Hi draft-liu-acme-rats authors, I read -02, and have the following questions:
1. Why and how the CA/RA come to trust a verifier controlled by the attester is unclear to me. What prevents the attester and verifier from colluding? 2. Freshness appears to depend on the inclusion of the CA/RA-presented nonce in the AR. However, it is unclear what would stop a malicious attester from presenting old evidence to the verifier while still requesting that the CA/RA nonce be used in the AR. cheers, thanks! _______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
