IETF Logo Mail Archive

Re: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)

Laurence Lundblade <lgl@island-resort.com> Sun, 05 June 2022 19:49 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F927C14CF17 for <rats@ietfa.amsl.com>; Sun, 5 Jun 2022 12:49:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.928
X-Spam-Level:
X-Spam-Status: No, score=-1.928 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZURlF2NppAZV for <rats@ietfa.amsl.com>; Sun, 5 Jun 2022 12:49:03 -0700 (PDT)
Received: from p3plsmtpa09-08.prod.phx3.secureserver.net (p3plsmtpa09-08.prod.phx3.secureserver.net [173.201.193.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 290A0C15791C for <rats@ietf.org>; Sun, 5 Jun 2022 12:49:01 -0700 (PDT)
Received: from [192.168.1.7] ([75.80.148.139]) by :SMTPAUTH: with ESMTPSA id xwF4nB3168t7XxwFBnY0C3; Sun, 05 Jun 2022 12:49:01 -0700
X-CMAE-Analysis: v=2.4 cv=fI/8YbWe c=1 sm=1 tr=0 ts=629d08ad a=qS/Wyu6Nw1Yro6yF1S+Djg==:117 a=qS/Wyu6Nw1Yro6yF1S+Djg==:17 a=48vgC7mUAAAA:8 a=AUd_NHdVAAAA:8 a=K6EGIJCdAAAA:8 a=rwblJ3Of6uHPZlb_YSsA:9 a=QEXdDO2ut3YA:10 a=9qN7Lnp4_N1d-fKJ2lQA:9 a=OdFVostrPc7kFxUh:21 a=_W_S_7VecoQA:10 a=w1C3t2QeGrPiZgrLijVG:22 a=L6pVIi0Kn1GYQfi8-iRI:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <9B0038FA-22FA-429D-9056-E7ECE0E9A8AE@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_44192BCB-034E-4406-B955-902BF04E87FD"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Sun, 05 Jun 2022 12:49:01 -0700
In-Reply-To: <BYAPR11MB3125557D4A024E936718F5A6A1DF9@BYAPR11MB3125.namprd11.prod.outlook.com>
Cc: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "rats@ietf.org" <rats@ietf.org>
To: "Eric Voit (evoit)" <evoit@cisco.com>
References: <45618431-7329-4F31-941F-A39BBC9D575F@cisco.com> <BYAPR11MB3125EB2DEC4CE5136AC903F9A1DF9@BYAPR11MB3125.namprd11.prod.outlook.com> <7FD4FE54-7A16-4E92-BDDC-878D726095E6@island-resort.com> <900bf8d8-0b00-cc98-fd82-786dc9c18901@sit.fraunhofer.de> <7DA26075-0764-4FC3-9176-F151BD50DF9A@island-resort.com> <BYAPR11MB3125557D4A024E936718F5A6A1DF9@BYAPR11MB3125.namprd11.prod.outlook.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-CMAE-Envelope: MS4xfGaX0KRynucdM4bs/e0FCu/pXEU2TlGFML8fSAfSL/dgW5/Q12EE/9y8ogK4u+H+scPNYLdiCdSIWV6StYjB43btg5pg371RT8wayphAI+ClJCJJgp7J hijvoYhhurteXafPTmLZ07CSMhm5wBfH1Air2z6jmoKtjiBFuUcGFm5earKTfrflpDz0No3QLZz499icxX9PqfcKQrB2E3tKDNS/Lt348WzbpHPkIuFr9Z/H GJ1/stcq8uO4/LYpuY4nG5lMCzgaqmAItTxQjdH1paqlx0u8BPXsWcR407gVuPW3
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/F-T_juiirGaX9Qomi-_ggmOtFoA>
Subject: Re: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jun 2022 19:49:07 -0000

> On Jun 1, 2022, at 2:27 PM, Eric Voit (evoit) <evoit@cisco.com> wrote:
> 
> Hi Laurence
>  
> While I do recognize the text has been tweaked since earlier this year, many foundational questions about the claim remain.  My recommendation is to review the previous dialogs and address the questions/comments. 

See below.

Some questions were old and already addressed (e.g. confusion with certification). Other’s were past misunderstanding on the part of the commenter. Some of the concerns below are duplicate of each other.

The main valuable result in my comments below is to clarify that security-level is to characterize the designed security level of the attester, not the output of an evaluation relative to SW update and exploits. Security-level is definitely not intended to be a major part in Attestation Results.

I believe I have provided a reasonable answer to the concerns below.

LL



> Some of these include:
>  
> Adrian:
> "Why would a verifier choose to rely on this instead of some information that comes directly from an Endorser? Without an example, it just seems a better fit for an endorsement."
> https://mailarchive.ietf.org/arch/msg/rats/KRVoK0ITFnKhhKUz2sgkg7qhl1c/ <https://mailarchive.ietf.org/arch/msg/rats/KRVoK0ITFnKhhKUz2sgkg7qhl1c/>
See my recent comment on Evidence and Endorsements. I believe this <https://mailarchive.ietf.org/arch/msg/rats/DBQVqJ1xtNybIw53A2REVdPqgdk/> answers this.


>  
> Michael:
> " I would like security-level removed from the base spec."
> https://mailarchive.ietf.org/arch/msg/rats/VWjh47bxm-aNLeQfqub1kIhy0Uk/ <https://mailarchive.ietf.org/arch/msg/rats/VWjh47bxm-aNLeQfqub1kIhy0Uk/>
That comment was in the context of security-level being redundant with DLOAs. I think we have shown that it is not. There is text in  draft-13 that clarifies it is not a DLOA.


>  
> Ned:
> "the namespace delivered needs to be able to differentiate between all three security-levels described above."
> https://mailarchive.ietf.org/arch/msg/rats/iSgLo-CmaUP40Jo0A0uDnj7X1q8/ <https://mailarchive.ietf.org/arch/msg/rats/iSgLo-CmaUP40Jo0A0uDnj7X1q8/>
This comment seems to be about security-level characterizing the security of 1) the Endorser itself, 2) the Attester itself and 3) the Verifier itself.

This is a bit of an unexpected application of security-level to me, but in draft-13 it is made clear by the new sections structure that security-level only ever characterizes the Attester.


> Henk:
> "I am increasingly having doubts about the current definition of "security-level" and I think I am as least as confused as Eric, Ned, and Wei are. Which raises a big red flag for me"
> https://mailarchive.ietf.org/arch/msg/rats/Iwy_d3bnzSmLy6VFvgclWyUvOKQ/ <https://mailarchive.ietf.org/arch/msg/rats/Iwy_d3bnzSmLy6VFvgclWyUvOKQ/>
About half of the commenters here are not confused and support security-level. Security-level is not a  total confused mess.

Maybe draft-13 fixed the confusion? Concrete comments needed for action here.


>  
> Panwei:
> " To me, the “security-level” seems like redundant with the DLOA claim"
> https://mailarchive.ietf.org/arch/msg/rats/JVDgKRB6MU5UoFEKTavU7pEoxW4/ <https://mailarchive.ietf.org/arch/msg/rats/JVDgKRB6MU5UoFEKTavU7pEoxW4/>
Same comment / context as Michael’s above.


>  
> Thomas:
> "I don't think we'd use it, mostly because of the self-asserting nature of such claim."
> https://mailarchive.ietf.org/arch/msg/rats/5_42_KKVvn4Xvx5W5ygs-PgK22M/ <https://mailarchive.ietf.org/arch/msg/rats/5_42_KKVvn4Xvx5W5ygs-PgK22M/>
This is by one person and most claims won’t be used in some use cases so this comment doesn’t really have much weight. 


>  
> Eric:
> "The meaning of security-level varies across the use cases below (i.e., in some cases it is a self-appraisal, in others it is calculated by the Verifier.)"
> https://mailarchive.ietf.org/arch/msg/rats/P75I4YZFcTqnAkA3R1fjccbOX6Y/ <https://mailarchive.ietf.org/arch/msg/rats/P75I4YZFcTqnAkA3R1fjccbOX6Y/>
Yes. You have to know the Verifier’s policy, just like with everything else the Verifier outputs.


> " Why would a Relying Party coder ever want the Endorser and the Attester's security-level if it has been given the Verifier's security-level?"
> https://mailarchive.ietf.org/arch/msg/rats/tD1Xa5URqB5e9yttjyaWpzvS63U/ <https://mailarchive.ietf.org/arch/msg/rats/tD1Xa5URqB5e9yttjyaWpzvS63U/>
This is the same comment and context as the Ned comment above.


> "Here are a few off the top of my head..."
> https://mailarchive.ietf.org/arch/msg/rats/eGqHwo47RQj5FJDCd8ukxCNhWcA/ <https://mailarchive.ietf.org/arch/msg/rats/eGqHwo47RQj5FJDCd8ukxCNhWcA/>
> *	What should be a score is Firmware is known to be out-of-date, deprecated, and there is an active exploit.  
The claim is to characterize the designed strength of the Attester. It is not to characterize the overall result of an evaluation or the output of a Verification. So the claim doesn’t really speak to this issue.
>  
> 
> *	Is all Hardware equal even if (a) one can scan and deliver signatures spanning a nonce and real, current firmware measurements  (b) another can be programmed by a hacker just to spit out a pre-programmed value.  

Text added in draft-13 clarifies that security-level is only a rough characterization. It also justifies why it is only a rough characterization.

> 
> *	Is bios configuration part of what should be considered in the level?  How can a Relying Party hope to keep up with which bios configurations might open up security exploits.

Security-level is primarily to characterize the attester design intent, not to track the state of SW updates, exploits and such. It is not intended for a summarization of the output of a Verifier.  Other claims AR should be defined for that. 

It may still occur in the output of a Verifier as a claim that is forwarded by the Verifier.

Personally, if I were an RP and the firmware were out of date or there were known exploits, I’d probably wouldn’t want some sliding scale rating for that. I think I’d want the Verifier to make a recommendation to trust or not trust, or the Verifier to tell me explicitly what is wrong. To me that is further reason why security-level is not really about characterizing the exploit/update state of a device.

We can add text that clarifies that security-level is about attester design intent, not current disposition relative to exploit/update.

LL



>  
>  
> Eric
>  
>  
> From: Laurence Lundblade <lgl@island-resort.com> 
> Sent: Wednesday, June 1, 2022 5:17 PM
> To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
> Cc: Eric Voit (evoit) <evoit@cisco.com>; Nancy Cam-Winget (ncamwing) <ncamwing@cisco.com>; rats@ietf.org
> Subject: Re: [Rats] security-level claim (was Re: WGLC for https://datatracker.ietf.org/doc/html/draft-ietf-rats-eat)
>  
>  
> On Jun 1, 2022, at 2:06 PM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de <mailto:henk.birkholz@sit.fraunhofer.de>> wrote:
>  
> Hi Laurence,
> 
> I see that the list of values for security-level has been trimmed, the context had quite some churn that is hard for me to reflect here in detail. What I am really missing now is the most important statement: "The claim made here is solely a self-claim made by the Attester.”
>  
> You suggested text would quite work out right.
>  
> - It could be a claim made by Verifier in AR and thus not a self-claim. (But only if this is a useful in the particular AR use case; some RP/Verifiers may prefer certification info or define their own scheme for security level; it’s just there if you like it and find it useful, not as any canonical standard representation of Verifier output)
>  
> - Even if it is a self-claim, so are many of the other claims
>  
> - In some cases when it is a claim made by the Attester, the Verifier may have rules for checking it when forwarding it to the RP, just like it has rules for all the other claims it may forward to the RP from either the Attester or Endorser. For example it might know the device manufacturer is very scrupulous and will only puts the correct security-level in just like it knows it puts in the correct UEID.
>  
> LL

v2.23.0 | Report a Bug | By Email