[Rats] Claims for to device trust (was Re: RATS use cases review)
Laurence Lundblade <lgl@island-resort.com> Sat, 12 October 2019 22:59 UTC
Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FDF91200B4 for <rats@ietfa.amsl.com>; Sat, 12 Oct 2019 15:59:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ItkhwvcjuSZa for <rats@ietfa.amsl.com>; Sat, 12 Oct 2019 15:59:31 -0700 (PDT)
Received: from p3plsmtpa12-04.prod.phx3.secureserver.net (p3plsmtpa12-04.prod.phx3.secureserver.net [68.178.252.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91C2E1200B8 for <rats@ietf.org>; Sat, 12 Oct 2019 15:59:31 -0700 (PDT)
Received: from [10.196.0.102] ([45.56.150.148]) by :SMTPAUTH: with ESMTPA id JQMEiPlbR450OJQMEiMU4D; Sat, 12 Oct 2019 15:59:30 -0700
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <F459E6EC-8615-4E76-B41C-B31C01250C5E@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E9A6299F-5727-46B9-934E-F97382C1768A"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Sat, 12 Oct 2019 15:59:29 -0700
In-Reply-To: <CAM+R6NUa3_Co-NVv7+SpGJU34dhv=tofVKnpPy1BF1AogTLf5Q@mail.gmail.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, rats@ietf.org
To: Jessica Fitzgerald-McKay <jmfmckay@gmail.com>
References: <CAM+R6NW1KSf3ziAp8TqnTNwS+a7Y+4TuTDTPVZC8Ae32noXMYA@mail.gmail.com> <30566.1570446100@dooku.sandelman.ca> <CAM+R6NUa3_Co-NVv7+SpGJU34dhv=tofVKnpPy1BF1AogTLf5Q@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-CMAE-Envelope: MS4wfEA1OxoIpzPm8z/Z6/rvNnuH3dUYPcbQkjDWxuOI3o5jPxSYUoycALih5Ch1LedBpexvw0pgWmvxxxdWpvENP/ny8u17SN/cQEHCWPyelKZSI+mYdrYH 9pgQ6VTljAn/M1bo69afJoP3jwph8LEkFOxMFEyPFbZzc7CgZf2pGzWGi7zkT5+UY0L+Y+dlElByEuV/D8woUx6QobTCIo7C1/tF/Djin/FjbNBj6x3SkWsu
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/83hI0vB9Eovoq6oQlmHKD1z3sjE>
Subject: [Rats] Claims for to device trust (was Re: RATS use cases review)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Oct 2019 22:59:34 -0000
On Oct 11, 2019, at 7:49 AM, Jessica Fitzgerald-McKay <jmfmckay@gmail.com> wrote: > > As a potential "end user" of attestation standards, I want RATS to be able to answer the question of whether or not I can trust a device on my network. And, the answer to that question will depend a lot on what kind of claims I can get and verify from the device. But I can see that being outside the scope of the style use case document we are writing right now. Yes, outside of the use case document, but not outside the EAT draft <https://tools.ietf.org/html/draft-ietf-rats-eat-01>. The claims in it now that I think relate to device trust are: OEM — who made the device, the chip, sub modules? Boot and debug state — is it in a operationally secure mode? (Also see new PR <https://github.com/ietf-rats-wg/eat/pull/36>for this one) I’m tracking proposed new claims as issues in GitHub labeled “new claim” <https://github.com/ietf-rats-wg/eat/issues?q=is:open+is:issue+label:%22new+claim%22>. From the issues list these seem related: Software measurement and/or integrity Software inventory, particularly version compared to a known-good-values list of the latest security patched SW What else? LL
- [Rats] RATS use cases review Jessica Fitzgerald-McKay
- [Rats] 答复: RATS use cases review Xialiang (Frank, Network Standard & Patent Dept)
- Re: [Rats] RATS use cases review Panwei (William)
- Re: [Rats] RATS use cases review Michael Richardson
- Re: [Rats] RATS use cases review Jessica Fitzgerald-McKay
- Re: [Rats] RATS use cases review Michael Richardson
- [Rats] Claims for to device trust (was Re: RATS u… Laurence Lundblade