IETF Logo Mail Archive

Re: [Rats] [sacm] CoSWID and EAT and CWT

Thomas Fossati <Thomas.Fossati@arm.com> Thu, 28 November 2019 16:47 UTC

Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 464931208A2; Thu, 28 Nov 2019 08:47:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=p7OV7rvv; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=PFo+R3qD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yCXAqJ9SQDYJ; Thu, 28 Nov 2019 08:47:35 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50083.outbound.protection.outlook.com [40.107.5.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75D4C120885; Thu, 28 Nov 2019 08:47:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1UZNnYGaKrOWD5jk/0JFQePZMDpG9ka5mLkLBuUEmM4=; b=p7OV7rvvqpvC+j0gAOlWvlsuAIKBb4rMoh6QyM9cYzUchJTO6l8Yjn2qFGg0qWr/AY4IjP/7lC9GIrfiOP9sX2ld1MmPzFsVInECB50h4GAFLD8uH3MtMS7l2rR6+4WYdcs5VBwyKvYlSkrv/k6hcLI3ywWAjgmUibvsTUUR1Co=
Received: from VI1PR0801CA0078.eurprd08.prod.outlook.com (2603:10a6:800:7d::22) by DB7PR08MB3418.eurprd08.prod.outlook.com (2603:10a6:10:27::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.17; Thu, 28 Nov 2019 16:47:31 +0000
Received: from VE1EUR03FT027.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::207) by VI1PR0801CA0078.outlook.office365.com (2603:10a6:800:7d::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18 via Frontend Transport; Thu, 28 Nov 2019 16:47:31 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT027.mail.protection.outlook.com (10.152.18.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18 via Frontend Transport; Thu, 28 Nov 2019 16:47:31 +0000
Received: ("Tessian outbound a8ced1463995:v37"); Thu, 28 Nov 2019 16:47:30 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 1a58c4bb3637bbe1
X-CR-MTA-TID: 64aa7808
Received: from 04238db612bb.2 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 7EEE6B71-2378-4CCF-AA39-40C5A15ED80C.1; Thu, 28 Nov 2019 16:47:25 +0000
Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 04238db612bb.2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 28 Nov 2019 16:47:25 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kbEYKa6CBkEm8YFy59lUmc1LZ5SXL047J/+W9GDkd0d+RLTa4NjqLS1+bHHenN7y6XI6tPvM+a5IO6CJvW3pUvPP2HLMUPsfihwRnZLHDgqbv/dvKTXqcVDuacAn7yAjTu/arvGDYidk/yVtxdKKS29yxbGQ2d88G5ICrEl66efFMdqzuqjM6R6ga/jYvuikIxgq9YHF4YWNQgD//8r0ujSnyuq6nycPx84IKfC8T4XCV+S1v5zoPhWZswhludzR+WJL5cCbFqDr0WrIOCH/F1WMZwqwee8AeNK67xAIjWTZoNctm6GMefy/z2IsOR77ZCSNs6pbFjVQYsuO4HS5GQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kKe2lysfEeaR+xD5nIJPuYSX5S+WC3hqBMHWs06VUN4=; b=TVvxuYpCBYvFHI3nAIIp/B4Av2Zl4Z2W36Oe0Ns3RuPdamDQ5Vy1CA/9Ogq7gjBZpJMIPU53s4TgGHGPNNFwOEnCI88AIBKBmxkbytbQKxcRmJQdbV7HpurVkcNYLBFEJPJC0ZGz/8HGz9DDqPgQEabuKixZCDV1LS9OFkFuacMva9MmpOq4id6lNgJ9JBMoydgZl74TPFN0apT1z2z0oh4jn8z8dCjtPynB+NMgsd+H591Ljp5ZU2+lb3Joy2w0VOg+OG6saCb0Puzvtvy9cyXMNK69ji7NJHwoQoBA/1CPF3Psh+wmk28tv/zfjI+Cv/AKLD9mHms6O5uIs89bPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kKe2lysfEeaR+xD5nIJPuYSX5S+WC3hqBMHWs06VUN4=; b=PFo+R3qDmyrgCM/F86vh15XoVW5QhNx6tiUw719XAEiXCKOeFpnkKmV/aES3bgM9DgvaiyFHzgPoI30+Bn1A90QpMQgM9XPpNuHXgs/oZV+d7H5RsrlgH3M1/sfA7dCVAU24u0s5t28aw6Ersy/RfelCrqg/ttFBHyozIhjYR60=
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com (20.179.18.151) by AM6PR08MB4866.eurprd08.prod.outlook.com (10.255.97.207) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.20; Thu, 28 Nov 2019 16:47:23 +0000
Received: from AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::e8f5:4b6f:34b7:47a4]) by AM6PR08MB4231.eurprd08.prod.outlook.com ([fe80::e8f5:4b6f:34b7:47a4%7]) with mapi id 15.20.2495.014; Thu, 28 Nov 2019 16:47:23 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Laurence Lundblade <lgl@island-resort.com>, "sacm@ietf.org" <sacm@ietf.org>, "rats@ietf.org" <rats@ietf.org>
CC: Thomas Fossati <Thomas.Fossati@arm.com>
Thread-Topic: [sacm] [Rats] CoSWID and EAT and CWT
Thread-Index: AQHVoAOFHbeRQea3TEO+3tpXPiFPYKeWUfEAgAfW1QCAAONGgIAAO/qAgAAFYICAAYmVAA==
Date: Thu, 28 Nov 2019 16:47:23 +0000
Message-ID: <804D9F81-B058-4C1A-9ECA-726B6F027BA5@arm.com>
References: <2A12D8A3-722A-44D1-8011-218C89C8B50B@island-resort.com> <VI1PR08MB5360236E3583EBD3A78085EDFA490@VI1PR08MB5360.eurprd08.prod.outlook.com> <60C4E362-02FD-4DDF-BFB4-D09D358282D4@arm.com> <b5bca8a7-7e7c-4432-a1be-6cf1fc21c352@sit.fraunhofer.de> <05D67FD7-B95E-4716-B844-2F2F3A09030F@arm.com> <fba872b3-e326-ea54-8253-fccaa74a06fc@sit.fraunhofer.de>
In-Reply-To: <fba872b3-e326-ea54-8253-fccaa74a06fc@sit.fraunhofer.de>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1f.0.191110
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
x-originating-ip: [217.140.106.51]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: f45daef6-b252-44b7-23fb-08d77422a954
X-MS-TrafficTypeDiagnostic: AM6PR08MB4866:|AM6PR08MB4866:|DB7PR08MB3418:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <DB7PR08MB341863F99C139966ACB81ACE9C470@DB7PR08MB3418.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:2887;OLM:2887;
x-forefront-prvs: 0235CBE7D0
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(136003)(39860400002)(346002)(376002)(366004)(396003)(189003)(199004)(305945005)(5660300002)(3846002)(6116002)(6306002)(2906002)(7736002)(4326008)(6246003)(6512007)(66556008)(66476007)(66946007)(966005)(76116006)(91956017)(66446008)(14454004)(478600001)(316002)(2501003)(86362001)(64756008)(2201001)(25786009)(229853002)(8676002)(81156014)(6436002)(8936002)(6486002)(110136005)(81166006)(58126008)(36756003)(99286004)(66066001)(446003)(102836004)(26005)(33656002)(561944003)(71200400001)(71190400001)(5024004)(186003)(6506007)(2616005)(53546011)(14444005)(76176011)(11346002)(256004); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB4866; H:AM6PR08MB4231.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: RjxTTHGSNIDO3NjbsIi2XPzOD0sjHU3cDYSpoE0Aa7CQpCh8J9BcbH5nkQmLvQSPIGxJttinOBBMPp6PKCcbYSLtxGLdERqT6Uy5Z1VM2mohjZI7kw6NZ3jJqdFmXLLHI2g58ZrOu9siFV8SfAULp01i0if2VjFOvaxlsf26CV42IhhacB3BbVl4D/hpDwZngaSK7/Yyl45MqIelu69zFXAkhFkpzso0DP6rWYzsgBapH2Aj0EoE9wVOmfzobE1Q9DPWXeCqcWhsCe9rzo7O3TGWiUIKNl/+ReBq72GepDXM0Ybg89t7hMOKqJHeCGkjYSX/B7IIr7FWqjEDkUnJcUXFUf0bG6aa0asKxmXzh4b2D8zlWHodPraKM+2SpCK+553hNzSgHGDjzPbvvQaEm+ZYFBtasqbej/CdgiIVwM6FYA8ZnCBRu7inep6Th6YSk0i5OjghLAUYVGLd9OnzfPqVoOVOJr9oYsf/xcOJhuc=
Content-Type: text/plain; charset="utf-8"
Content-ID: <FC9DF0CBFC113E4696AE56C25EED40B2@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4866
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Fossati@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT027.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(39860400002)(376002)(346002)(396003)(199004)(189003)(40434004)(316002)(22756006)(8936002)(2906002)(47776003)(76176011)(23676004)(478600001)(2486003)(8676002)(14454004)(66066001)(81156014)(966005)(6246003)(436003)(450100002)(11346002)(446003)(2616005)(33656002)(99286004)(2501003)(229853002)(6486002)(6512007)(6306002)(36756003)(102836004)(26005)(4326008)(53546011)(6506007)(58126008)(110136005)(336012)(561944003)(106002)(36906005)(50466002)(186003)(86362001)(6116002)(81166006)(26826003)(7736002)(2201001)(305945005)(3846002)(356004)(5660300002)(70586007)(70206006)(76130400001)(25786009)(14444005)(5024004); DIR:OUT; SFP:1101; SCL:1; SRVR:DB7PR08MB3418; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 531a1a15-0a6e-495b-fab6-08d77422a462
X-Forefront-PRVS: 0235CBE7D0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: lDJH4kaUXB3vS3tGiteH1/nFfbywEV9RXYsah30tIPhTnMXNh1Ag+j1lVjP9NGxbgwoq6rPk4LTKVu1FyIewuRAlnk11WOI346qZ8rggyZo02bMXeahC7ZbT0CqDv2cgc/T74wEPBgxKVyWI28V2KskGuuPN2T48wUdtkoqRs9SglqFp6gN2vWbFN5WeS9ByI7CPqXqcRkmuE42mHWZiJwkHtlXAsKeCyZRgdFROmnXCMp45EHNuS6w7mJmDtgC1Rck09IXzleBByK52bgnA3mBLA6SdIklBj8tibZDiBRkJ+6YcbC3LhqzEBujlZxalIuCQIYnJ4OI3qHoSrJRGqWkVkmpNcFn+TkeXSvUOirtgFwz0lxjDPghHSH1lEKb1Vze0Il6vUrJup9xCCNLyHMIMzfdml1/WTOmhTFSJW5S3CODaqNARH1sjAhh1yh4C1QXfYMW7ss2B7Ddlzef3+a8+Fgn7HfwZkD6CZYFltMQ=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Nov 2019 16:47:31.3387 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: f45daef6-b252-44b7-23fb-08d77422a954
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB3418
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/83v3VASB2JW8YBiQ4HPmIxaSE8U>
Subject: Re: [Rats] [sacm] CoSWID and EAT and CWT
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Nov 2019 16:47:38 -0000

Hi Henk,

On 27/11/2019, 17:18, "Henk Birkholz" <henk.birkholz@sit.fraunhofer.de> wrote:
> we have a coswid extension in the queue that allows for the inclusion of
> hash-entries to very kind of resource-collection type (and also 12-14
> additional indexes, I think, that allow for the creation of Reference
> Integrity Manifests, including hashes for running processes). But this
> will not be submitted this year anymore, I am afraid. Very early next year!

Very interesting, thanks.  If possible, I'd like to have a look at the
proposal.  (No worries, I'll ask around here first, there should be a
couple of colleagues with access to the RIV work-in-progress in the room
next to mine.)

However, if I extrapolate correctly from what you say, this new CoSWID
extension would pop up on the RIM side rather than being a way to wrap
the measurements coming from the device in an attestation report?
If so, it makes a lot of sense to me.

[...]

I've done a bit of reading in the last two days and the more I look at
CoSWID the more I'm persuaded that while they'd work perfectly well for
a "software inventory" claim, the semantic overlap with a TPM/TEE/PSA
measurement is a bit tenuous and probably not enough to justify their
usage in those contexts.

My understanding is that in TPM/TEE/PSA the *measurement*, i.e. the
result of a function computed at {boot,run}-time on a piece of
executable and/or static memory, is the first class object of the
attestation.  A measurement comes with a bunch of optional metadata
attached (e.g., the measured software/firmware component name and
version, its signer, etc.), but these are effectively only metadata, not
necessary attributes -- in fact, our implementation of the verifier
doesn't care if they are not found in the submitted token.  On the other
hand, the entity modelled by a SWID is a *software component*, so using
that to wrap a measurement would look like a slight semantic abuse?

(As a meta comment, it seems to me that the risk associated with
CoSWID's excellent syntactic malleability is its semantics can be
stretched a tad too much.)

OK, concluding this long (and boring) rambling with an arc back to
Laurence's email "More claims? When is EAT done?" [1] and the related
discussion in Singapore, my current take on this is:
1. SW Inventory claim: yes, with CoSWID;
2. Measurements and Integrity Checks claim: yes please, with a new ad
   hoc format.

> The SUIT manifest can look very complex (CDDL-wise), but please keep in
> mind that most members (content items) are optional, so an actual
> instance of SUIT manifest can be quite... concise :) While I see the
> point in doing it "all in one thing" the SUIT manifest is an excellent
> representation for what is needed in updating small and big or cloudy
> things and redundant semantics in data formats often create
> corresponding friction in semantic interoperability later on (iotdir hat
> on opinion). So my first reaction is to combine the functionality of
> both and not to recreate the functionality redundantly on each side.

At the moment it still looks like a stretch to me, but I'd like to take
some more time to mull it over and discuss it with my fellow SUIT
colleagues because I think it's an interesting thought.

Cheers, thanks!

[1] https://mailarchive.ietf.org/arch/msg/rats/LXq1JH-w16L6qXeyBblKTkQ_-FA


IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email