**Session Date/Time:** 23 Jul 2024 20:00 # rats ## Summary The RATS working group meeting covered several drafts related to remote attestation procedures, including updates to the O2 draft, CoreM, reference interaction models, CBOA tag for unprotected CWT claims sets (UCCS), epoch markers, remote posture assessment, and PKIX evidence. Adoption calls were discussed for several drafts. There were discussions regarding transparent meeting updates, code review, and implementations. ## Key Discussion Points * **O2 Draft Update (Thaler):** Discussed addressing feedback from Ned, including clarifying claim sets, comparison rules, and the use of conditional endorsements. Goal is working group last call. * **Corim (Corrin):** Presented updates, focusing on introduction material and refining the appraisal procedure description. Addressed concerns about meeting updates. Discussed the importance of the venue for updates and documentation of the draft. * **Reference Interaction Models (Hank):** Focused on clarifying the document, including removing TPM-specific wording, using the term "handle," and improving wording around attestation keys. A request for review was made. * **CBOA Tag for UCCS (Carsten):** Discussed the current status of the draft, currently with the AD for review and seeking an ID update. * **Epoch Markers (Hank):** Seeking adoption. It introduces e-freshness epochs and e-pot markers. * **Remote Posture Assessment (Kathleen):** Presented the remote posture assessment approach to summary reporting, which looks like digs and CIS benchmarks. Seeks adoption. Discussed trusted execution environments. * **PKIX Evidence (Hannes):** Presented ASN.1 port of the RATS eat claims for hardware security modules. Asks for blessings to officially perform the work in RADS. * **ARM CCA Attestation Token (Gary):** Presented the ARM CCA attestation token architecture with delegates and direct model approaches. There was a suggestion to use the term "evidence" rather than "token" for consistency with RATS terminology. * **EAT Measurement Extensibility (Thomas):** Presented an extensible measurement claim for describing target environments. ## Decisions and Action Items * **O2 Draft (Thaler):** Submit draft 03 after addressing any additional feedback. * **CoreM (Corrin):** Authors to provide reminders of call schedules and GitHub location on the mailing list. They will also provide more reports on the mailing list. * **Reference Interaction Models (Hank):** Chairs to consider directing directorate reviews and a tentative working group last call. * **CBOA Tag for UCCS (Carsten):** Address AD comments and resubmit the ID. * **Epoch Markers (Hank):** Adoption call to be placed on the mailing list. * **Remote Posture Assessment (Kathleen):** Confirmation of adoption status to be done on the mailing list. Implementation to be used is being incorporated, which will lead to a separate post from the mailing list. * **PKIX Evidence (Hannes):** Chairs to confer with LAMPS chairs to decide on adoption call. Adoption to be put to the mailing list. * **ARM CCA Attestation Token (Gary):** Authors to consider feedback on terminology and verifier behavior placement. * **EAT Measurement Extensibility (Thomas):** Adoption to be put to the mailing list. ## Next Steps * Continue discussions on the mailing list. * Address action items and prepare updated drafts.