Re: [Gen-art] [Last-Call] Genart last call review of draft-ietf-rats-architecture-21
Laurence Lundblade <lgl@island-resort.com> Sun, 21 August 2022 03:23 UTC
Return-Path: <lgl@island-resort.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96C64C1522DE; Sat, 20 Aug 2022 20:23:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q9YI6OgTRWqg; Sat, 20 Aug 2022 20:23:24 -0700 (PDT)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2100.outbound.protection.outlook.com [40.107.236.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B0F8C14CF08; Sat, 20 Aug 2022 20:23:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fY3igctrMnwrCUESS6WMam3thmVjuI3jJ9+ZDHp61v71X6Lbhi82/qH5Lwt3TmQe+yGdjZcmNo8jB6oJtLisYgp0T4H631hkKuGd3EiUP8dlGMBMBR6//IGJGg9xGkNZ+8mxXiO/EUJ6g9cD0JqlWLcixX2A9zR3vUuY7Sx8mbeU1PMCVR9PX5UnfSSBYU959mFIydPx5+fhAn1Er6DhAfob/EUkTDE8id9QsxjykqEvEi0NJET4vEW5ldnHXA4VGydGTdqf4Mh8I8dodYqQ/5VjBajfr32xWbYhKzckMaLzHhPx7aWluyxsxW92CHhDOfhOMaLz1HgjfgirVltKbA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jFXt8JHTf1QgMeYoOrDdYoX+5yIrp7+P82ycwjPLurA=; b=BOXgs4vQYxI1QcTVDr/1DeDKsP7p8PI61njXpGoI1XPPNEvAk2nlVq9QvobtEZOYrOszDGW0bc4P9kYVjW9UPh+Z9LbaEfRgysVrhKGt+12LohykiahDN4lR766vxfmQGXajfK1WYGwgWVhyyF/HoH9PhDasSsQHTFoY1qBoBK4Pvm3Kk4M2T/oHkYqxGYK0L/QHyhqo7yghByF+EgACqF1qPEV6jvyjM3RSPftZ9hLHFPPUAxHx07o0ZDKFP8uMU1VLRzG2BvSjGRwMk+/mUr+9sRYNEZN0WP78FFiCa9FcXg0qSNnKcGFaYIu1ES4Jsq/q11Grx6IXnllh1m5mSw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by CY4PR2201MB1016.namprd22.prod.outlook.com (2603:10b6:910:49::38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5546.18; Sun, 21 Aug 2022 03:23:18 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::ac41:5a17:42c0:16dd]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::ac41:5a17:42c0:16dd%9]) with mapi id 15.20.5525.011; Sun, 21 Aug 2022 03:23:18 +0000
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <C07517E2-07A1-435B-8A83-B8E4EBE9FEE5@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_DDA9027B-B969-4E52-8CD5-A2DBB1FFC0CE"
Date: Sat, 20 Aug 2022 20:23:13 -0700
In-Reply-To: <30348.1661027881@localhost>
Cc: Gyan Mishra <hayabusagsm@gmail.com>, gen-art@ietf.org, draft-ietf-rats-architecture.all@ietf.org, last-call@ietf.org, rats@ietf.org
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <166094621871.15611.17737520857699084804@ietfa.amsl.com> <30348.1661027881@localhost>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-ClientProxiedBy: BN0PR10CA0012.namprd10.prod.outlook.com (2603:10b6:408:143::10) To PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: de6c34be-321e-4893-b78c-08da83247e2f
X-MS-TrafficTypeDiagnostic: CY4PR2201MB1016:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: LekYDSh18regpAPWpYFqATP/cwAht3I9aJrDH3k9ineLEFJN/r9L75bXR8QJ3byfjQm0QLM3XZDDXP6PzjdlFvDrVhj3wMFv5MGu+dckC2pd9Vi4Wcre/iuOMzKAKyu4U4KipD3lTu71OpPmBim+i+4yx2dzvhRxSJzD0sGkmVo3HNF3hCceaj2Kx26cmQYc3C770dXFaPRgEIFgPCVpFSh6kYAT1j85w7StrP6s00rJ1EFZjXzFMp4nclPTu6wgx14fN1U9CnXU2mfDCbLPihm+8IPl2o6/sbvouHlZ+0uPqQUQeI29L8nWqw75IMO/knwQ/czj50prM3PJe+y4DdjoPl1S6nxvMlRXfwYavxbQDnkk/mNdTIAEL1mwCdZT/jg47oWY8ms60D/CD1PvS/nLzwCnNa4upf3iCqd8hINHLwNM4SsbF4bDOKjUkwI25cIveTt4NcCgS0pjrPSF79xGCXbIXTY5fECwS+g3gKefxxpBkeP/GeS210l4nC4qJPsR8cDVoU4hElT3GDFwyM/+0eGvTuEKvAuvrG+zGIZwNdieel2p8JVm/4LIia18ptTuQRSujDMYZDTvw0pPEX6SyMk6OnQ8LHwtjOcYIQefBU+FcQrrz7lQVsjzomFDvRhZAiZdAQZSUoFKj6+vgl6uxwTxi1Y7eGb6piVRcjexC5IijTrzs78DMRsf6cv09Yv0gvWpi1xtSQ33adB97+N7/LYgeyGnzv36VuHzb/EcnIsUikttS/H1MAvCs/I3UhqUIqVZowZdwDyXKRdPqOjhbJ7lLTCiz5J7Apwuxyc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR22MB3092.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(346002)(39830400003)(376002)(396003)(136003)(366004)(86362001)(6666004)(2906002)(33656002)(36756003)(316002)(478600001)(6486002)(41300700001)(52116002)(33964004)(26005)(53546011)(186003)(2616005)(6512007)(66574015)(5660300002)(6506007)(66946007)(66556008)(66476007)(38350700002)(4326008)(8676002)(83380400001)(38100700002)(8936002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: koLhiM1ffRji8KrUaecYyWFNe16xUtzTM17d+PBEkTy2VpGyGEVC1FiItE+2EVmQ07C4RGhTgp0BOQx+QvQR3loSAGYRlZvUsfNOXLtpOh4aC53Cxnw9+2T5YtZNG1WfuArMGFgDUhhzqfGothuaglWd6ghBdpwt/WQz90HjLcYw08dj6Mb0OMozWUBuuhcJwg1mi1PLrNkdsFELDYRtQ/dvP31MaqvN7bp9OzDMNP3/2t8z48CcFjr7qMCtsq7h7i9y39wcjXf6NWw/4PemQqf2TakAgde6cDRhZaoXiogGsokLj48SgntLC1hqNGgHXyQ9dvLltIsa+AdGC9xDHLIbN2rjt8bKNYXJbP/O4BnJM7rJT0LqxKrpsH3jzarucQ0KUxQMbGgI4D/XNYj9kuWuywL0ZEQSXjUMvyT8b3KGPeOtUnVOOG8P7SdNv+jHvoUXln4V9E8X/EF0d4hfT1qQw7fZNDIuEwKWqXLnPtwHYZZ9d5NS/9ipQ9i0paIQIgzXzGdZVBoBqZA8sZhd2Uw8mXCpoRKGMQo6HdGi8nSEynnfkx7eMm89SKlsZsCrulE29AT0tDQpDStzKSB7GqKg37kcxEmaiWNFk0SGE2Qq/GS2uYDc2hXdDWM3uLeDzpjUvf9I90FjpYSVQaoad+L5NMRIf9xfs0RnMXUV/eSIj5WCelmexMHSTHymieG7HD5yGoRvf43GxlnII7nQhZzH6QGysD5q41AViywtoLxCme0P1seaFF2wY/E32PWWBgIP6CK5pFGcnvx8Yj/tgsLLPMzVfSonPbjmzk/HWTcySSyb4uJX1/tEenjpDeQGvqRCGJ3RWKG01eiBtVV9QunwT/Q/ort/e02wovOaKmJw8+RoPYpjBM+TQlcFLObbCcN9AyM6I86D1whd2+bPDUyeMX3bkWwIfmEAA8+ovGyOILHCiFimWQFn6Uu88rBaKkuMfsjbzioskp0hgdjrSxlQ2+XVUibfARVV5TxiLZ0GjJq0yvGp53pyCA4c/tJIuEHc1CoACNHPrc65+d4OJ/wYsD5VchpTQ7YL/C2dNtdizvaRJtDef3EtT46nMiczlkEpr2cjtfJclR9UiyGGZDWZPewA1JvdQwp9NATJa/3322a4cwqo7D59X8NqjK7VcUpqj7p7no9Wd3UIgAN7uoUL2Cy8vIQ8tyh96m9Mq3nPacJz5qT3VAwHM1OLCX6i7lm0ayPJtYCkhqPhl1+7yEtAi4bZhCo7pF4RDfCcUIDksg4jo+TGHyq4G/V3Jbxea2EBloAjrEisqz8iRIFMVnEfFEWIs2oU/ATLxM2e7Xgknxo3/0DHB6e9xoYG3ozlOMgoKCEe6DGA5KnLbjvfXjxubx7ydQNWQ5E6ZiRblyJBE4IwxGa4cf+a9qhaMGBVHobhu4yYh/ysIPmApr4Hq7F/lDMPflyXDnHx7db0hIu73M9lOvp5z6t7Mf8V4hJmHwbVwMlkGQ19wa1Fa8fTM7gZN329Ir+Z/mE3pKVXVFHs/s6GranbHTsCt7xlwmhN7fzWeBpvbbNh/wCMhqKRHv81Bt7CEn62m6EHEa032pO+fbm/9eyMvt2MjIQMMzCy
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-Network-Message-Id: de6c34be-321e-4893-b78c-08da83247e2f
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Aug 2022 03:23:18.6557 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 4JgNOZWCtAtuCTTForD6xMiWk7aXy47d+UdLetzgvYjec7Z3KZ2jjRx1G/OXNUZjZtXYyq6MrmHbC9fH0D0nZw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR2201MB1016
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/IwSqdKV4kb8uX-vc8cu6pph6qJg>
Subject: Re: [Gen-art] [Last-Call] Genart last call review of draft-ietf-rats-architecture-21
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Aug 2022 03:23:27 -0000
Below > On Aug 20, 2022, at 1:38 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > Gyan Mishra via Datatracker <noreply@ietf.org <mailto:noreply@ietf.org>> wrote: > >> Section 3 describes the environment of an attester. Section >> 3.2 clearly describes a layered environment, however section 3.3 >> describes a composite environment using a carrier grade router as an >> example. I think here the composite should be described just as is >> done in the layer environment section but not referencing an >> environment use case that may not be applicable to RAT. > > I guess I don't really follow what you are suggesting here. > >> So within a >> carrier grade router chassis the backplane communication is all done >> vendor proprietary no external elements so I don’t see how trust comes >> into play as well as the backplane communication is hardware bus >> elements for backplane throughput for the LC and then as well router OS >> software component for the backplane communication. I think maybe >> choosing a better example that applies to RAT composite environment >> would be better. > > Yes, the way in which the Evidence is relayed is vendor proprietary, but the > the Evidence and/or Attestation Results are then relayed to an external verifier. I don’t know anything about router architecture, but do about mobile phone architecture which I consider a candidate for composite attestation. A mobile phone based on a chip like a Qualcomm Snapdragon has many subsystems. Something like this: - A TEE and/or HW root of trust, perhaps controlled by the chip vendor, not the phone vendor - A Secure Element for payments or eSIM - A SIM card - The general purpose CPU running Android and is controlled by the phone vendor - A video playback subsystem that does content protection and is isolated from the main CPU - A cellular modem - A Bluetooth subsystem isolated from the modem - … There are several tiers of security and multiple vendors. LL
- [Gen-art] Genart last call review of draft-ietf-r… Gyan Mishra via Datatracker
- Re: [Gen-art] Genart last call review of draft-ie… Michael Richardson
- Re: [Gen-art] [Last-Call] Genart last call review… Laurence Lundblade
- Re: [Gen-art] [Last-Call] Genart last call review… Michael Richardson
- Re: [Gen-art] [Rats] [Last-Call] Genart last call… Laurence Lundblade
- Re: [Gen-art] [Last-Call] Genart last call review… Gyan Mishra
- Re: [Gen-art] Genart last call review of draft-ie… Lars Eggert