IETF Logo Mail Archive

Re: [Rats] comments on draft-birkholz-rats-architecture-02

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 02 October 2019 09:00 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A2B41200D7 for <rats@ietfa.amsl.com>; Wed, 2 Oct 2019 02:00:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=60Z5fEIz; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=gJbUkIgK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3KQxEuq-9bOG for <rats@ietfa.amsl.com>; Wed, 2 Oct 2019 02:00:48 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50056.outbound.protection.outlook.com [40.107.5.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F6D41200FE for <rats@ietf.org>; Wed, 2 Oct 2019 02:00:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WgD9tZWCNeCpSnrwfSI+wEq/gexaQrquuNUcHFY5FNs=; b=60Z5fEIzvYGILztdEgRx8F7orw3V9srSHbPSruAnd4snEpXeOAtUZoXbXDD1cpfqTaW8qJgayJnfV8NmsUIzebBMqyIBb9IUMZPTEAJE6eh7RVZlwtSD/vi0bDZqnTl4BrhltC00qSS5DyTsmSAfpg+mO8PoLvEEKQx3Issg4iw=
Received: from DB7PR08CA0057.eurprd08.prod.outlook.com (2603:10a6:10:26::34) by AM6PR08MB3703.eurprd08.prod.outlook.com (2603:10a6:20b:83::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.20; Wed, 2 Oct 2019 09:00:41 +0000
Received: from AM5EUR03FT055.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::202) by DB7PR08CA0057.outlook.office365.com (2603:10a6:10:26::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2305.17 via Frontend Transport; Wed, 2 Oct 2019 09:00:41 +0000
Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=none action=none header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT055.mail.protection.outlook.com (10.152.17.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2305.15 via Frontend Transport; Wed, 2 Oct 2019 09:00:40 +0000
Received: ("Tessian outbound e4042aced47b:v33"); Wed, 02 Oct 2019 09:00:40 +0000
X-CR-MTA-TID: 64aa7808
Received: from 0ceb54e8eb5e.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.4.53]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id 2BC9D269-7500-432B-B2F3-6747EE4B9023.1; Wed, 02 Oct 2019 09:00:35 +0000
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-am5eur02lp2053.outbound.protection.outlook.com [104.47.4.53]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 0ceb54e8eb5e.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384); Wed, 02 Oct 2019 09:00:35 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l6JqbJvqQYDLwltwCg7FrhZNU2TWA1cF886jS4VcaSxwJ9tKsRHELuoo3u29hUN6AJYNUqLifBhu7p8hRWbZS0pS0gdq8N8iYGew3MvjXjY42Apwf/wliDauOvLXvmYa2xwd8CuwWBGBaCrQhm1UwLFOJLuYnXYpruco27+bMjRtYUgLqJykFvoLLc0osyEW23zyzg7YXdZegL3Pc94xLgsGUQtf8aVcCHT45vwygF2sP6cAsy0mFFbIWannQTjaNJG+RjUIvTh1+SS72v1QgO53euoWqV5OcYErmVhaXzg8u2ng0sm2CY8dmdHkG3FuVDpF15qzeezTjDbqWOKpHA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zUXIiAp82YF6S9cbLp7FDV3f5iY+i2R4w71ZMELiQcY=; b=MWDNgE+tRp565LhQC1A4PnZgB4FSpNp/DaHMq2qj66rIciSHn2QxowYyL9zUgW8RyzGUdddNlYi/1f7BUq5xCWSC9V5aslNu+vm63YNuNldslJuDw2BT/1LE2EYIOby6YTrqFTRdU10lo6uoJdxiLmoa8rvVUwCoRk+Oe/NFYZOHHqNRLENJOTkGiPfxLegGBw9nW9a37Q/kNGYYAyQBZIZ6wTwXIy7yh/dFt7SLAHZDD64GBhqH5NFgIlUe0sKJ1Qks2rOixTUQgR5xroRjCtBGMoJMslgUVK3ZcA+41auats6Hf5ThutA5+Uhs8ngJE025MzKrlsIazzBcjRHlCw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zUXIiAp82YF6S9cbLp7FDV3f5iY+i2R4w71ZMELiQcY=; b=gJbUkIgKJWtjGsDFQJCTDJ2iBk1qLRrT8pODfVQu91cfcngrOgb0jHD1JUEfrB9AXZvyUu1OBu2HmyUnKAhIrakKsL7isR6/CaqUJjTKUtCyy6egtlNj2uKHyH0KCjPhDwBgQqWgOaNIWcn/uEKLHHSq4lEtkWk0E0RyDogbZ7E=
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com (52.133.245.74) by VI1PR08MB4080.eurprd08.prod.outlook.com (20.178.127.94) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.20; Wed, 2 Oct 2019 09:00:33 +0000
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::b003:8767:35c7:e31]) by VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::b003:8767:35c7:e31%2]) with mapi id 15.20.2305.023; Wed, 2 Oct 2019 09:00:33 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: comments on draft-birkholz-rats-architecture-02
Thread-Index: AQHVc6wLs8eXy3dKq0+sUkZ9OD7XJadHF0Ig
Date: Wed, 02 Oct 2019 09:00:32 +0000
Message-ID: <VI1PR08MB53607670A7762C9EABE9D1A3FA9C0@VI1PR08MB5360.eurprd08.prod.outlook.com>
References: <20190925141802.5kvcriaysbuw5dhi@anna.jacobs.jacobs-university.de>
In-Reply-To: <20190925141802.5kvcriaysbuw5dhi@anna.jacobs.jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 8034cca0-c12f-4a37-9ef7-cdc6e0b798ad.0
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.116.217]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 7a7d9aed-67fc-466f-8034-08d747170013
X-MS-Office365-Filtering-HT: Tenant
X-MS-TrafficTypeDiagnostic: VI1PR08MB4080:|AM6PR08MB3703:
X-MS-Exchange-PUrlCount: 2
X-Microsoft-Antispam-PRVS: <AM6PR08MB37037C8C2CBBDBDE29E7FCDCFA9C0@AM6PR08MB3703.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0178184651
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(366004)(396003)(346002)(376002)(136003)(39860400002)(199004)(189003)(13464003)(55016002)(316002)(110136005)(14454004)(6116002)(8936002)(26005)(229853002)(3846002)(25786009)(81166006)(81156014)(2501003)(8676002)(478600001)(6246003)(99286004)(71200400001)(71190400001)(2906002)(33656002)(476003)(5660300002)(11346002)(966005)(66066001)(6436002)(446003)(66574012)(52536014)(53546011)(6506007)(102836004)(76176011)(7696005)(86362001)(256004)(14444005)(186003)(66476007)(74316002)(64756008)(66946007)(305945005)(66446008)(66556008)(6306002)(76116006)(7736002)(486006)(9686003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB4080; H:VI1PR08MB5360.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: gRX8oDPCee8TSwXGU14AOk1wUX++DQ7sn+WqOqtbVEriuf6k6Xw6im3nP7WNk6ClfVxMFtNiEODZNThUpCQc8wB25ybUXGp/1uI43Yrl1i5UPeYGrIMoNAIf1lqYdB3bHEX5U0xzDAWI9ltVtEfDo/4lg7ANKZ4+e8hAUhW98Y8DKisDE7OmwBcMCbMDf6VDLd/fy37o6Gow8bYNnshXLvpmUV3XDUNjz4sJu0jnavkkLwzzgInIIhL1yPhlXNZZ/EsyVNcd2+r5b10zvCdpIRKd70ukWz0A8GFwTIxqg4VgZhjl4/z9Ziw5iVxzdq4ydGt0UbGUE++2lihX1PLMAEd018R9tn5FqKxZt8mCiFVmgf1AJHp48Zi3b1YxeNkPYQxiPACsElGvk6TQ7GrCYdnseHGqIA9C0iPmvXdUqQqu/4IEsrWhGLzuuyoez96PAuZZCT0s82dNSE1eFbdsAw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB4080
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT055.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(396003)(376002)(136003)(189003)(199004)(40434004)(13464003)(70586007)(66574012)(5024004)(26005)(70206006)(23756003)(7696005)(336012)(8746002)(47776003)(74316002)(33656002)(76176011)(8936002)(66066001)(14454004)(26826003)(99286004)(446003)(3846002)(186003)(316002)(476003)(2501003)(76130400001)(25786009)(126002)(966005)(52536014)(63350400001)(6116002)(110136005)(11346002)(9686003)(229853002)(478600001)(36906005)(50466002)(6306002)(486006)(5660300002)(305945005)(81166006)(81156014)(53546011)(6506007)(22756006)(7736002)(102836004)(55016002)(6246003)(86362001)(8676002)(14444005)(356004)(2906002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB3703; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:TempError; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 4221f26e-82f7-481c-2ded-08d74716fb83
X-Forefront-PRVS: 0178184651
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: xhH91pSDaF2gDhar8g0VefB/UwDt3rkvFWMoxzJ/8GcyE8/HMbvQIE+f4bhrF4oE+rw/JkponyDI1rtyJRF8cPVFK0iUeSGxIfkAcWYulVFE0cRw3XhRrP5WMoMUtd82bI0mUGirvXW8WRgDFnqC2W4asSZcWTQtdGAOrH4v44cgm3tkBqTzowsAwjAC7IyJLN9cWhFecMMSq1PdFgHzPlAmx7Dwblkz0b+I2ZxexW5LwkIitqftYhvAFfzwWyPN/v8wzz3E4xta4wNcmz3wMzMkD3CA6oXAG8Vl1n6cA54JWHqJzsw75M0Tc9Qv2QsL4pVLYd1Ls0yxV7f6VuKljNFva2f457XueuxLIJ/67IZ5Cr18ZeX1qi1YPrqnjcaFYY4vnJKL1gtu4FV8vMNSDUExtBJuEa/yg5JhJ72B1POIQDtSee2vFA8YQd9OXiXbM0dCpXe9/FuSSwV/BYD3pQ==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2019 09:00:40.6421 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 7a7d9aed-67fc-466f-8034-08d747170013
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3703
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/GRkKoBiKEuYh6wEXeZonphb2N9A>
Subject: Re: [Rats] comments on draft-birkholz-rats-architecture-02
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2019 09:00:51 -0000

Hi Jürgen,

Thanks for your review. Looks of great questions.
Below is my take on it.

-----Original Message-----
From: RATS <rats-bounces@ietf.org> On Behalf Of Schönwälder, Jürgen
Sent: Mittwoch, 25. September 2019 16:18
To: rats@ietf.org
Subject: [Rats] comments on draft-birkholz-rats-architecture-02

Hi,

I am rather new here to please forgive my ignorance. I thought I start by reading the architecture document. Some of my questions may just show my ignorance but then this is what happens if you get fresh reads...

- What is 'normative guidance'?

[Hannes] Should just be 'guidance' but on the other hand an architecture document shouldn't provide guidance.
I guess we have to change the sentence altogether from
"
In general, this document
   provides normative guidance how to use, create or adopt network
   protocols that facilitate RATS.
"
To:

"

- Would it not make sense to also define the terms introduced in 1.1?

  - Claims
  - Evidence
  - Known-Good-Values
  - Endorsements
  - Attestation Results

  Perhaps section 1.1 should be folded into section 2 so that all
  terminology is defined in one place. What about terms such as

  - Attester
  - Verifier
  - Asserter
  - Relying Party

- What are 'architectural constituents'?

- Separation:

   A Computing Environment with the capability of remote attestation:

   o  is separate from other Attested Computing Environments (about
      which attestation evidence is created), and

  Does it always have to be separate? Is there an architectural
  requirement for these to be separate?

- If you read this document for the first time, it is difficult to put
  the various terms together in your head. Figure 1 helps but it comes
  a bit late, it would help if it would be shown early. It would have
  helped me if all key terms are defined upfront followed by a Figure
  explaining relationships or interactions before the discussion of
  details starts.

- Not sure this helps me understand things:

  (e.g.  Prinicipals that are Supply Chain Entities)

- What are Appraisals?

   [...]  Attestation Results are the output of appraisals.

  There is text in 3.3 about appraisals that I do not understand.  If
  Attestation Results are the output of appraisals, then appraisals
  are some form of a function. I thought that the Verifier is creating
  appraisals based on the received Evidence and the received
  Endorsements and that leads to Attestation Results, i.e., in a
  functional writing style:

  Verifier :: Known-Good-Values -> Endorsements -> Evidence -> Attestation Results

  This is also how I understand the definition of Verifier in 4.3.1.
  It seems appraisals are something internal to the logic of the
  Verifier, i.e., they may be produced by the logic of the Verifier but
  then the Attestation Results are really the output of the Verifier.

- Evidence

  I understand that Evidence is a specific form of a claim. I am not
  sure, though, what exactly turns a claim into Evidence.

   o  Evidence is provable Claims about a specific Computing Environment
      made by an Attester.

  What makes a claim a provable claim? Who is originating the claim
  and who is originating the Evidence?

- Endorsements

  It is not clear to me yet what the difference between Endorsements
  and KGV really is.

- Security Considerations

   RATS Evidence, Verifiable Assertions and Results SHOULD use formats
   ...

  Should that be

   RATS Evidence, Endorsements, Known-Good-Values, and Attestation
   Results SHOULD use formats ...

  to be consistent with terminology? The term 'Verifiable Assertions'
  shows up here the for the first time...

   [...]  Nonce Claims often piggy-
   back other information and can convey attestation semantics that are
   of essence to RATS, e.g. the last four bytes of a challenge nonce
   could be replaced by the IPv4 address-value of the Attester in its
   response.

  Despite wondering whether this is a good thing or a bad thing, I
  wonder why this is in the security considerations of the
  architecture document. The architecture does not define how Nonce
  Claims look like, so why would it discuss specific issues about
  Nonce Claims?

- Editorial

  s/capabile/capable/

  Singular/plural confusion in the following?

   Likely, there are a set of Claims that is widely applicable across
   most, if not all environments.  Conversely, there are Claims that are

/js

--
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>

_______________________________________________
RATS mailing list
RATS@ietf.org
https://www.ietf.org/mailman/listinfo/rats
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email