TPM-based Network Device Remote Integrity Verification
draft-ietf-rats-tpm-based-network-device-attest-14

Thanks for working on this specification. 

This was good read. (I was dishearten to find ,my interest, "virtualization and containerization" was out of scope :-() 

Supporting Benjamin Kaduk's discuss.

Thanks for addressing my previous Discuss point and the preponderance of
my previous Comments!  I retain a couple here, as I think they still
apply to some extent.

Section 1.5

   3.  Conveyance of Evidence reliably transports the collected Evidence
       from Attester to a Verifier to allow a management station to
       perform a meaningful appraisal in Step 4.  The transport is
       typically carried out via a management network.  The channel must
       provide integrity and authenticity, and, in some use cases, may
       also require confidentiality.

It seems like there is some subtlety here if we insist that the
communications channel to a potentially untrustworthy endpoint will
provide integrity and authenticity (let alone confidentiality).  I suggest
giving more clarity on what threats these technical measures are
protecting against in relation to the potentially untrusted endpoint.
[ed. I do see the added text to indicate that the TPM signing key
does provide a separate signature over the critical evidence, but
that does not explain why we still say we want integrity and authentication
(and in some cases confidentiality) of the channel that conveys such evidence.]
Section 3.3

   In this application, each device may need to be equipped with signed
   RIMs to act as an Attester, and also an Appraisal Policy for Evidence
   and a selection of trusted X.509 root certificates, to allow the
   device to act as a Verifier.  An existing link layer protocol such as
   802.1X [IEEE-802.1X] or 802.1AE [IEEE-802.1AE], with Evidence being
   enclosed over a variant of EAP [RFC3748] or LLDP [LLDP] are suitable
   methods for such an exchange.

Should we say that the details of those "variant"s being out of scope for
this document?  (What we do say is pretty far from a complete solution.)

Agree with Ben's DISCUSS. This Informational document seems to want to
normatively talk about and reference quite a few other documents. However,
that's not really something an Informational document can really (normatively)
do.

Found terminology that should be reviewed for inclusivity; see
https://www.rfc-editor.org/part2/#inclusive_language for background and more
guidance:

 * Term "native"; alternatives might be "built-in", "fundamental",
   "ingrained", "intrinsic", "original" (matched "native" rule, pattern
   ((\bnative\w*\b)\w*)).

Thanks to Linda Dunbar for their General Area Review Team (Gen-ART) review
(https://mailarchive.ietf.org/arch/msg/gen-art/uJfSJiH2jjpTrxAlux60VNEDF-0).

-------------------------------------------------------------------------------
All comments below are about very minor potential issues that you may choose to
address in some way - or ignore - as you see fit. Some were flagged by
automated tools (via https://github.com/larseggert/ietf-reviewtool), so there
will likely be some false positives. There is no need to let me know what you
did with these suggestions.

Section 1.5. , paragraph 7, nit:
> station Result, used to inform decision making. In practice, this means comp
>                                ^^^^^^^^^^^^^^^
The noun "decision-making" (= the process of deciding something) is spelled
with a hyphen.

Section 1.5. , paragraph 8, nit:
> ation expected by the Verifier. Subsequently the Appraisal Policy for Evidenc
>                                 ^^^^^^^^^^^^
A comma may be missing after the conjunctive/linking adverb "Subsequently".

Section 1.6. , paragraph 3, nit:
>  attestation of Linux or other multi-threaded operating system processes aft
>                                ^^^^^^^^^^^^^^
This word is normally spelled as one.

Section 2.1.1. , paragraph 8, nit:
> ader | 8 | 9 | | (e.g GRUB2 for Linux) |
>                   ^^^
The abbreviation "e.g." (= for example) requires two periods.

Section 2.3. , paragraph 16, nit:
> arly system startup (e.g., BIOS, boot loader, OS kernel) are essentially sing
>                                  ^^^^^^^^^^^
This word is normally spelled as one.

Section 2.4.1. , paragraph 5, nit:
> d in [I-D.ietf-rats-architecture]. However additional prerequisites have been
>                                    ^^^^^^^
A comma may be missing after the conjunctive/linking adverb "However".

Section 4. , paragraph 10, nit:
>  redundant information, or add an additional layer of signing using external
>                            ^^^^^^^^^^^^^^^^^^^^^^^
This phrase might be redundant. Consider either removing or replacing the
adjective "additional".

Document references draft-ietf-rats-yang-tpm-charra-12, but -13 is the latest
available revision.

Document references draft-birkholz-rats-reference-interaction-model-03, but -05
is the latest available revision.

These URLs in the document can probably be converted to HTTPS:
 * http://www.uefi.org