[Rats] Questions about latest PRs

"caobin (A)" <caobin8@huawei.com> Sat, 19 September 2020 09:52 UTC

Return-Path: <caobin8@huawei.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 632E93A0D2C for <rats@ietfa.amsl.com>; Sat, 19 Sep 2020 02:52:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.807
X-Spam-Status: No, score=-1.807 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTML_OBFUSCATE_10_20=0.093, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 42mn5-X5Bezu for <rats@ietfa.amsl.com>; Sat, 19 Sep 2020 02:52:41 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92B133A0CE8 for <rats@ietf.org>; Sat, 19 Sep 2020 02:52:41 -0700 (PDT)
Received: from lhreml725-chm.china.huawei.com (unknown []) by Forcepoint Email with ESMTP id 50EFA3382704D99CE29E for <rats@ietf.org>; Sat, 19 Sep 2020 10:52:38 +0100 (IST)
Received: from lhreml725-chm.china.huawei.com ( by lhreml725-chm.china.huawei.com ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Sat, 19 Sep 2020 10:52:38 +0100
Received: from DGGEML421-HUB.china.huawei.com ( by lhreml725-chm.china.huawei.com ( with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.1.1913.5 via Frontend Transport; Sat, 19 Sep 2020 10:52:37 +0100
Received: from DGGEML529-MBX.china.huawei.com ([]) by dggeml421-hub.china.huawei.com ([]) with mapi id 14.03.0487.000; Sat, 19 Sep 2020 17:52:35 +0800
From: "caobin (A)" <caobin8@huawei.com>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: Questions about latest PRs
Thread-Index: AdaOaksiGF1CuGPiRouIEBaLBIr2nA==
Date: Sat, 19 Sep 2020 09:52:33 +0000
Message-ID: <F0C5D68C1C185E479EEED366166A9E1909E2B140@dggeml529-mbx.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_F0C5D68C1C185E479EEED366166A9E1909E2B140dggeml529mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/IhOROEYGWJO9F_It6F06E5rEJoo>
Subject: [Rats] Questions about latest PRs
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Sep 2020 09:52:43 -0000

Hi authors,

I've noticed the changes of CHARRA YANG module on the GitHub. Here I have some comments:

1. The 'TPM_PCR_COMPOSITE' in the output of RPC tpm12-challenge-response-attestation and the 'TPMS_QUOTE_INFO' in the output of RPC tpm20-challenge-response-attestation are capitalized while other elements are not. Is there a special reason?

2. I see in the output there are node-id and node-physical-index, which makes me wonder whether containing TPM's name and location info in the input and output can make the implementation simpler. I want to discuss my thoughts more.

I think a better method is containing 'tpm-name' and 'node-id' in the input part and containing 'tpm-name', 'node-id', and 'certificate-name' in the output part. The reasons are below:

a) By making the 'tpm-name' and 'node-id' optional or visible only when two and more TPMs exist, this method doesn't bring complexity to the devices which only have one TPM.

b) For the devices which have two and more TPMs, by making the TPM's location info explicit in the challenge input, the Attester's control plane can directly find the TPM being challenged and it doesn't need to store and maintain the relationship among tpm-name, compute-node, and certificate-name.

c) This method has less exception scenarios to consider. In this method, if the Verifier doesn't recognize the certificate-name in the output, it just needs to retrieve this certificate again. In current method, if the TPM's certificate changed, the exception scenarios include the Attester's control plane may can't recognize the certificate-name, the Verifier may can't recognize the certificate-name, etc. Implementers may not be able to think through all of these exception scenarios.

3. For the log-retrieve RPC, it uses tpm-name in its input and output and is different from the TPM1.2 and TPM2.0 challenge-response-attestation RPCs. This also makes me feel a little weird that the TPM being challenged in the attestation RPCs is not identified by TPM's name.

Bin Cao