IETF Logo Mail Archive

[Rats] Why variability is needed (Re: EAT Profiles)

Laurence Lundblade <lgl@island-resort.com> Fri, 16 September 2022 18:23 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF82BC1522C0 for <rats@ietfa.amsl.com>; Fri, 16 Sep 2022 11:23:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PJJtQNbQqb9b for <rats@ietfa.amsl.com>; Fri, 16 Sep 2022 11:23:11 -0700 (PDT)
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2120.outbound.protection.outlook.com [40.107.93.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78B38C14CF10 for <rats@ietf.org>; Fri, 16 Sep 2022 11:23:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G/87KjVh/slGBoyvF+h1paJ40IjqMHwIQYv8Qnu+r9cZq9/pHlBx8k529s1QyRD0iPCIP3THGbQZk/2Y7z4OEcNEJviV7SsLJAj1Tno5kvdG6noodr9t9BH45BiIvDR32eLQx81Oga/YsI5n+FDpc8bYjRfNSdXfZqLVl/HKle+Bc8eBRXv2FTOasOBV5MgrnFOCtXfLCUFZl2llvJtrlQjBcxxtFfE6odMQhLJlIIVpCsJgIPSJTi7S7SctV+wVvJEz0ELc3gEgp3Htts2/meOPZmQ5eJLH2OOUWVo78/Ktncz0D6KXKXLr/FxujqNENbbeSBJxNOGyu1ArM9nu9Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dOgVOkY8m+Nn7Gl379xFrMqZobsr9JBm+HANwAE8DDw=; b=g9rEaP1FBgypGTlM31QrLteTfmVedYr8CwyT2JV44PX6i7aNhaPXxcF4ms/g/EfhYbRjH6iMdJrM1DlC6zfqDwFhDGkpNW4tKU/8qyXROYN0GbBa8BYtjnU8HQxDcUd+hsD71BSnvo0W/RuKrdMm4QiXBY2fKHsTNqj1JqfjTNRtzc6y8gfFUp+VwfgZHkMpbrURJhzlkt8Dh6Dpccr0SHDZcmA0nm0PwJrJAAO67iyynCRm1dz6TWnZIboNUY4bxelEiJy0BYdi2rvXApD1SZDbmxPahSVgffwnyBFph+Q5GBcEEcJ8bOjhdfDwkVxbSm6vC98mT4le6ja4znOM3Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by MW3PR22MB2250.namprd22.prod.outlook.com (2603:10b6:303:49::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5632.16; Fri, 16 Sep 2022 18:23:03 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::fde6:13a5:680b:756a]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::fde6:13a5:680b:756a%5]) with mapi id 15.20.5612.022; Fri, 16 Sep 2022 18:23:03 +0000
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <B48D92C7-9304-4B28-BDA5-8C447CF951B8@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4306D99E-439A-4CC2-83BB-038E092FA11E"
Date: Fri, 16 Sep 2022 11:23:01 -0700
In-Reply-To: <240776.1663329145@dooku>
Cc: rats@ietf.org
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <71934.1663019954@dooku> <6D74BAE0-3B37-4A1F-9966-96EB60B9D675@island-resort.com> <240776.1663329145@dooku>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-ClientProxiedBy: BY3PR05CA0039.namprd05.prod.outlook.com (2603:10b6:a03:39b::14) To PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: PH7PR22MB3092:EE_|MW3PR22MB2250:EE_
X-MS-Office365-Filtering-Correlation-Id: 3e5bad34-1348-4465-cc04-08da98107e25
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: gXf9ha1uu2wJaMJmn5G49g48/sUIrsdKat7iznEp1uKa9xwsPNpdlE7w1vXJ+di+OjTH1uQpYXNZHeLioSVRlS+H/FMVYoAJNG8mOsfe1aNK5s3bF59CCTnOTvy0W9jwHusxEFBP1k3xqxe38AXvdDyF+fOQEwmirFN8g1Zmyr4yb8x6D69FVwIgxSBhni1LDvhz2zI34/ejH+VMkhk0pvWa6FrG3K+tNG70TKeVKpSePxa7EWUQ0387T3G0q1UNu+ePCEIVSoE17O3Jj5ukYD3OawRb423sl2LheYMB97uXav0sPS0ju+cEYvWuBdYfSIP700tgQpK/pJo5gJD7HGPs9YlACEcwGSfgADYw6+lRvFCcJm/rBVOTHMAf0IygpkOIsSXVp6Mw5xy3tw4PMqJL8/Pu3g1J7wz5crmVDu1spXBWmqZRQMUZpf1ThkgEKzuVOdgwJmVisGXuuIhjwlUZtZKkIecusEXiqKow8jWQgkBzt1oNFN4b+2ZlKR/kN/Esv8b2Reu8Fv9ADmH/RJcM510Xg7LSLuqk3K/upauYCD0Gi0Bm2iRvplANIqDb2fSaQvhaXi9mFH/E4XUEbDhRbU/RSyI74l+6/eXCZLiyIN7r0hdt27upntgjCavyE9R27ESooDcOmVlYijqOyFos+nzphjLdemmknrSWm7QPXKIEV/9cTCZI3OHcM7np/gwLU9yqZY6I8hmauRvTO4BP+rG45TlnPFTHfyXadl1EtAqMyxnIh3fpk4wcvMx2gWhWh87hIBuA1zJAm3Oh+ZvvRU8JNziaShYPm9kE4hg=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR22MB3092.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(366004)(396003)(346002)(376002)(136003)(39830400003)(451199015)(2906002)(36756003)(38100700002)(38350700002)(8676002)(5660300002)(33656002)(8936002)(316002)(66476007)(4326008)(66946007)(86362001)(186003)(478600001)(26005)(2616005)(66556008)(6512007)(83380400001)(6486002)(33964004)(6506007)(53546011)(41300700001)(52116002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: IFd18AfgNAqkjaY0EwW93sl+sR/U2YoPukeVvbwh/XRga4iiOBRacTivsJ2NZyH0KfuHDoQgBtCj9HDtVOtZ8uATPbLEfnWUzzmkF5juvU+lbu0EkOc+5ufKVwGuYROzmoL1RBDqXMdhae9H0dlZFMREZ7K1k1Lji0YrXIwQ8QjIw7GletFZZsVWVskz44gvzv3UQ71J7cEPWY7t1woWfE62qC00w31423tM1CbMwAsjNzbnVf0E1iMnQwd+nY5j43zt2Ziu6gvC+rA9htbL/UT6MPtTBnTLK1jaK23RzH3zxWGKiVbxTVXNXL/OV0WDWAAxTDlwFfO9w2zpValcSKDFno3l0+Q96pJXjbRYP7RjUkeI+RLGg9s87W5rs7lV1h6oZmhUqtxLsJYNukfRxgc3YZAauewC5ImIpuLIMKnVEHBPsO0xEDjvmC24rM9dZEsj2Yra7t2ZshtyGmWXg/GceQvkDu876sk+bQd96RdwxlFGVOX/uLj+V9llVGHC5BTKbpYLLpUwbgb2pnYyJlWwNkh6JYQ/DCUtbg7cZL3pDwNeKFiHvB2ObK+cmBsSXKflwf2bi8CSCqRdX0nZ+uSqeqd1RMsUmzX70JfVNlw+daOWw8C9NbogArwa/PQQXEpGM9TSjhy/UvTV1v0No82ERYHtEQ+wvcfr6PrIyl82iEa2XPjvt45JWY0Bm8hmRkfzwxCJ/DBDdpn1UWVG5cimkoHF5rMQ0iL/Vs/wFVftIy2Y+E7SG8sjDL8i5SX3VeqpTrvco7IhesE07ePUJxOxW+iPtnVRvkSTPs/RBlX4Km1Sxgc07eyhpX1/Osa8k+bBlbpyDk0yObAR535M2EdvO680W+tr0GyFeseOJmucC/ke4Df4iCtcfqc73Yc9WInerfXcxqjMmN25LYhPkpEgM1j/s+9ZKkkWlVkyGkNS0gSccmzue9cHzgOtBMTLpvW9yRjwDIsimlHdN/k4ROY1hwY7NxG13hmr+dUlKdnLqVBe8XqW2xXaKKmx4Hk/V32T2cp0fyTyL0SR+CQ3Tt7EJlTLWHp3zwjnPwqTJF5lO2YLEZDfK2Mzc0I3nuzbCfxcv5RkZoPVCt0Pi6TDTOGuC1swZVWyxsSDO659x3xbAiHHpOqYpGYB5J29OiDW+PQaOJlz/T9BGN5Nrt+sGNql+Q+gh+FV0/GrNIx0XSt4wZ7e8AIlh4PwwhVS0R/gEMrT6ddzz2ch5B7APXjlNVlEeZP2FHRc++7jzk3WkTJTmzyYaHfbaoZP1NnBSGEkERFFxFP3g2XbeTuQk0SxGEozcrGsAVQ7RlPU6u6hVU4HgwTSF5QJ9lCo+EiWCmhDsGejLqI/Q+WIjIA/lQFk3YMr5iUrZ7w1ywYFE4c/PaMuqDz2apIEV6ePdvKqyq3Grj4vZIyqSmxdQhjlGGE63N33GiK885CPTXYrRTfqdrBTPWLNmgBpy68Ms/MYx0Pib/VbqMujO/JAxU18zI4HzsUXgVitj/ZnH4QGvsUR2tM480kKnI1rRUDu50QIpWuLHtgnvez/idgJVVNZnglcfGE2s4NJ2gMgynNlf96UK4YS+0RJelYTgx/kcEzPwZm5
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3e5bad34-1348-4465-cc04-08da98107e25
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2022 18:23:03.0962 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: RqqE44Jwu+zBBt4/+zagN7xcRA9VBYhVnm0f9CreLJjiHtKXLQ7/tNiKbf3aSB0IUhSviw3G2n+0n34rd1sAFQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR22MB2250
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/I-MvfASruU7cSjXntxQd2GoPjSM>
Subject: [Rats] Why variability is needed (Re: EAT Profiles)
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Sep 2022 18:23:14 -0000

> On Sep 16, 2022, at 4:52 AM, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
> 
> Laurence Lundblade <lgl@island-resort.com <mailto:lgl@island-resort.com>> wrote:
>>> <mcr+ietf@sandelman.ca <mailto:mcr+ietf@sandelman.ca>> wrote:
>>> 
>>> Second, the next bunch of items:
>>> 
>>>> Use of JSON, CBOR, or both: CBOR only.  CBOR Map and Array Encoding:
>>>> Only definite length arrays and maps.  CBOR String Encoding: Only
>>>> definite-length strings are allowed.  CBOR Preferred Serialization:
>>>> Encoders must use preferred serialization, and decoders need not
>>>> accept non-preferred serialization.  COSE/JOSE Protection: See
>>>> Section 8.  Detached EAT Bundle Support: DEB use is permitted.
>>>> Verification Key Identification: COSE Key ID (kid) is used, where the
>>>> key ID is the hash of a public key (where the public key may be used
>>>> as a raw public key, or in a certificate).  CBOR Tags: CBOR Tags are
>>>> not used.
>>> 
>>> I really don't like the EAT has not made a clear judgement on these
>>> things already.  I'd really really like EAT to be far more
>>> opinionated.
> 
>> CWT has most of this variability and it is a standards track
>> RFC. Should the CWT authors have been more opinionated? Should someone
>> write a follow-on RFC to it that says what CBOR serialization it should
>> use, what key ID scheme to use, ...?
> 
> No, but EAT is not CWT.
> The lack of strong opinion makes EAT just a rehash of CWT, and that's just
> not helpful.  Thomas has pointed me at the new section 6.3, and I'd like to
> suggest that you just blow away most of 6.2 and replace it with 6.3.
> What really are the arguments for doing anything other what 6.3 suggests?

Here’s use cases that diverge from 6.3 to serve as examples that cover just about everything listed in 6.3

Composite of pure HW attester and TEE/HLOS attester
- HW uses non-preferred encoding of integers to output registers directly
- HW is simpler because an indefinite length map is used to hold the Claims-Set (and there happens to be a variable number of claims for HW attester)
- Detached EAT bundle used to carry HW attestation plus TEE/HLOS attestation

JSON attester
- Some one doesn’t use CBOR

Chinese Attester
- Must use Chinese crypto

Don’t trust NIST
- Want Edwards algorithm. See TEEP profile.

Multiple signing for PQ
- Use COSE_Sign instead of COSE_Sign1 to sign with a PQ algorithm (e.g. LMS) and widely supported algorithm (e.g. ECDSA) (I know someone doing this)

Time-based freshness
- A highly constrained environment has trusted time and wants avoid sending a nonce

X.509-based keys/endorsements
- Rather than using a kid, the leaf cert / endorsement is included per draft-ietf-cose-x509

Privacy/confidentiality required
- The use case requires the encryption of the EAT
- Also may want to explicitly disallow UEID because it is PII

EAT carried by a tag-using CBOR protocol
- The protocol carrying the EAT wishes to use the CWT/COSE tag numbers to identify the item as CWT and the type of protection it wants

LL

v2.23.0 | Report a Bug | By Email