Re: [Gen-art] [Last-Call] Genart last call review of draft-ietf-rats-architecture-21

Gyan Mishra <hayabusagsm@gmail.com> Tue, 23 August 2022 19:48 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED687C14CF15; Tue, 23 Aug 2022 12:48:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eai-yXaPpGtR; Tue, 23 Aug 2022 12:48:30 -0700 (PDT)
Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5CB0C14F73F; Tue, 23 Aug 2022 12:48:30 -0700 (PDT)
Received: by mail-pj1-x1033.google.com with SMTP id o14-20020a17090a0a0e00b001fabfd3369cso15738434pjo.5; Tue, 23 Aug 2022 12:48:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=ubAIce6qmyl3D0FU1Cyz8+U/b8ewjvtZgf2UpHDN7vc=; b=RWOjCVi6Fa9cc1ADZ0eSHtVNFY2Xob4N5cw2SVmGuVi3s7IS1qKby0UaJXNNKOZRcX zaxPxQrQJQ055kPgbo+CN3CbWE7KWCQAhz+3EotCSwRnmzNTmzN8VRTdKURoLBj2hwH8 emkk6qDgGKXftvMy+bJ44+Qs2Dpl4wsX+c4U6+sVfwfcTEp4kKX/BWqMw67m4Oo8XHAx r31RhpNaLxm/MdPGADglR4GQ0h1pP3k4mwFcruxdfl/7x0EozT4isjrxGK9le/rq5gz5 q3yD1Zu+5BokXCNfr49xvV3LZjYsZ4LIxDPIAnXeWSSugqqi/R5Sk8K+ZPX4+4eJm4FW ENUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=ubAIce6qmyl3D0FU1Cyz8+U/b8ewjvtZgf2UpHDN7vc=; b=6JIcmxS4keJ/q+RbqVdjWILDpDpfNDcrLoY6NkkJjdYxtBC+xDsBTtm5SbPO/kLnju gM6KOVla7kesUDgwEwYCvXv4eSUmNXM2MIl0npioFLFkZputrmFbeP626jMCxwpzF4Nd WJcAbT+ZaX7spjZvCxRNeGBHFANUOiKdhXwddVeEfQ8fVCVgaqaYu0zPxRfwYgnHvp+A 6aQUnNZDYQ83BpAZN8o00BUur2Jo+VJvFeDHy8DytQCku08ptyH9U7UBqXbPuIX1+3I9 k7C4A4H1kjFCkZh1AX2O17ukBkyyTszv8Zkjoa3J4gCmWl+u28aPkaKlrgnWiR9qTjhn P7sA==
X-Gm-Message-State: ACgBeo0FtYmJ7+tZh95ExY2/S/YsQjXVrs9tEEKz94KjScPECoKcnSg5 8KKB2BWyaF9wTLutksqAUU71V6qmy/0YaG3B/H0W+O5D
X-Google-Smtp-Source: AA6agR70sOjAexCC+HzPuMjJWbgoSAaGYHW3AkfUP6fd23OAbP0KVEDCipLTK5jD1Qo88ji0pLwTvuAG4i5gIvxjgug=
X-Received: by 2002:a17:903:100a:b0:172:c288:2c89 with SMTP id a10-20020a170903100a00b00172c2882c89mr21427779plb.128.1661284110267; Tue, 23 Aug 2022 12:48:30 -0700 (PDT)
MIME-Version: 1.0
References: <166094621871.15611.17737520857699084804@ietfa.amsl.com> <30348.1661027881@localhost> <C07517E2-07A1-435B-8A83-B8E4EBE9FEE5@island-resort.com>
In-Reply-To: <C07517E2-07A1-435B-8A83-B8E4EBE9FEE5@island-resort.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Tue, 23 Aug 2022 15:48:18 -0400
Message-ID: <CABNhwV2OrP2H4xpTnKK3JovzSN5PhOjX4oN-NGMPDUZ3iPvi+w@mail.gmail.com>
To: Laurence Lundblade <lgl@island-resort.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, draft-ietf-rats-architecture.all@ietf.org, gen-art@ietf.org, last-call@ietf.org, rats@ietf.org
Content-Type: multipart/alternative; boundary="00000000000043791805e6edd95f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/7H4WPbO74tpC4rH8TXG32IrCr6w>
Subject: Re: [Gen-art] [Last-Call] Genart last call review of draft-ietf-rats-architecture-21
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2022 19:48:35 -0000

Hi Laurence

The mobile example looks good let’s update the draft with the mobile
example.

I don’t have any further comments for the review.

Thank you

Gyan
On Sat, Aug 20, 2022 at 11:23 PM Laurence Lundblade <lgl@island-resort.com>
wrote:

> Below
>
> On Aug 20, 2022, at 1:38 PM, Michael Richardson <mcr+ietf@sandelman.ca>
> wrote:
>
> Gyan Mishra via Datatracker <noreply@ietf.org> wrote:
>
> Section 3 describes the environment of an attester.  Section
> 3.2 clearly describes a layered environment, however section 3.3
> describes a composite environment using a carrier grade router as an
> example.  I think here the composite should be described just as is
> done in the layer environment section but not referencing an
> environment use case that may not be applicable to RAT.
>
>
> I guess I don't really follow what you are suggesting here.
>
> So within a
> carrier grade router chassis the backplane communication is all done
> vendor proprietary no external elements so I don’t see how trust comes
> into play as well as the backplane communication is hardware bus
> elements for backplane throughput for the LC and then as well router OS
> software component for the backplane communication. I think maybe
> choosing a better example that applies to RAT composite environment
> would be better.
>
>
> Yes, the way in which the Evidence is relayed is vendor proprietary, but
> the
> the Evidence and/or Attestation Results are then relayed to an external
> verifier.
>
>
> I don’t know anything about router architecture, but do about mobile phone
> architecture which I consider a candidate for composite attestation.
>
> A mobile phone based on a chip like a Qualcomm Snapdragon has many
> subsystems. Something like this:
> - A TEE and/or HW root of trust, perhaps controlled by the chip vendor,
> not the phone vendor
> - A Secure Element for payments or eSIM
> - A SIM card
> - The general purpose CPU running Android and is controlled by the phone
> vendor
> - A video playback subsystem that does content protection and is isolated
> from the main CPU
> - A cellular modem
> - A Bluetooth subsystem isolated from the modem
> - …
>
> There are several tiers of security and multiple vendors.
>
> LL
>
> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *

*Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*



*M 301 502-1347*