Re: [EAT] [Rats] BOF Preparation

Jessica Fitzgerald-McKay <jmfmckay@gmail.com> Tue, 09 October 2018 15:41 UTC

Return-Path: <jmfmckay@gmail.com>
X-Original-To: eat@ietfa.amsl.com
Delivered-To: eat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED7E913135A; Tue, 9 Oct 2018 08:41:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YD538eBCdZ1b; Tue, 9 Oct 2018 08:41:48 -0700 (PDT)
Received: from mail-yw1-xc35.google.com (mail-yw1-xc35.google.com [IPv6:2607:f8b0:4864:20::c35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2279131340; Tue, 9 Oct 2018 08:41:47 -0700 (PDT)
Received: by mail-yw1-xc35.google.com with SMTP id s73-v6so822319ywg.11; Tue, 09 Oct 2018 08:41:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rAmeefUsRXostoilk1bs50yyZQom8yUfWR8Ot+zLWdY=; b=XbB2xsCOLC1T21Q8/ZRxGU9iar8rFYLQc1Qz+Ku/Pwy6h0AoOFB5AesawJk50vv6UV 8KgsdkLqO8anYEPPdqf0EBWSYDDxntFqhTqp4xPWfTExyrowoIdWPXXeZcc8+1HOMMPG mll/Uum7rUyicADY6jgk0AIzYCEyAkbYu1Pmoo7aTGcMpwWJoB+gGG9D7W0XRnQHQG4W Mvp1mHMHF56HQp1ZULpkG46iM+LX10Yapn1DESi4kPo8FMzumRS6qdNXGDiqxSB5D+f1 70B3XvY5So2r7Mm8TKOqbKVYxQnfs8kygezeh3144EHbFzxU+XPBLoMnj1s2Nt3XeFMp lY/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rAmeefUsRXostoilk1bs50yyZQom8yUfWR8Ot+zLWdY=; b=Gc55C9NrsfI3oLkUBA8uDz7cCi0GMuDHEJzfi+4xq/m48A//4pMaUFDonoA5yuj/Be 4WF4z5im+JLafjjd1s99C/AdpSBBbi8Zgu/NxVS9dG4GudszuF3fnRGxaYkcobj9wqYW UnyM5e8uTXlaLnNxQ1gm9ytS4zEyeBVHUJpxDPo0Q8HjZDXpUefJO23rl8dEmcaKPK6X LGbgUYfTfSm8n6eHpDIJvwgsQAnnVXlTfn3WXDTwnN3mNhHEloqB75DlM7ISVd++eerP ztZ7qYrbx4nDExLXAzPut8TSgpQxiE+8VDbIx6URpU18Tks/LZMFFDnvNvmewZGA5get 9OoQ==
X-Gm-Message-State: ABuFfogMpyDcxNdRyDMXDE1j+mow0qbJbtV8V4HV7i8pAdLQNLWKnEhk YWLGUQ5AMUwQg+ldj1W0C+AE1xjlgbVSg4MhkIg=
X-Google-Smtp-Source: ACcGV61Trgwz4j5NH0183z0xcmA3k/Gr7KRAQj8UmH2BVbXbuiztYq4xheUiGtcyedMKkRuho1srnnecTzuXQ93bGNY=
X-Received: by 2002:a0d:e110:: with SMTP id k16-v6mr16226006ywe.78.1539099706876; Tue, 09 Oct 2018 08:41:46 -0700 (PDT)
MIME-Version: 1.0
References: <1AE74D0A-DB9A-4847-A3C9-F25A29CA1C5B@cisco.com>
In-Reply-To: <1AE74D0A-DB9A-4847-A3C9-F25A29CA1C5B@cisco.com>
From: Jessica Fitzgerald-McKay <jmfmckay@gmail.com>
Date: Tue, 9 Oct 2018 11:41:34 -0400
Message-ID: <CAM+R6NVZYB=q1MvA9qLss-erD23R9KGkhZoueH9zX3UMfbQP6g@mail.gmail.com>
To: shwethab@cisco.com
Cc: Hannes.Tschofenig@arm.com, "Diego R. Lopez" <diego.r.lopez@telefonica.com>, eat@ietf.org, rats@ietf.org, "Eric Voit (evoit)" <evoit@cisco.com>, kaduk@mit.edu, "Fitzgerald-McKay, Jessica M" <jmfitz2@radium.ncsc.mil>
Content-Type: multipart/alternative; boundary="0000000000004d69df0577cd9348"
Archived-At: <https://mailarchive.ietf.org/arch/msg/eat/f3tO2-DioIUvooAs48tfWW46nL0>
Subject: Re: [EAT] [Rats] BOF Preparation
X-BeenThere: eat@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <eat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eat>, <mailto:eat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eat/>
List-Post: <mailto:eat@ietf.org>
List-Help: <mailto:eat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eat>, <mailto:eat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Oct 2018 15:41:59 -0000

All,
Wanted to weigh in while we are still scoping this work. I'd be interested
in seeing RATS address solutions that meet supply chain risk and cyber
hygiene use cases. For example, knowing that the device on the network is
the one you are expecting, knowing what it is running and that it's code
has not been modified, being able to compare an expected posture to the
current posture of the device, and so forth. Being able to answer these
questions in a vendor-neutral way is critical for networks with diverse
infrastructure.

Thanks,
Jess

On Mon, Oct 8, 2018 at 10:00 PM Shwetha Bhandari (shwethab) <
shwethab@cisco.com> wrote:

> Hi Hannes, All,
>
>
>
> A number of networking vendors have expressed interest in contributing to
> and implementing the models on the network devices to provide
> challenge-response as well as unidirectional attestation.
> “draft-birkholz-yang-basic-remote-attestation” shows some of this support.
>
>
>
> Also commercial implementations of applications exposing the boot
> integrity of devices exist.  E.g., see:
>
>
> https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/application-policy-infrastructure-controller-enterprise-module/1-5-x/integrity_verification/release-notes_ver_275/Cisco_IV_App_RN_1_5_0_275.pdf
>
>
>
> A standard data model and any protocol extension(s) for interoperability
> that fits in the existing network operations will be of key value in
> exposing proof of network device integrity. At Cisco, we are geared up to
> progress this work.
>
>
>
>
>
> Thanks,
>
> Shwetha
>
> *From: *RATS <rats-bounces@ietf.org> on behalf of Hannes Tschofenig <
> Hannes.Tschofenig@arm.com>
> *Date: *Tuesday, October 9, 2018 at 1:13 AM
> *To: *"Diego R. Lopez" <diego.r.lopez@telefonica.com>om>, "eat@ietf.org" <
> eat@ietf.org>gt;, "rats@ietf.org" <rats@ietf.org>
> *Cc: *'Benjamin Kaduk' <kaduk@mit.edu>
> *Subject: *Re: [Rats] [EAT] BOF Preparation
>
>
>
> Thanks, Diego. That’s useful input on the scenarios you are looking into.
>
>
>
>
>
> *From:* Diego R. Lopez <diego.r.lopez@telefonica.com>
> *Sent:* Sunday, October 7, 2018 6:53 PM
> *To:* Hannes Tschofenig <Hannes.Tschofenig@arm.com>om>; eat@ietf.org;
> rats@ietf.org
> *Cc:* 'Benjamin Kaduk' <kaduk@mit.edu>
> *Subject:* Re: [EAT] BOF Preparation
>
>
>
> Hi Hannes,
>
>
>
> We are interested in using the base technology (whatever is supported in
> low level software or operating systems) to support attestation of NFV
> deployments, especially those related with the collaboration of third
> parties: with universal EPC, and edge computing as the main use cases. And,
> while is true we are not developing the base software, we are collaborating
> with academic teams working at the hypervisor and container platform level.
>
>
>
> Be goode,
>
>
>
> --
>
> "Esta vez no fallaremos, Doctor Infierno"
>
>
>
> Dr Diego R. Lopez
>
> Telefonica I+D
>
> https://www.linkedin.com/in/dr2lopez/
>
>
>
> e-mail: diego.r.lopez@telefonica.com
>
> Tel:         +34 913 129 041
>
> Mobile:  +34 682 051 091
>
> ----------------------------------
>
>
>
> On 06/10/2018, 11:08, "Hannes Tschofenig" <Hannes.Tschofenig@arm.com>
> wrote:
>
>
>
> Hi Diego,
>
>
>
> I guess Telefonica is a user of the technology*. How would leverage the
> results?
>
>
>
> Ciao
>
> Hannes
>
>
>
> *: You are not manufacturing chips, developing operating systems, or
> writing low level software (like firmware) that integrates the discussed
> attestation technology. Is that correct?
>
>
>
> *From:* Diego R. Lopez <diego.r.lopez@telefonica.com>
> *Sent:* Saturday, October 6, 2018 12:27 AM
> *To:* Hannes Tschofenig <Hannes.Tschofenig@arm.com>om>; eat@ietf.org;
> rats@ietf.org
> *Cc:* 'Benjamin Kaduk' <kaduk@mit.edu>
> *Subject:* Re: [EAT] BOF Preparation
>
>
>
> Hi,
>
>
>
> We are interested in fostering attestation technologies able to support
> and leverage network virtualization techniques (yes, NFV strikes back…),
> and are in contact with other companies that share the same interest.
>
>
>
> I won’t make it to Bangkok, but will be happy to help in anything I can
> through remote participation.
>
>
>
> Be goode,
>
>
>
> --
>
> "Esta vez no fallaremos, Doctor Infierno"
>
>
>
> Dr Diego R. Lopez
>
> Telefonica I+D
>
> https://www.linkedin.com/in/dr2lopez/
>
>
>
> e-mail: diego.r.lopez@telefonica.com
>
> Tel:         +34 913 129 041
>
> Mobile:  +34 682 051 091
>
> ----------------------------------
>
>
>
> On 05/10/2018, 14:30, "EAT on behalf of Hannes Tschofenig" <
> eat-bounces@ietf.org on behalf of Hannes.Tschofenig@arm.com> wrote:
>
>
>
> Hi Ben, Hi BOF chairs, Hi all,
>
>
>
> I have been thinking about how to turn this BoF into a success. I see a
> few challenges:
>
>
>
> There are different items in scope of the work and we (Arm) are interested
> in contributing to those that relate to the EAT/attestation token work. We
> are happy to give a presentation about those but I haven’t seen any agenda
> for the BoF yet. Who is in charge of preparing an agenda? I have seen BoFs
> fail where the presentations weren’t well aligned or not clearly
> demonstrating a real-world problem.
>
>
>
> At the BoF we will have to demonstrate that there are companies involved
> who are actually willing to do the heavy lifting to turn this effort into a
> success. Since there are very different items listed on the proposed
> charter text I am curious whether there is reasonable support for all of
> them. I can only speak for our interest in the EAT items and we are working
> with companies to state their support on the mailing list. But the BoF is
> likely going to fail if there is only support for a subset of the items.
> Where are we with the rest and who is reaching out to which part of the
> industry?
>
>
>
> Ciao
>
> Hannes
>
>
>
> IMPORTANT NOTICE: The contents of this email and any attachments are
> confidential and may also be privileged. If you are not the intended
> recipient, please notify the sender immediately and do not disclose the
> contents to any other person, use it for any purpose, or store or copy the
> information in any medium. Thank you.
>
>
> ------------------------------
>
>
> Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario,
> puede contener información privilegiada o confidencial y es para uso
> exclusivo de la persona o entidad de destino. Si no es usted. el
> destinatario indicado, queda notificado de que la lectura, utilización,
> divulgación y/o copia sin autorización puede estar prohibida en virtud de
> la legislación vigente. Si ha recibido este mensaje por error, le rogamos
> que nos lo comunique inmediatamente por esta misma vía y proceda a su
> destrucción.
>
> The information contained in this transmission is privileged and
> confidential information intended only for the use of the individual or
> entity named above. If the reader of this message is not the intended
> recipient, you are hereby notified that any dissemination, distribution or
> copying of this communication is strictly prohibited. If you have received
> this transmission in error, do not read it. Please immediately reply to the
> sender that you have received this communication in error and then delete
> it.
>
> Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário,
> pode conter informação privilegiada ou confidencial e é para uso exclusivo
> da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário
> indicado, fica notificado de que a leitura, utilização, divulgação e/ou
> cópia sem autorização pode estar proibida em virtude da legislação vigente.
> Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique
> imediatamente por esta mesma via e proceda a sua destruição
>
> IMPORTANT NOTICE: The contents of this email and any attachments are
> confidential and may also be privileged. If you are not the intended
> recipient, please notify the sender immediately and do not disclose the
> contents to any other person, use it for any purpose, or store or copy the
> information in any medium. Thank you.
>
>
> ------------------------------
>
>
> Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario,
> puede contener información privilegiada o confidencial y es para uso
> exclusivo de la persona o entidad de destino. Si no es usted. el
> destinatario indicado, queda notificado de que la lectura, utilización,
> divulgación y/o copia sin autorización puede estar prohibida en virtud de
> la legislación vigente. Si ha recibido este mensaje por error, le rogamos
> que nos lo comunique inmediatamente por esta misma vía y proceda a su
> destrucción.
>
> The information contained in this transmission is privileged and
> confidential information intended only for the use of the individual or
> entity named above. If the reader of this message is not the intended
> recipient, you are hereby notified that any dissemination, distribution or
> copying of this communication is strictly prohibited. If you have received
> this transmission in error, do not read it. Please immediately reply to the
> sender that you have received this communication in error and then delete
> it.
>
> Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário,
> pode conter informação privilegiada ou confidencial e é para uso exclusivo
> da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário
> indicado, fica notificado de que a leitura, utilização, divulgação e/ou
> cópia sem autorização pode estar proibida em virtude da legislação vigente.
> Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique
> imediatamente por esta mesma via e proceda a sua destruição
>
> IMPORTANT NOTICE: The contents of this email and any attachments are
> confidential and may also be privileged. If you are not the intended
> recipient, please notify the sender immediately and do not disclose the
> contents to any other person, use it for any purpose, or store or copy the
> information in any medium. Thank you.
> _______________________________________________
> EAT mailing list
> EAT@ietf.org
> https://www.ietf.org/mailman/listinfo/eat
>