[nasr] Re: [saag] Re: NASR BOF Follow-Up

Eric Rescorla <ekr@rtfm.com> Fri, 11 April 2025 17:24 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: nasr@mail2.ietf.org
Delivered-To: nasr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id BF1301AD3F5C for <nasr@mail2.ietf.org>; Fri, 11 Apr 2025 10:24:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KTfqbBKhHc2U for <nasr@mail2.ietf.org>; Fri, 11 Apr 2025 10:24:05 -0700 (PDT)
Received: from mail-yw1-x112c.google.com (mail-yw1-x112c.google.com [IPv6:2607:f8b0:4864:20::112c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 7CF5A1AD3F0A for <nasr@ietf.org>; Fri, 11 Apr 2025 10:24:05 -0700 (PDT)
Received: by mail-yw1-x112c.google.com with SMTP id 00721157ae682-6feab7c5f96so22535097b3.3 for <nasr@ietf.org>; Fri, 11 Apr 2025 10:24:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1744392245; x=1744997045; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Hljz1vqYvR5TijpujbxbF2cVIJJvc+P2w11e1ZkELuA=; b=rASahSl6tb0YUo1fyFnzQvOkrmawlIrgVJ/cVteCCHuWpRA7ykxzwkwgu8hFKFob4/ R8OcMqEgIq9pKSuDlPakME3krcflGV/N6I4mk+nPMsj/3v00Yukz05iyoQsemVcLIaDk VDXlqF/Yd3ICHgGKfSkkzscdidJ7GywDWlZKbSr+F1pz56y+mjRRWx/lSiebnehd/XCT 5HqWoSlRuxlNAS2nxigD/Z457AiaxiCJSM+i/OcxrSdfkP6za+A/FS4v83PUxicWMVse dz5Oi7Zwh9wBwn/EInuLCxZyd7lxI58aI2M9UceH/jbSWY/yYKTKXgNbdm5TAjisk5c5 Gx/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744392245; x=1744997045; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Hljz1vqYvR5TijpujbxbF2cVIJJvc+P2w11e1ZkELuA=; b=qPJAtm50MSI1ThG/4/4WxGmg14xyUpbE2E7XxXh11FsDqrSq57JHf9M7VOUuM5fDOm 9aclXncw8gg/z2ghGndKChW4OZwZqVE8WWaM/w5f6ctRw4mbqvV0/A2GdpsmbbAkpGVb xrRGAhVV9MxXBbBcZQ12EtPRkp63Rwmu7ogEL2edm6aZtjyhylDFD+yXYYap713eG2pD JiHGJOpniukxgbPuluow3MYnBK4jb3ks+qrEVCbH9ROogYn0RMjnXIe/sQiTiHVQmVB0 hkz/c90ji6HYgQDIr5LfWgFyGeHUTCARM9Wa4U8Lf7FMneO09SiFCirayjjltAUZ4wZn 3X2A==
X-Forwarded-Encrypted: i=1; AJvYcCUNYBTus9F1JJl7C/OGswjvkOhuZVzeF2XW1hfsZWGVUR/SciY8tJH4Vb8b+LiN9i7S5t9Y@ietf.org
X-Gm-Message-State: AOJu0YwoDZ0p8R4QEmUs68lre8iZoQZDQ6eMIUyBVs7G+LlV8KJ65ghe 1vuKvxylW0vq+XP8JvWAJcun3YRUUFZgFGaEb+tJQK2QBaERDN68eGxeXqh3VUl5/jRd52o8pqQ OFQV592FjnOZxH5pO0wMOWoPQvnH9WiL+XtiqnA==
X-Gm-Gg: ASbGnctlxC9C8g2vIgaprsRA1Nq9Dqx8foIlQi2EtB6cOQJKthgnfmoeMuxcOwRN3l4 VJMkIVsSbfshVIg1Ozy3ki2oOefvGVBSajRdkaYOy5mJV+Yv4AiF4e5ovqDZ/IZzBq28vT+a1oW z+W2TNbDWKHUekDxXjhbCiaLWz1staH+nT77s=
X-Google-Smtp-Source: AGHT+IGQPpM2OasvVcmtDtefvtpCkmuTjqdWlY6BB+XuAFucD3h/4Ap+wKM6/Sr4j2W7uK/5jt0cAHDFIZSk8ITwHr4=
X-Received: by 2002:a05:690c:4b82:b0:702:52fb:462d with SMTP id 00721157ae682-70559aa82f4mr60062287b3.29.1744392244910; Fri, 11 Apr 2025 10:24:04 -0700 (PDT)
MIME-Version: 1.0
References: <ef08bf0afa924713acc629dff8156761@huawei.com> <2025040312042771743841@chinamobile.com> <CAL02cgSg53nOB8BCSNCLGC78r41P_1VzBPoj2yOJP1qbS0jqfA@mail.gmail.com> <CABcZeBPFaJMsWyNozXS+osh251631vCStkrmOk=WQig5c1_0qw@mail.gmail.com> <87c61c52-839f-f66e-a66a-b737f01ca93f@ietf.contact> <CABcZeBMOvFXkQ2OFBpz2Ri5_Oz-pHGs=2fHvBNptOdjQy9F7ww@mail.gmail.com> <11730e71-f409-bbaf-9bc1-4f88d207bcab@ietf.contact> <CABcZeBMDg9cFGtf6AMwSiq3ZnZnrvwoAc7TjD0Ftq-JC8jWusQ@mail.gmail.com> <d3de69d6-f46b-fe0c-b6dc-8180864bd9b0@ietf.contact> <CABcZeBO15H=+ds0deqvtOzKvX+JvFzCn2pht3fcKYcp7df=UFw@mail.gmail.com> <52b08a1b-45e2-b03b-a0a8-12e55b56bfa8@ietf.contact>
In-Reply-To: <52b08a1b-45e2-b03b-a0a8-12e55b56bfa8@ietf.contact>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 11 Apr 2025 10:23:28 -0700
X-Gm-Features: ATxdqUGFypx9HOY3LLeUxG1VD0ijwwFcDcMsMFqAvpngNntBPR1WFVDxsgu3_QA
Message-ID: <CABcZeBOwZ3=pz=Xz1D3YwJ6_svTidt5azWDFnTwexsE508rmkA@mail.gmail.com>
To: Henk Birkholz <henk.birkholz@ietf.contact>
Content-Type: multipart/alternative; boundary="0000000000001b7d77063283f8b3"
Message-ID-Hash: SCA566CFBORKLVIVUSFH3F6VPM4FM7CM
X-Message-ID-Hash: SCA566CFBORKLVIVUSFH3F6VPM4FM7CM
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Richard Barnes <rlb@ipv.sx>, Meiling Chen <chenmeiling@chinamobile.com>, "Liuchunchi(Peter)" <liuchunchi@huawei.com>, "nasr@ietf.org" <nasr@ietf.org>, IETF SAAG <saag@ietf.org>, Luigi Iannone <ggx@gigix.net>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [nasr] Re: [saag] Re: NASR BOF Follow-Up
List-Id: Network Attestation for Secure Routing <nasr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nasr/B_OxxoGjEBGecxPU_DmGGawSfEk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nasr>
List-Help: <mailto:nasr-request@ietf.org?subject=help>
List-Owner: <mailto:nasr-owner@ietf.org>
List-Post: <mailto:nasr@ietf.org>
List-Subscribe: <mailto:nasr-join@ietf.org>
List-Unsubscribe: <mailto:nasr-leave@ietf.org>

On Fri, Apr 11, 2025 at 10:19 AM Henk Birkholz <henk.birkholz@ietf.contact>
wrote:

> On 11.04.25 18:51, Eric Rescorla wrote:
> >      >
> >      >     Would some salt help here (like the salted hashes in sd-cwt)?
> >      >
> >      >
> >      > Probably not very much. What salt does is make it more difficult
> to
> >      > amortize computation
> >      > across multiple hashed values. However, if the total number of
> >     possible
> >      > values
> >      > is low (e.g., you have some configuration setting with 3 values)
> >     then
> >      > you can
> >      > just exhaustively search at query time.
> >
> >     That makes a lot of sense - and might be another good reason not to
> put
> >     these types of Claims into Evidence. I still think it is better to
> >     include software components that provide the conveyance mechanism
> >     (e.g.,
> >     a YANG server with YANG Push capability) in a TCB and then use
> >     successfully appraised software components for trusted telemetry to
> >     convey such values for evaluation.
> >
> >
> > That may be better from some angles but I think brings us back to
> > Richard's question about whether operators are in fact willing to
> > allow counterparties to access their devices to get this configuration
> data.
> >
> > It also doesn't affect--one way or the other--the need to understand
> > which configuration directives are relevant and what acceptable
> > values are.
> >
> > -Ekr
>
> If it is really a requirement that policy must be evaluated on the level
> you describe, my assumption is that a trusted third party that is a kind
> of "policy evaluator", not a counterparty, and also taking on the role
> of an Attester (that can be "RATS approved") could handle such
> operations. But this is now bordering on speculation on my part as there
> are many ways to compose such a system and I am not aware of all the
> requirements.
>

Well, this doesn't matter for the point I'm making. *someone* needs
to do the evaluation and I'm questioning whether it's actually
practical.

My point being here is that RATS is not some kind of smokescreen or some
> kind of solve-it-all. It is just a building block to increase trust in
> the trustworthiness of a remote peer.
>

You may be addressing Richard here? As I said above I'm interested
in the question of whether it's in principal practical to determine
whether a given device's configuration is acceptable even under the
assumption that you have trustworthy access to that configuration.

-Ekr