Re: [EAT] Preliminary RATS BoF Agenda

"Eric Voit (evoit)" <evoit@cisco.com> Sun, 21 October 2018 17:32 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: eat@ietfa.amsl.com
Delivered-To: eat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64DCE12D4ED; Sun, 21 Oct 2018 10:32:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.563
X-Spam-Level:
X-Spam-Status: No, score=-14.563 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.064, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CKf1IHnirpvn; Sun, 21 Oct 2018 10:32:34 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52CDC1277C8; Sun, 21 Oct 2018 10:32:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10976; q=dns/txt; s=iport; t=1540143154; x=1541352754; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=tpjy8dlyDNtnWIDulqqytUtyKHFmrNrC0MzYBro5hLA=; b=muQDqE2MOmD/2uN7nO0gxeg7WnHILx9bONJGP9+tDT2KeFKRou6ZVndl 4M4fuP9/+LY7GfpYCq9PXZPXzqgR7++CX5IZ5uAT2WFJjnJPgMe4H8bZu iPTm1eUUSiTdZ9FSUzBqok5okJHWM4rcBq9lMW51ndD22FhN502vDo/cp 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AJAAAvt8xb/5pdJa1iGgEBAQEBAgE?= =?us-ascii?q?BAQEHAgEBAQGBUgQBAQEBCwGBDXdmfygKg2uUMYINkU2FSIF6CwEBIIFXgnU?= =?us-ascii?q?CF4RxITUMDQEDAQECAQECbRwMhToBAQECAiMKTBACAQgOByoDAgICMBQRAgQ?= =?us-ascii?q?OBQgXgwOBHWQPpAaBLoQ+QIUQBYtSF4FBP4ERgxKDGwEBAYFuCR+CTYJXAok?= =?us-ascii?q?MhSmQEwkCkGgfgVKIB4ZVljYCERSBJh8BNYFVcBWDJ4YFilJvAYpKgR8BAQ?=
X-IronPort-AV: E=Sophos;i="5.54,408,1534809600"; d="scan'208,217";a="188732482"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Oct 2018 17:32:33 +0000
Received: from XCH-RTP-011.cisco.com (xch-rtp-011.cisco.com [64.101.220.151]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id w9LHWWuL010435 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sun, 21 Oct 2018 17:32:33 GMT
Received: from xch-rtp-013.cisco.com (64.101.220.153) by XCH-RTP-011.cisco.com (64.101.220.151) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Sun, 21 Oct 2018 13:32:32 -0400
Received: from xch-rtp-013.cisco.com ([64.101.220.153]) by XCH-RTP-013.cisco.com ([64.101.220.153]) with mapi id 15.00.1395.000; Sun, 21 Oct 2018 13:32:32 -0400
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "rats@ietf.org" <rats@ietf.org>, "eat@ietf.org" <eat@ietf.org>
Thread-Topic: [EAT] Preliminary RATS BoF Agenda
Thread-Index: AQHUaGGNvCYySbrjaE+BAKDogaa266UoT+VggAFc2DCAAFs+AP//7Yhg
Date: Sun, 21 Oct 2018 17:32:32 +0000
Message-ID: <28e484a41ae14f5882bea36031d691bd@XCH-RTP-013.cisco.com>
References: <d9f63399-5fa1-e220-22f3-3e85596a589f@sit.fraunhofer.de> <AM5PR0801MB209735CCC5CF80CCE96E9670FAFA0@AM5PR0801MB2097.eurprd08.prod.outlook.com> <45f29705a33140c58c03ddadf65f6a7f@XCH-RTP-013.cisco.com> <511F4AEC-F374-44D7-A0DE-FD1201732639@island-resort.com>
In-Reply-To: <511F4AEC-F374-44D7-A0DE-FD1201732639@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.118.56.234]
Content-Type: multipart/alternative; boundary="_000_28e484a41ae14f5882bea36031d691bdXCHRTP013ciscocom_"
MIME-Version: 1.0
X-Outbound-SMTP-Client: 64.101.220.151, xch-rtp-011.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/eat/gUzugadbD5KE4cwLgoOb4NB4_48>
Subject: Re: [EAT] Preliminary RATS BoF Agenda
X-BeenThere: eat@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EAT - Entity Attestation Token <eat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eat>, <mailto:eat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/eat/>
List-Post: <mailto:eat@ietf.org>
List-Help: <mailto:eat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eat>, <mailto:eat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Oct 2018 17:32:37 -0000

From: Laurence Lundblade, October 21, 2018 10:32 AM

On Oct 21, 2018, at 6:49 PM, Eric Voit (evoit) <evoit@cisco.com<mailto:evoit@cisco.com>> wrote:

To me the answer is yes.  For over a year Cisco has offered a controller based Integrity Verification application.  This application does remote attestation for routers.  See:
https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/application-policy-infrastructure-controller-enterprise-module/1-5-x/integrity_verification/user-guide/Cisco_Integrity_Verification_Application_APIC-EM_User_Guide_1_5_0_x.pdf


Eric, thanks for sharing that. I read it carefully and that helps me understand quite a lot in a more concrete way. Even looked at the KGV tar ball. In a lot of ways this isn’t too different some EAT uses on mobile phones where the idea is to use TrustZone, virtualization and other HW architectures to measure Android.

I’m guessing a lot of this is implemented with TPMs and TCG ideas.  Is that right? If you can share implementation HW specifics, then I won’t have to guess and have a lower probability of saying dumb things, but understand if that is highly proprietary.

<Eric>

Hi Lawrence,

Cisco has a variety of off-the-shelf and custom hardware implementations of the TCG ideas across dozens of its products.  I believe this effort has the potential to normalize much of the software between these variations of hardware and the application layer.

Eric


LL