIHRoZSB1c2UgY2FzZXMN CmluIHNjb3BlIGZvciBURUVQKS4NCg0KSlNPTiBpcyBub3RhYmx5IGluZWZmaWNpZW50IGZvciBJ b1QgZW52aXJvbm1lbnRzIGJlY2F1c2Ugb2YgaXRzIHZlcmJvc2l0eSwgYW5kIENCT1IgaXMgb2Z0 ZW4gdXNlZCBpbnN0ZWFkLg0KU28gSSB0aGluayBhIENCT1IgZW5jb2RlZCB2ZXJzaW9uIGlzIG5l ZWRlZC4gICBUaGF0IG1heSBiZSBhcyBzaW1wbGUgYXMgc3BlY2lmeWluZyBpdCBpbiBKU09OIGFu ZCB0aGVuIHNheWluZyBDQk9SIGNhbiBiZQ0KdXNlZCBzaW1wbHkgYnkgdXNpbmcgdGhlIENCT1Ig dGhhdCB5b3XigJlkIGdldCB3aGVuIGNvbnZlcnRpbmcgSlNPTiB0byBDQk9SLCB3aGljaCBtYXBw aW5nIGlzIGZhaXJseSB3ZWxsIHNwZWNpZmllZC4NCg0KSXQgY291bGQgYWxzbyBiZSBkb25lIGFz IHBhcnQgb2YgYSBzcGVjaWZpYyB0cmFuc3BvcnQgcHJvdG9jb2wgYmluZGluZywgYnV0IG15IHBy ZWZlcmVuY2Ugd291bGQgYmUgdG8ga2VlcCBpdCBzZXBhcmF0ZS4NCg0KRGF2ZQ0KDQpGcm9tOiBE YXZlIFRoYWxlcg0KU2VudDogU2F0dXJkYXksIFNlcHRlbWJlciAyMywgMjAxNyAxMjoyNCBQTQ0K VG86ICd0ZWVwQGlldGYub3JnJyA8dGVlcEBpZXRmLm9yZzxtYWlsdG86dGVlcEBpZXRmLm9yZz4+ DQpTdWJqZWN0OiBSZXZpZXcgb2YgZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29sLTA0DQoNCkni gJl2ZSBmaW5hbGx5IG1hZGUgaXQgdGhyb3VnaCBhIGRldGFpbGVkIHJldmlldyBvZiBkcmFmdC1w ZWktb3BlbnRydXN0cHJvdG9jb2wtMDQgYW5kIG15IG1hcmtlZCB1cCBjb3B5IGlzIGF0DQpodHRw czovL3d3dy5taWNyb3NvZnQuY29tL2VuLXVzL3Jlc2VhcmNoL3dwLWNvbnRlbnQvdXBsb2Fkcy8y MDE3LzA1L2RyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0wNC5wZGY8aHR0cHM6Ly9uYTAxLnNh ZmVsaW5rcy5wcm90ZWN0aW9uLm91dGxvb2suY29tLz91cmw9aHR0cHMlM0ElMkYlMkZ3d3cubWlj cm9zb2Z0LmNvbSUyRmVuLXVzJTJGcmVzZWFyY2glMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIw MTclMkYwNSUyRmRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0wNC5wZGYmZGF0YT0wMiU3QzAx JTdDZHRoYWxlciU0MG1pY3Jvc29mdC5jb20lN0NjZmQ5YTNhNzU4OTY0MjAwZWMwNzA4ZDUyMWM5 NDAxNiU3QzcyZjk4OGJmODZmMTQxYWY5MWFiMmQ3Y2QwMTFkYjQ3JTdDMSU3QzElN0M2MzY0NTIw NzA2MDYyNjE1OTQmc2RhdGE9RkFSMVUxa2xJVGF5JTJGMDd0aXlqVktRZ29CMDY5QXgwM01leXRR OGJpS3JZJTNEJnJlc2VydmVkPTA+DQoNCkkgaGF2ZSBsb3RzIG9mIGVkaXRvcmlhbCBmaXhlcyB0 aHJvdWdob3V0LCBhbmQgYSBudW1iZXIgb2YgdGVjaG5pY2FsIGNvbW1lbnRzL3F1ZXN0aW9ucy9p c3N1ZXMuDQoNCknigJlsbCBzdGFydCBzZXBhcmF0ZSBlbWFpbCB0aHJlYWRzIGZvciBzb21lIG9m IHRoZW0gb3ZlciB0aGUgbmV4dCBzZXZlcmFsIGRheXMuDQoNCkRhdmUNCg0K --_000_CY4PR21MB0856CCECDA67D19427055FA3A35C0CY4PR21MB0856namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseToiTWljcm9zb2Z0IFlhSGVpIjsNCglwYW5v c2UtMToyIDExIDUgMyAyIDIgNCAyIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJc QE1pY3Jvc29mdCBZYUhlaSI7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpUYWhvbWE7DQoJ cGFub3NlLTE6MiAxMSA2IDQgMyA1IDQgNCAyIDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8N CnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsN CgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWls eToiQ2FsaWJyaSIsc2Fucy1zZXJpZjt9DQphOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21z by1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjojMDU2M0MxOw0KCXRleHQtZGVjb3JhdGlvbjp1 bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1z dHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjojOTU0RjcyOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRl cmxpbmU7fQ0KcC5tc29ub3JtYWwwLCBsaS5tc29ub3JtYWwwLCBkaXYubXNvbm9ybWFsMA0KCXtt c28tc3R5bGUtbmFtZTptc29ub3JtYWw7DQoJbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87DQoJbWFy Z2luLXJpZ2h0OjBpbjsNCgltc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzsNCgltYXJnaW4tbGVm dDowaW47DQoJZm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1z ZXJpZjt9DQpzcGFuLkVtYWlsU3R5bGUxOA0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbDsNCglm b250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjsNCgljb2xvcjp3aW5kb3d0ZXh0O30NCnNw YW4uRW1haWxTdHlsZTE5DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5 OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCWNvbG9yOndpbmRvd3RleHQ7fQ0Kc3Bhbi5FbWFpbFN0 eWxlMjENCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNh bGlicmkiLHNhbnMtc2VyaWY7DQoJY29sb3I6d2luZG93dGV4dDt9DQouTXNvQ2hwRGVmYXVsdA0K CXttc28tc3R5bGUtdHlwZTpleHBvcnQtb25seTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fu cy1zZXJpZjt9DQpAcGFnZSBXb3JkU2VjdGlvbjENCgl7c2l6ZTo4LjVpbiAxMS4waW47DQoJbWFy Z2luOjEuMGluIDEuMGluIDEuMGluIDEuMGluO30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpX b3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNo YXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQiIHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRp Zl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0 Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0Pjwv eG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFkPg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxpbms9IiMwNTYz QzEiIHZsaW5rPSIjOTU0RjcyIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj5UaGFua3MsIGdsYWQgdG8gaGVhciBpdC4mbmJzcDsgPG86cD48L286cD48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPkJ1dCBpdCBhcHBlYXJzIHRvIHJlc3BlY2lmeSB0aGUgZm9ybWF0IG9mIGVh Y2ggbWVzc2FnZS48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPldoeSBub3Qg anVzdCBzYXkgYWxsIGZvcm1hdHMgYXJlIHRoZSBDQk9SIGVxdWl2YWxlbnQgb2YgdGhlIEpTT04/ PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YSBuYW1lPSJfTWFpbEVuZENv bXBvc2UiPjxvOnA+Jm5ic3A7PC9vOnA+PC9hPjwvcD4NCjxzcGFuIHN0eWxlPSJtc28tYm9va21h cms6X01haWxFbmRDb21wb3NlIj48L3NwYW4+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj5Gcm9t OjwvYj4gVEVFUCBbbWFpbHRvOnRlZXAtYm91bmNlc0BpZXRmLm9yZ10gPGI+T24gQmVoYWxmIE9m DQo8L2I+Pz8/KD8/KTxicj4NCjxiPlNlbnQ6PC9iPiBUaHVyc2RheSwgTm92ZW1iZXIgMiwgMjAx NyAxOjExIEFNPGJyPg0KPGI+VG86PC9iPiBURUVQICZsdDt0ZWVwLWJvdW5jZXNAaWV0Zi5vcmcm Z3Q7OyB0ZWVwQGlldGYub3JnPGJyPg0KPGI+U3ViamVjdDo8L2I+IFJlOiBbVGVlcF0gQXBwbGlj YWJpbGl0eSB0byBjb25zdHJhaW5lZCBlbnZpcm9ubWVudHM8bzpwPjwvbzpwPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+SGVsbG8gRGF2ZSw8L3NwYW4+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7TWljcm9zb2Z0 IFlhSGVpJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0K PGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O01pY3Jvc29mdCBZYUhlaSZxdW90OyxzYW5zLXNlcmlmIj48bzpw PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtBcmlh bCZxdW90OyxzYW5zLXNlcmlmIj5XZSBoYXZlIGEgZHJhZnQgdGhhdCBwcm9wb3NlcyB0byB1c2Ug Q0JPUiBmb3IgT1RyUDombmJzcDsgJm5ic3A7PGEgaHJlZj0iaHR0cHM6Ly90b29scy5pZXRmLm9y Zy9odG1sL2RyYWZ0LWxpdS1vcGVudHJ1c3Rwcm90b2NvbC1jYm9yLTAwIj5odHRwczovL3Rvb2xz LmlldGYub3JnL2h0bWwvZHJhZnQtbGl1LW9wZW50cnVzdHByb3RvY29sLWNib3ItMDA8L2E+PC9z cGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O01pY3Jv c29mdCBZYUhlaSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEw LjVwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5Zb3VyIGNvbW1l bnRzIGFyZSB3ZWxjb21lZC48L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7TWljcm9zb2Z0IFlhSGVpJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+PC9v OnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O01pY3Jvc29mdCBZYUhl aSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVw dDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5UaGFua3MsPC9zcGFu PjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O01pY3Jvc29m dCBZYUhlaSZxdW90OyxzYW5zLXNlcmlmIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVw dDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5SZWdhcmRzLDwvc3Bh bj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtNaWNyb3Nv ZnQgWWFIZWkmcXVvdDssc2Fucy1zZXJpZiI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41 cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+RGFwZW5nIExpdTwv c3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtNaWNy b3NvZnQgWWFIZWkmcXVvdDssc2Fucy1zZXJpZiI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9k aXY+DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXJpZ2h0OjBpbiI+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6 JnF1b3Q7VGFob21hJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPi0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLTxvOnA+ PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxz cGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9tYSZxdW90 OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5EYXZlIFRoYWxlciAmbHQ7PGEgaHJlZj0ibWFpbHRv OmR0aGFsZXJAbWljcm9zb2Z0LmNvbSI+ZHRoYWxlckBtaWNyb3NvZnQuY29tPC9hPiZndDs8bzpw PjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtUYWhvbWEmcXVv dDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+MjAxNzwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1z aXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtNaWNyb3NvZnQgWWFIZWkmcXVvdDssc2Fucy1z ZXJpZjtjb2xvcjpibGFjayI+5bm0PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0 O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9tYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj4x MTwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtN aWNyb3NvZnQgWWFIZWkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+5pyIPC9zcGFuPjxz cGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9tYSZxdW90 OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj4yPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6 MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O01pY3Jvc29mdCBZYUhlaSZxdW90OyxzYW5zLXNlcmlm O2NvbG9yOmJsYWNrIj7ml6U8L3NwYW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPig8L3Nw YW4+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7TWljcm9z b2Z0IFlhSGVpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPuaYn+acn+Wbmzwvc3Bhbj48 c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtUYWhvbWEmcXVv dDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+KQ0KIDA4OjU3PG86cD48L286cD48L3NwYW4+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LHNhbnMtc2VyaWY7Y29s b3I6YmxhY2siPjxhIGhyZWY9Im1haWx0bzp0ZWVwQGlldGYub3JnIj50ZWVwQGlldGYub3JnPC9h PiAmbHQ7PGEgaHJlZj0ibWFpbHRvOnRlZXBAaWV0Zi5vcmciPnRlZXBAaWV0Zi5vcmc8L2E+Jmd0 OzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O1RhaG9t YSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5bVGVlcF0gQXBwbGljYWJpbGl0eSB0byBj b25zdHJhaW5lZCBlbnZpcm9ubWVudHM8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxk aXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtm b250LWZhbWlseTomcXVvdDtUYWhvbWEmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+PG86 cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPkFzIHByb21pc2VkIHdoZW4gSSBwb3N0ZWQgbXkgcmV2 aWV3LCBJIGFtIHN0YXJ0aW5nIHNldmVyYWwgZW1haWwgdGhyZWFkcyBmb3IgZGlzY3Vzc2lvbnMg b24gc3BlY2lmaWMgdGVjaG5pY2FsIHRvcGljcy48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPlRoaXMgaXMgb25lIG9m IHRoZW0uPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g c3R5bGU9ImNvbG9yOmJsYWNrIj4mbmJzcDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPlRFRXMgYXJlIGNyaXRpY2Fs IGluIG1hbnkgSW9UIGVudmlyb25tZW50cywgYXMgaXMgdGhlIGFiaWxpdHkgdG8gaW5zdGFsbCBh cHBzIGFmdGVyIHRoZSBkZXZpY2UgaXMgb3JpZ2luYWxseSBwcm92aXNpb25lZCw8bzpwPjwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6Ymxh Y2siPnNvIEkgd291bGQgd2FudCBPVHJQIHRvIGJlIGFwcGxpY2FibGUgKG9yIHNhaWQgbW9yZSBn ZW5lcmFsbHksIEkgd291bGQgd2FudCBJb1QgZW52aXJvbm1lbnRzIHRvIGJlIG9uZSBvZiB0aGUg dXNlIGNhc2VzPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gc3R5bGU9ImNvbG9yOmJsYWNrIj5pbiBzY29wZSBmb3IgVEVFUCkuPG86cD48L286cD48L3Nw YW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj4m bmJzcDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBz dHlsZT0iY29sb3I6YmxhY2siPkpTT04gaXMgbm90YWJseSBpbmVmZmljaWVudCBmb3IgSW9UIGVu dmlyb25tZW50cyBiZWNhdXNlIG9mIGl0cyB2ZXJib3NpdHksIGFuZCBDQk9SIGlzIG9mdGVuIHVz ZWQgaW5zdGVhZC48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPlNvIEkgdGhpbmsgYSBDQk9SIGVuY29kZWQgdmVyc2lv biBpcyBuZWVkZWQuJm5ic3A7Jm5ic3A7IFRoYXQgbWF5IGJlIGFzIHNpbXBsZSBhcyBzcGVjaWZ5 aW5nIGl0IGluIEpTT04gYW5kIHRoZW4gc2F5aW5nIENCT1IgY2FuIGJlPG86cD48L286cD48L3Nw YW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj51 c2VkIHNpbXBseSBieSB1c2luZyB0aGUgQ0JPUiB0aGF0IHlvdeKAmWQgZ2V0IHdoZW4gY29udmVy dGluZyBKU09OIHRvIENCT1IsIHdoaWNoIG1hcHBpbmcgaXMgZmFpcmx5IHdlbGwgc3BlY2lmaWVk LjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxl PSJjb2xvcjpibGFjayI+Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj5JdCBjb3VsZCBhbHNvIGJlIGRvbmUg YXMgcGFydCBvZiBhIHNwZWNpZmljIHRyYW5zcG9ydCBwcm90b2NvbCBiaW5kaW5nLCBidXQgbXkg cHJlZmVyZW5jZSB3b3VsZCBiZSB0byBrZWVwIGl0IHNlcGFyYXRlLjxvOnA+PC9vOnA+PC9zcGFu PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+Jm5i c3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5 bGU9ImNvbG9yOmJsYWNrIj5EYXZlPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj48YSBocmVmPSIjdGhpcyI+Jm5ic3A7 PC9hPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxkaXY+DQo8ZGl2IHN0eWxlPSJib3JkZXI6bm9u ZTtib3JkZXItdG9wOnNvbGlkICNFMUUxRTEgMS4wcHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBp bjtib3JkZXItaW1hZ2U6aW5pdGlhbCI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBz dHlsZT0iY29sb3I6YmxhY2siPkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iY29sb3I6Ymxh Y2siPiBEYXZlIFRoYWxlcg0KPGJyPg0KPGI+U2VudDo8L2I+IFNhdHVyZGF5LCBTZXB0ZW1iZXIg MjMsIDIwMTcgMTI6MjQgUE08YnI+DQo8Yj5Ubzo8L2I+ICd0ZWVwQGlldGYub3JnJyAmbHQ7PGEg aHJlZj0ibWFpbHRvOnRlZXBAaWV0Zi5vcmciPnRlZXBAaWV0Zi5vcmc8L2E+Jmd0Ozxicj4NCjxi PlN1YmplY3Q6PC9iPiBSZXZpZXcgb2YgZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29sLTA0PG86 cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj5J4oCZdmUgZmlu YWxseSBtYWRlIGl0IHRocm91Z2ggYSBkZXRhaWxlZCByZXZpZXcgb2YgZHJhZnQtcGVpLW9wZW50 cnVzdHByb3RvY29sLTA0IGFuZCBteSBtYXJrZWQgdXAgY29weSBpcyBhdDxvOnA+PC9vOnA+PC9z cGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+ PGEgaHJlZj0iaHR0cHM6Ly9uYTAxLnNhZmVsaW5rcy5wcm90ZWN0aW9uLm91dGxvb2suY29tLz91 cmw9aHR0cHMlM0ElMkYlMkZ3d3cubWljcm9zb2Z0LmNvbSUyRmVuLXVzJTJGcmVzZWFyY2glMkZ3 cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRmRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90 b2NvbC0wNC5wZGYmYW1wO2RhdGE9MDIlN0MwMSU3Q2R0aGFsZXIlNDBtaWNyb3NvZnQuY29tJTdD Y2ZkOWEzYTc1ODk2NDIwMGVjMDcwOGQ1MjFjOTQwMTYlN0M3MmY5ODhiZjg2ZjE0MWFmOTFhYjJk N2NkMDExZGI0NyU3QzElN0MxJTdDNjM2NDUyMDcwNjA2MjYxNTk0JmFtcDtzZGF0YT1GQVIxVTFr bElUYXklMkYwN3RpeWpWS1Fnb0IwNjlBeDAzTWV5dFE4YmlLclklM0QmYW1wO3Jlc2VydmVkPTAi IHRhcmdldD0iX2JsYW5rIj5odHRwczovL3d3dy5taWNyb3NvZnQuY29tL2VuLXVzL3Jlc2VhcmNo L3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDE3LzA1L2RyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0w NC5wZGY8L2E+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gc3R5bGU9ImNvbG9yOiMzMzMzMzMiPiZuYnNwOzwvc3Bhbj48c3BhbiBzdHlsZT0iY29sb3I6 YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IHN0eWxlPSJjb2xvcjojMzMzMzMzIj5JIGhhdmUgbG90cyBvZiBlZGl0b3JpYWwgZml4ZXMgdGhy b3VnaG91dCwgYW5kIGEgbnVtYmVyIG9mIHRlY2huaWNhbCBjb21tZW50cy9xdWVzdGlvbnMvaXNz dWVzLjwvc3Bhbj48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMzMzMzMzIj4mbmJz cDs8L3NwYW4+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzMzMzMzMyI+SeKAmWxs IHN0YXJ0IHNlcGFyYXRlIGVtYWlsIHRocmVhZHMgZm9yIHNvbWUgb2YgdGhlbSBvdmVyIHRoZSBu ZXh0IHNldmVyYWwgZGF5cy48L3NwYW4+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj48bzpwPjwv bzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6 IzMzMzMzMyI+Jm5ic3A7PC9zcGFuPjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+PG86cD48L286 cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMz MzMzMzMiPkRhdmU8L3NwYW4+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj48bzpwPjwvbzpwPjwv c3Bhbj48L3A+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5 bGU9ImxpbmUtaGVpZ2h0OjE1LjBwdCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7TWljcm9zb2Z0IFlhSGVpJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+Jm5i c3A7PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9i b2R5Pg0KPC9odG1sPg0K --_000_CY4PR21MB0856CCECDA67D19427055FA3A35C0CY4PR21MB0856namp_-- From nobody Fri Nov 3 11:18:14 2017 Return-Path: X-Original-To: teep@ietf.org Delivered-To: teep@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6339213FF30 for ; Fri, 3 Nov 2017 11:18:12 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: X-Test-IDTracker: no X-IETF-IDTracker: 6.64.1 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <150973309240.27534.6573511459308121745.idtracker@ietfa.amsl.com> Date: Fri, 03 Nov 2017 11:18:12 -0700 From: IETF Secretariat Archived-At: Subject: [Teep] Milestones changed for teep WG X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Nov 2017 18:18:12 -0000 Added milestone "Calendar item: IETF #100 Hackathon to work on TEEP protocol prototype implementations.", due November 2017. Added milestone "Submit "TEEP Architecture" document as WG item.", due December 2017. Added milestone "Submit "TEEP Protocol" document as WG item.", due February 2018. Added milestone "Calendar item: 1st interoperability event (at IETF #101).", due March 2018. Added milestone "Submit "TEEP Architecture" to the IESG for publication as an Informational RFC.", due July 2018. Added milestone "Calendar item: 2nd interoperability event (at IETF #102).", due July 2018. Added milestone "Submit "TEEP Protocol" to the IESG for publication as a Proposed Standard.", due February 2019. URL: https://datatracker.ietf.org/wg/teep/about/ From nobody Fri Nov 3 11:45:48 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FF0C13FF40 for ; Fri, 3 Nov 2017 11:45:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.8 X-Spam-Level: X-Spam-Status: No, score=-4.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yw6y5naCC1Hh for ; Fri, 3 Nov 2017 11:45:44 -0700 (PDT) Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0120.outbound.protection.outlook.com [104.47.40.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5133F13FF3B for ; Fri, 3 Nov 2017 11:45:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=se/xCITuGJuEssWXDthctL4AXhvN1onDZ5FgDjrRTHI=; b=kELogsKbweMuEDAu6S88h5JEJJ0ZRdNicr+uUeptFcOWkR8v8g6AcigJ5Hdi08ZeNewpsNoZzAjpJK7riMCLqRH3ld7FyFGuKl+gbWf1GTIs0h54dxnIJ6Dw1Zebl7l+XwQxPOcHk6Lm/6Tru27jGkxn+bKs1vxpLVD37FgS0WI= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0837.namprd21.prod.outlook.com (10.173.192.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.218.2; Fri, 3 Nov 2017 18:45:43 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Fri, 3 Nov 2017 18:45:43 +0000 From: Dave Thaler To: "teep@ietf.org" CC: "Nancy Cam-Winget (ncamwing)" Thread-Topic: Notetaker and jabber scribe Thread-Index: AdNU07feS3zf7ZBQR6iz+TgRxU1Gow== Date: Fri, 3 Nov 2017 18:45:42 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [2001:4898:80e8:9::51b] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0837; 6:3Hgb5iZa7LzbqYJrRffRDvWuRnGTxZ7f8ecpaWj8mKSOrBO/EpBdOdF3S4KuHvrxvpyAxVEBcnuS+16laEtv/IywJHqNlqAKOQoW/R4SX7Kvb7Z+ZV9oDvE1kyNHEI7O492S+s4+2CRiLW6yl8t78axDuG2ppJ3EqbTrazFf7OqLrtSfofs/pM4wNu7fyexcP6yDOeanEFBxtoVLD0f1QWXaA54hI5VGgTwsMxMYsJ1X4uiL1/83toUjgpz6bgRoKGuQlvro05FYe6taJ+/OwL+UByNYjh7bU+1dAQz40HGfiSsgQ5b/2l3UFjVJg86XzlRjsAirNURsNKLyJTMy93I/XgiZL9zdjK3opCsMqPs=; 5:tiSFKig4P/11w7FruWi/D+EJ2YNMd3TKmtrTJZLI9wQLrpkDm1G6rg6QUWSn1c99qW2nAOChsBxRG+WU193n414FCDCN56D7IoOhZ2/e3p5UN5HHM1ng8oPrr64/6kC4R2JcevM1+VG1368FcleJvQMnNV378uqKNY/EGjF7qu8=; 24:CqXr5OJUDMLGm2Amzq72q2p6UvjIKrSPtHddK3k+Fmr2ZQWg5wM9SXiIY4M/SVI89+iMdQZOY61Lp2uMEn26Y73Zo+KfDL6vG2BU/YVhCFw=; 7:tBKvckWGclBShpqUz1wf1bEgu54Ck37mYdbTENPeirCNSPHs5W9cX4EjxhBH+swnwu6D5z/crkOYzXBaugrJW+7GQywLLqm3sv4sNJYzkSUdLIBs55wK0XWE87xDWlx8/ZD5k8brXwukDhkGroTMvH5m/tZVLG5Rnbu1D850+n4XXofMd/wa6MNZlotkvxwT41keA1cauHfKotLefJw6x97E7IxzaQT8efZEwOarYKQWAg8DXfiqPSsCLUFbkT34 x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: bf887001-6236-4747-af13-08d522eb1666 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603240); SRVR:CY4PR21MB0837; x-ms-traffictypediagnostic: CY4PR21MB0837: x-exchange-antispam-report-test: UriScan:(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3231021)(100000703101)(100105400095)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123560025)(20161123562025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0837; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0837; x-forefront-prvs: 0480A51D4A x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(346002)(376002)(47760400005)(199003)(189002)(7736002)(105586002)(106356001)(74316002)(50986999)(54356999)(9686003)(6916009)(189998001)(33656002)(316002)(14454004)(6306002)(6436002)(6506006)(3280700002)(5660300001)(4326008)(8990500004)(86362001)(55016002)(99286004)(54896002)(22452003)(77096006)(6116002)(2900100001)(3660700001)(478600001)(25786009)(7696004)(86612001)(2906002)(2351001)(97736004)(2501003)(3480700004)(81156014)(10290500003)(558084003)(790700001)(102836003)(8936002)(5630700001)(10090500001)(5640700003)(8676002)(101416001)(53936002)(68736007)(81166006)(1730700003); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0837; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0856C480444F93C14744AF0BA35D0CY4PR21MB0856namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: bf887001-6236-4747-af13-08d522eb1666 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Nov 2017 18:45:42.9561 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0837 Archived-At: Subject: [Teep] Notetaker and jabber scribe X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Nov 2017 18:45:46 -0000 --_000_CY4PR21MB0856C480444F93C14744AF0BA35D0CY4PR21MB0856namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable The TEEP BoF is now a week and a half away. Do we have any volunteers who = would be willing to be either a note taker or a jabber scribe? If so, please send email to Nancy and me. Dave --_000_CY4PR21MB0856C480444F93C14744AF0BA35D0CY4PR21MB0856namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

The TEEP BoF is now a week and a half away.  Do= we have any volunteers who would be willing to be

either a note taker or a jabber scribe?

 

If so, please send email to Nancy and me.=

 

Dave

--_000_CY4PR21MB0856C480444F93C14744AF0BA35D0CY4PR21MB0856namp_-- From nobody Mon Nov 6 09:02:12 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4371213FBB0 for ; Mon, 6 Nov 2017 09:02:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.575 X-Spam-Level: X-Spam-Status: No, score=-3.575 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTP_ESCAPED_HOST=1.125, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HP5pOfY1auEX for ; Mon, 6 Nov 2017 09:02:02 -0800 (PST) Received: from smtp97.iad3a.emailsrvr.com (smtp97.iad3a.emailsrvr.com [173.203.187.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 636CE13FB36 for ; Mon, 6 Nov 2017 09:02:02 -0800 (PST) Received: from smtp13.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp13.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 724F85C99 for ; Mon, 6 Nov 2017 12:01:57 -0500 (EST) X-Auth-ID: hank.chavers@globalplatform.org Received: by smtp13.relay.iad3a.emailsrvr.com (Authenticated sender: hank.chavers-AT-globalplatform.org) with ESMTPSA id 650665756 for ; Mon, 6 Nov 2017 12:01:56 -0500 (EST) X-Sender-Id: hank.chavers@globalplatform.org Received: from ChaInt070 ([UNAVAILABLE]. [62.218.24.114]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:465 (trex/5.7.12); Mon, 06 Nov 2017 12:01:57 -0500 Reply-To: From: "Hank Chavers" To: "'teep'" Date: Mon, 6 Nov 2017 11:01:56 -0600 Organization: GlobalPlatform Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0002_01D356EE.AA234640" X-Mailer: Microsoft Outlook 15.0 Thread-Index: AdNXHh+GDjq1nKsqTbSlvb4jYylJnw== Content-Language: en-us Archived-At: Subject: Re: [Teep] Charter Text X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 17:02:10 -0000 This is a multipart message in MIME format. ------=_NextPart_000_0002_01D356EE.AA234640 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Hello TEEP members, On behalf of GlobalPlatform, I can confirm Jeremy=A1=AFs analysis below = with one correction concerning the specification process. GlobalPlatform specifications are open for public review before they are published. = During the public review period, anyone can download and provide contributions = to the specifications. The timeline from Public review of the GlobalPlatform OTrP = specifications is expected to be 1Q 2018. The active editors are contributing to the = work. Let me reiterate that GlobalPlatform is creating an implementation independent specification including compliance test to verify interoperability of implementations. The creation of an apparently = similar specification in IETF will cause market fragmentation and = interoperability challenges. =20 (T)Hank(s) Hank Chavers Technical Program Manager GlobalPlatform O: +1 972-315-8438 M: +1 469-450-2862 E: hank.chavers@globalplatform.org = =20 Re: [Teep] Charter Text Jeremy O'Donoghue Mon, 30 October 2017 16:59 UTCShow header = It is a little difficult to be certain since GlobalPlatform = participation is organised by company, where IETF is individual. However, based on the GlobalPlatform TEE Spec Working Group roster - = this is the relevant e-mail reflector - I am aware of participants who are also subscribed to the TEEP list (snapshot of both lists at 16:21 UTC today) = who are operating from e-mail addresses at the following companies (same = e-mail address in all cases). * Qualcomm (myself), ARM, Interceed, Symantec, Solacia (under than = name =A1=B0Hansol Secure=A1=B1), Huawei, Oracle Four of the five authors credited with OTrP draft 4 are on the GlobalPlatform TEE Spec Working Group e-mail roster. The fifth has just = left his employer and left the GlobalPlatform roster approximately three = weeks ago. I cannot speak directly on behalf of GlobalPlatform, but as I wrote the document outlining the approach to be taken in GlobalPlatform, I can = share the following: - The guiding objective is to be able to implement both OTrP and TMF [1] = (an existing GlobalPlatform remote management specification) using a common = TEE Remote Admin Service - Where OTrP and TMF are aligned (which is true for most cases) TMF = applies unchanged. Where OTrP differs from TMF, align behaviour as far as = possible and document the differences. - Document OTrP requirements around the =A1=B0Bootstrap Domain=A1=B1 (in = TMF terminology this is a Security Domain that is typically instantiated at device manufacture, and may contain functionality that cannot be created using TMF commands) - The following set of work products to be produced: - Modification to existing TMF specification to support OTrP - Addition to the SC-RAM [2] specification to accommodate and specify = the OTrP agent - Write a new document detailing how JSON in OTrP maps to ASN.1 = command set defined in TMF - Write a new security layer document (if required) to support OTrP - Write a configuration document for OTrP (this is the precursor to compliance program as it defines the testable set of functionality) - Write a new white paper describing OTrP and TMF The GlobalPlatform working groups are open only to members. Published specifications are free to download, but reside behind a = =A1=B0click-through=A1=B1 license. GlobalPlatform is open in the sense that anyone wishing to pay = the appropriate membership fee can participate. Hope this helps. If more information is needed I believe it would be = most appropriate to reach out to GlobalPlatform directly as I am speaking in = a personal capacity here. Jeremy [1]: TMF - https://globalplatform.org/specificationform.asp?fid=3D7866 [2] : SC-RAM - = https://globalplatform.org/specificationform.asp?fid=3D7706 On 30 Oct 2017, at 16:16, Dave Thaler > wrote: Do we know who from GlobalPlatform is participating in IETF, and vice = versa? Is there a description of the work GlobalPlatform is proposing to do = related to OTrP? Where can IETF participants find GP=A1=AFs discussion of OTrP? Is it an = open or closed forum? Thanks, Dave From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Jeremy O'Donoghue Sent: Friday, September 22, 2017 8:01 AM To: Wheeler, David M > Cc: Nancy Cam-Winget (ncamwing) >; teep@ietf.org Subject: Re: [Teep] Charter Text Hi Dave, On 22 Sep 2017, at 15:26, Wheeler, David M > wrote: I understand your perspective and concern (I think, but would like to = hear more). From Intel=A1=AFs side, we have some issues with =A1=B0too = close=A1=B1 relationship to GP, because GP=A1=AFs definition of TEE security ties = that security to trusted boot. I understand that TZ, and even some of = Intel=A1=AFs TEEs (Android Trusty implementation) require a trusted secure boot in = order to themselves be secure, but Intel also has TEEs that are *completely separated* from secure boot, and therefore do not require a secure = booted platform to retain security. You are correct on this point. However, the GP notion of =A1=B0trusted = boot=A1=B1 allows quite a lot of wiggle room - the essential requirement is that = the mechanism whereby the TEE is instantiated is bound to a secure root of = trust on the SoC or on off-SoC security processor. I don=A1=AFt know enough = about SGX to be able to say whether it could meet this definition. Most actual implementations of GP TEEs are bound to the ARM TZ = architecture, so there may well be some bias to that in some of the informative = material around a GP TEE. However, implementations of most of the specifications e.g. the GP = Internal Core API, Management Framework, OTrP etc. are not bound to that security definition. Both TMF and the GP approach to OTrP are explicitly designed = to support management of non-GP TEE. I do recognise that being outside the GP Security definition might pose commercial difficulties in such an approach. Too close a relationship to GP will create issues around this = definition. We need greater discussion around this, otherwise, by definition it rejects certain Intel TEEs (SGX primarily) and then Intel would consider this an implementation specific definition aligned to TrustZone, and not a = general TEE protocol. My suspicion is that it also rejects ARM Cortex-M Trustzone for similar reasons (which I think has some similarities to SGX in its approach) I think we need to talk more about this. I agree there is a lot of good stuff in GP that we should leverage. Are you open to changing some of these core definitions, and working = through the implications of those changes with us? This will separate us = somewhat form GP standards, I think. I think there is a need to have standards supporting TEEs that are not rooted in a secure boot style root of trust, and (ideally) for these to behave similarly from a developer and management perspective to TEEs = that have such a root. I would have thought that the main effort in such a case would be to = define a system architecture, security requirements and (eventually) a = Protection Profile - this looks a long way from the charter as currently proposed. I would need to discuss further internally as to whether that is an = effort to which I would be able to contribute. Best regards Jeremy Very interested in your thoughts and perspective. Thanks, Dave Wheeler From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Jeremy O'Donoghue Sent: Friday, September 22, 2017 1:00 AM To: Nancy Cam-Winget (ncamwing) > Cc: teep@ietf.org Subject: Re: [Teep] Charter Text Qualcomm would like to ensure that the charter and proposed deliverables = are properly differentiated from work occurring in GlobalPlatform based on = the OTrP contribution which has been accepted as a GlobalPlatform work item. Since the proposed charter for teep includes a close relationship with GlobalPlatform, Qualcomm suggests some alignment between the = organisations to ensure that there is a single, definitive, set of standards defining = OTrP as the best outcome for all participants. --- Jeremy O=A1=AFDonoghue email: jodonogh@qti.qualcomm.com Engineer, Principal/Manager tel: +44 1252 363189 NFC & Secure Software and Systems On 22 Sep 2017, at 05:49, Nancy Cam-Winget (ncamwing) > wrote: Thank you all for responding and for demonstrating there is good = support to move this work along. It would be good to get discussions started on the current drafts and milestones as well. Nancy From: TEEP > on = behalf of "zhoup@bjleisen.com" > Date: Thursday, September 21, 2017 at 7:10 PM To: Dapeng Liu >, = Lubna Dajani >, "ppeterka@verimatrix.com" >, teep-bounces >, teep >, Mingliang Pei >, "Marc.Canel" >, Richard = Parris >, Rob Coombs >, "qingyang.meng" >, = Brian Witten >, "henry.j.lee@samsung.com" >, Nick Cook >, "Mike.M.Parsel@sprint.com" >, Hannes Tschofenig = >, "zhijian.zhang" >, = =CE=BA=C3=AF =BE=FC>, = Dominique Bolignano >, "heekwan.lee@samsung.com" >, Mike Hendrick >, XiaYubin >, "sangjin.park@hansol.com" >, "Paczkowski, = Lyle W [CTO]" >, Pengcheng Zou >, "fmw@whty.com.cn" >, "philip.attfield" >, "Andrew.Atyeo" >, paromix >, ppeterkaa >, "max.ldp@alibaba-inc.com" > Subject: Re: [Teep] Charter Text hi, Beijing Laser Tech. support it.thanks. ________________________________ =D6=DC=C5=F4 CEO =B1=B1=BE=A9=C0=D7=C9=AD=BF=C6=BC=BC=B7=A2=D5=B9=D3=D0=CF=DE=B9=AB=CB=BE Beijing Laser Technology Development CO.,LTD =B5=D8=D6=B7=A3=BA=CE=F7=D6=B1=C3=C5=B1=B1=B4=F3=BD=D6=BC=D743=BA=C5=BD=F0= =D4=CB=B4=F3=CF=C37=B2=E3 =D3=CA=B1=E0100044 =CA=D6=BB=FA=A3=BA18910750012/15601105750/13911779990 =CD=F8=D6=B7=A3=BA www.bjleisen.com From: Dapeng Liu Date: 2017-09-13 00:49 To: Lubna Dajani; ppeterka; teep-bounces; teep; Mingliang Pei; Marc Canel; richard.parris@intercede.com; Rob Coombs; qingyang.meng; brian_witten; henry.j.lee@samsung.com; Nick Cook; Mike.M.Parsel@sprint.com; Hannes Tschofenig; zhijian.zhang; zhoup; maojun.wei; dominique.bolignano; heekwan.lee@samsung.com; mike.hendrick@seqlabs.com; xiayubin; sangjin.park; = lyle.w.paczkowski; Pengcheng Zou; fmw; = philip.attfield; Andrew.Atyeo; paromix; = ppeterkaa; =B3=C9 =C5=F4 Subject: re: [Teep] Charter Text Hello Nancy, Thanks! Actually, there are lots of companies/experts are very interested in the proposed TEEP work. But they may not familiar with IETF process, I hope = they would getting more active in the list after the long summer vacation:) Note: I have copied to all the experts that are interested in TEEP based = on offline discussions. To all the experts copied in this mail: Please subscribe to TEEP email = list first if you want to reply. Here is how to subscribe: https://www.ietf.org/mailman/listinfo/teep =20 Thanks, Max ------------------------------------------------------------------ From:Nancy Cam-Winget (ncamwing) > Send Time:2017=C4=EA9=D4=C212=C8=D5(=D0=C7=C6=DA=B6=FE) 23:50 To:Lubna Dajani >; = Petr Peterka > Cc:teep@ietf.org = > Subject:Re: [Teep] Charter Text Thank you Lubna and Petr! Would still like to hear from others and also solicit feedback on the proposed charter text. Warm regards, Nancy From: Lubna Dajani > Date: Tuesday, September 12, 2017 at 4:40 AM To: Petr Peterka = > Cc: "ncamwing@cisco.com" >, "teep@ietf.org" = > Subject: Re: [Teep] Charter Text please allow me to echo Petr's responses. 1. Yes 2. Yes 3. Yes 4. Yes I am personally very excited to see this WG form and I look forward to actively contributing to the evolution of this protocol as I have since = the ideation stages of this protocol =A1=AD Thank you Nancy, Petr and everyone here=A1=AD Lubna __________________________________________________ Lubna Dajani I Allternet Ltd. @lubnadajani @futuristasORG + 1 201 982 0934 Confidentiality Notice: The information contained in this email and any attachments is intended only for the recipient[s] listed above and may = be privileged and confidential. Any dissemination, copying, or use of or reliance upon such information by or to anyone other than the = recipient[s] listed above is prohibited. If you have received this message in error, please notify the sender immediately at the email address above and = destroy any and all copies of this message. Sent with Mixmax =20 On Thu, Jul 20, 2017 2:48 AM, Petr Peterka ppeterka@verimatrix.com wrote: Hi Nancy I think we had a very productive meeting yesterday. Here are my answers = to your questions: 1) Do you understand what TEEP is trying to achieve? ANSWER: Yes, I do. I=A1=AFd like to add that the charter may = re-emphasize that the proposed WG is not going to define the TEE or the TAM service = themselves but just the protocol between them. 2) Is this work that should be done in general? ANSWER: Yes, it should since there are going to be more and more trusted execution environments (lower case) especially with the proliferation of = IoT devices which will need more security than what they have today. 3) Is this work that should be done in the IETF, or does it belong to somewhere else? ANSWER: Since we are trying to define a protocol that is independent of = the different TEE implementations, I believe that IETF is the right home for = it. 4) Should we form a WG with given charter to work on this? ANSWER: Yes, that is my recommendation. Thanks Petr From: TEEP [mailto:teep-bounces@ietf.org] = On Behalf Of Nancy Cam-Winget (ncamwing) Sent: Thursday, July 20, 2017 11:13 AM To: teep@ietf.org Subject: Re: [Teep] Charter Text All, Please provide feedback on the results of yesterday=A1=AFs side meeting. = In particular, we=A1=AFd like to get feedback on whether this the right = scope and if we have captured it appropriately. If it is not, also please comment = and if possible, provide suggestions for improvement. We would like to continue discussion over email and get consensus around = the 2nd week of September so that we can have a path forward. In particular = we would like to get answers for: 1) Do you understand what TEEP is trying to achieve? 2) Is this work that should be done in general? 3) Is this work that should be done in the IETF, or does it belong to somewhere else? 4) Should we form a WG with given charter to work on this? Warm regards, Nancy & Tero (TEEP BoF Chairs) From: TEEP > on = behalf of Hannes Tschofenig > Date: Wednesday, July 19, 2017 at 5:56 AM To: "teep@ietf.org" > Subject: [Teep] Charter Text Here is the charter text we came up in the side-meeting today. ------ TEEP -- A Protocol for Dynamic Trusted Execution Environment Enablement Charter The Trusted Execution Environment (TEE) is a secure area of a processor. = The TEE provides security features, such as isolated execution, integrity of Trusted Applications along with confidentiality of their assets. In = general terms, the TEE offers an execution space that provides a higher level of security than a "rich" operating system and more functionality than a = secure element. For example, implementations of the TEE concept have been = developed by ARM, and Intel using the TrustZone and the SGX technology, = respectively. To programmatically install, update, and delete applications running in = the TEE, this protocol runs between a service running within the TEE, a = relay application or service access point on the device's network stack and a server-side infrastructure that interacts with and optionally maintains = the applications. Some tasks are security sensitive and the server side = requires information about the device characteristics in form of attestation and = the device-side may require information about the server. Privacy considerations have to be taken into account with authentication features and attestation. This working group aims to develop an application layer protocol = providing TEEs with the following functionality, * lifecycle management of trusted applications, and * security domain management. A security domain allows a service provider's applications to be = isolated so that one security domain cannot be influenced by another, unless it = exposes an API to allow it. The solution approach must take a wide range of TEE and relevant technologies into account and will focus on the use of public key cryptography. The group will produce the following deliverables. First, an = architecture document describing the involved entities, their relationships, = assumptions, the keying framework and relevant use cases. Second, a solution document that describes the above-described functionality. The choice of encoding format(s) will be decided in the working group. The group may document several attestation technologies considering the different hardware capabilities, performance, privacy and operational properties. The group will maintain a close relationship with the GlobalPlatform, Trusted Computing Group, and other relevant standards to ensure proper = use of existing TEE-relevant application layer interfaces. Milestones Dec 2017 Submit "TEEP Architecture" document as WG item. Feb 2018 Submit "TEEP Protocol" document as WG item. July 2018 Submit "TEEP Architecture" to the IESG for publication as = an Informational RFC. Feb 2019 Submit "TEEP Protocol" to the IESG for publication as a Proposed Standard. Additional calendar items: Nov 2017 IETF #100 Hackathon to work on TEEP protocol prototype implementations. Mar 2018 1st interoperability event (at IETF #101). Jul 2018 2nd interoperability event (at IETF #102). IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy = the information in any medium. Thank you. _______________________________________________ TEEP mailing list TEEP@ietf.org https://www.ietf.org/mailman/listinfo/teep =20 References: * Re: [Teep] Charter Text = "Nancy Cam-Winget (ncamwing)" * Re: [Teep] Charter Text = Petr Peterka * Re: [Teep] Charter Text = Lubna Dajani * Re: [Teep] Charter Text = Dapeng Liu * Re: [Teep] Charter Text = "zhoup@bjleisen.com" * Re: [Teep] Charter Text = "Nancy Cam-Winget (ncamwing)" * Re: [Teep] Charter Text = Jeremy O'Donoghue * Re: [Teep] Charter Text = "Wheeler, David M" * Re: [Teep] Charter Text = Jeremy O'Donoghue * Re: [Teep] Charter Text = Dave Thaler * Hide Navigation Bar = *=09 * Date =20 *=09 *=09 * Thread =20 *=09 v1.10.13.p1 | Report a Bug = | By Email =20 ------=_NextPart_000_0002_01D356EE.AA234640 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable Re: [Teep] Charter Text

Hello TEEP = members,

On behalf of = GlobalPlatform, I can confirm Jeremy=A1=AFs = analysis below with = one correction concerning the specification process.  = GlobalPlatform specifications are open for public = review before they are published.  During the = public review period, anyone can download and provide contributions to = the specifications.

The timeline from Public review of the = GlobalPlatform OTrP specifications is = expected = to be 1Q 2018.  = The active editors are = contributing to the work.

Let me reiterate that GlobalPlatform = is = creating an implementation = independent specification including compliance test to = verify interoperability of implementations.  = The creation of = an apparently = similar = specification in IETF = will cause market = fragmentation and interoperability challenges.  =

(T)Hank(s)

Hank = Chavers

Technical = Program Manager

GlobalPlatform

O: +1 = 972-315-8438

M: +1 = 469-450-2862

E: hank.chavers@globalplatform.org


Re: [Teep] Charter Text

Jeremy O'Donoghue = <jodonogh@qti.qualcomm.com> Mon, 30 October 2017 16:59 = UTCShow = header

It is a little difficult to be certain since = GlobalPlatform participation is organised by company, where IETF is = individual.

However, based on the GlobalPlatform TEE Spec Working = Group roster - this is the relevant e-mail reflector - I am aware of = participants who are also subscribed to the TEEP list (snapshot of both = lists at 16:21 UTC today) who are operating from e-mail addresses at the = following companies (same e-mail address in all = cases).


  *   Qualcomm (myself), ARM, = Interceed, Symantec, Solacia (under than name =A1=B0Hansol = Secure=A1=B1), Huawei, Oracle

Four of the five authors credited with OTrP draft 4 = are on the GlobalPlatform TEE Spec Working Group e-mail roster. The = fifth has just left his employer and left the GlobalPlatform roster = approximately three weeks ago.

I cannot speak directly on behalf of GlobalPlatform, = but as I wrote the document outlining the approach to be taken in = GlobalPlatform, I can share the following:

- The guiding objective is to be able to implement = both OTrP and TMF [1] (an existing GlobalPlatform remote management = specification) using a common TEE Remote Admin Service

- Where OTrP and TMF are aligned (which is true for = most cases) TMF applies unchanged. Where OTrP differs from TMF, align = behaviour as far as possible and document the = differences.

- Document OTrP requirements around the = =A1=B0Bootstrap Domain=A1=B1 (in TMF terminology this is a Security = Domain that is typically instantiated at device manufacture, and may = contain functionality that cannot be created using TMF = commands)

- The following set of work products to be = produced:

  - Modification to existing TMF specification to = support OTrP

  - Addition to the SC-RAM [2] specification to = accommodate and specify the OTrP agent

  - Write a new document detailing how JSON in = OTrP maps to ASN.1 command set defined in TMF

  - Write a new security layer document (if = required) to support OTrP

  - Write a configuration document for OTrP (this = is the precursor to compliance program as it defines the testable set of = functionality)

  - Write a new white paper describing OTrP and = TMF

The GlobalPlatform working groups are open only to = members. Published specifications are free to download, but reside = behind a =A1=B0click-through=A1=B1 license. GlobalPlatform is open in = the sense that anyone wishing to pay the appropriate membership fee can = participate.

Hope this helps. If more information is needed I = believe it would be most appropriate to reach out to GlobalPlatform = directly as I am speaking in a personal capacity here.

Jeremy

[1]: TMF - = https://globalplatform.org/specificationform.asp?fid=3D= 7866

[2] : SC-RAM - = https://globalplatform.org/specificationform.asp?fid=3D= 7706

On 30 Oct 2017, at 16:16, Dave Thaler = <dthaler@microsoft.com<mailto:dthaler@microsoft.com>= ;> wrote:

Do we know who from GlobalPlatform is participating in = IETF, and vice versa?

Is there a description of the work GlobalPlatform is = proposing to do related to OTrP?

Where can IETF participants find GP=A1=AFs discussion = of OTrP?  Is it an open or closed forum?

Thanks,

Dave

From: TEEP [mailto:teep-bounces@ietf.org] = On Behalf Of Jeremy O'Donoghue

Sent: Friday, September 22, 2017 8:01 = AM

To: Wheeler, David M = <david.m.wheeler@intel.com<mailto:david.m.wheeler@intel.co= m>>

Cc: Nancy Cam-Winget (ncamwing) = <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>;= teep@ietf.org<mailto:teep@ietf.org><= /P>

Subject: Re: [Teep] Charter Text

Hi Dave,

On 22 Sep 2017, at 15:26, Wheeler, David M = <david.m.wheeler@intel.com<mailto:david.m.wheeler@intel.co= m>> wrote:

I understand your perspective and concern (I think, = but would like to hear more). From Intel=A1=AFs side, we have some = issues with =A1=B0too close=A1=B1 relationship to GP, because GP=A1=AFs = definition of TEE security ties that security to trusted boot. I = understand that TZ, and even some of Intel=A1=AFs TEEs (Android Trusty = implementation) require a trusted secure boot in order to themselves be = secure, but Intel also has TEEs that are *completely separated* from = secure boot, and therefore do not require a secure booted platform to = retain security.

You are correct on this point. However, the GP notion = of =A1=B0trusted boot=A1=B1 allows quite a lot of wiggle room - the = essential requirement is that the mechanism whereby the TEE is = instantiated is bound to a secure root of trust on the SoC or on off-SoC = security processor. I don=A1=AFt know enough about SGX to be able to say = whether it could meet this definition.

Most actual implementations of GP TEEs are bound to = the ARM TZ architecture, so there may well be some bias to that in some = of the informative material around a GP TEE.

However, implementations of most of the specifications = e.g. the GP Internal Core API, Management Framework, OTrP etc. are not = bound to that security definition. Both TMF and the GP approach to OTrP = are explicitly designed to support management of non-GP = TEE.

I do recognise that being outside the GP Security = definition might pose commercial difficulties in such an = approach.


Too close a relationship to GP will create issues = around this definition. We need greater discussion around this, = otherwise, by definition it rejects certain Intel TEEs (SGX primarily) = and then Intel would consider this an implementation specific definition = aligned to TrustZone, and not a general TEE protocol.

My suspicion is that it also rejects ARM Cortex-M = Trustzone for similar reasons (which I think has some similarities to = SGX in its approach)


I think we need to talk more about this. I agree there = is a lot of good stuff in GP that we should leverage.

Are you open to changing some of these core = definitions, and working through the implications of those changes with = us? This will separate us somewhat form GP standards, I = think.

I think there is a need to have standards supporting = TEEs that are not rooted in a secure boot style root of trust, and = (ideally) for these to behave similarly from a developer and management = perspective to TEEs that have such a root.

I would have thought that the main effort in such a = case would be to define a system architecture, security requirements and = (eventually) a Protection Profile - this looks a long way from the = charter as currently proposed.

I would need to discuss further internally as to = whether that is an effort to which I would be able to = contribute.

Best regards

Jeremy


Very interested in your thoughts and = perspective.

Thanks,

Dave Wheeler

From: TEEP [mailto:teep-bounces@ietf.org] = On Behalf Of Jeremy O'Donoghue

Sent: Friday, September 22, 2017 1:00 = AM

To: Nancy Cam-Winget (ncamwing) = <ncamwing@cisco.com<mailto:ncamwing@cisco.com>><= /FONT>

Cc: teep@ietf.org<mailto:teep@ietf.org><= /P>

Subject: Re: [Teep] Charter Text

Qualcomm would like to ensure that the charter and = proposed deliverables are properly differentiated from work occurring in = GlobalPlatform based on the OTrP contribution which has been accepted as = a GlobalPlatform work item.

Since the proposed charter for teep includes a close = relationship with GlobalPlatform, Qualcomm suggests some alignment = between the organisations to ensure that there is a single, definitive, = set of standards defining OTrP as the best outcome for all = participants.

---

Jeremy = O=A1=AFDonoghue         &nbs= p;            = ;      email: jodonogh@qti.qualcomm.com<mailto:jodonogh@qti.qualcomm.co= m>

Engineer, = Principal/Manager         &n= bsp;        tel:   +44 1252 = 363189

NFC & Secure Software and = Systems




On 22 Sep 2017, at 05:49, Nancy Cam-Winget (ncamwing) = <ncamwing@cisco.com<mailto:ncamwing@cisco.com>> = wrote:

Thank you all for responding  and for = demonstrating there is good support to move this work = along.

It would be good to get discussions started on the = current drafts and milestones as well.

         &= nbsp;      Nancy

From: TEEP <teep-bounces@ietf.org<mailto:teep-bounces@ietf.org>= ;> on behalf of "zhoup@bjleisen.com<mailto:zhoup@bjleisen.com>"= ; <zhoup@bjleisen.com<mailto:zhoup@bjleisen.com>><= /FONT>

Date: Thursday, September 21, 2017 at 7:10 = PM

To: Dapeng Liu <maxpassion@gmail.com<mailto:maxpassion@gmail.com>&= gt;, Lubna Dajani <lubnadajani@gmail.com<mailto:lubnadajani@gmail.com>= ;>, "ppeterka@verimatrix.com<mailto:ppeterka@verimatrix.com>" <ppeterka@verimatrix.com<mailto:ppeterka@verimatrix.com>>, teep-bounces <teep-bounces@ietf.org<mailto:teep-bounces@ietf.org>= ;>, teep <teep@ietf.org<mailto:teep@ietf.org>>, = Mingliang Pei <Mingliang_Pei@symantec.com<mailto:Mingliang_Pei@symantec.= com>>, "Marc.Canel" <Marc.Canel@arm.com<mailto:Marc.Canel@arm.com>>,= Richard Parris <richard.parris@intercede.com<mailto:richard.parris@interc= ede.com>>, Rob Coombs <rob.coombs@arm.com<mailto:rob.coombs@arm.com>>,= "qingyang.meng" <qingyang.meng@beanpodtech.com<mailto:qingyang.meng@beanpo= dtech.com>>, Brian Witten <brian_witten@symantec.com<mailto:brian_witten@symantec.co= m>>, "henry.j.lee@samsung.com<mailto:henry.j.lee@samsung.com>" <henry.j.lee@samsung.com<mailto:henry.j.lee@samsung.com>>, Nick Cook <Nick.Cook@intercede.com<mailto:Nick.Cook@intercede.com>>, "Mike.M.Parsel@sprint.com<mailto:Mike.M.Parsel@sprint.com<= /A>>" <Mike.M.Parsel@sprint.com<mailto:Mike.M.Parsel@sprint.com<= /A>>>, Hannes Tschofenig <hannes.tschofenig@arm.com<mailto:hannes.tschofenig@arm.co= m>>, "zhijian.zhang" = <zhijian.zhang@beanpodtech.com<mailto:zhijian.zhang@beanpo= dtech.com>>, =CE=BA=C3=AF=BE=FC<maojun.wei@watchdata.com<mailto:maojun.wei@watchdata.com<= /A>>>, Dominique Bolignano = <dominique.bolignano@provenrun.com<mailto:dominique.bolign= ano@provenrun.com>>, "heekwan.lee@samsung.com<mailto:heekwan.lee@samsung.com>" <heekwan.lee@samsung.com<mailto:heekwan.lee@samsung.com>>, Mike Hendrick <mike.hendrick@seqlabs.com<mailto:mike.hendrick@seqlabs.co= m>>, XiaYubin <xiayubin@trustkernel.com<mailto:xiayubin@trustkernel.com<= /A>>>, "sangjin.park@hansol.com<mailto:sangjin.park@hansol.com>" <sangjin.park@hansol.com<mailto:sangjin.park@hansol.com>>, "Paczkowski, Lyle W [CTO]" = <lyle.w.paczkowski@sprint.com<mailto:lyle.w.paczkowski@spr= int.com>>, Pengcheng Zou <zoupc@thundersoft.com<mailto:zoupc@thundersoft.com>= ;>, "fmw@whty.com.cn<mailto:fmw@whty.com.cn>" = <fmw@whty.com.cn<mailto:fmw@whty.com.cn>>, = "philip.attfield" <philip.attfield@seqlabs.com<mailto:philip.attfield@seqlab= s.com>>, "Andrew.Atyeo" = <Andrew.Atyeo@intercede.com<mailto:Andrew.Atyeo@intercede.= com>>, paromix <paromix@sola-cia.com<mailto:paromix@sola-cia.com>&= gt;, ppeterkaa <ppeterkaa@verimatrix.com<mailto:ppeterkaa@verimatrix.com<= /A>>>, "max.ldp@alibaba-inc.com<mailto:max.ldp@alibaba-inc.com>" <max.ldp@alibaba-inc.com<mailto:max.ldp@alibaba-inc.com>>

Subject: Re: [Teep] Charter Text

hi,

 Beijing Laser Tech. support = it.thanks.

________________________________

=D6=DC=C5=F4

CEO

=B1=B1=BE=A9=C0=D7=C9=AD=BF=C6=BC=BC=B7=A2=D5=B9=D3=D0=CF=DE=B9=AB=CB=BE

Beijing Laser Technology Development = CO.,LTD

=B5=D8=D6=B7=A3=BA=CE=F7=D6=B1=C3=C5=B1=B1=B4=F3=BD=D6=BC=D743=BA=C5=BD=F0=D4=CB=B4=F3=CF=C37=B2=E3  =D3=CA=B1=E0100044

=CA=D6=BB=FA=A3=BA18910750012/15601105750/13911779990

=CD=F8=D6=B7=A3=BAwww.bjleisen.c<https://na01.safelinks.protection.outlook.com/?url=3Dhttp%3A%2F%= 2Fwww.opentsm.cn%2F&data=3D02%7C01%7Cdthaler%40microsoft.com%7Cb5effd332f= 214ff93f0e08d501caca62%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C63641= 6892865103785&sdata=3DQGZG4LJTJS0hN7R8hvne1U19a83LybyhnnbxQySBYNQ%3D&rese= rved=3D0>om

From: Dapeng Liu<mailto:maxpassion@gmail.com><= /FONT>

Date: 2017-09-13 00:49

To: Lubna Dajani<mailto:lubnadajani@gmail.com>= ;; ppeterka<mailto:ppeterka@verimatrix.com>; teep-bounces<mailto:teep-bounces@ietf.org>= ;; teep<mailto:teep@ietf.org>; Mingliang = Pei<mailto:Mingliang_Pei@symantec.= com>; Marc Canel<mailto:Marc.Canel@arm.com>; = richard.parris@intercede.com<mailto:richard.parris@interc= ede.com>; Rob Coombs<mailto:rob.coombs@arm.com>; = qingyang.meng<mailto:qingyang.meng@beanpo= dtech.com>; brian_witten<mailto:brian_witten@symantec.co= m>; henry.j.lee@samsung.com<mailto:henry.j.lee@samsung.com>; Nick Cook<mailto:Nick.Cook@intercede.com>; Mike.M.Parsel@sprint.com<mailto:Mike.M.Parsel@sprint.com<= /A>>; Hannes Tschofenig<mailto:hannes.tschofenig@arm.co= m>; zhijian.zhang<mailto:zhijian.zhang@beanpo= dtech.com>; zhoup<mailto:zhoup@bjleisen.com>; = maojun.wei<mailto:maojun.wei@watchdata.com<= /A>>; dominique.bolignano<mailto:dominique.bolign= ano@provenrun.com>; heekwan.lee@samsung.com<mailto:heekwan.lee@samsung.com>; mike.hendrick@seqlabs.com<mailto:mike.hendrick@seqlabs.co= m>; xiayubin<mailto:xiayubin@trustkernel.com<= /A>>; sangjin.park<mailto:sangjin.park@hansol.com>; lyle.w.paczkowski<mailto:lyle.w.paczkowski@spr= int.com>; Pengcheng Zou<mailto:zoupc@thundersoft.com>= ;; fmw<mailto:fmw@whty.com.cn>; = philip.attfield<mailto:philip.attfield@seqlab= s.com>; Andrew.Atyeo<mailto:Andrew.Atyeo@intercede.= com>; paromix<mailto:paromix@sola-cia.com>;= ppeterkaa<mailto:ppeterkaa@verimatrix.com<= /A>>; =B3=C9 =C5=F4<mailto:max.ldp@alibaba-inc.com>

Subject: re: [Teep] Charter Text

Hello Nancy,

Thanks!

Actually, there are lots of companies/experts are very = interested in the proposed TEEP work. But they may not familiar with = IETF process, I hope they would getting more active in the list after = the long

summer vacation:)

Note: I have copied to all the experts that are = interested in TEEP based on offline discussions.

To all the experts copied in this mail: Please = subscribe to TEEP email list first if you want to reply.   = Here is how to subscribe: https://www.ietf.org/mailman/listinfo/teep<https://n= a01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fwww.ietf.org%2F= mailman%2Flistinfo%2Fteep&data=3D02%7C01%7Cdthaler%40microsoft.com%7C= b5effd332f214ff93f0e08d501caca62%7C72f988bf86f141af91ab2d7cd011db47%7C1%7= C0%7C636416892865113798&sdata=3DfoGdN4f%2FHSWJzYRrxXq%2Fi5aXMZJgwLQi9= kcqu2cjN7M%3D&reserved=3D0>

Thanks,

Max

-------------------------------------------------------= -----------

From:Nancy Cam-Winget (ncamwing) = <ncamwing@cisco.com<mailto:ncamwing@cisco.com>><= /FONT>

Send Time:2017=C4=EA9=D4=C212=C8=D5(=D0=C7=C6=DA=B6=FE) = 23:50

To:Lubna Dajani <lubnadajani@gmail.com<mailto:lubnadajani@gmail.com>= ;>; Petr Peterka <ppeterka@verimatrix.com<mailto:ppeterka@verimatrix.com>>

Cc:teep@ietf.org<mailto:Cc%3Ateep@ietf.org> = <teep@ietf.org<mailto:teep@ietf.org>>

Subject:Re: [Teep] Charter Text

Thank you Lubna and Petr!

Would still like to hear from others and also solicit = feedback on the proposed charter text.

Warm regards,

         &= nbsp;      Nancy

From: Lubna Dajani <lubnadajani@gmail.com<mailto:lubnadajani@gmail.com>= ;>

Date: Tuesday, September 12, 2017 at 4:40 = AM

To: Petr Peterka <ppeterka@verimatrix.com<mailto:ppeterka@verimatrix.com>>

Cc: "ncamwing@cisco.com<mailto:ncamwing@cisco.com>"= ; <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>,= "teep@ietf.org<mailto:teep@ietf.org>" = <teep@ietf.org<mailto:teep@ietf.org>>

Subject: Re: [Teep] Charter Text

please allow me to echo Petr's = responses.

1. Yes

2. Yes

3. Yes

4. Yes

 I am personally very excited to see this WG form = and I look forward to actively contributing to the evolution of this = protocol as I have since the ideation stages of this protocol = =A1=AD

Thank you Nancy, Petr and everyone = here=A1=AD

Lubna

__________________________________________________

Lubna Dajani  I  Allternet = Ltd.

@lubnadajani

@futuristasORG

+ 1 201 982 = 0934<tel:(201)%20982-0934>


Confidentiality Notice: The information contained in = this email and any attachments is intended only for the recipient[s] = listed above and may be privileged and confidential. Any dissemination, = copying, or use of or reliance upon such information by or to anyone = other than the recipient[s] listed above is prohibited. If you have = received this message in error, please notify the sender immediately at = the email address above and destroy any and all copies of this = message.

Sent with Mixmax<https://na01.safelinks.protection.outlook.com= /?url=3Dhttps%3A%2F%2Fmixmax.com%2Fs%2FSjmasx74wNoX3uu2B%3Futm_source%3Dm= ixmax%26utm_medium%3Demail%26utm_campaign%3Dsignature_link%26utm_content%= 3Dsent_with_mixmax&data=3D02%7C01%7Cdthaler%40microsoft.com%7Cb5effd3= 32f214ff93f0e08d501caca62%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C63= 6416892865113798&sdata=3DolYrJvtu8yvXScwR5fcT8IPl03hxFWkNVOdvTamoB0o%= 3D&reserved=3D0>


On Thu, Jul 20, 2017 2:48 AM, Petr Peterka = ppeterka@verimatrix.com<mailto:ppeterka@verimatrix.com> wrote:

Hi Nancy

I think we had a very productive meeting yesterday. = Here are my answers to your questions:

1) Do you understand what TEEP is trying to = achieve?

ANSWER: Yes, I do. I=A1=AFd like to add that the = charter may re-emphasize that the proposed WG is not going to define the = TEE or the TAM service themselves but just the protocol between = them.

2) Is this work that should be done in = general?

ANSWER: Yes, it should since there are going to be = more and more trusted execution environments (lower case) especially = with the proliferation of IoT devices which will need more security than = what they have today.

3) Is this work that should be done in the IETF, or = does it belong to somewhere else?

ANSWER: Since we are trying to define a protocol that = is independent of the different TEE implementations, I believe that IETF = is the right home for it.

4) Should we form a WG with given charter to work on = this?

ANSWER: Yes, that is my = recommendation.

Thanks

          = Petr

 <x-msg://13/#m_4019887533134155472_this>

From: TEEP [mailto:teep-bounces@ietf.org<= ;mailto:teep-bounces@ietf.org>= ;] On Behalf Of Nancy Cam-Winget (ncamwing)

Sent: Thursday, July 20, 2017 11:13 = AM

To: teep@ietf.org<mailto:teep@ietf.org><= /P>

Subject: Re: [Teep] Charter Text

All,

Please provide feedback on the results of = yesterday=A1=AFs side meeting.  In particular, we=A1=AFd like to = get feedback on whether this the right scope and if we have captured it = appropriately. If it is not, also please comment and if possible, = provide suggestions for improvement.

We would like to continue discussion over email and = get consensus around the 2nd week of September so that we can have a = path forward.  In particular we would like to get answers = for:

1) Do you understand what TEEP is trying to = achieve?

2) Is this work that should be done in = general?

3) Is this work that should be done in the IETF, or = does it belong to somewhere else?

4) Should we form a WG with given charter to work on = this?

Warm regards,

    Nancy & Tero (TEEP BoF = Chairs)

From: TEEP <teep-bounces@ietf.org<mailto:teep-bounces@ietf.org>= ;> on behalf of Hannes Tschofenig <Hannes.Tschofenig@arm.com<mailto:Hannes.Tschofenig@arm.co= m>>

Date: Wednesday, July 19, 2017 at 5:56 = AM

To: "teep@ietf.org<mailto:teep@ietf.org>" = <teep@ietf.org<mailto:teep@ietf.org>>

Subject: [Teep] Charter Text

Here is the charter text we came up in the = side-meeting today.

------




TEEP -- A Protocol for Dynamic Trusted Execution = Environment Enablement Charter

The Trusted Execution Environment (TEE) is a secure = area of a processor. The TEE provides security features, such as = isolated execution, integrity of Trusted Applications along with = confidentiality of their assets. In general terms, the TEE offers an = execution space that provides a higher level of security than a = "rich" operating system and more functionality than a secure = element. For example, implementations of the TEE concept have been = developed by ARM, and Intel using the TrustZone and the SGX technology, = respectively.

To programmatically install, update, and delete = applications running in the TEE, this protocol runs between a service = running within the TEE, a relay application or service access point on = the device's network stack and a server-side infrastructure that = interacts with and optionally maintains the applications. Some tasks are = security sensitive and the server side requires information about the = device characteristics in form of attestation and the device-side may = require information about the server.

Privacy considerations have to be taken into account = with authentication features and attestation.

This working group aims to develop an application = layer protocol providing TEEs with the following = functionality,

* lifecycle management of trusted applications, = and

* security domain management.

A security domain allows a service provider's = applications to be isolated so that one security domain cannot be = influenced by another, unless it exposes an API to allow = it.

The solution approach must take a wide range of TEE = and relevant technologies into account and will focus on the use of = public key cryptography.

The group will produce the following deliverables. = First, an architecture document describing the involved entities, their = relationships, assumptions, the keying framework and relevant use cases. = Second, a solution document that describes the above-described = functionality. The choice of encoding format(s) will be decided in the = working group. The group may document several attestation technologies = considering the different hardware capabilities, performance, privacy = and operational properties.

The group will maintain a close relationship with the = GlobalPlatform, Trusted Computing Group,  and other relevant = standards to ensure proper use of existing TEE-relevant application = layer interfaces.

Milestones

Dec 2017     Submit "TEEP = Architecture" document as WG item.

Feb 2018     Submit "TEEP = Protocol" document as WG item.

July 2018     Submit "TEEP = Architecture" to the IESG for publication as an Informational = RFC.

Feb 2019     Submit "TEEP = Protocol" to the IESG for publication as a Proposed = Standard.

Additional calendar items:

Nov 2017     IETF #100 Hackathon = to work on TEEP protocol prototype implementations.

Mar 2018     1st interoperability = event (at IETF #101).

Jul 2018       2nd = interoperability event (at IETF #102).

IMPORTANT NOTICE: The contents of this email and any = attachments are confidential and may also be privileged. If you are not = the intended recipient, please notify the sender immediately and do not = disclose the contents to any other person, use it for any purpose, or = store or copy the information in any medium. Thank = you.




_______________________________________________<= /SPAN>

TEEP mailing list

TEEP@ietf.org<mailto:TEEP@ietf.org><= /P>

https://www.ietf.org/mailman/listinfo/teep<https://n= a01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fwww.ietf.org%2F= mailman%2Flistinfo%2Fteep&data=3D02%7C01%7Cdthaler%40microsoft.com%7C= b5effd332f214ff93f0e08d501caca62%7C72f988bf86f141af91ab2d7cd011db47%7C1%7= C0%7C636416892865113798&sdata=3DfoGdN4f%2FHSWJzYRrxXq%2Fi5aXMZJgwLQi9= kcqu2cjN7M%3D&reserved=3D0>

References:

·       Re: [Teep] = Charter Text
"Nancy Cam-Winget = (ncamwing)" <ncamwing@cisco.com>

·       Re: [Teep] = Charter Text
Petr Peterka = <ppeterka@verimatrix.com>

·       Re: [Teep] = Charter Text
Lubna Dajani = <lubnadajani@gmail.com>

·       Re: [Teep] = Charter Text
Dapeng Liu = <maxpassion@gmail.com>

·       Re: [Teep] = Charter Text
"zhoup@bjleisen.com" = <zhoup@bjleisen.com>

·       Re: [Teep] = Charter Text
"Nancy Cam-Winget = (ncamwing)" <ncamwing@cisco.com>

·       Re: [Teep] = Charter Text
Jeremy O'Donoghue = <jodonogh@qti.qualcomm.com>

·       Re: [Teep] = Charter Text
"Wheeler, David M" = <david.m.wheeler@intel.com>

·       Re: [Teep] = Charter Text
Jeremy O'Donoghue = <jodonogh@qti.qualcomm.com>

·       Re: [Teep] = Charter Text
Dave Thaler = <dthaler@microsoft.com>

·       Hide = Navigation Bar

·       =

·       Date

·      

·      

·       Thread

·      

v1.10.13.p1 | Report a Bug | By = Email

------=_NextPart_000_0002_01D356EE.AA234640-- From nobody Mon Nov 6 11:10:31 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 241A213FB73 for ; Mon, 6 Nov 2017 11:10:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.92 X-Spam-Level: X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eMPEtwxycuS0 for ; Mon, 6 Nov 2017 11:10:27 -0800 (PST) Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10082.outbound.protection.outlook.com [40.107.1.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A3F613FAEB for ; Mon, 6 Nov 2017 11:10:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Z8jAiuyUTnlTj3Wo7Fy3qKzG0aqXDlJbRNEV2OUOKOc=; b=q+/cAm6gYreuhakh+xwW2Y7DuCTgopLsRo9iiVwvXXwFx03hXl1rTJdAJ+Vt1CH78/Xg3N+fqxZQVjqZst5kDb8OtXZfHt6DNhYIyYTKEzvYMGxpOYGpve+oTVvDfppfGKt/XfMtQBHrVr0lq9pPAuTTQnfnxJQ/CZL/PnZahIU= Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) by AM4PR0801MB2708.eurprd08.prod.outlook.com (10.167.90.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 19:10:23 +0000 Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6]) by AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6%13]) with mapi id 15.20.0197.017; Mon, 6 Nov 2017 19:10:23 +0000 From: Hannes Tschofenig To: Dave Thaler , "teep@ietf.org" Thread-Topic: Transport Protocol Thread-Index: AdNTc/cpI1w7NN5kSdeI/9LBOiUlewDvg/0Q Date: Mon, 6 Nov 2017 19:10:23 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com; x-originating-ip: [80.92.116.199] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR0801MB2708; 6:NdkNv28/GRMIUn9Rw4Aahx5hNsCKMTatEIuwvhz1UVVG3e59w4G8W9yhw8VYJUcxgTc/1HvVrlGnswxjOL/FhzK35ny/cPaYslIdMSbB3J3Wsd6XqnQfHoCxDT2EmnrTdF8n1zBpdxTqR2n/d/eIk/NtOClllzkvbcGv9WfuZG839ez9yDeBa5nclewoNLjJv9gpjsBwpRgbruOjTr0f3YwNGG6wMgmiAHHJBR0i5W1HFP+Ft5OiTcwy1eVgKqe8jgoL1ArljpkI/9jPR6ZQyhSicyP1CtR4QQBthc2S8EVCN42Tt+Ct1a2klnN+CLmGnATUrlJzKhfROpx8K44aKiSK5nq0VHyzkt2Y7GcP730=; 5:YoJ6bEkWMLw8QsR++R4jW44n2t7pGKwF+TePWJDkF+FLGxvUonJSBB02t1R3QrI4F+8YH2yfDkaCgue/5Z38ns08hYAfPfmC2olmwXntQPYw50+BohMd0ZYwNEu0L2IFLUrpBnjTheedZRHHOB62G7tCNzlog/f7Ug51N23kL9M=; 24:CPqWv5+zVoWIOdzXn2mpBzVG6h3pEN/qMz+rMGIoHjtl1LX9hpSe3lEDPxZjCm/rG6pfY+KWxaFiBKxZwTBMzuBF7kOWnx4Lg23Ws+KG+9c=; 7:T6HxiJj1MW9ODzPQQL8Js8g8p8459k1vc0aCznWpqKCE1ebZGSea7ORrOwB+KULPSpNrccA8fu4/Yl662Ipm43ktOKGMDc37IaiqfPSq+d1LAI+7O8Lnwfg1By67n8xqfXVYCXzdcM9UgZO7T4hoYlUzghe6iRwE33iwVHUHS74zB60iFDQoRzHhUkqlqf24qbZLX6rCft04K+W2N8B5FCqnru4782w1/Um67QLVhIrBzkUekUver7jm8lWY0lmt x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: c48baa7c-d079-4efb-104b-08d5254a0839 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603249); SRVR:AM4PR0801MB2708; x-ms-traffictypediagnostic: AM4PR0801MB2708: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155)(17755550239193); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231021)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(20161123555025)(20161123558100)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM4PR0801MB2708; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM4PR0801MB2708; x-forefront-prvs: 048396AFA0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(40434004)(189002)(199003)(3905003)(3846002)(3280700002)(2950100002)(25786009)(33656002)(74316002)(7696004)(5660300001)(221733001)(101416001)(7116003)(102836003)(50986999)(76176999)(54356999)(7736002)(105586002)(6506006)(6246003)(8666007)(6116002)(790700001)(106356001)(189998001)(54896002)(6436002)(53936002)(6306002)(236005)(9686003)(55016002)(2421001)(3660700001)(8936002)(8676002)(81156014)(81166006)(2906002)(68736007)(229853002)(9326002)(2561002)(86362001)(3480700004)(14454004)(606006)(97736004)(478600001)(5890100001)(5250100002)(966005)(2501003)(99286004)(2900100001)(316002)(66066001)(1511001)(110136005)(72206003)(53546010)(15398625002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0801MB2708; H:AM4PR0801MB2706.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_AM4PR0801MB2706D4D79784EB67AB8447EDFA500AM4PR0801MB2706_" MIME-Version: 1.0 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-Network-Message-Id: c48baa7c-d079-4efb-104b-08d5254a0839 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2017 19:10:23.7620 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB2708 Archived-At: Subject: Re: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 19:10:30 -0000 --_000_AM4PR0801MB2706D4D79784EB67AB8447EDFA500AM4PR0801MB2706_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Dave, This is an interesting question. For the main use case where the a software= update in a TEE on a mobile device is provided I believe it is fair to say= that the protocol we are talking about here is HTTPS. As you know, there h= ave been other use cases described by Dapeng in https://tools.ietf.org/html= /draft-liu-opentrustprotocol-usecase-01, which may require other protocols.= If I have standardize and mandate at least one protocol then I would pick = HTTPS here. Ciao Hannes From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler Sent: 02 November 2017 01:52 To: teep@ietf.org Subject: [Teep] Transport Protocol As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. Section 1: > This specification defines message payloads exchanged between devices > and a TSM but does not mandate a specific transport. Section 5: > The communication method of OTrP Messages between a TSM and TEE in a > device is left to TSM providers for maximal interoperability. I disagree, the lack of any spec for a transport results in lack of maximal= interoperability. The TSM and the TEE may be from different vendors as the draft nicely expla= ins earlier. So bindings to one or more transport protocol (the thing that carries the J= SON messages inside it) must be standardized. Otherwise, in my view there's little value in standardizing the payload for= mats. Such a transport protocol binding might be in the same spec or in a differe= nt spec, but either way I think specifying at least one is mandatory. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' > Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you. --_000_AM4PR0801MB2706D4D79784EB67AB8447EDFA500AM4PR0801MB2706_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Dave,

 

This is an interesting= question. For the main use case where the a software update in a TEE on a = mobile device is provided I believe it is fair to say that the protocol we = are talking about here is HTTPS. As you know, there have been other use cases described by Dapeng in https://t= ools.ietf.org/html/draft-liu-opentrustprotocol-usecase-01, which may requir= e other protocols. If I have standardize and mandate at least one protocol = then I would pick HTTPS here.

 

Ciao
Hannes

 

From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler
Sent: 02 November 2017 01:52
To: teep@ietf.org
Subject: [Teep] Transport Protocol

 

As promised when I posted my re= view, I am starting several email threads for discussions on specific techn= ical topics.

This is one of them.=

 

Section 1:
&= gt; This specification defines message payloads exchanged between devices

> and a TSM but does not mandate a specific transport.=

 

Section 5:
&= gt; The communication method of OTrP Messages between a TSM and TEE in a

> device is left to TSM providers for maximal interoperab= ility. 

 

I disagree, the lack of any spe= c for a transport results in lack of maximal interoperability. 

The TSM and the TEE may be from= different vendors as the draft nicely explains earlier. 

So bindings to one or more tran= sport protocol (the thing that carries the JSON messages inside it) must be= standardized.

Otherwise, in my view thereR= 17;s little value in standardizing the payload formats.

 

Such a transport protocol bindi= ng might be in the same spec or in a different spec, but either way
I think specifying at least one is mandatory.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.o= rg>
Subject: Review of draft-pei-opentrustprotocol-04<= /p>

 

I’ve finally made it thro= ugh a detailed review of draft-pei-opentrustprotocol-04 and my marked up co= py is at

https://www.microsoft.com/en-us/research/wp-content/uploads/2017/0= 5/draft-pei-opentrustprotocol-04.pdf

&n= bsp;

I have = lots of editorial fixes throughout, and a number of technical comments/ques= tions/issues.

&n= bsp;

I’= ;ll start separate email threads for some of them over the next several day= s.

&n= bsp;

Dave

IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in any medium. Thank you. --_000_AM4PR0801MB2706D4D79784EB67AB8447EDFA500AM4PR0801MB2706_-- From nobody Mon Nov 6 11:11:57 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 841AC13FB73 for ; Mon, 6 Nov 2017 11:11:55 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.92 X-Spam-Level: X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y_PxhGjth-AT for ; Mon, 6 Nov 2017 11:11:54 -0800 (PST) Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10059.outbound.protection.outlook.com [40.107.1.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49D5013FAEB for ; Mon, 6 Nov 2017 11:11:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=qHKfwMr1kbW4N9BbMUMNG05Z0AbAObLbH2BYaGa/klM=; b=fOclQEHWQi0I1T9mRxIH89W7iLI51kap/9dpBwpKq+htbDZHK21uebQOw+zFDrvcy46vxQVcCtB/r64c2iozXVuszAu6/SDdgjvhbD6FKTgKKGR/L7TLO6ve6AJDpRpmX8Mmzuk2ycFMt05S73cYhn81+x+DD+eKNDDjJUQ5UQk= Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) by AM4PR0801MB2708.eurprd08.prod.outlook.com (10.167.90.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 19:11:50 +0000 Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6]) by AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6%13]) with mapi id 15.20.0197.017; Mon, 6 Nov 2017 19:11:50 +0000 From: Hannes Tschofenig To: Dave Thaler , "teep@ietf.org" Thread-Topic: APIs Thread-Index: AdNTdlAJsBLWo7dNQWGrqlk2K6ELrwDvJyDw Date: Mon, 6 Nov 2017 19:11:50 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com; x-originating-ip: [80.92.116.199] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR0801MB2708; 6:QzDMHtKFzr71WIzb1QPBNNjLPh4/v4Y1/kYnImTedPeMeKtBZmThmkAn4/QVCcFueWFbiltuSgmKYcZatckMO0z9KKmdOIWiaCXuU6iwB6VxwcETQ5NxvjlK0bZvW8ZlSSGwpF4KNUEuRd2QQWzfZ6uz7D7PaNneRcPPIkaRWb63pbLI1vMBc1Ub8TJbwbzleV4NyfoAzU00p8QAaxMuSivdj1P93XJMIno3VvuW707w/XPDtui5TzLGcH3IL6wN9qgFVDpdJLairyG8y06Z8SWy14oEgvREd6fDPYutSdPln+tJurQdtLbzIisejRrNT51HunaNgm4KU7IuofhFgjIhTxvlF/VAjKJrcGV2h/c=; 5:yiPyxqWjKMYLdMYzAXN+RtZoNnih5suYnWl1B61IngwIWTezOgUef7Rc2TGw1hyEdcb9MCtd5QTwbYGGtERZQyo0ujvXtU578sGdgvVHh33eUXHJPSCu6dOLuB9ZBcOJklKB3gaMZGEj9ne+QBdkPo5gf3RGhJS39Mp75XwU1Ew=; 24:6nMTXhu1WiR1Sg1E1uqeStQ4FBlklNYW8ZNkc6yCt+qdSdOkKLRUM/egjkn6KZjMaK0IoLfwB+ijLG9e+wCDRuVKGxq/Hftb2+BqcYjUVk0=; 7:dUdJmlug50MDMTQcqFjLM6dO/UeCFGE3eDQYJmu60Dyt9GUx/Uvh2daulPs8oTEM/QVwS1860P7pnEmbqhaG3MbbVTVv0xr2j0GDWq6T8eRuQHR7JcGuZljLjNtqel+5pmhur20kYuIQlUxto7imWwl+09hhtyIfKUWrXdW0Tiw3J5JdGFUkt4eGAUX4bOCnH+2P4Upo/ebAoVxFXkjG7XUHT4hQXRn8AdbQuBX8XzJrVstKX9OUcE/GXs9DwN1J x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: d3b41b6e-a720-4518-ba43-08d5254a3bca x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603249); SRVR:AM4PR0801MB2708; x-ms-traffictypediagnostic: AM4PR0801MB2708: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231021)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(20161123555025)(20161123558100)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM4PR0801MB2708; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM4PR0801MB2708; x-forefront-prvs: 048396AFA0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(40434004)(189002)(199003)(3905003)(3846002)(3280700002)(2950100002)(25786009)(33656002)(74316002)(7696004)(5660300001)(221733001)(101416001)(7116003)(102836003)(50986999)(76176999)(54356999)(7736002)(105586002)(6506006)(6246003)(8666007)(6116002)(790700001)(106356001)(189998001)(54896002)(6436002)(53936002)(6306002)(236005)(9686003)(55016002)(2421001)(3660700001)(8936002)(8676002)(81156014)(81166006)(2906002)(68736007)(229853002)(9326002)(2561002)(86362001)(3480700004)(14454004)(606006)(97736004)(478600001)(5890100001)(5250100002)(966005)(2501003)(99286004)(2900100001)(316002)(66066001)(1511001)(110136005)(72206003)(53546010)(15398625002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0801MB2708; H:AM4PR0801MB2706.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_AM4PR0801MB2706513BB288066DAB2B1F3BFA500AM4PR0801MB2706_" MIME-Version: 1.0 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-Network-Message-Id: d3b41b6e-a720-4518-ba43-08d5254a3bca X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2017 19:11:50.3117 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB2708 Archived-At: Subject: Re: [Teep] APIs X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 19:11:55 -0000 --_000_AM4PR0801MB2706513BB288066DAB2B1F3BFA500AM4PR0801MB2706_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Dave, I agree with you that the standardization work should not define APIs and s= hould instead re-use existing APIs as much as possible. Ciao Hannes From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler Sent: 02 November 2017 02:06 To: teep@ietf.org Subject: [Teep] APIs As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. Currently the document specifies both a protocol and an API. The IETF tod= ay does not really do concrete APIs (i.e., APIs in specific programming languages), just abstract APIs. Other orgs o= wn concrete APIs, like W3C does JavaScript, the POSIX standard covers C, etc. GlobalPlatform does do concrete APIs, s= o one potential way forward would be to *concrete* API portion out of the draft, let GlobalPlatform do that, and ke= ep the protocol and an *abstract* API in the IETF. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' > Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you. --_000_AM4PR0801MB2706513BB288066DAB2B1F3BFA500AM4PR0801MB2706_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Dave,

 

I agree with you that = the standardization work should not define APIs and should instead re-use e= xisting APIs as much as possible.

 

Ciao
Hannes

 

From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler
Sent: 02 November 2017 02:06
To: teep@ietf.org
Subject: [Teep] APIs

 

As promised when I posted my re= view, I am starting several email threads for discussions on specific techn= ical topics.

This is one of them.=

 

Currently the document specifie= s both a protocol and an API.   The IETF today does not really do= concrete APIs (i.e.,

APIs in specific programming la= nguages), just abstract APIs.   Other orgs own concrete APIs, lik= e W3C does JavaScript,

the POSIX standard covers C, et= c.   GlobalPlatform does do concrete APIs, so one potential way f= orward would be to

*concrete* API portion o= ut of the draft, let GlobalPlatform do that, and keep the protocol and an *= abstract* API in the IETF.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.o= rg>
Subject: Review of draft-pei-opentrustprotocol-04<= /p>

 

I’ve finally made it thro= ugh a detailed review of draft-pei-opentrustprotocol-04 and my marked up co= py is at

https://www.microsoft.com/en-us/research/wp-content/uploads/2017/0= 5/draft-pei-opentrustprotocol-04.pdf

&n= bsp;

I have = lots of editorial fixes throughout, and a number of technical comments/ques= tions/issues.

&n= bsp;

I’= ;ll start separate email threads for some of them over the next several day= s.

&n= bsp;

Dave

IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in any medium. Thank you. --_000_AM4PR0801MB2706513BB288066DAB2B1F3BFA500AM4PR0801MB2706_-- From nobody Mon Nov 6 11:16:53 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E46AB13FAEB for ; Mon, 6 Nov 2017 11:16:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.92 X-Spam-Level: X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OYcjxlkPZSoh for ; Mon, 6 Nov 2017 11:16:49 -0800 (PST) Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0045.outbound.protection.outlook.com [104.47.0.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 442CE13FAD9 for ; Mon, 6 Nov 2017 11:16:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=VRk23lvAa7pngXMICBj0uFV56WVQ3xFBfWvGcdIGlRM=; b=kofDZqmDQ520/CvcwuS1FkXdwR8TKH1J8TXcAiyYCKT1A9c4hefXCij5V/CfMfUbutwU3gSoYv5tYgL05gSI8AuufreossEcmAMh5HSHM5d7VVWnrChwIjdkcvq3xXptlbhdy7V1MXFq/urdZHiqiTBZn6hiNcgCiOFdIfW8+ek= Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) by AM4PR0801MB2708.eurprd08.prod.outlook.com (10.167.90.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 19:16:45 +0000 Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6]) by AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6%13]) with mapi id 15.20.0197.017; Mon, 6 Nov 2017 19:16:45 +0000 From: Hannes Tschofenig To: Dave Thaler , "teep@ietf.org" Thread-Topic: [Teep] Multiple SPs under the same TSM Thread-Index: AdNTdbvYAf9fRhxaT3i374boYhrPxQDvWVgw Date: Mon, 6 Nov 2017 19:16:45 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com; x-originating-ip: [80.92.116.199] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR0801MB2708; 6:hlRK/W8zGjipR19edqRWnZKyFWyjYBU4tukrTefi/uMwDpkGaqL4BHJhIZCO3z55uvaV+CNWHjiHpzbRalPjpJmU47gj08xn+KMw1mYdeSDAhjq7zEqpZno9+oDos4YZ4Dv9WnblCEOvJggt97ZYvMTUgzUnPgzf/hmfjJhLFR1A8+oFaTLiLGt3HhHQM3p84t+dd7oUyA672IIJWTCu9YFr8EwpWAhLwqm4QX2+WTNIEQkoNrgbn9t+88qpeZcc7cjisJwGPvqL7+7YhTIzvys6varVCaZpty0xWlX1LRFirMWP/M/UMaxFuPbw0RYQHUOY193rfaGB/vswM94WZube323WDxl4oBRBcYAi9bg=; 5:DWh8vVyNMfqCeMf64Wkq0Ol5L1lFC5uhh6MTP7LCSHqQTbQ4025vThD0jTICy4flpXK0YawN7XfS8ys/0MFfQLaFouYOthEhswHmcvBFVbglPRZe7ONuWmIhR0xGYhJS8XPOJj6ZPi+xQ/2N4MYvoz7BA4lacZoOq/d3b/5cZ6k=; 24:xOsVP3vkyZmFCb9t2eVNSDONsw4IRfN9FMTd3bwnxlqyYMM7BCZKsNXyfxn5USAli3a3eQJ6Jfz3hZy3/N52ZEakirF5KPkUOwl5kGqbDIQ=; 7:90zp+VAw0tV8g3J1xcLXK18LPbF5x6d4dNrgYd4UoLL2JZX8nv/0AmRVx9mpA/u51CIBvA3ZXOZgoJ+vr4ZVroAJQUAMf9k9Yb4DhEnWS0aUOjSyXpI+mhXOhHLL9b2zHLQauP1nry1fvTT0p/gKYoefcazXJFE8PWQVRW512lOPytVwDeWlF/HwPepAH5jqm0ErndcXH9ukLaxoRYRuR1o4oRFG6uv2/PL1Du+m1lwroMDqtZkZwHJ7wBZtg1FO x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 3f76b544-3c5f-4880-c2d1-08d5254aebe1 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603249); SRVR:AM4PR0801MB2708; x-ms-traffictypediagnostic: AM4PR0801MB2708: x-exchange-antispam-report-test: UriScan:(43050042349365)(192374486261705)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231021)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(20161123555025)(20161123558100)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM4PR0801MB2708; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM4PR0801MB2708; x-forefront-prvs: 048396AFA0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(346002)(376002)(40434004)(189002)(199003)(3905003)(3846002)(3280700002)(2950100002)(25786009)(33656002)(74316002)(7696004)(5660300001)(101416001)(102836003)(50986999)(76176999)(54356999)(7736002)(105586002)(6506006)(6246003)(8666007)(6116002)(790700001)(106356001)(189998001)(54896002)(6436002)(53936002)(6306002)(236005)(9686003)(55016002)(2421001)(3660700001)(8936002)(8676002)(81156014)(81166006)(2906002)(68736007)(229853002)(9326002)(2561002)(86362001)(14454004)(606006)(97736004)(478600001)(5890100001)(5250100002)(966005)(2501003)(99286004)(2900100001)(316002)(66066001)(1511001)(110136005)(72206003)(53546010)(15398625002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0801MB2708; H:AM4PR0801MB2706.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_AM4PR0801MB2706825C9EF145E71C59F337FA500AM4PR0801MB2706_" MIME-Version: 1.0 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3f76b544-3c5f-4880-c2d1-08d5254aebe1 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2017 19:16:45.7573 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB2708 Archived-At: Subject: Re: [Teep] Multiple SPs under the same TSM X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 19:16:52 -0000 --_000_AM4PR0801MB2706825C9EF145E71C59F337FA500AM4PR0801MB2706_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Dave, This is a clarifying question. Maybe there is fuzzy wording in there but I = am wondering whether you are talking an SP developing multiple TAs and a TA= belonging to a single security domain, as described in this entity relatio= nship diagram: https://www.ietf.org/mail-archive/web/teep/current/png9JvwvLJCdH.png Ciao Hannes From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler Sent: 02 November 2017 02:02 To: teep@ietf.org Subject: [Teep] Multiple SPs under the same TSM As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. The draft talks about multiple Service Providers (SP) under the same Trust = Service Manager (TSM), and then specifies a bunch of extra complexity to deal with that case. But it neve= r motivates why such a case is important. Why is the extra complexity needed? Wouldn't it be simpler to just say the= re's one TSM per SP? If there's a real-world scenario that requires the extra complexity, what i= s it? (And the draft should be updated with motivation) Alternatively, it would simplify the protocol to remove = the extra complexity. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' > Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you. --_000_AM4PR0801MB2706825C9EF145E71C59F337FA500AM4PR0801MB2706_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Dave,

 

This is a clarifying q= uestion. Maybe there is fuzzy wording in there but I am wondering whether y= ou are talking an SP developing multiple TAs and a TA belonging to a single= security domain, as described in this entity relationship diagram:

https://www.ietf= .org/mail-archive/web/teep/current/png9JvwvLJCdH.png<= /p>

 

Ciao
Hannes

 

 

From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler
Sent: 02 November 2017 02:02
To: teep@ietf.org
Subject: [Teep] Multiple SPs under the same TSM

 

As promised when I posted my re= view, I am starting several email threads for discussions on specific techn= ical topics.

This is one of them.=

 

The draft talks about multiple = Service Providers (SP) under the same Trust Service Manager (TSM), and then=
specifies a bunch of extra complexity to deal with that case.   B= ut it never motivates why such a case is important.

Why is the extra complexity nee= ded?  Wouldn’t it be simpler to just say there’s one TSM p= er SP?

 

If there’s a real-world s= cenario that requires the extra complexity, what is it?   (And th= e draft should be updated

with motivation)   Al= ternatively, it would simplify the protocol to remove the extra complexity.=

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.o= rg>
Subject: Review of draft-pei-opentrustprotocol-04<= /p>

 

I’ve finally made it thro= ugh a detailed review of draft-pei-opentrustprotocol-04 and my marked up co= py is at

https://www.microsoft.com/en-us/research/wp-content/uploads/2017/0= 5/draft-pei-opentrustprotocol-04.pdf

&n= bsp;

I have = lots of editorial fixes throughout, and a number of technical comments/ques= tions/issues.

&n= bsp;

I’= ;ll start separate email threads for some of them over the next several day= s.

&n= bsp;

Dave

IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in any medium. Thank you. --_000_AM4PR0801MB2706825C9EF145E71C59F337FA500AM4PR0801MB2706_-- From nobody Mon Nov 6 11:17:39 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB36C13FBAF for ; Mon, 6 Nov 2017 11:17:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.52 X-Spam-Level: X-Spam-Status: No, score=-14.52 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k-HM_P3NDpaQ for ; Mon, 6 Nov 2017 11:17:36 -0800 (PST) Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA6AF13FAEB for ; Mon, 6 Nov 2017 11:17:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=17440; q=dns/txt; s=iport; t=1509995855; x=1511205455; h=from:to:subject:date:message-id:mime-version; bh=d8bievMPeMHior1Al96gsJsLay5qSzRqZQcNK7VF7G8=; b=EX4iQlxPEvWoPfZeRy+Zs/sItXAubB790xa1YrETrUX72IMihlnTl8i+ Z7KONZtkhbp6OjhFRyCxZKKdpvsQUYuG40/jEDeQaswObpDLh2Mco4MIK DJvOhTMEFmFbGf+57cOK8tFGDLDp7QZt6CL9qF0qxMvfqedV868t9Ma6M s=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AWAQDaswBa/4wNJK1dGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgkRCAixkbicHg3aKH45sMYFWJpEAhUYQggEKJYFcgzoCGoROPxg?= =?us-ascii?q?BAQEBAQEBAQFrKIUeAQEDAQEjRAkODQEIEQMBAQEoAwIEMBQJCgQBEohlWlwIE?= =?us-ascii?q?KsBgicmimgBAQEBAQEBAQEBAQEBAQEBAQEBAQEYBYMugTVSgkB8KQuCdoJQggU?= =?us-ascii?q?JARIBJhAJFgKCXTCCMgWLJo1giQgCh2SHTYVJghUdhWaLHIotgjSJCAIRGQGBO?= =?us-ascii?q?AEfOEJBaXoVdgGCNgmEVncBiUCBJIERAQEB?= X-IronPort-AV: E=Sophos;i="5.44,353,1505779200"; d="scan'208,217";a="306765764" Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 06 Nov 2017 19:17:34 +0000 Received: from XCH-RTP-012.cisco.com (xch-rtp-012.cisco.com [64.101.220.152]) by alln-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id vA6JHYTZ019746 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 6 Nov 2017 19:17:34 GMT Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-012.cisco.com (64.101.220.152) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 6 Nov 2017 14:17:34 -0500 Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1320.000; Mon, 6 Nov 2017 14:17:34 -0500 From: "Nancy Cam-Winget (ncamwing)" To: Hannes Tschofenig , Dave Thaler , "teep@ietf.org" Thread-Topic: [Teep] Transport Protocol Thread-Index: AQHTVzPm2el1JuIrVEiuR1NZo1Z+yA== Date: Mon, 6 Nov 2017 19:17:33 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/f.1a.0.160910 x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.155.86.54] Content-Type: multipart/alternative; boundary="_000_F61B8C2BF1B8486592A0569523D52F0Aciscocom_" MIME-Version: 1.0 Archived-At: Subject: Re: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 19:17:38 -0000 --_000_F61B8C2BF1B8486592A0569523D52F0Aciscocom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGksDQpJIHRoaW5rIGl0IGlzIE9LIHRvIGRlZmluZSBtb3JlIHRoYW4gb25lIGFwcGxpY2FibGUg dHJhbnNwb3J0LCBkb2VzIGl0IG1ha2Ugc2Vuc2UgdG8gbWFuZGF0ZSBvbmUgdGhvdWdoPyAgSWYg dGhpcyBpcyB0byBiZSB1c2VkIGluIElvVCB1c2UgY2FzZXMsIHRoZXkgbWF5IHByZWZlciBDb0FQ Pw0KDQogICAgICAgICAgICAgICAgTmFuY3kNCg0KRnJvbTogVEVFUCA8dGVlcC1ib3VuY2VzQGll dGYub3JnPiBvbiBiZWhhbGYgb2YgSGFubmVzIFRzY2hvZmVuaWcgPEhhbm5lcy5Uc2Nob2Zlbmln QGFybS5jb20+DQpEYXRlOiBNb25kYXksIE5vdmVtYmVyIDYsIDIwMTcgYXQgMTE6MTAgQU0NClRv OiBEYXZlIFRoYWxlciA8ZHRoYWxlckBtaWNyb3NvZnQuY29tPiwgInRlZXBAaWV0Zi5vcmciIDx0 ZWVwQGlldGYub3JnPg0KU3ViamVjdDogUmU6IFtUZWVwXSBUcmFuc3BvcnQgUHJvdG9jb2wNCg0K SGkgRGF2ZSwNCg0KVGhpcyBpcyBhbiBpbnRlcmVzdGluZyBxdWVzdGlvbi4gRm9yIHRoZSBtYWlu IHVzZSBjYXNlIHdoZXJlIHRoZSBhIHNvZnR3YXJlIHVwZGF0ZSBpbiBhIFRFRSBvbiBhIG1vYmls ZSBkZXZpY2UgaXMgcHJvdmlkZWQgSSBiZWxpZXZlIGl0IGlzIGZhaXIgdG8gc2F5IHRoYXQgdGhl IHByb3RvY29sIHdlIGFyZSB0YWxraW5nIGFib3V0IGhlcmUgaXMgSFRUUFMuIEFzIHlvdSBrbm93 LCB0aGVyZSBoYXZlIGJlZW4gb3RoZXIgdXNlIGNhc2VzIGRlc2NyaWJlZCBieSBEYXBlbmcgaW4g aHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2RyYWZ0LWxpdS1vcGVudHJ1c3Rwcm90b2NvbC11 c2VjYXNlLTAxLCB3aGljaCBtYXkgcmVxdWlyZSBvdGhlciBwcm90b2NvbHMuIElmIEkgaGF2ZSBz dGFuZGFyZGl6ZSBhbmQgbWFuZGF0ZSBhdCBsZWFzdCBvbmUgcHJvdG9jb2wgdGhlbiBJIHdvdWxk IHBpY2sgSFRUUFMgaGVyZS4NCg0KQ2lhbw0KSGFubmVzDQoNCkZyb206IFRFRVAgW21haWx0bzp0 ZWVwLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFsZiBPZiBEYXZlIFRoYWxlcg0KU2VudDogMDIg Tm92ZW1iZXIgMjAxNyAwMTo1Mg0KVG86IHRlZXBAaWV0Zi5vcmcNClN1YmplY3Q6IFtUZWVwXSBU cmFuc3BvcnQgUHJvdG9jb2wNCg0KQXMgcHJvbWlzZWQgd2hlbiBJIHBvc3RlZCBteSByZXZpZXcs IEkgYW0gc3RhcnRpbmcgc2V2ZXJhbCBlbWFpbCB0aHJlYWRzIGZvciBkaXNjdXNzaW9ucyBvbiBz cGVjaWZpYyB0ZWNobmljYWwgdG9waWNzLg0KVGhpcyBpcyBvbmUgb2YgdGhlbS4NCg0KDQpTZWN0 aW9uIDE6DQo+IFRoaXMgc3BlY2lmaWNhdGlvbiBkZWZpbmVzIG1lc3NhZ2UgcGF5bG9hZHMgZXhj aGFuZ2VkIGJldHdlZW4gZGV2aWNlcw0KDQo+IGFuZCBhIFRTTSBidXQgZG9lcyBub3QgbWFuZGF0 ZSBhIHNwZWNpZmljIHRyYW5zcG9ydC4NCg0KDQpTZWN0aW9uIDU6DQo+IFRoZSBjb21tdW5pY2F0 aW9uIG1ldGhvZCBvZiBPVHJQIE1lc3NhZ2VzIGJldHdlZW4gYSBUU00gYW5kIFRFRSBpbiBhDQo+ IGRldmljZSBpcyBsZWZ0IHRvIFRTTSBwcm92aWRlcnMgZm9yIG1heGltYWwgaW50ZXJvcGVyYWJp bGl0eS4NCg0KSSBkaXNhZ3JlZSwgdGhlIGxhY2sgb2YgYW55IHNwZWMgZm9yIGEgdHJhbnNwb3J0 IHJlc3VsdHMgaW4gbGFjayBvZiBtYXhpbWFsIGludGVyb3BlcmFiaWxpdHkuDQpUaGUgVFNNIGFu ZCB0aGUgVEVFIG1heSBiZSBmcm9tIGRpZmZlcmVudCB2ZW5kb3JzIGFzIHRoZSBkcmFmdCBuaWNl bHkgZXhwbGFpbnMgZWFybGllci4NClNvIGJpbmRpbmdzIHRvIG9uZSBvciBtb3JlIHRyYW5zcG9y dCBwcm90b2NvbCAodGhlIHRoaW5nIHRoYXQgY2FycmllcyB0aGUgSlNPTiBtZXNzYWdlcyBpbnNp ZGUgaXQpIG11c3QgYmUgc3RhbmRhcmRpemVkLg0KT3RoZXJ3aXNlLCBpbiBteSB2aWV3IHRoZXJl 4oCZcyBsaXR0bGUgdmFsdWUgaW4gc3RhbmRhcmRpemluZyB0aGUgcGF5bG9hZCBmb3JtYXRzLg0K DQpTdWNoIGEgdHJhbnNwb3J0IHByb3RvY29sIGJpbmRpbmcgbWlnaHQgYmUgaW4gdGhlIHNhbWUg c3BlYyBvciBpbiBhIGRpZmZlcmVudCBzcGVjLCBidXQgZWl0aGVyIHdheQ0KSSB0aGluayBzcGVj aWZ5aW5nIGF0IGxlYXN0IG9uZSBpcyBtYW5kYXRvcnkuDQoNCkRhdmUNCg0KRnJvbTogRGF2ZSBU aGFsZXINClNlbnQ6IFNhdHVyZGF5LCBTZXB0ZW1iZXIgMjMsIDIwMTcgMTI6MjQgUE0NClRvOiAn dGVlcEBpZXRmLm9yZycgPHRlZXBAaWV0Zi5vcmc8bWFpbHRvOnRlZXBAaWV0Zi5vcmc+Pg0KU3Vi amVjdDogUmV2aWV3IG9mIGRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0wNA0KDQpJ4oCZdmUg ZmluYWxseSBtYWRlIGl0IHRocm91Z2ggYSBkZXRhaWxlZCByZXZpZXcgb2YgZHJhZnQtcGVpLW9w ZW50cnVzdHByb3RvY29sLTA0IGFuZCBteSBtYXJrZWQgdXAgY29weSBpcyBhdA0KaHR0cHM6Ly93 d3cubWljcm9zb2Z0LmNvbS9lbi11cy9yZXNlYXJjaC93cC1jb250ZW50L3VwbG9hZHMvMjAxNy8w NS9kcmFmdC1wZWktb3BlbnRydXN0cHJvdG9jb2wtMDQucGRmDQoNCkkgaGF2ZSBsb3RzIG9mIGVk aXRvcmlhbCBmaXhlcyB0aHJvdWdob3V0LCBhbmQgYSBudW1iZXIgb2YgdGVjaG5pY2FsIGNvbW1l bnRzL3F1ZXN0aW9ucy9pc3N1ZXMuDQoNCknigJlsbCBzdGFydCBzZXBhcmF0ZSBlbWFpbCB0aHJl YWRzIGZvciBzb21lIG9mIHRoZW0gb3ZlciB0aGUgbmV4dCBzZXZlcmFsIGRheXMuDQoNCkRhdmUN CklNUE9SVEFOVCBOT1RJQ0U6IFRoZSBjb250ZW50cyBvZiB0aGlzIGVtYWlsIGFuZCBhbnkgYXR0 YWNobWVudHMgYXJlIGNvbmZpZGVudGlhbCBhbmQgbWF5IGFsc28gYmUgcHJpdmlsZWdlZC4gSWYg eW91IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCwgcGxlYXNlIG5vdGlmeSB0aGUgc2Vu ZGVyIGltbWVkaWF0ZWx5IGFuZCBkbyBub3QgZGlzY2xvc2UgdGhlIGNvbnRlbnRzIHRvIGFueSBv dGhlciBwZXJzb24sIHVzZSBpdCBmb3IgYW55IHB1cnBvc2UsIG9yIHN0b3JlIG9yIGNvcHkgdGhl IGluZm9ybWF0aW9uIGluIGFueSBtZWRpdW0uIFRoYW5rIHlvdS4NCg== --_000_F61B8C2BF1B8486592A0569523D52F0Aciscocom_ Content-Type: text/html; charset="utf-8" Content-ID: <7C868616FEC57E40B6814D3F888A6BC1@emea.cisco.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iVGl0bGUiIGNvbnRlbnQ9IiI+DQo8bWV0YSBuYW1lPSJLZXl3b3JkcyIgY29udGVu dD0iIj4NCjxtZXRhIG5hbWU9IkdlbmVyYXRvciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUg KGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxlPjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8N CkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6IkNvdXJpZXIgTmV3IjsNCglwYW5vc2UtMToyIDcg MyA5IDIgMiA1IDIgNCA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6IkNhbWJyaWEgTWF0 aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQt ZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAyIDQ7fQ0KQGZvbnQt ZmFjZQ0KCXtmb250LWZhbWlseTpDb25zb2xhczsNCglwYW5vc2UtMToyIDExIDYgOSAyIDIgNCAz IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OlRhaG9tYTsNCglwYW5vc2UtMToyIDEx IDYgNCAzIDUgNCA0IDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWws IGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0 b206LjAwMDFwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OkNhbGlicmk7fQ0K YTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29s b3I6IzA1NjNDMTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6dmlzaXRlZCwgc3Bh bi5Nc29IeXBlcmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6 Izk1NEY3MjsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnAuTXNvUGxhaW5UZXh0LCBs aS5Nc29QbGFpblRleHQsIGRpdi5Nc29QbGFpblRleHQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5 Ow0KCW1zby1zdHlsZS1saW5rOiJQbGFpbiBUZXh0IENoYXIiOw0KCW1hcmdpbjowaW47DQoJbWFy Z2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMC41cHQ7DQoJZm9udC1mYW1pbHk6Q29u c29sYXM7fQ0KcC5Nc29BY2V0YXRlLCBsaS5Nc29BY2V0YXRlLCBkaXYuTXNvQWNldGF0ZQ0KCXtt c28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IkJhbGxvb24gVGV4dCBDaGFy IjsNCgltYXJnaW46MGluOw0KCW1hcmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6OC4w cHQ7DQoJZm9udC1mYW1pbHk6VGFob21hO30NCnNwYW4uUGxhaW5UZXh0Q2hhcg0KCXttc28tc3R5 bGUtbmFtZToiUGxhaW4gVGV4dCBDaGFyIjsNCgltc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNv LXN0eWxlLWxpbms6IlBsYWluIFRleHQiOw0KCWZvbnQtZmFtaWx5OkNvbnNvbGFzO30NCnNwYW4u QmFsbG9vblRleHRDaGFyDQoJe21zby1zdHlsZS1uYW1lOiJCYWxsb29uIFRleHQgQ2hhciI7DQoJ bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCW1zby1zdHlsZS1saW5rOiJCYWxsb29uIFRleHQiOw0K CWZvbnQtZmFtaWx5OlRhaG9tYTt9DQpwLm1zb25vcm1hbDAsIGxpLm1zb25vcm1hbDAsIGRpdi5t c29ub3JtYWwwDQoJe21zby1zdHlsZS1uYW1lOm1zb25vcm1hbDsNCgltc28tbWFyZ2luLXRvcC1h bHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4tYm90dG9tLWFsdDphdXRv Ow0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OkNh bGlicmk7fQ0Kc3Bhbi5FbWFpbFN0eWxlMjINCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWw7DQoJ Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCgljb2xvcjp3aW5kb3d0ZXh0O30NCnNwYW4uRW1haWxTdHls ZTIzDQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OkNhbGlicmk7DQoJ Y29sb3I6d2luZG93dGV4dDt9DQpzcGFuLkVtYWlsU3R5bGUyNA0KCXttc28tc3R5bGUtdHlwZTpw ZXJzb25hbDsNCglmb250LWZhbWlseTpDYWxpYnJpOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0Kc3Bhbi5F bWFpbFN0eWxlMjUNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1p bHk6Q2FsaWJyaTsNCgljb2xvcjp3aW5kb3d0ZXh0O30NCnNwYW4ubXNvSW5zDQoJe21zby1zdHls ZS10eXBlOmV4cG9ydC1vbmx5Ow0KCW1zby1zdHlsZS1uYW1lOiIiOw0KCXRleHQtZGVjb3JhdGlv bjp1bmRlcmxpbmU7DQoJY29sb3I6dGVhbDt9DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUt dHlwZTpleHBvcnQtb25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9u MQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47 fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPg0K PC9oZWFkPg0KPGJvZHkgYmdjb2xvcj0id2hpdGUiIGxhbmc9IkVOLVVTIiBsaW5rPSIjMDU2M0Mx IiB2bGluaz0iIzk1NEY3MiI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlvbjEiPg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+SGksPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JIHRo aW5rIGl0IGlzIE9LIHRvIGRlZmluZSBtb3JlIHRoYW4gb25lIGFwcGxpY2FibGUgdHJhbnNwb3J0 LCBkb2VzIGl0IG1ha2Ugc2Vuc2UgdG8gbWFuZGF0ZSBvbmUgdGhvdWdoPyZuYnNwOyBJZiB0aGlz IGlzIHRvIGJlIHVzZWQgaW4gSW9UIHVzZSBjYXNlcywgdGhleSBtYXkgcHJlZmVyIENvQVA/PG86 cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyBO YW5jeTxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286 cD48L3A+DQo8ZGl2IHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItdG9wOnNvbGlkICNCNUM0REYg MS4wcHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBpbiI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 Yj48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPkZyb206IDwvc3Bhbj48L2I+PHNwYW4gc3R5bGU9 ImNvbG9yOmJsYWNrIj5URUVQICZsdDt0ZWVwLWJvdW5jZXNAaWV0Zi5vcmcmZ3Q7IG9uIGJlaGFs ZiBvZiBIYW5uZXMgVHNjaG9mZW5pZyAmbHQ7SGFubmVzLlRzY2hvZmVuaWdAYXJtLmNvbSZndDs8 YnI+DQo8Yj5EYXRlOiA8L2I+TW9uZGF5LCBOb3ZlbWJlciA2LCAyMDE3IGF0IDExOjEwIEFNPGJy Pg0KPGI+VG86IDwvYj5EYXZlIFRoYWxlciAmbHQ7ZHRoYWxlckBtaWNyb3NvZnQuY29tJmd0Oywg JnF1b3Q7dGVlcEBpZXRmLm9yZyZxdW90OyAmbHQ7dGVlcEBpZXRmLm9yZyZndDs8YnI+DQo8Yj5T dWJqZWN0OiA8L2I+UmU6IFtUZWVwXSBUcmFuc3BvcnQgUHJvdG9jb2w8L3NwYW4+PHNwYW4gc3R5 bGU9ImZvbnQtc2l6ZToxMi4wcHQ7Y29sb3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZh bWlseTomcXVvdDtUaW1lcyBOZXcgUm9tYW4mcXVvdDsiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFu PjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMx RjQ5N0QiPkhpIERhdmUsIDwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+VGhp cyBpcyBhbiBpbnRlcmVzdGluZyBxdWVzdGlvbi4gRm9yIHRoZSBtYWluIHVzZSBjYXNlIHdoZXJl IHRoZSBhIHNvZnR3YXJlIHVwZGF0ZSBpbiBhIFRFRSBvbiBhIG1vYmlsZSBkZXZpY2UgaXMgcHJv dmlkZWQgSSBiZWxpZXZlIGl0IGlzIGZhaXIgdG8gc2F5IHRoYXQgdGhlIHByb3RvY29sIHdlIGFy ZSB0YWxraW5nIGFib3V0IGhlcmUgaXMgSFRUUFMuIEFzDQogeW91IGtub3csIHRoZXJlIGhhdmUg YmVlbiBvdGhlciB1c2UgY2FzZXMgZGVzY3JpYmVkIGJ5IERhcGVuZyBpbiBodHRwczovL3Rvb2xz LmlldGYub3JnL2h0bWwvZHJhZnQtbGl1LW9wZW50cnVzdHByb3RvY29sLXVzZWNhc2UtMDEsIHdo aWNoIG1heSByZXF1aXJlIG90aGVyIHByb3RvY29scy4gSWYgSSBoYXZlIHN0YW5kYXJkaXplIGFu ZCBtYW5kYXRlIGF0IGxlYXN0IG9uZSBwcm90b2NvbCB0aGVuIEkgd291bGQgcGljayBIVFRQUyBo ZXJlLg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g c3R5bGU9ImNvbG9yOiMxRjQ5N0QiPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMUY0OTdEIj5DaWFvPGJyPg0KSGFu bmVzPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGEgbmFtZT0i X01haWxFbmRDb21wb3NlIj48c3BhbiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+Jm5ic3A7PC9zcGFu PjwvYT48bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8ZGl2IHN0eWxlPSJib3JkZXI6bm9uZTtib3Jk ZXItdG9wOnNvbGlkICNCNUM0REYgMS4wcHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBpbiI+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250 LWZhbWlseTpUYWhvbWEiPkZyb206PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEw LjBwdDtmb250LWZhbWlseTpUYWhvbWEiPiBURUVQIFttYWlsdG86dGVlcC1ib3VuY2VzQGlldGYu b3JnXQ0KPGI+T24gQmVoYWxmIE9mIDwvYj5EYXZlIFRoYWxlcjxicj4NCjxiPlNlbnQ6PC9iPiAw MiBOb3ZlbWJlciAyMDE3IDAxOjUyPGJyPg0KPGI+VG86PC9iPiB0ZWVwQGlldGYub3JnPGJyPg0K PGI+U3ViamVjdDo8L2I+IFtUZWVwXSBUcmFuc3BvcnQgUHJvdG9jb2w8L3NwYW4+PG86cD48L286 cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86cD48 L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5BcyBwcm9taXNlZCB3aGVuIEkgcG9zdGVk IG15IHJldmlldywgSSBhbSBzdGFydGluZyBzZXZlcmFsIGVtYWlsIHRocmVhZHMgZm9yIGRpc2N1 c3Npb25zIG9uIHNwZWNpZmljIHRlY2huaWNhbCB0b3BpY3MuPG86cD48L286cD48L3A+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIj5UaGlzIGlzIG9uZSBvZiB0aGVtLjxvOnA+PC9vOnA+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxh aW5UZXh0Ij48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6Q2FsaWJyaSI+U2VjdGlvbiAxOjxicj4N Cjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q291cmllciBOZXcmcXVvdDsi PiZndDsgVGhpcyBzcGVjaWZpY2F0aW9uIGRlZmluZXMgbWVzc2FnZSBwYXlsb2FkcyBleGNoYW5n ZWQgYmV0d2VlbiBkZXZpY2VzPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb1Bs YWluVGV4dCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0NvdXJpZXIgTmV3JnF1b3Q7 Ij4mZ3Q7IGFuZCBhIFRTTSBidXQgZG9lcyBub3QgbWFuZGF0ZSBhIHNwZWNpZmljIHRyYW5zcG9y dC48L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpw PjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPjxzcGFuIHN0eWxlPSJmb250LWZh bWlseTpDYWxpYnJpIj5TZWN0aW9uIDU6PGJyPg0KPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LWZh bWlseTomcXVvdDtDb3VyaWVyIE5ldyZxdW90OyI+Jmd0OyBUaGUgY29tbXVuaWNhdGlvbiBtZXRo b2Qgb2YgT1RyUCBNZXNzYWdlcyBiZXR3ZWVuIGEgVFNNIGFuZCBURUUgaW4gYTwvc3Bhbj48bzpw PjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWls eTomcXVvdDtDb3VyaWVyIE5ldyZxdW90OyI+Jmd0OyBkZXZpY2UgaXMgbGVmdCB0byBUU00gcHJv dmlkZXJzIGZvciBtYXhpbWFsIGludGVyb3BlcmFiaWxpdHkuJm5ic3A7DQo8L3NwYW4+PG86cD48 L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPkkgZGlzYWdyZWUsIHRoZSBsYWNrIG9mIGFueSBzcGVjIGZvciBh IHRyYW5zcG9ydCByZXN1bHRzIGluIDxpPg0KbGFjazwvaT4gb2YgbWF4aW1hbCBpbnRlcm9wZXJh YmlsaXR5LiZuYnNwOyA8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPlRoZSBU U00gYW5kIHRoZSBURUUgbWF5IGJlIGZyb20gZGlmZmVyZW50IHZlbmRvcnMgYXMgdGhlIGRyYWZ0 IG5pY2VseSBleHBsYWlucyBlYXJsaWVyLiZuYnNwOw0KPG86cD48L286cD48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj5TbyBiaW5kaW5ncyB0byBvbmUgb3IgbW9yZSB0cmFuc3BvcnQgcHJvdG9j b2wgKHRoZSB0aGluZyB0aGF0IGNhcnJpZXMgdGhlIEpTT04gbWVzc2FnZXMgaW5zaWRlIGl0KSBt dXN0IGJlIHN0YW5kYXJkaXplZC48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi Pk90aGVyd2lzZSwgaW4gbXkgdmlldyB0aGVyZeKAmXMgbGl0dGxlIHZhbHVlIGluIHN0YW5kYXJk aXppbmcgdGhlIHBheWxvYWQgZm9ybWF0cy48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+U3VjaCBh IHRyYW5zcG9ydCBwcm90b2NvbCBiaW5kaW5nIG1pZ2h0IGJlIGluIHRoZSBzYW1lIHNwZWMgb3Ig aW4gYSBkaWZmZXJlbnQgc3BlYywgYnV0IGVpdGhlciB3YXk8YnI+DQpJIHRoaW5rIHNwZWNpZnlp bmcgYXQgbGVhc3Qgb25lIGlzIG1hbmRhdG9yeS48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+RGF2 ZTxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86cD48L286cD48 L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjRTFF MUUxIDEuMHB0O3BhZGRpbmc6My4wcHQgMGluIDBpbiAwaW4iPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PGI+RnJvbTo8L2I+IERhdmUgVGhhbGVyIDxicj4NCjxiPlNlbnQ6PC9iPiBTYXR1cmRheSwg U2VwdGVtYmVyIDIzLCAyMDE3IDEyOjI0IFBNPGJyPg0KPGI+VG86PC9iPiAndGVlcEBpZXRmLm9y ZycgJmx0OzxhIGhyZWY9Im1haWx0bzp0ZWVwQGlldGYub3JnIj50ZWVwQGlldGYub3JnPC9hPiZn dDs8YnI+DQo8Yj5TdWJqZWN0OjwvYj4gUmV2aWV3IG9mIGRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90 b2NvbC0wNDxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+SeKAmXZlIGZp bmFsbHkgbWFkZSBpdCB0aHJvdWdoIGEgZGV0YWlsZWQgcmV2aWV3IG9mIGRyYWZ0LXBlaS1vcGVu dHJ1c3Rwcm90b2NvbC0wNCBhbmQgbXkgbWFya2VkIHVwIGNvcHkgaXMgYXQ8bzpwPjwvbzpwPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxhIGhyZWY9Imh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5j b20vZW4tdXMvcmVzZWFyY2gvd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDUvZHJhZnQtcGVpLW9w ZW50cnVzdHByb3RvY29sLTA0LnBkZiI+aHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbS9lbi11cy9y ZXNlYXJjaC93cC1jb250ZW50L3VwbG9hZHMvMjAxNy8wNS9kcmFmdC1wZWktb3BlbnRydXN0cHJv dG9jb2wtMDQucGRmPC9hPg0KPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iY29sb3I6IzMzMzMzMyI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMzMzMzMzMiPkkgaGF2ZSBs b3RzIG9mIGVkaXRvcmlhbCBmaXhlcyB0aHJvdWdob3V0LCBhbmQgYSBudW1iZXIgb2YgdGVjaG5p Y2FsIGNvbW1lbnRzL3F1ZXN0aW9ucy9pc3N1ZXMuPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9yOiMzMzMzMzMiPiZuYnNwOzwvc3Bh bj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xv cjojMzMzMzMzIj5J4oCZbGwgc3RhcnQgc2VwYXJhdGUgZW1haWwgdGhyZWFkcyBmb3Igc29tZSBv ZiB0aGVtIG92ZXIgdGhlIG5leHQgc2V2ZXJhbCBkYXlzLjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMzMzMzMzIj4mbmJzcDs8 L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Y29sb3I6IzMzMzMzMyI+RGF2ZTwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O1Rp bWVzIE5ldyBSb21hbiZxdW90OyI+SU1QT1JUQU5UIE5PVElDRTogVGhlIGNvbnRlbnRzIG9mIHRo aXMgZW1haWwgYW5kIGFueSBhdHRhY2htZW50cyBhcmUgY29uZmlkZW50aWFsIGFuZCBtYXkgYWxz byBiZSBwcml2aWxlZ2VkLiBJZiB5b3UgYXJlIG5vdCB0aGUgaW50ZW5kZWQgcmVjaXBpZW50LCBw bGVhc2Ugbm90aWZ5IHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkNCiBhbmQgZG8gbm90IGRpc2Nsb3Nl IHRoZSBjb250ZW50cyB0byBhbnkgb3RoZXIgcGVyc29uLCB1c2UgaXQgZm9yIGFueSBwdXJwb3Nl LCBvciBzdG9yZSBvciBjb3B5IHRoZSBpbmZvcm1hdGlvbiBpbiBhbnkgbWVkaXVtLiBUaGFuayB5 b3UuDQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_F61B8C2BF1B8486592A0569523D52F0Aciscocom_-- From nobody Mon Nov 6 11:21:06 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B5F113FBBB for ; Mon, 6 Nov 2017 11:21:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.92 X-Spam-Level: X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UWeIe-eXI0bQ for ; Mon, 6 Nov 2017 11:21:00 -0800 (PST) Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50044.outbound.protection.outlook.com [40.107.5.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 695A213FAD9 for ; Mon, 6 Nov 2017 11:20:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Gm/Z7SQpQRcrAqJ7hTvtlXrgiIMJLtRVt9n/+Ir18pI=; b=YcJKOxJ89pJkMnEXciBkWyZaHPfAqslR45xofZ+XkrHB6R9O1qd+/4a16K+1lCYKzyGbgPsxDZthLDkv+VtJP8y4QFX9zbRurTVYgRr+Fvs6CkLAkDgLLYg5LvE0sJIv+wpEAwKFkQqA8BExQh0j3piYxFZUucOMyc7UBQ6qBZ4= Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) by AM4PR0801MB2705.eurprd08.prod.outlook.com (10.167.90.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 19:20:46 +0000 Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6]) by AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6%13]) with mapi id 15.20.0197.017; Mon, 6 Nov 2017 19:20:46 +0000 From: Hannes Tschofenig To: "Nancy Cam-Winget (ncamwing)" , Dave Thaler , "teep@ietf.org" Thread-Topic: [Teep] Transport Protocol Thread-Index: AQHTVzPm2el1JuIrVEiuR1NZo1Z+yKMHuZGQ Date: Mon, 6 Nov 2017 19:20:46 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com; x-originating-ip: [80.92.116.199] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR0801MB2705; 6:A4QmexGBDbzVNMdZ09kJxhD1cXEe/RZInNr+PCcmKbwUNLNkGJQVm9JrcGGFVw8TYKUdkc2C2+sW2FSb7Fl4c12mBADbg4kDrQF7XSczLn9JxzMOL3KcIj3ZRIpJmSYg+24+S8fUhsI5FB5Ktm0RgbaaUm1+XrgjXqtcRGh9Xkf5xnToHN0qsCgwkuWBAGbvB+eN/jYJP7TzVTAS0KGiA7YWW6F1Z+QaiO1Ne93m9h1kSepjrK1BtN3in6FiMIcgr00lrX6msN0sx+Wk2lEc6YDUhkEoGjX9EYDyQp61B0y00r3q45HD9yRRWFLLM5hRko4nWic/I6wW11mYEdr/nyEOsa+55l9iEP6O96Qo1fc=; 5:qAjdfwWQKI1UrEF97ex6LrSTQHkBNrxn7YtJNyeBIIx2MdR/GwsdlaKkcyHnIag2YY5bvf4vE/SRXqdJ07fesvWN57bC4iRWi8HMkkJHF6gcLiCUJPjFYlW0zacKSUaDEgljqovkD07YdrhaQj/jfhrSjN2X18lYMdzoG+txEzY=; 24:4CzpgY5mFr/TDYRAEx4lfqxiirngYthPtm23JYpWgAARFhI0V1sPNdM9l/UeVH8GUeIEkGKagy30foRaw14xeA6JBJBRr0NG8dbjKzkQMhU=; 7:MWDg+G4fb8d3N1vdZPu+ZMqHr20Oa6I3NfOqfovxemcjcBZQjSJDvjb5K75j0245NACTPxN+wa2TgiLodZAhyW7R3Jt1VcwpssN5u/S3zUGePDDKSGDTnyGirm7s8lMUslHf/ABVb4ww+i59njDw1Mo2+mNpuGzptV/Ih9mSWrJRqbTKWqG0uRIl4r0YQJvFyGAo2eV0O8ICyY8CKT7rjxTrLUVgsEfTHzGruqwBp6PgNSB18j9/b+PGM9KMF/WB x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 8e62d8ad-47be-46c6-05a0-08d5254b7b6c x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603199); SRVR:AM4PR0801MB2705; x-ms-traffictypediagnostic: AM4PR0801MB2705: x-exchange-antispam-report-test: UriScan:(43050042349365)(180628864354917)(89211679590171)(95692535739014)(21748063052155)(17755550239193); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231021)(100000703101)(100105400095)(93006095)(93001095)(6055026)(6041248)(20161123558100)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM4PR0801MB2705; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM4PR0801MB2705; x-forefront-prvs: 048396AFA0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(39860400002)(40434004)(199003)(189002)(3905003)(54356999)(9686003)(50986999)(86362001)(6436002)(236005)(99286004)(97736004)(2900100001)(14454004)(1511001)(6506006)(316002)(3660700001)(2906002)(9326002)(6306002)(189998001)(5890100001)(2501003)(5250100002)(8666007)(76176999)(6246003)(54896002)(110136005)(7696004)(2950100002)(3280700002)(45080400002)(966005)(25786009)(229853002)(8936002)(7736002)(33656002)(106356001)(606006)(105586002)(2421001)(81166006)(478600001)(55016002)(6116002)(790700001)(102836003)(3846002)(68736007)(74316002)(53936002)(72206003)(66066001)(8676002)(81156014)(53546010)(5660300001)(2561002)(101416001)(15398625002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0801MB2705; H:AM4PR0801MB2706.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_AM4PR0801MB2706ECC269F237AC7F150CBCFA500AM4PR0801MB2706_" MIME-Version: 1.0 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8e62d8ad-47be-46c6-05a0-08d5254b7b6c X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2017 19:20:46.5620 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB2705 Archived-At: Subject: Re: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 19:21:03 -0000 --_000_AM4PR0801MB2706ECC269F237AC7F150CBCFA500AM4PR0801MB2706_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgTmFuY3ksDQoNCklmIHRoZSBJb1Qgc2NlbmFyaW8gaW5jbHVkZXMgYSBkZXZpY2UgdGhhdCBy dW5zIGFuIHBvd2VyZnVsIHByb2Nlc3NvciB0aGF0IGluY2x1ZGVzIGEgVHJ1c3RlZCBFeGVjdXRp b24gRW52aXJvbm1lbnQgYnV0IGhhcyBhIHZlcnkgbG93IGJhbmR3aWR0aCBjb25uZWN0aW9uIHRo ZW4gQ29BUCB3b3VsZCBtYWtlIHNlbnNlLg0KSG93ZXZlciwgaW4gdGhhdCBjYXNlIEkgY291bGQg YWxzbyBpbWFnaW5lIHJlbW92aW5nIG90aGVyIGZlYXR1cmVzIGFzIHdlbGwgYmVzaWRlcyBjaGFu Z2luZyB0aGUgdHJhbnNwb3J0IGFsb25lLg0KDQpDaWFvDQpIYW5uZXMNCg0KRnJvbTogTmFuY3kg Q2FtLVdpbmdldCAobmNhbXdpbmcpIFttYWlsdG86bmNhbXdpbmdAY2lzY28uY29tXQ0KU2VudDog MDYgTm92ZW1iZXIgMjAxNyAyMDoxOA0KVG86IEhhbm5lcyBUc2Nob2ZlbmlnOyBEYXZlIFRoYWxl cjsgdGVlcEBpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtUZWVwXSBUcmFuc3BvcnQgUHJvdG9jb2wN Cg0KSGksDQpJIHRoaW5rIGl0IGlzIE9LIHRvIGRlZmluZSBtb3JlIHRoYW4gb25lIGFwcGxpY2Fi bGUgdHJhbnNwb3J0LCBkb2VzIGl0IG1ha2Ugc2Vuc2UgdG8gbWFuZGF0ZSBvbmUgdGhvdWdoPyAg SWYgdGhpcyBpcyB0byBiZSB1c2VkIGluIElvVCB1c2UgY2FzZXMsIHRoZXkgbWF5IHByZWZlciBD b0FQPw0KDQogICAgICAgICAgICAgICAgTmFuY3kNCg0KRnJvbTogVEVFUCA8dGVlcC1ib3VuY2Vz QGlldGYub3JnPG1haWx0bzp0ZWVwLWJvdW5jZXNAaWV0Zi5vcmc+PiBvbiBiZWhhbGYgb2YgSGFu bmVzIFRzY2hvZmVuaWcgPEhhbm5lcy5Uc2Nob2ZlbmlnQGFybS5jb208bWFpbHRvOkhhbm5lcy5U c2Nob2ZlbmlnQGFybS5jb20+Pg0KRGF0ZTogTW9uZGF5LCBOb3ZlbWJlciA2LCAyMDE3IGF0IDEx OjEwIEFNDQpUbzogRGF2ZSBUaGFsZXIgPGR0aGFsZXJAbWljcm9zb2Z0LmNvbTxtYWlsdG86ZHRo YWxlckBtaWNyb3NvZnQuY29tPj4sICJ0ZWVwQGlldGYub3JnPG1haWx0bzp0ZWVwQGlldGYub3Jn PiIgPHRlZXBAaWV0Zi5vcmc8bWFpbHRvOnRlZXBAaWV0Zi5vcmc+Pg0KU3ViamVjdDogUmU6IFtU ZWVwXSBUcmFuc3BvcnQgUHJvdG9jb2wNCg0KSGkgRGF2ZSwNCg0KVGhpcyBpcyBhbiBpbnRlcmVz dGluZyBxdWVzdGlvbi4gRm9yIHRoZSBtYWluIHVzZSBjYXNlIHdoZXJlIHRoZSBhIHNvZnR3YXJl IHVwZGF0ZSBpbiBhIFRFRSBvbiBhIG1vYmlsZSBkZXZpY2UgaXMgcHJvdmlkZWQgSSBiZWxpZXZl IGl0IGlzIGZhaXIgdG8gc2F5IHRoYXQgdGhlIHByb3RvY29sIHdlIGFyZSB0YWxraW5nIGFib3V0 IGhlcmUgaXMgSFRUUFMuIEFzIHlvdSBrbm93LCB0aGVyZSBoYXZlIGJlZW4gb3RoZXIgdXNlIGNh c2VzIGRlc2NyaWJlZCBieSBEYXBlbmcgaW4gaHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2Ry YWZ0LWxpdS1vcGVudHJ1c3Rwcm90b2NvbC11c2VjYXNlLTAxLCB3aGljaCBtYXkgcmVxdWlyZSBv dGhlciBwcm90b2NvbHMuIElmIEkgaGF2ZSBzdGFuZGFyZGl6ZSBhbmQgbWFuZGF0ZSBhdCBsZWFz dCBvbmUgcHJvdG9jb2wgdGhlbiBJIHdvdWxkIHBpY2sgSFRUUFMgaGVyZS4NCg0KQ2lhbw0KSGFu bmVzDQoNCkZyb206IFRFRVAgW21haWx0bzp0ZWVwLWJvdW5jZXNAaWV0Zi5vcmddIE9uIEJlaGFs ZiBPZiBEYXZlIFRoYWxlcg0KU2VudDogMDIgTm92ZW1iZXIgMjAxNyAwMTo1Mg0KVG86IHRlZXBA aWV0Zi5vcmc8bWFpbHRvOnRlZXBAaWV0Zi5vcmc+DQpTdWJqZWN0OiBbVGVlcF0gVHJhbnNwb3J0 IFByb3RvY29sDQoNCkFzIHByb21pc2VkIHdoZW4gSSBwb3N0ZWQgbXkgcmV2aWV3LCBJIGFtIHN0 YXJ0aW5nIHNldmVyYWwgZW1haWwgdGhyZWFkcyBmb3IgZGlzY3Vzc2lvbnMgb24gc3BlY2lmaWMg dGVjaG5pY2FsIHRvcGljcy4NClRoaXMgaXMgb25lIG9mIHRoZW0uDQoNCg0KU2VjdGlvbiAxOg0K PiBUaGlzIHNwZWNpZmljYXRpb24gZGVmaW5lcyBtZXNzYWdlIHBheWxvYWRzIGV4Y2hhbmdlZCBi ZXR3ZWVuIGRldmljZXMNCg0KPiBhbmQgYSBUU00gYnV0IGRvZXMgbm90IG1hbmRhdGUgYSBzcGVj aWZpYyB0cmFuc3BvcnQuDQoNCg0KU2VjdGlvbiA1Og0KPiBUaGUgY29tbXVuaWNhdGlvbiBtZXRo b2Qgb2YgT1RyUCBNZXNzYWdlcyBiZXR3ZWVuIGEgVFNNIGFuZCBURUUgaW4gYQ0KPiBkZXZpY2Ug aXMgbGVmdCB0byBUU00gcHJvdmlkZXJzIGZvciBtYXhpbWFsIGludGVyb3BlcmFiaWxpdHkuDQoN CkkgZGlzYWdyZWUsIHRoZSBsYWNrIG9mIGFueSBzcGVjIGZvciBhIHRyYW5zcG9ydCByZXN1bHRz IGluIGxhY2sgb2YgbWF4aW1hbCBpbnRlcm9wZXJhYmlsaXR5Lg0KVGhlIFRTTSBhbmQgdGhlIFRF RSBtYXkgYmUgZnJvbSBkaWZmZXJlbnQgdmVuZG9ycyBhcyB0aGUgZHJhZnQgbmljZWx5IGV4cGxh aW5zIGVhcmxpZXIuDQpTbyBiaW5kaW5ncyB0byBvbmUgb3IgbW9yZSB0cmFuc3BvcnQgcHJvdG9j b2wgKHRoZSB0aGluZyB0aGF0IGNhcnJpZXMgdGhlIEpTT04gbWVzc2FnZXMgaW5zaWRlIGl0KSBt dXN0IGJlIHN0YW5kYXJkaXplZC4NCk90aGVyd2lzZSwgaW4gbXkgdmlldyB0aGVyZeKAmXMgbGl0 dGxlIHZhbHVlIGluIHN0YW5kYXJkaXppbmcgdGhlIHBheWxvYWQgZm9ybWF0cy4NCg0KU3VjaCBh IHRyYW5zcG9ydCBwcm90b2NvbCBiaW5kaW5nIG1pZ2h0IGJlIGluIHRoZSBzYW1lIHNwZWMgb3Ig aW4gYSBkaWZmZXJlbnQgc3BlYywgYnV0IGVpdGhlciB3YXkNCkkgdGhpbmsgc3BlY2lmeWluZyBh dCBsZWFzdCBvbmUgaXMgbWFuZGF0b3J5Lg0KDQpEYXZlDQoNCkZyb206IERhdmUgVGhhbGVyDQpT ZW50OiBTYXR1cmRheSwgU2VwdGVtYmVyIDIzLCAyMDE3IDEyOjI0IFBNDQpUbzogJ3RlZXBAaWV0 Zi5vcmcnIDx0ZWVwQGlldGYub3JnPG1haWx0bzp0ZWVwQGlldGYub3JnPj4NClN1YmplY3Q6IFJl dmlldyBvZiBkcmFmdC1wZWktb3BlbnRydXN0cHJvdG9jb2wtMDQNCg0KSeKAmXZlIGZpbmFsbHkg bWFkZSBpdCB0aHJvdWdoIGEgZGV0YWlsZWQgcmV2aWV3IG9mIGRyYWZ0LXBlaS1vcGVudHJ1c3Rw cm90b2NvbC0wNCBhbmQgbXkgbWFya2VkIHVwIGNvcHkgaXMgYXQNCmh0dHBzOi8vd3d3Lm1pY3Jv c29mdC5jb20vZW4tdXMvcmVzZWFyY2gvd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDUvZHJhZnQt cGVpLW9wZW50cnVzdHByb3RvY29sLTA0LnBkZg0KDQpJIGhhdmUgbG90cyBvZiBlZGl0b3JpYWwg Zml4ZXMgdGhyb3VnaG91dCwgYW5kIGEgbnVtYmVyIG9mIHRlY2huaWNhbCBjb21tZW50cy9xdWVz dGlvbnMvaXNzdWVzLg0KDQpJ4oCZbGwgc3RhcnQgc2VwYXJhdGUgZW1haWwgdGhyZWFkcyBmb3Ig c29tZSBvZiB0aGVtIG92ZXIgdGhlIG5leHQgc2V2ZXJhbCBkYXlzLg0KDQpEYXZlDQpJTVBPUlRB TlQgTk9USUNFOiBUaGUgY29udGVudHMgb2YgdGhpcyBlbWFpbCBhbmQgYW55IGF0dGFjaG1lbnRz IGFyZSBjb25maWRlbnRpYWwgYW5kIG1heSBhbHNvIGJlIHByaXZpbGVnZWQuIElmIHlvdSBhcmUg bm90IHRoZSBpbnRlbmRlZCByZWNpcGllbnQsIHBsZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1l ZGlhdGVseSBhbmQgZG8gbm90IGRpc2Nsb3NlIHRoZSBjb250ZW50cyB0byBhbnkgb3RoZXIgcGVy c29uLCB1c2UgaXQgZm9yIGFueSBwdXJwb3NlLCBvciBzdG9yZSBvciBjb3B5IHRoZSBpbmZvcm1h dGlvbiBpbiBhbnkgbWVkaXVtLiBUaGFuayB5b3UuDQpJTVBPUlRBTlQgTk9USUNFOiBUaGUgY29u dGVudHMgb2YgdGhpcyBlbWFpbCBhbmQgYW55IGF0dGFjaG1lbnRzIGFyZSBjb25maWRlbnRpYWwg YW5kIG1heSBhbHNvIGJlIHByaXZpbGVnZWQuIElmIHlvdSBhcmUgbm90IHRoZSBpbnRlbmRlZCBy ZWNpcGllbnQsIHBsZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBhbmQgZG8gbm90 IGRpc2Nsb3NlIHRoZSBjb250ZW50cyB0byBhbnkgb3RoZXIgcGVyc29uLCB1c2UgaXQgZm9yIGFu eSBwdXJwb3NlLCBvciBzdG9yZSBvciBjb3B5IHRoZSBpbmZvcm1hdGlvbiBpbiBhbnkgbWVkaXVt LiBUaGFuayB5b3UuDQo= --_000_AM4PR0801MB2706ECC269F237AC7F150CBCFA500AM4PR0801MB2706_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTQgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 Q2FsaWJyaTsNCglwYW5vc2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJ e2ZvbnQtZmFtaWx5OlRhaG9tYTsNCglwYW5vc2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQpA Zm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkNvbnNvbGFzOw0KCXBhbm9zZS0xOjIgMTEgNiA5IDIg MiA0IDMgMiA0O30NCi8qIFN0eWxlIERlZmluaXRpb25zICovDQpwLk1zb05vcm1hbCwgbGkuTXNv Tm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjowY207DQoJbWFyZ2luLWJvdHRvbTouMDAw MXB0Ow0KCWZvbnQtc2l6ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNl cmlmIjt9DQphOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5 OTsNCgljb2xvcjojMDU2M0MxOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNp dGVkLCBzcGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsN Cgljb2xvcjojOTU0RjcyOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcC5Nc29QbGFp blRleHQsIGxpLk1zb1BsYWluVGV4dCwgZGl2Lk1zb1BsYWluVGV4dA0KCXttc28tc3R5bGUtcHJp b3JpdHk6OTk7DQoJbXNvLXN0eWxlLWxpbms6IlBsYWluIFRleHQgQ2hhciI7DQoJbWFyZ2luOjBj bTsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEwLjVwdDsNCglmb250LWZh bWlseTpDb25zb2xhczt9DQpwLk1zb0FjZXRhdGUsIGxpLk1zb0FjZXRhdGUsIGRpdi5Nc29BY2V0 YXRlDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgltc28tc3R5bGUtbGluazoiQmFsbG9vbiBU ZXh0IENoYXIiOw0KCW1hcmdpbjowY207DQoJbWFyZ2luLWJvdHRvbTouMDAwMXB0Ow0KCWZvbnQt c2l6ZTo4LjBwdDsNCglmb250LWZhbWlseToiVGFob21hIiwic2Fucy1zZXJpZiI7fQ0Kc3Bhbi5Q bGFpblRleHRDaGFyDQoJe21zby1zdHlsZS1uYW1lOiJQbGFpbiBUZXh0IENoYXIiOw0KCW1zby1z dHlsZS1wcmlvcml0eTo5OTsNCgltc28tc3R5bGUtbGluazoiUGxhaW4gVGV4dCI7DQoJZm9udC1m YW1pbHk6Q29uc29sYXM7fQ0Kc3Bhbi5CYWxsb29uVGV4dENoYXINCgl7bXNvLXN0eWxlLW5hbWU6 IkJhbGxvb24gVGV4dCBDaGFyIjsNCgltc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxl LWxpbms6IkJhbGxvb24gVGV4dCI7DQoJZm9udC1mYW1pbHk6IlRhaG9tYSIsInNhbnMtc2VyaWYi O30NCnAubXNvbm9ybWFsMCwgbGkubXNvbm9ybWFsMCwgZGl2Lm1zb25vcm1hbDANCgl7bXNvLXN0 eWxlLW5hbWU6bXNvbm9ybWFsOw0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1hcmdpbi1y aWdodDowY207DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxlZnQ6MGNt Ow0KCWZvbnQtc2l6ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlm Ijt9DQpzcGFuLkVtYWlsU3R5bGUyMg0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbDsNCglmb250 LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiOw0KCWNvbG9yOndpbmRvd3RleHQ7fQ0Kc3Bh bi5FbWFpbFN0eWxlMjMNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWw7DQoJZm9udC1mYW1pbHk6 IkNhbGlicmkiLCJzYW5zLXNlcmlmIjsNCgljb2xvcjp3aW5kb3d0ZXh0O30NCnNwYW4uRW1haWxT dHlsZTI0DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJp Iiwic2Fucy1zZXJpZiI7DQoJY29sb3I6IzFGNDk3RDt9DQpzcGFuLkVtYWlsU3R5bGUyNQ0KCXtt c28tc3R5bGUtdHlwZTpwZXJzb25hbDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsInNhbnMtc2Vy aWYiOw0KCWNvbG9yOndpbmRvd3RleHQ7fQ0Kc3Bhbi5FbWFpbFN0eWxlMjYNCgl7bXNvLXN0eWxl LXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLCJzYW5zLXNlcmlm IjsNCgljb2xvcjojMUY0OTdEO30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4 cG9ydC1vbmx5Ow0KCWZvbnQtc2l6ZToxMC4wcHQ7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJe3Np emU6NjEyLjBwdCA3OTIuMHB0Ow0KCW1hcmdpbjo3Mi4wcHQgNzIuMHB0IDcyLjBwdCA3Mi4wcHQ7 fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPjwh LS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIgc3Bp ZG1heD0iMTAyNiIgLz4NCjwveG1sPjwhW2VuZGlmXS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1s Pg0KPG86c2hhcGVsYXlvdXQgdjpleHQ9ImVkaXQiPg0KPG86aWRtYXAgdjpleHQ9ImVkaXQiIGRh dGE9IjEiIC8+DQo8L286c2hhcGVsYXlvdXQ+PC94bWw+PCFbZW5kaWZdLS0+DQo8L2hlYWQ+DQo8 Ym9keSBiZ2NvbG9yPSJ3aGl0ZSIgbGFuZz0iRU4tR0IiIGxpbms9IiMwNTYzQzEiIHZsaW5rPSIj OTU0RjcyIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+SGkgTmFuY3ksIDxvOnA+PC9vOnA+PC9zcGFu PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMUY0OTdEIj48 bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBz dHlsZT0iY29sb3I6IzFGNDk3RCI+SWYgdGhlIElvVCBzY2VuYXJpbyBpbmNsdWRlcyBhIGRldmlj ZSB0aGF0IHJ1bnMgYW4gcG93ZXJmdWwgcHJvY2Vzc29yIHRoYXQgaW5jbHVkZXMgYSBUcnVzdGVk IEV4ZWN1dGlvbiBFbnZpcm9ubWVudCBidXQgaGFzIGEgdmVyeSBsb3cgYmFuZHdpZHRoIGNvbm5l Y3Rpb24gdGhlbiBDb0FQIHdvdWxkIG1ha2Ugc2Vuc2UuDQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+SG93ZXZl ciwgaW4gdGhhdCBjYXNlIEkgY291bGQgYWxzbyBpbWFnaW5lIHJlbW92aW5nIG90aGVyIGZlYXR1 cmVzIGFzIHdlbGwgYmVzaWRlcyBjaGFuZ2luZyB0aGUgdHJhbnNwb3J0IGFsb25lLg0KPG86cD48 L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImNvbG9y OiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJjb2xvcjojMUY0OTdEIj5DaWFvPGJyPg0KSGFubmVzPG86cD48L286 cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGEgbmFtZT0iX01haWxFbmRDb21w b3NlIj48c3BhbiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+ PC9hPjwvcD4NCjxkaXY+DQo8ZGl2IHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItdG9wOnNvbGlk ICNCNUM0REYgMS4wcHQ7cGFkZGluZzozLjBwdCAwY20gMGNtIDBjbSI+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj48Yj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPkZyb206 PC9zcGFuPjwvYj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiBOYW5j eSBDYW0tV2luZ2V0IChuY2Ftd2luZykgW21haWx0bzpuY2Ftd2luZ0BjaXNjby5jb21dDQo8YnI+ DQo8Yj5TZW50OjwvYj4gMDYgTm92ZW1iZXIgMjAxNyAyMDoxODxicj4NCjxiPlRvOjwvYj4gSGFu bmVzIFRzY2hvZmVuaWc7IERhdmUgVGhhbGVyOyB0ZWVwQGlldGYub3JnPGJyPg0KPGI+U3ViamVj dDo8L2I+IFJlOiBbVGVlcF0gVHJhbnNwb3J0IFByb3RvY29sPG86cD48L286cD48L3NwYW4+PC9w Pg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPkhpLDxvOnA+PC9v OnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj5J IHRoaW5rIGl0IGlzIE9LIHRvIGRlZmluZSBtb3JlIHRoYW4gb25lIGFwcGxpY2FibGUgdHJhbnNw b3J0LCBkb2VzIGl0IG1ha2Ugc2Vuc2UgdG8gbWFuZGF0ZSBvbmUgdGhvdWdoPyZuYnNwOyBJZiB0 aGlzIGlzIHRvIGJlIHVzZWQgaW4gSW9UIHVzZSBjYXNlcywgdGhleSBtYXkgcHJlZmVyIENvQVA/ PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0i RU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIGxhbmc9IkVOLVVTIj4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgTmFu Y3k8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5n PSJFTi1VUyI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPGRpdiBzdHlsZT0iYm9yZGVy Om5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjQjVDNERGIDEuMHB0O3BhZGRpbmc6My4wcHQgMGNtIDBj bSAwY20iPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxl PSJjb2xvcjpibGFjayI+RnJvbTogPC9zcGFuPjwvYj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9 ImNvbG9yOmJsYWNrIj5URUVQICZsdDs8YSBocmVmPSJtYWlsdG86dGVlcC1ib3VuY2VzQGlldGYu b3JnIj50ZWVwLWJvdW5jZXNAaWV0Zi5vcmc8L2E+Jmd0OyBvbiBiZWhhbGYgb2YgSGFubmVzIFRz Y2hvZmVuaWcgJmx0OzxhIGhyZWY9Im1haWx0bzpIYW5uZXMuVHNjaG9mZW5pZ0Bhcm0uY29tIj5I YW5uZXMuVHNjaG9mZW5pZ0Bhcm0uY29tPC9hPiZndDs8YnI+DQo8Yj5EYXRlOiA8L2I+TW9uZGF5 LCBOb3ZlbWJlciA2LCAyMDE3IGF0IDExOjEwIEFNPGJyPg0KPGI+VG86IDwvYj5EYXZlIFRoYWxl ciAmbHQ7PGEgaHJlZj0ibWFpbHRvOmR0aGFsZXJAbWljcm9zb2Z0LmNvbSI+ZHRoYWxlckBtaWNy b3NvZnQuY29tPC9hPiZndDssICZxdW90OzxhIGhyZWY9Im1haWx0bzp0ZWVwQGlldGYub3JnIj50 ZWVwQGlldGYub3JnPC9hPiZxdW90OyAmbHQ7PGEgaHJlZj0ibWFpbHRvOnRlZXBAaWV0Zi5vcmci PnRlZXBAaWV0Zi5vcmc8L2E+Jmd0Ozxicj4NCjxiPlN1YmplY3Q6IDwvYj5SZTogW1RlZXBdIFRy YW5zcG9ydCBQcm90b2NvbDwvc3Bhbj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6 ZToxMi4wcHQ7Y29sb3I6YmxhY2siPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRp dj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1m YW1pbHk6JnF1b3Q7VGltZXMgTmV3IFJvbWFuJnF1b3Q7LCZxdW90O3NlcmlmJnF1b3Q7Ij48bzpw PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxz cGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+SGkgRGF2ZSwgPC9zcGFuPjxz cGFuIGxhbmc9IkVOLVVTIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImNvbG9yOiMxRjQ5N0QiPiZuYnNwOzwvc3Bh bj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJjb2xvcjojMUY0OTdEIj5UaGlzIGlz IGFuIGludGVyZXN0aW5nIHF1ZXN0aW9uLiBGb3IgdGhlIG1haW4gdXNlIGNhc2Ugd2hlcmUgdGhl IGEgc29mdHdhcmUgdXBkYXRlIGluIGEgVEVFIG9uIGEgbW9iaWxlIGRldmljZSBpcyBwcm92aWRl ZCBJIGJlbGlldmUgaXQgaXMgZmFpciB0byBzYXkgdGhhdCB0aGUgcHJvdG9jb2wgd2UgYXJlIHRh bGtpbmcgYWJvdXQgaGVyZQ0KIGlzIEhUVFBTLiBBcyB5b3Uga25vdywgdGhlcmUgaGF2ZSBiZWVu IG90aGVyIHVzZSBjYXNlcyBkZXNjcmliZWQgYnkgRGFwZW5nIGluIDxhIGhyZWY9Imh0dHBzOi8v dG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1saXUtb3BlbnRydXN0cHJvdG9jb2wtdXNlY2FzZS0w MSI+DQpodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJhZnQtbGl1LW9wZW50cnVzdHByb3Rv Y29sLXVzZWNhc2UtMDE8L2E+LCB3aGljaCBtYXkgcmVxdWlyZSBvdGhlciBwcm90b2NvbHMuIElm IEkgaGF2ZSBzdGFuZGFyZGl6ZSBhbmQgbWFuZGF0ZSBhdCBsZWFzdCBvbmUgcHJvdG9jb2wgdGhl biBJIHdvdWxkIHBpY2sgSFRUUFMgaGVyZS4NCjwvc3Bhbj48c3BhbiBsYW5nPSJFTi1VUyI+PG86 cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4t VVMiIHN0eWxlPSJjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMi PjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9 IkVOLVVTIiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+Q2lhbzxicj4NCkhhbm5lczwvc3Bhbj48c3Bh biBsYW5nPSJFTi1VUyI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+ PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxkaXY+DQo8ZGl2IHN0 eWxlPSJib3JkZXI6bm9uZTtib3JkZXItdG9wOnNvbGlkICNCNUM0REYgMS4wcHQ7cGFkZGluZzoz LjBwdCAwY20gMGNtIDBjbSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBsYW5nPSJF Ti1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1 b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPkZyb206PC9zcGFuPjwvYj48c3BhbiBsYW5nPSJF Ti1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1 b3Q7LCZxdW90O3NhbnMtc2VyaWYmcXVvdDsiPiBURUVQIFs8YSBocmVmPSJtYWlsdG86dGVlcC1i b3VuY2VzQGlldGYub3JnIj5tYWlsdG86dGVlcC1ib3VuY2VzQGlldGYub3JnPC9hPl0NCjxiPk9u IEJlaGFsZiBPZiA8L2I+RGF2ZSBUaGFsZXI8YnI+DQo8Yj5TZW50OjwvYj4gMDIgTm92ZW1iZXIg MjAxNyAwMTo1Mjxicj4NCjxiPlRvOjwvYj4gPGEgaHJlZj0ibWFpbHRvOnRlZXBAaWV0Zi5vcmci PnRlZXBAaWV0Zi5vcmc8L2E+PGJyPg0KPGI+U3ViamVjdDo8L2I+IFtUZWVwXSBUcmFuc3BvcnQg UHJvdG9jb2w8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+ Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g bGFuZz0iRU4tVVMiPkFzIHByb21pc2VkIHdoZW4gSSBwb3N0ZWQgbXkgcmV2aWV3LCBJIGFtIHN0 YXJ0aW5nIHNldmVyYWwgZW1haWwgdGhyZWFkcyBmb3IgZGlzY3Vzc2lvbnMgb24gc3BlY2lmaWMg dGVjaG5pY2FsIHRvcGljcy48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+VGhpcyBpcyBvbmUgb2YgdGhlbS48bzpwPjwvbzpwPjwv c3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+Jm5ic3A7 PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+PHNwYW4gbGFu Zz0iRU4tVVMiIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LCZxdW90O3Nh bnMtc2VyaWYmcXVvdDsiPlNlY3Rpb24gMTo8YnI+DQo8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMi IHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtDb3VyaWVyIE5ldyZxdW90OyI+Jmd0OyBUaGlzIHNw ZWNpZmljYXRpb24gZGVmaW5lcyBtZXNzYWdlIHBheWxvYWRzIGV4Y2hhbmdlZCBiZXR3ZWVuIGRl dmljZXM8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxw IGNsYXNzPSJNc29QbGFpblRleHQiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1mYW1p bHk6JnF1b3Q7Q291cmllciBOZXcmcXVvdDsiPiZndDsgYW5kIGEgVFNNIGJ1dCBkb2VzIG5vdCBt YW5kYXRlIGEgc3BlY2lmaWMgdHJhbnNwb3J0Ljwvc3Bhbj48c3BhbiBsYW5nPSJFTi1VUyI+PG86 cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4t VVMiPiZuYnNwOzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQi PjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90 OywmcXVvdDtzYW5zLXNlcmlmJnF1b3Q7Ij5TZWN0aW9uIDU6PGJyPg0KPC9zcGFuPjxzcGFuIGxh bmc9IkVOLVVTIiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7Q291cmllciBOZXcmcXVvdDsiPiZn dDsgVGhlIGNvbW11bmljYXRpb24gbWV0aG9kIG9mIE9UclAgTWVzc2FnZXMgYmV0d2VlbiBhIFRT TSBhbmQgVEVFIGluIGE8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFu PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9u dC1mYW1pbHk6JnF1b3Q7Q291cmllciBOZXcmcXVvdDsiPiZndDsgZGV2aWNlIGlzIGxlZnQgdG8g VFNNIHByb3ZpZGVycyBmb3IgbWF4aW1hbCBpbnRlcm9wZXJhYmlsaXR5LiZuYnNwOw0KPC9zcGFu PjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPkkgZGlzYWdyZWUsIHRoZSBs YWNrIG9mIGFueSBzcGVjIGZvciBhIHRyYW5zcG9ydCByZXN1bHRzIGluDQo8aT5sYWNrPC9pPiBv ZiBtYXhpbWFsIGludGVyb3BlcmFiaWxpdHkuJm5ic3A7IDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj5UaGUgVFNNIGFuZCB0aGUg VEVFIG1heSBiZSBmcm9tIGRpZmZlcmVudCB2ZW5kb3JzIGFzIHRoZSBkcmFmdCBuaWNlbHkgZXhw bGFpbnMgZWFybGllci4mbmJzcDsNCjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj5TbyBiaW5kaW5ncyB0byBvbmUgb3IgbW9yZSB0 cmFuc3BvcnQgcHJvdG9jb2wgKHRoZSB0aGluZyB0aGF0IGNhcnJpZXMgdGhlIEpTT04gbWVzc2Fn ZXMgaW5zaWRlIGl0KSBtdXN0IGJlIHN0YW5kYXJkaXplZC48bzpwPjwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+T3RoZXJ3aXNlLCBpbiBt eSB2aWV3IHRoZXJl4oCZcyBsaXR0bGUgdmFsdWUgaW4gc3RhbmRhcmRpemluZyB0aGUgcGF5bG9h ZCBmb3JtYXRzLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxz cGFuIGxhbmc9IkVOLVVTIj4mbmJzcDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+U3VjaCBhIHRyYW5zcG9ydCBwcm90b2NvbCBi aW5kaW5nIG1pZ2h0IGJlIGluIHRoZSBzYW1lIHNwZWMgb3IgaW4gYSBkaWZmZXJlbnQgc3BlYywg YnV0IGVpdGhlciB3YXk8YnI+DQpJIHRoaW5rIHNwZWNpZnlpbmcgYXQgbGVhc3Qgb25lIGlzIG1h bmRhdG9yeS48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBsYW5nPSJFTi1VUyI+Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPkRhdmU8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+Jm5ic3A7PG86cD48L286cD48 L3NwYW4+PC9wPg0KPGRpdj4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci10b3A6c29s aWQgI0UxRTFFMSAxLjBwdDtwYWRkaW5nOjMuMHB0IDBjbSAwY20gMGNtIj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxiPjxzcGFuIGxhbmc9IkVOLVVTIj5Gcm9tOjwvc3Bhbj48L2I+PHNwYW4gbGFu Zz0iRU4tVVMiPiBEYXZlIFRoYWxlcg0KPGJyPg0KPGI+U2VudDo8L2I+IFNhdHVyZGF5LCBTZXB0 ZW1iZXIgMjMsIDIwMTcgMTI6MjQgUE08YnI+DQo8Yj5Ubzo8L2I+ICd0ZWVwQGlldGYub3JnJyAm bHQ7PGEgaHJlZj0ibWFpbHRvOnRlZXBAaWV0Zi5vcmciPnRlZXBAaWV0Zi5vcmc8L2E+Jmd0Ozxi cj4NCjxiPlN1YmplY3Q6PC9iPiBSZXZpZXcgb2YgZHJhZnQtcGVpLW9wZW50cnVzdHByb3RvY29s LTA0PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj4mbmJzcDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+SeKAmXZlIGZpbmFsbHkgbWFk ZSBpdCB0aHJvdWdoIGEgZGV0YWlsZWQgcmV2aWV3IG9mIGRyYWZ0LXBlaS1vcGVudHJ1c3Rwcm90 b2NvbC0wNCBhbmQgbXkgbWFya2VkIHVwIGNvcHkgaXMgYXQ8bzpwPjwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+PGEgaHJlZj0iaHR0cHM6 Ly93d3cubWljcm9zb2Z0LmNvbS9lbi11cy9yZXNlYXJjaC93cC1jb250ZW50L3VwbG9hZHMvMjAx Ny8wNS9kcmFmdC1wZWktb3BlbnRydXN0cHJvdG9jb2wtMDQucGRmIj5odHRwczovL3d3dy5taWNy b3NvZnQuY29tL2VuLXVzL3Jlc2VhcmNoL3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDE3LzA1L2RyYWZ0 LXBlaS1vcGVudHJ1c3Rwcm90b2NvbC0wNC5wZGY8L2E+DQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImNvbG9yOiMz MzMzMzMiPiZuYnNwOzwvc3Bhbj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD48L286cD48L3NwYW4+ PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJjb2xv cjojMzMzMzMzIj5JIGhhdmUgbG90cyBvZiBlZGl0b3JpYWwgZml4ZXMgdGhyb3VnaG91dCwgYW5k IGEgbnVtYmVyIG9mIHRlY2huaWNhbCBjb21tZW50cy9xdWVzdGlvbnMvaXNzdWVzLjwvc3Bhbj48 c3BhbiBsYW5nPSJFTi1VUyI+PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJjb2xvcjojMzMzMzMzIj4mbmJzcDs8L3Nw YW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iY29sb3I6IzMzMzMzMyI+SeKAmWxs IHN0YXJ0IHNlcGFyYXRlIGVtYWlsIHRocmVhZHMgZm9yIHNvbWUgb2YgdGhlbSBvdmVyIHRoZSBu ZXh0IHNldmVyYWwgZGF5cy48L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9vOnA+PC9z cGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0i Y29sb3I6IzMzMzMzMyI+Jm5ic3A7PC9zcGFuPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPjwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5 bGU9ImNvbG9yOiMzMzMzMzMiPkRhdmU8L3NwYW4+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+PC9v OnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBz dHlsZT0iZm9udC1zaXplOjEyLjBwdDtmb250LWZhbWlseTomcXVvdDtUaW1lcyBOZXcgUm9tYW4m cXVvdDssJnF1b3Q7c2VyaWYmcXVvdDsiPklNUE9SVEFOVCBOT1RJQ0U6IFRoZSBjb250ZW50cyBv ZiB0aGlzIGVtYWlsIGFuZCBhbnkgYXR0YWNobWVudHMgYXJlIGNvbmZpZGVudGlhbCBhbmQgbWF5 IGFsc28gYmUgcHJpdmlsZWdlZC4gSWYgeW91IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVu dCwgcGxlYXNlDQogbm90aWZ5IHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkgYW5kIGRvIG5vdCBkaXNj bG9zZSB0aGUgY29udGVudHMgdG8gYW55IG90aGVyIHBlcnNvbiwgdXNlIGl0IGZvciBhbnkgcHVy cG9zZSwgb3Igc3RvcmUgb3IgY29weSB0aGUgaW5mb3JtYXRpb24gaW4gYW55IG1lZGl1bS4gVGhh bmsgeW91Lg0KPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQpJTVBPUlRBTlQgTk9USUNF OiBUaGUgY29udGVudHMgb2YgdGhpcyBlbWFpbCBhbmQgYW55IGF0dGFjaG1lbnRzIGFyZSBjb25m aWRlbnRpYWwgYW5kIG1heSBhbHNvIGJlIHByaXZpbGVnZWQuIElmIHlvdSBhcmUgbm90IHRoZSBp bnRlbmRlZCByZWNpcGllbnQsIHBsZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBh bmQgZG8gbm90IGRpc2Nsb3NlIHRoZSBjb250ZW50cyB0byBhbnkgb3RoZXIgcGVyc29uLCB1c2Ug aXQgZm9yIGFueSBwdXJwb3NlLA0KIG9yIHN0b3JlIG9yIGNvcHkgdGhlIGluZm9ybWF0aW9uIGlu IGFueSBtZWRpdW0uIFRoYW5rIHlvdS4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_AM4PR0801MB2706ECC269F237AC7F150CBCFA500AM4PR0801MB2706_-- From nobody Mon Nov 6 11:25:12 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2100B13AF75 for ; Mon, 6 Nov 2017 11:25:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.92 X-Spam-Level: X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DylQO2-A74Kl for ; Mon, 6 Nov 2017 11:25:09 -0800 (PST) Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0078.outbound.protection.outlook.com [104.47.1.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7333513FC53 for ; Mon, 6 Nov 2017 11:25:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=78qk3XLPXzGtpuHcwTEZj30C2qX64GY00Q/wb+ba5lY=; b=pyaNwv84a9udCpqjFAWTwP4GuVYOVwbDVsG3TrjxWsOjPClGRQ/X+veKsNcN546NTtPWTcLt0WDRBny+vOHLksYha5u9nrXcEaze/l8mRbiGzWF5HYz8dhItsGWk48WxEabSp+Smqwqu7x0oW4oMxgvuwWiq861ufD+Gn5V6fks= Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com (10.167.90.148) by AM4PR0801MB2705.eurprd08.prod.outlook.com (10.167.90.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 19:25:05 +0000 Received: from AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6]) by AM4PR0801MB2706.eurprd08.prod.outlook.com ([fe80::403b:850e:c32c:fad6%13]) with mapi id 15.20.0197.017; Mon, 6 Nov 2017 19:25:05 +0000 From: Hannes Tschofenig To: Dave Thaler , "teep@ietf.org" Thread-Topic: Applicability to constrained environments Thread-Index: AdNTdOZ6iyC7pPpFQ8SNCrUyHWCPbgDv3Urg Date: Mon, 6 Nov 2017 19:25:05 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com; x-originating-ip: [80.92.116.199] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR0801MB2705; 6:0pZenHz3nREwsYG79rrHRlrS85I7XxvtsFO2mqBnIOPlxuXx4HESv6m2fZepQD/rgmnkMAgin4CK7o5crTuLaA7oI08RyIVuYJanv00kzkoKXHc/REPnu8roC1GNki8nIwbkjePUOPrn+JlyKZb/29iu8XXbxfVxGSfL+8kCdIK5+YRo+b71Be31DPmM+pml3Mfy2+pwGZWwRAQz6Ps2U7BE2hdJGImlfLeuPIzIHdt9JgakIzfRRIVOGuBm7GwMJAOKzY3972zrsPGkSmyRn4qzc84AfZYhkb8GW1aezdf5Q4aO7IukZLFWHfdrqUKoejaeFm4vgW6YbWxghJxXdrvXafSeCED81SRsszZzOb4=; 5:TlAzGqIc03wxhzq8lxFF/ZqggVToDhESxn8LWJA0BCZ6yoMlMjR5LlX0umiJ9I8l2F4wmAqKE/gp1HejiTkKhGpC63mgnZ7svwV8RkAGVTxWV6fsn0xrj8lEsC2Ol2AR9cJAWOyx5cehonhh1i8Hes7a1tuiMgxphc4sN4yweOY=; 24:gyWskyNMKBmKmij9qsMD8xkllMbEpSiYOyfzAGHkCyEVT/rSEJEWIpmGm2JhYXE3a3getqz7H5+09Oovz0rarvVN4TD7PY/GKKpDAoSXPuU=; 7:DJ23iKO8653XZ25qkmOWU69FP/tme3Cw3iay9/eiXwyU38lLntSHgopOGRQCC9whlKCT2vbUsAUFZ6PuVjsFpzVI3ZH5kppEHGrLRqo8kf34El5KGx0lciX24n+BdV8QOSA55iLmUw7OkOmpeg9BnPIkGAYCd5JXtQAroZP58x15etVwctiP980s+TTxzkp3mdBLA3x1SDT/F3EHuSbcpnrCl3EW/GMmKpDjIr6KN2Q/GLfpIFYmiTkc9/D/XXNw x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 8bf89d13-af72-48fe-c56b-08d5254c15bf x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603199); SRVR:AM4PR0801MB2705; x-ms-traffictypediagnostic: AM4PR0801MB2705: x-exchange-antispam-report-test: UriScan:(43050042349365)(21748063052155); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231021)(100000703101)(100105400095)(93006095)(93001095)(6055026)(6041248)(20161123558100)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM4PR0801MB2705; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM4PR0801MB2705; x-forefront-prvs: 048396AFA0 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(376002)(39860400002)(40434004)(199003)(189002)(3905003)(54356999)(9686003)(50986999)(86362001)(6436002)(236005)(99286004)(97736004)(2900100001)(14454004)(1511001)(6506006)(316002)(3660700001)(2906002)(9326002)(6306002)(189998001)(5890100001)(2501003)(5250100002)(8666007)(3480700004)(76176999)(6246003)(54896002)(110136005)(7696004)(2950100002)(3280700002)(966005)(25786009)(229853002)(8936002)(7736002)(33656002)(106356001)(606006)(105586002)(2421001)(81166006)(478600001)(55016002)(6116002)(790700001)(102836003)(3846002)(68736007)(74316002)(53936002)(72206003)(66066001)(8676002)(81156014)(53546010)(5660300001)(2561002)(101416001)(15398625002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0801MB2705; H:AM4PR0801MB2706.eurprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_AM4PR0801MB27065449549281F53385C93DFA500AM4PR0801MB2706_" MIME-Version: 1.0 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8bf89d13-af72-48fe-c56b-08d5254c15bf X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2017 19:25:05.4956 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0801MB2705 Archived-At: Subject: Re: [Teep] Applicability to constrained environments X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 19:25:11 -0000 --_000_AM4PR0801MB27065449549281F53385C93DFA500AM4PR0801MB2706_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Dave, I believe the requirement for CBOR arises when one wants to reduce the over= -the-air overhead, which is typically the case for low power WANs or mesh n= etworks. In the typical environments where TEEs are used you often have a somewhat g= ood Internet connectivity, such as with smart TVs, set-top boxes, entertain= ment systems, etc. Hence, I think an IoT environment does not automatically mandate the use of= CBOR (or a protocol like CoAP). Ciao Hannes From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler Sent: 02 November 2017 01:57 To: teep@ietf.org Subject: [Teep] Applicability to constrained environments As promised when I posted my review, I am starting several email threads fo= r discussions on specific technical topics. This is one of them. TEEs are critical in many IoT environments, as is the ability to install ap= ps after the device is originally provisioned, so I would want OTrP to be applicable (or said more generally, I would want= IoT environments to be one of the use cases in scope for TEEP). JSON is notably inefficient for IoT environments because of its verbosity, = and CBOR is often used instead. So I think a CBOR encoded version is needed. That may be as simple as spe= cifying it in JSON and then saying CBOR can be used simply by using the CBOR that you'd get when converting JSON to CBOR, = which mapping is fairly well specified. It could also be done as part of a specific transport protocol binding, but= my preference would be to keep it separate. Dave From: Dave Thaler Sent: Saturday, September 23, 2017 12:24 PM To: 'teep@ietf.org' > Subject: Review of draft-pei-opentrustprotocol-04 I've finally made it through a detailed review of draft-pei-opentrustprotoc= ol-04 and my marked up copy is at https://www.microsoft.com/en-us/research/wp-content/uploads/2017/05/draft-p= ei-opentrustprotocol-04.pdf I have lots of editorial fixes throughout, and a number of technical commen= ts/questions/issues. I'll start separate email threads for some of them over the next several da= ys. Dave IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you. --_000_AM4PR0801MB27065449549281F53385C93DFA500AM4PR0801MB2706_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Dave,

 

I believe the requirem= ent for CBOR arises when one wants to reduce the over-the-air overhead, whi= ch is typically the case for low power WANs or mesh networks.

 

In the typical environ= ments where TEEs are used you often have a somewhat good Internet connectiv= ity, such as with smart TVs, set-top boxes, entertainment systems, etc.

 

Hence, I think an IoT = environment does not automatically mandate the use of CBOR (or a protocol l= ike CoAP).

 

Ciao=

Hannes

 

From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler
Sent: 02 November 2017 01:57
To: teep@ietf.org
Subject: [Teep] Applicability to constrained environments=

 

As promised when I posted my re= view, I am starting several email threads for discussions on specific techn= ical topics.

This is one of them.=

 

TEEs are critical in many IoT e= nvironments, as is the ability to install apps after the device is original= ly provisioned,

so I would want OTrP to be appl= icable (or said more generally, I would want IoT environments to be one of = the use cases

in scope for TEEP).<= /span>

 

JSON is notably inefficient for= IoT environments because of its verbosity, and CBOR is often used instead.=

So I think a CBOR encoded versi= on is needed.   That may be as simple as specifying it in JSON an= d then saying CBOR can be

used simply by using the CBOR t= hat you’d get when converting JSON to CBOR, which mapping is fairly w= ell specified.

 

It could also be done as part o= f a specific transport protocol binding, but my preference would be to keep= it separate.

 

Dave

 

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@ietf.org' <teep@ietf.o= rg>
Subject: Review of draft-pei-opentrustprotocol-04<= /p>

 

I’ve finally made it thro= ugh a detailed review of draft-pei-opentrustprotocol-04 and my marked up co= py is at

https://www.microsoft.com/en-us/research/wp-content/uploads/2017/0= 5/draft-pei-opentrustprotocol-04.pdf

&n= bsp;

I have = lots of editorial fixes throughout, and a number of technical comments/ques= tions/issues.

&n= bsp;

I’= ;ll start separate email threads for some of them over the next several day= s.

&n= bsp;

Dave

IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in any medium. Thank you. --_000_AM4PR0801MB27065449549281F53385C93DFA500AM4PR0801MB2706_-- From nobody Wed Nov 8 07:15:42 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 362E812778D for ; Wed, 8 Nov 2017 07:15:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FqAqTDJTUa3c for ; Wed, 8 Nov 2017 07:15:39 -0800 (PST) Received: from mail-yw0-x22b.google.com (mail-yw0-x22b.google.com [IPv6:2607:f8b0:4002:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34158127601 for ; Wed, 8 Nov 2017 07:15:39 -0800 (PST) Received: by mail-yw0-x22b.google.com with SMTP id i198so2556393ywe.7 for ; Wed, 08 Nov 2017 07:15:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=YF2Bzyk6pdEVbmj8xnOfT9elcuWFyk7C8eylUsvSayo=; b=AzixwMwRENTNn+Pi49Rfun+PbyaLw2SRuyAY58JS1/mMlwH3ix16a0eZipvY8R2i4o AJpMhJg/o5oynb8dtVMrgCtNtI68PwQY+ksDsFRBwjDnhFx2p0fOPzA1AfcPUsI9x4L6 GVQhQUm8zpdh6u7q11ye76JHeKpdqdUVbbOgQSTSLAkHr9WPgLU0vmN+j7D9VTjdhapW caiRYU009YmSlIqjXNDT7YiVqpD8drmKLd48ATu8vXAVIO6ERgmZoOSfcwwGjDJFBseL R5H4Xd6+aGYRwh2vxHLXbCEjTvPQXRaq02pe1MKQzdfUMdiz9vHL2/q+guUooj0kcA3y vUfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=YF2Bzyk6pdEVbmj8xnOfT9elcuWFyk7C8eylUsvSayo=; b=DP49T23BgOSIqagWph2jXVcxKsrYuusqRoQ3Ttt7oOAvAUy51qQxUBX2+Tx9fAVmfs /2KB5Exv78mob7k9nGziHyDhOBz8kmEd2RznRmikFBQTieCIIPOgGDyDGNaK+E91b0Gf K4FBR28weC7j5PPf7lCA24MsRCXaqa/hgNCzWSJOPPwIdggY+n7jfZ2XB+H6Zb4CE0GF kMw5An6PwD/JhkNA0Jtmb40nFJ2XBpSI4ae54XAtizudPtLpqKjgoZX6t+BXFUsp5zi5 teWSJugHzz/7tGCA0+E2AS9iRP7YWcsJM7eNaC4Liysnjc0nD18HQGxQlasSGZDPjhol UR2g== X-Gm-Message-State: AJaThX56jm7BNoKVDOfeXjcPQLlk6HNA5/gV2GQaZYrTmNNJ41T0r8i9 fnQSN+c2nWLEjlxcfCqg3ESR7tH+JMViCrJvdLc= X-Google-Smtp-Source: ABhQp+RE8DjJjMkA+DyL5d5ZSoSX1Qe96VEdPr0dczIXn+aC0fRiBWlow4Uto7De0Q1en0/PXOEEzet/Yty0a1B4YnY= X-Received: by 10.37.16.6 with SMTP id 6mr584000ybq.54.1510154138254; Wed, 08 Nov 2017 07:15:38 -0800 (PST) MIME-Version: 1.0 Received: by 10.37.162.204 with HTTP; Wed, 8 Nov 2017 07:15:37 -0800 (PST) In-Reply-To: References: From: Spencer Dawkins at IETF Date: Wed, 8 Nov 2017 09:15:37 -0600 Message-ID: To: Hannes Tschofenig Cc: Dave Thaler , "teep@ietf.org" Content-Type: multipart/alternative; boundary="001a113ed794f7854e055d7a28e4" Archived-At: Subject: Re: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Nov 2017 15:15:41 -0000 --001a113ed794f7854e055d7a28e4 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I've got a clarifying question (at least, it would be clarifying for me) for Dave. On Mon, Nov 6, 2017 at 1:10 PM, Hannes Tschofenig wrote: > Hi Dave, > > > > This is an interesting question. For the main use case where the a > software update in a TEE on a mobile device is provided I believe it is > fair to say that the protocol we are talking about here is HTTPS. As you > know, there have been other use cases described by Dapeng in > https://tools.ietf.org/html/draft-liu-opentrustprotocol-usecase-01, which > may require other protocols. If I have standardize and mandate at least o= ne > protocol then I would pick HTTPS here. > > > > Ciao > Hannes > > > > *From:* TEEP [mailto:teep-bounces@ietf.org] *On Behalf Of *Dave Thaler > *Sent:* 02 November 2017 01:52 > *To:* teep@ietf.org > *Subject:* [Teep] Transport Protocol > > > > As promised when I posted my review, I am starting several email threads > for discussions on specific technical topics. > > This is one of them. > > > > Section 1: > > This specification defines message payloads exchanged between devices > > > and a TSM but does not mandate a specific transport. > > > > Section 5: > > The communication method of OTrP Messages between a TSM and TEE in a > > > device is left to TSM providers for maximal interoperability. > > > > I disagree, the lack of any spec for a transport results in *lack* of > maximal interoperability. > > The TSM and the TEE may be from different vendors as the draft nicely > explains earlier. > > So bindings to one or more transport protocol (the thing that carries the > JSON messages inside it) must be standardized. > > Otherwise, in my view there=E2=80=99s little value in standardizing the p= ayload > formats. > > > > Such a transport protocol binding might be in the same spec or in a > different spec, but either way > I think specifying at least one is mandatory. > Dave, did you mean - mandatory for the working group to specify at least one, or - the working group should specify one that is mandatory to implement, o= r - the working group should specify one that is mandatory to use? I think I know what you meant, but I should ask, rather than guess. Thanks, Spencer > Dave > > > > *From:* Dave Thaler > *Sent:* Saturday, September 23, 2017 12:24 PM > *To:* 'teep@ietf.org' > *Subject:* Review of draft-pei-opentrustprotocol-04 > > > > I=E2=80=99ve finally made it through a detailed review of > draft-pei-opentrustprotocol-04 and my marked up copy is at > > https://www.microsoft.com/en-us/research/wp-content/ > uploads/2017/05/draft-pei-opentrustprotocol-04.pdf > > > > I have lots of editorial fixes throughout, and a number of technical > comments/questions/issues. > > > > I=E2=80=99ll start separate email threads for some of them over the next = several > days. > > > > Dave > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy th= e > information in any medium. Thank you. > > _______________________________________________ > TEEP mailing list > TEEP@ietf.org > https://www.ietf.org/mailman/listinfo/teep > > --001a113ed794f7854e055d7a28e4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I've got a clarifying question (at least, it would be = clarifying for me) for Dave.

On Mon, Nov 6, 2017 at 1:10 PM, Hannes Tschofenig <Hann= es.Tschofenig@arm.com> wrote:

Hi Dave,

=C2=A0

This is an interesting= question. For the main use case where the a software update in a TEE on a = mobile device is provided I believe it is fair to say that the protocol we = are talking about here is HTTPS. As you know, there have been other use cases described by Dapeng in https://tools.ietf.org/html/draft-liu-opentrustprotocol= -usecase-01, which may require other protocols. If I have standard= ize and mandate at least one protocol then I would pick HTTPS here.

=C2=A0

Ciao
Hannes

=C2=A0

From: TEEP [mailto:teep-bounces@ietf.org] On Behalf Of Dave Thaler
Sent: 02 November 2017 01:52
To: teep@ietf.org=
Subject: [Teep] Transport Protocol

=C2=A0

As promised when I posted my re= view, I am starting several email threads for discussions on specific techn= ical topics.

This is one of them.<= /u>

=C2=A0

Section 1:
&= gt; This specification defines message payloads exchanged between devices

> and a TSM but does not mandat= e a specific transport.

=C2=A0

Section 5:
&= gt; The communication method of OTrP Messages between a TSM and TEE in a=

> device is left to TSM providers for maximal interoperab= ility.=C2=A0

=C2=A0

I disagree, the lack of any spe= c for a transport results in lack of maximal interoperability.=C2=A0

The TSM and the TEE may be from= different vendors as the draft nicely explains earlier.=C2=A0

So bindings to one or more tran= sport protocol (the thing that carries the JSON messages inside it) must be= standardized.

Otherwise, in my view there=E2= =80=99s little value in standardizing the payload formats.

=C2=A0

Such a transport protocol bindi= ng might be in the same spec or in a different spec, but either way
I think specifying at least one is mandatory.


Dave, did you mean=C2=A0
  • mandat= ory for the working group to specify at least one, or=C2=A0
  • the= working group should specify one that is mandatory to implement, or
  • the working group should specify one that is mandatory to use?
I think I know what you meant, but I should ask, rather t= han guess.

Thanks,

Spence= r
=C2=A0

<= /p>

Dave

=C2=A0

From: Dave Thaler
Sent: Saturday, September 23, 2017 12:24 PM
To: 'teep@iet= f.org' <teep@= ietf.org>
Subject: Review of draft-pei-opentrustprotocol-04

=C2=A0

I=E2=80=99ve finally made it th= rough a detailed review of draft-pei-opentrustprotocol-04 and my marked up = copy is at

https://www.microsoft.com/en-us/research/wp= -content/uploads/2017/05/draft-pei-opentrustprotocol-04.pdf

= =C2=A0

I have = lots of editorial fixes throughout, and a number of technical comments/ques= tions/issues.

= =C2=A0

I=E2=80= =99ll start separate email threads for some of them over the next several d= ays.

= =C2=A0

Dave

IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in any medium. Thank you.

_______________________________________________
TEEP mailing list
TEEP@ietf.org
https://www.ietf.org/mailman/listinfo/teep


--001a113ed794f7854e055d7a28e4-- From nobody Wed Nov 8 12:55:36 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F198129BFF for ; Wed, 8 Nov 2017 12:55:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.021 X-Spam-Level: X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BDbvu-AjGD4t for ; Wed, 8 Nov 2017 12:55:33 -0800 (PST) Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0115.outbound.protection.outlook.com [104.47.32.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03478129C15 for ; Wed, 8 Nov 2017 12:55:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=E9scvrzYU+Qc67aMcrfLLBpj/4TQEjwcPouBjlyFH+w=; b=WLPX+4YJiuThd25W/0e5hcAJpJ4EfmCDzwtANNBqlTUI7Y+NVgtmt/RC9heTRwjpXx7GT36h6ijk9caGV/6V1EQpHIX1YRsLw+phnp6VRgPiXgLiXAqxeduIAKTHrVycF3QYiW8Vxh/abulonpOs1G+6cdv6FeAyy7CNGN2hHI0= Received: from CY4PR21MB0856.namprd21.prod.outlook.com (10.173.192.145) by CY4PR21MB0632.namprd21.prod.outlook.com (10.175.115.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.239.0; Wed, 8 Nov 2017 20:54:59 +0000 Received: from CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) by CY4PR21MB0856.namprd21.prod.outlook.com ([10.173.192.145]) with mapi id 15.20.0218.004; Wed, 8 Nov 2017 20:54:59 +0000 From: Dave Thaler To: Spencer Dawkins at IETF , Hannes Tschofenig CC: "teep@ietf.org" Thread-Topic: [Teep] Transport Protocol Thread-Index: AdNTc/cpI1w7NN5kSdeI/9LBOiUlewDvg/0QAFyZw4AAC6R5IA== Date: Wed, 8 Nov 2017 20:54:59 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [111.223.77.203] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY4PR21MB0632; 6:ywbnmVn2uvyZ9kM3EpSCAoMzlwqtghnQRw5jgm4s7dt7JOFu7Wv7oXmY2PbzSayty/HbO4K/IXFwD+4L2rB7eohT5KOOi/kuUrHYJDxLV9GwV1IldRLU8qMbxCIVxly4CJOZLr2jvbb25ggBkiRY/FBRolB4QuUflloxnYZAXJG7anH6asOdSCM+NB/0x70XpJXFxVBH8LAVQIdInThei+wcd/iDHeq9+IphBD8BHpfpbgx0PMc+6vHXrYXlnz8l2cAHgjkNT991cc/s5SUrIbs/QAUpTI9DDAZ1AkfZh7ScooMjZ+96F+9uWdKk8NT3qYJxKWjkqiIuIyXLTrudYh/rwUh8fGSNWl7D0cZeKJM=; 5:zY8/DUJtsUpEHs+elWkqiNNMKLTbJ4hOOKQ7icUlXCvRhUUfw2aIcQfZv1PBPpuQAlalk45pFAcn2OsTXrtv6FkRJXfeGT7X/6tegDpwqh3VnitpreslbIFuhX0sMDwr9DaP9Kuoh7XNO9NyBo/2zSJ0Y8UywMg/e2O+r9Kfhng=; 24:LrripPJPRYfRC+KXd5DeZsjoyt1ybNPHEQf42X07tQ2FcPoCeWuXPpCwPHE4Zup03QYOw59kDVNi63b++PkvzM+qQWPO91G8sM0MRt5WF8c=; 7:VHdF/KNqewmshQrq85c+l2fKsmbJPiF3RndRT6rl7vodW+KUfbXKZIdvNOdGD74zG9qtrJS/Uz3lwd4VjWO0si8NJooMxPlDYQRJYHIAKVfBSfZ5g3KVleYSJL8Cd0fZLAdGPoE10GaHBn9rOVkM0zFs8O2tHFO6gPtRCY6enSKOfzGNsYUnjr5FSD0m9jQgzLk1zGI4MMg6Zn9VQQxIirFwzoH7mqTAAxcIat9oYb9YghHygG+EctbNnioJ5v4b x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: cc81e7ef-846f-4768-85da-08d526eaf9a6 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603249); SRVR:CY4PR21MB0632; x-ms-traffictypediagnostic: CY4PR21MB0632: x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr x-exchange-antispam-report-test: UriScan:; x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(3002001)(3231021)(6055026)(61426038)(61427038)(6041248)(20161123564025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0632; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0632; x-forefront-prvs: 0485417665 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(376002)(39860400002)(346002)(47760400005)(199003)(189002)(99286004)(74316002)(10290500003)(76176999)(86612001)(50986999)(3660700001)(5660300001)(77096006)(54356999)(229853002)(478600001)(25786009)(86362001)(7696004)(2950100002)(305945005)(10090500001)(101416001)(7736002)(6436002)(8676002)(106356001)(55016002)(110136005)(53936002)(6506006)(39060400002)(33656002)(8990500004)(105586002)(8936002)(9686003)(6246003)(66066001)(316002)(81156014)(97736004)(81166006)(22452003)(14454004)(3846002)(4326008)(3280700002)(2900100001)(68736007)(2906002)(102836003)(6116002)(189998001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0632; H:CY4PR21MB0856.namprd21.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts) authentication-results: spf=none (sender IP is ) smtp.mailfrom=dthaler@microsoft.com; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: cc81e7ef-846f-4768-85da-08d526eaf9a6 X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Nov 2017 20:54:59.4029 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0632 Archived-At: Subject: Re: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Nov 2017 20:55:34 -0000 Wy4uLl0NCj4gRGF2ZSwgZGlkIHlvdSBtZWFuwqANCj4g4oCiIG1hbmRhdG9yeSBmb3IgdGhlIHdv cmtpbmcgZ3JvdXAgdG8gc3BlY2lmeSBhdCBsZWFzdCBvbmUsIG9ywqANCj4g4oCiIHRoZSB3b3Jr aW5nIGdyb3VwIHNob3VsZCBzcGVjaWZ5IG9uZSB0aGF0IGlzIG1hbmRhdG9yeSB0byBpbXBsZW1l bnQsIG9yDQo+IOKAoiB0aGUgd29ya2luZyBncm91cCBzaG91bGQgc3BlY2lmeSBvbmUgdGhhdCBp cyBtYW5kYXRvcnkgdG8gdXNlPw0KPiBJIHRoaW5rIEkga25vdyB3aGF0IHlvdSBtZWFudCwgYnV0 IEkgc2hvdWxkIGFzaywgcmF0aGVyIHRoYW4gZ3Vlc3MuDQoNClRoZSB3b3JraW5nIGdyb3VwIHNo b3VsZCBzcGVjaWZ5IGF0IGxlYXN0IG9uZSB0aGF0IGlzIE1hbmRhdG9yeSBUbyBJbXBsZW1lbnQu DQoNCkFuZCBmb3Igd2hhdCBJIG1lYW4gYnkgImF0IGxlYXN0IG9uZSIuLi4gdGhlcmUncyB0d28g cm9sZXM6IHRoZSBUQU0gYW5kIHRoZSBBZ2VudC4gICANCkludGVyb3BlcmFiaWxpdHkgY2FuIGJl IGVuc3VyZWQgbXVsdGlwbGUgd2F5cywgaW5jbHVkaW5nIChtYXliZSBvdGhlciBvcHRpb25zIHRv byk6DQphKSBzcGVjaWZ5IG9uZSB0aGF0J3MgTVRJIGZvciBib3RoIHRoZSBUQU0gYW5kIHRoZSBB Z2VudC4NCmIpIHNwZWNpZnkgbXVsdGlwbGUgdGhhdCBhcmUgTVRJIGZvciB0aGUgVEFNLCBhbmQg bGV0IHRoZSBBZ2VudCBpbXBsZW1lbnQgYW55IG9uZSBvZiB0aGF0IHNldC4NCg0KRGF2ZQ0K From nobody Thu Nov 9 05:18:25 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0665120227 for ; Thu, 9 Nov 2017 05:18:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1301Ft_i-Q7x for ; Thu, 9 Nov 2017 05:18:23 -0800 (PST) Received: from mail-yw0-x235.google.com (mail-yw0-x235.google.com [IPv6:2607:f8b0:4002:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB43B1200F1 for ; Thu, 9 Nov 2017 05:18:22 -0800 (PST) Received: by mail-yw0-x235.google.com with SMTP id z195so5224602ywz.6 for ; Thu, 09 Nov 2017 05:18:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=IZkLKEED5FxRcQSs6H2r15gmSjbG0F4GxCnrMvVMxbU=; b=aFh6Rn+11y6VWovKbGFt5w6HEdHTm+I/K7Zlc11AukGljwiOy1RswbnJCSiAWNCiKP LNxU9etL9jiQb1K3DQsp5u0lXoHB2LP0Qi1BrQkTngojrlD81pQn4qqS5oD8qo0o4Smi aTV7zsjezNSpHsv0we2id1KsreJ6WiUFluVCatKPQb9nrgCbLsQO1jmw3eSv88P3l0Av FdPUJp7soQkwI1gEJNTQn0sKQlMah6YkujIf8SdS5sW8b+eWiuSEcQ1Ljp47cVSh/bw2 q5P2LcxJ3iIxakKwuqWdMFVFCvKWyOSo1JT50Hxvt+zKHaG/z9k+05SS6TrYmy9QSXXN +QRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=IZkLKEED5FxRcQSs6H2r15gmSjbG0F4GxCnrMvVMxbU=; b=UNMfhYLee6zrZyhU21P7kdeJxctyIYsh5oMW2XOjuLaxjuB3FQA3luNNG/2FUZuWZL Qhw1joFkLUFYsaI21X8rJDjYhLxDtcX7ERVm6bcJo6ijnPi2imelQ15GaKiOeswVGmbb tKsXWHDv7Az8Kvk6XH5Qm273IxZVWRq6nIwTyv3LzjrvDpF7Rk3uPtF/Pg4PdB0SOl4s EYav19NO7nBgnDXCN45ghvXa2G7yQywbTx6sENr/FWjSDE9lHtq7nFbQzazlTzjkfMNb xh6oXx4NTUq99oK2DVvh+9Fk/8z/WNcju5L8JUnPB8busVN1XYikrbWMiL/1Jrs9xfgC oDSA== X-Gm-Message-State: AJaThX46lFjwfrhqYj7u3SeBzQE5c5ugR6EDTGtoZeWB1xKQzvw+oU4z x/AaRb/Hg78tn4nxmaGs9WA3yZhwm2ybXCF55wlxr43VQv0= X-Google-Smtp-Source: ABhQp+RFBECnfmmNLekW4rCg7opbvY1+7yeiKNHPCL8Mo3p2MOPSL/6KukvJQHLffD0nHDKrE6CF+je2TH2+s0KS8Wo= X-Received: by 10.129.36.1 with SMTP id k1mr268487ywk.485.1510233501841; Thu, 09 Nov 2017 05:18:21 -0800 (PST) MIME-Version: 1.0 Received: by 10.129.61.12 with HTTP; Thu, 9 Nov 2017 05:17:41 -0800 (PST) From: Eric Rescorla Date: Thu, 9 Nov 2017 05:17:41 -0800 Message-ID: To: teep@ietf.org Content-Type: multipart/alternative; boundary="001a1142e4cc67d01d055d8ca37e" Archived-At: Subject: [Teep] Comments on draft-liu-opentrustprotocol-usecase-01.txt X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Nov 2017 13:18:24 -0000 --001a1142e4cc67d01d055d8ca37e Content-Type: text/plain; charset="UTF-8" This document really needs to be a lot clearer about the expected setting and the threat model. Specifically: - What is the TEE's security posture with respect to the rest of the code running on the machine. My understanding is that at least in ARM, it's effectively super-privileged but that SGX is more like part of the application. - Some of the applications you describe assume that the user is cooperating with code in the TEE (e.g., payment, where you have no inherent interest in denying the user control) whereas others (e.g., DRM) have the user in an inherently adversarial posture. Which cases is this designed for? -Ekr --001a1142e4cc67d01d055d8ca37e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
This document really needs to be a lot clearer about = the expected setting
and the threat model. Specifically:

- What is the TEE's security posture with respect = to the rest of the
=C2=A0 code running on the machine. My underst= anding is that at least in ARM,
=C2=A0 it's effectively super= -privileged but that SGX is more like part of
=C2=A0 the applicat= ion.

- Some of the applications you describe assum= e that the user is cooperating
=C2=A0 with code in the TEE (e.g.,= payment, where you have no inherent interest
=C2=A0 in denying t= he user control) whereas others (e.g., DRM) have the user
=C2=A0 = in an inherently adversarial posture. Which cases is this designed for?


-Ekr

--001a1142e4cc67d01d055d8ca37e-- From nobody Thu Nov 9 18:02:12 2017 Return-Path: X-Original-To: teep@ietfa.amsl.com Delivered-To: teep@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6247A127977 for ; Thu, 9 Nov 2017 18:02:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.601 X-Spam-Level: X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MaXeeuQUTB9u for ; Thu, 9 Nov 2017 18:02:08 -0800 (PST) Received: from mail-edgeKA24.fraunhofer.de (mail-edgeka24.fraunhofer.de [153.96.1.24]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DC82127076 for ; Thu, 9 Nov 2017 18:02:06 -0800 (PST) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A2GABQCh299Z/xoHYZleHAEBBAEBCgEBg11kbicHg3OZUYFLCSKYQQoYC4UYAoQ/QhUBAgEBAQEBAQEDaCiCakYsAQEBAQEBTwI+LQEBBAEBIQ8BBTYbCQIYAgImAgInIBAGCgMGAgEBihkFDI16nWeCJ4s8AQEBBwEBAQEBHgWBDoIfggeBUYFqKwuCdIVRgkeCYQWKHJcogQiBJpZEh1UFhy6VPgIEBgUCGQGBOTUjgQ5TJl2FGhyBaHWKRgGBEAEBAQ X-IPAS-Result: A2GABQCh299Z/xoHYZleHAEBBAEBCgEBg11kbicHg3OZUYFLCSKYQQoYC4UYAoQ/QhUBAgEBAQEBAQEDaCiCakYsAQEBAQEBTwI+LQEBBAEBIQ8BBTYbCQIYAgImAgInIBAGCgMGAgEBihkFDI16nWeCJ4s8AQEBBwEBAQEBHgWBDoIfggeBUYFqKwuCdIVRgkeCYQWKHJcogQiBJpZEh1UFhy6VPgIEBgUCGQGBOTUjgQ5TJl2FGhyBaHWKRgGBEAEBAQ X-IronPort-AV: E=Sophos;i="5.43,368,1503352800"; d="scan'208";a="1377400" Received: from mail-mtas26.fraunhofer.de ([153.97.7.26]) by mail-edgeKA24.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Nov 2017 03:02:04 +0100 X-IronPort-AV: E=Sophos;i="5.44,371,1505772000"; d="scan'208";a="1587481" Received: from mailext.sit.fraunhofer.de ([141.12.72.89]) by mail-mtaS26.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Nov 2017 03:02:03 +0100 Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id vAA221vu028801 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 10 Nov 2017 03:02:03 +0100 Received: from [10.1.3.69] (111.223.77.195) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.361.1; Fri, 10 Nov 2017 03:01:55 +0100 To: References: From: Henk Birkholz Message-ID: <5159e2e8-4f55-3124-47c8-23eac6a6774e@sit.fraunhofer.de> Date: Fri, 10 Nov 2017 03:01:50 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [111.223.77.195] Archived-At: Subject: Re: [Teep] Transport Protocol X-BeenThere: teep@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Nov 2017 02:02:11 -0000 Hello, if in doubt, I would recommend CoAP - as the transfer protocol. It provides one with the flexibility of using various transport protocols. Viele Grüße, Henk On 11/08/2017 09:54 PM, Dave Thaler wrote: > [...] >> Dave, did you mean >> • mandatory for the working group to specify at least one, or >> • the working group should specify one that is mandatory to implement, or >> • the working group should specify one that is mandatory to use? >> I think I know what you meant, but I should ask, rather than guess. > > The working group should specify at least one that is Mandatory To Implement. > > And for what I mean by "at least one"... there's two roles: the TAM and the Agent. > Interoperability can be ensured multiple ways, including (maybe other options too): > a) specify one that's MTI for both the TAM and the Agent. > b) specify multiple that are MTI for the TAM, and let the Agent implement any one of that set. > > Dave > _______________________________________________ > TEEP mailing list > TEEP@ietf.org > https://www.ietf.org/mailman/listinfo/teep >