Re: [Rats] TPM background for RIV
Michael Richardson <mcr+ietf@sandelman.ca> Tue, 08 September 2020 15:06 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0843B3A0D76 for <rats@ietfa.amsl.com>; Tue, 8 Sep 2020 08:06:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vwi7XSzN0HOT for <rats@ietfa.amsl.com>; Tue, 8 Sep 2020 08:06:25 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E47293A0C23 for <rats@ietf.org>; Tue, 8 Sep 2020 08:06:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 8053E389C4 for <rats@ietf.org>; Tue, 8 Sep 2020 10:45:13 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id trZkzXcNVYvO for <rats@ietf.org>; Tue, 8 Sep 2020 10:45:11 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 7F193389C3 for <rats@ietf.org>; Tue, 8 Sep 2020 10:45:11 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 38A4D86F for <rats@ietf.org>; Tue, 8 Sep 2020 11:06:21 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "rats@ietf.org" <rats@ietf.org>
In-Reply-To: <DM6PR05MB68896AEC22B8227D38EF0140BA290@DM6PR05MB6889.namprd05.prod.outlook.com>
References: <DM6PR05MB6889971FB32A359EFFF85D21BA570@DM6PR05MB6889.namprd05.prod.outlook.com> <CAN40gSuS_5skTXE-g1UpeaqO2Ms-QXSG2Jhs7npXf8MgBV001g@mail.gmail.com> <19865.1598394565@localhost> <CAN40gSvibdR2S3Q9KzyU2=6Q8-6_WHdRRj5S5tMGRUAJCSvxUg@mail.gmail.com> <28707.1598451066@localhost> <CAN40gSvePkMps8nvHwUH4GndxOcDgRRSb+oPeQy-90fn98q9TQ@mail.gmail.com> <EC0128FB-C4A5-473D-824A-DD340569EEF1@intel.com> <DM6PR05MB68896AEC22B8227D38EF0140BA290@DM6PR05MB6889.namprd05.prod.outlook.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Tue, 08 Sep 2020 11:06:21 -0400
Message-ID: <29331.1599577581@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/BR64Ml_ceSrd9vTyKfMMYEiyAmI>
Subject: Re: [Rats] TPM background for RIV
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2020 15:06:27 -0000
Guy Fedorkow <gfedorkow=40juniper.net@dmarc.ietf.org> wrote: > Sorry for being slow on this. I agree with Ira, that the RIV doc > could not qualify as a TPM Profile. There's a lot of in a TPM; to make > a profile, it would have to all be sorted into Include and Exclude > piles. > Although I don't think this is the crux of your question, many of us > have shied away from specialized TPM Profiles for business reasons. So, not being steeped in the art of TCG Profiles, I would respond with... . o O ("The Emperor has no clothes") Either: a) RIV should be extended such that it's a proper profile. b) TCG Profiles aren't that interesting or useful, so why care? > Staying in sync with PC Client has enabled everyone to benefit from > enormous production volumes. It seems that the PC Client Profile has been hacked and abused a lot, and might not be ideal for routers. I think, but I could be wrong, that router manufacturers might have the right volume, and maybe fTPMs are more reasonable now and would reduce the cost. > But let me know if I'm missing the point of your question. It seems that RIV needs more PCRs, and it can't rely upon them being available, so it's doing dumb things. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- Re: [Rats] TPM background for RIV Ira McDonald
- Re: [Rats] TPM background for RIV Ira McDonald
- Re: [Rats] TPM background for RIV Michael Richardson
- [Rats] TPM background for RIV Guy Fedorkow
- Re: [Rats] TPM background for RIV Dave Thaler
- Re: [Rats] TPM background for RIV Kathleen Moriarty
- Re: [Rats] TPM background for RIV Ira McDonald
- Re: [Rats] TPM background for RIV Michael Richardson
- Re: [Rats] TPM background for RIV Ira McDonald
- Re: [Rats] TPM background for RIV Oliver, Ian (Nokia - FI/Espoo)
- Re: [Rats] TPM background for RIV Guy Fedorkow
- Re: [Rats] TPM background for RIV Michael Richardson
- Re: [Rats] TPM background for RIV Guy Fedorkow