IETF Logo Mail Archive

[Rats] 答复: Android comments on EAT draft

"Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com> Tue, 16 July 2019 01:25 UTC

Return-Path: <frank.xialiang@huawei.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73D9E12016C for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 18:25:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dTLe8jYxEokf for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 18:25:45 -0700 (PDT)
Received: from huawei.com (szxga08-in.huawei.com [45.249.212.255]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73BAE12016E for <rats@ietfa.amsl.com>; Mon, 15 Jul 2019 18:25:43 -0700 (PDT)
Received: from DGGEMM401-HUB.china.huawei.com (unknown [172.30.72.56]) by Forcepoint Email with ESMTP id A43D55D1EC071BD4A4C5; Tue, 16 Jul 2019 09:25:38 +0800 (CST)
Received: from DGGEMM511-MBX.china.huawei.com ([169.254.1.140]) by DGGEMM401-HUB.china.huawei.com ([10.3.20.209]) with mapi id 14.03.0439.000; Tue, 16 Jul 2019 09:25:35 +0800
From: "Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com>
To: "Smith, Ned" <ned.smith@intel.com>, Shawn Willden <swillden=40google.com@dmarc.ietf.org>, Laurence Lundblade <lgl@island-resort.com>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, Giridhar Mandyam <mandyam@qti.qualcomm.com>, "rats@ietfa.amsl.com" <rats@ietfa.amsl.com>, Henk Berkholz <henk.birkholz@sit.fraunhofer.de>
Thread-Topic: [Rats] Android comments on EAT draft
Thread-Index: AQHVC4B8Y7VUGX5UA0uRMpBubN+/qKa8IZ6AgAFF8ICAAALkAIAAW/KAgAbb9wCAAII6AIAGa4OAgAFC7IA=
Date: Tue, 16 Jul 2019 01:25:35 +0000
Message-ID: <C02846B1344F344EB4FAA6FA7AF481F13E7CB949@dggemm511-mbx.china.huawei.com>
References: <CAFyqnhVJ-ps4bdhsyQDOHdzHVZsXeK7_kCDXxUVUcuyDzWS3uA@mail.gmail.com> <29657.1562351277@localhost> <CAFyqnhU3KQN_Ww9km8yu7RsdJ1=6ut-bzLmFXtk00H-Zn1ykuQ@mail.gmail.com> <d572ce18b5ea40f18e8ff460dbab1e8b@NASANEXM01C.na.qualcomm.com> <CAFyqnhWQhw-JpDxdQLyXhf1wAJX_BUzOftouxBZjGk35q=Vnag@mail.gmail.com> <5C3D43D7-8C32-4C83-AEC9-DF98FE5DCF6B@island-resort.com> <CAFyqnhU23bwrY8UmBGf-=f665coHLX7PmhZWbCJp3qxrcAsvEw@mail.gmail.com> <CE806D9F-5A11-4746-9749-549761925155@intel.com>
In-Reply-To: <CE806D9F-5A11-4746-9749-549761925155@intel.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.159.76]
Content-Type: multipart/alternative; boundary="_000_C02846B1344F344EB4FAA6FA7AF481F13E7CB949dggemm511mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/JclSkqvS-PAdQAYMpxBrd-KOv5M>
Subject: [Rats] 答复: Android comments on EAT draft
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2019 01:25:47 -0000

+1

发件人: RATS [mailto:rats-bounces@ietf.org] 代表 Smith, Ned
发送时间: 2019年7月15日 22:07
收件人: Shawn Willden <swillden=40google.com@dmarc.ietf.org>; Laurence Lundblade <lgl@island-resort.com>
抄送: Michael Richardson <mcr+ietf@sandelman.ca>; Giridhar Mandyam <mandyam@qti.qualcomm.com>; rats@ietfa.amsl.com; Henk Berkholz <henk.birkholz@sit.fraunhofer.de>
主题: Re: [Rats] Android comments on EAT draft

Regarding our definition of attestation, it is important to consider whether assertions are under the control of the roots of trust. If the asserted information exists outside a trust boundary, then wouldn’t this be considered telemetry? The idea of a root-of-trust for measurement implies there is a trusted way to collect assertions. That means to me (and hopefully others) that the integrity of evidence has high strength of function (where the strength of function is tied to the trustworthiness of the roots of trust and not some unknown elements used during collection).

Since location based on GPS or radio triangulation uses radio equipment that is outside the control of the roots of trust. It seems classifying it as telemetry is reasonable.

As a counter example, media players sometimes are manufactured with a region code. Designing a root of trust that contains a region code seems achievable, hence would be a good candidate as an attestable assertion / evidence that has location semantics.

-Ned

On 7/11/19, 5:05 AM, "RATS on behalf of Shawn Willden" <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org> on behalf of swillden=40google.com@dmarc.ietf.org<mailto:swillden=40google.com@dmarc.ietf.org>> wrote:

On Wed, Jul 10, 2019 at 10:18 PM Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>> wrote:
First comment: I’m not sure this discussion has a big effect on what we standardize here. It seems reasonable to standardize the location claim even if Android or others don’t use it because it is a useful claim. So we should keep the location claim.  There should be some privacy discussion for the claim, probably suggesting at minimum the user’s consent be obtained before it is sent.

Completely agreed.

Second comment (not really relevant to standards work): It could work like this. The non-TEE part of the device (i.e., Android) tells the TEE if it can include the location or not. When the TEE includes it, it will be non-spoonable. That should be OK, because the user and Android are still in control. I fully agree that the TEE should not be sending any data that has any privacy issue on it’s own.

We'll go a step beyond that, I think, and mandate that the TEE also must refuse to provide the location claim under any circumstances.  But the location claim may certainly be useful elsewhere..

I'll point out that those of you who find location claims useful for your solutions really do not want Android to provide location claims (from the TEE). The reason is that location is inherently spoofable, by spoofing the RF signals that tell the device where it is.  At present, such RF spoofing equipment is custom and relatively expensive and difficult to use, but if Pokemon GO players couldn't spoof via software you can bet that within six months you could buy $500 GPS spoofing devices and within a year there would be multiple manufacturers competing and driving the price down.
On Jul 6, 2019, at 12:33 PM, Shawn Willden <swillden=40google.com@dmarc.ietf.org<mailto:swillden=40google.com@dmarc.ietf.org>> wrote:

On Sat, Jul 6, 2019 at 8:05 AM Giridhar Mandyam <mandyam@qti.qualcomm..com<mailto:mandyam@qti.qualcomm.com>> wrote:
>>Can you say more about location?
Are you saying that Android would never provide a relying party (say, an
open-protocol implementation of Pokemon GO) with where a device is?

>I strongly doubt that we will ever provide that.  I understand the benefits, but the privacy team feels like the risks are too great, that it's important that it always be possible to spoof privacy-critical data elements like location.

Can you expand on why “it’s important that it always be possible to spoof privacy-critical data elements like location”?

I'm not a member of the privacy team, so I don't know all of the rationale/considerations, but I know one element of it is to protect dissidents living under oppressive regimes.  There's a desire to make it possible for them to prevent their devices from giving away any information they don't want revealed, via rooting and modification of the Android OS.  Since they can't modify TEE/SE functionality, it's on us to limit the feature set of the TEE/SE code so it doesn't reveal private information, to the degree we can.

This is why the existing Android attestation uses batch attestation keys, to avoid making the attestation key a strong unique identifier, and why the ID attestation features are tightly restricted and include a low-level API to wipe the IDs and thereby disable ID attestation.  I'm assuming that similar logic would preclude location attestation, though the question hasn't actually come up.

If we compare to the FIDO 2 location extension (https://www.w3.org/TR/webauthn/#sctn-location-extension), which can be included as part of the FIDO 2 attestation, the location data inclusion in the attestation is managed by the browser permissions framework that already exists for location (https://www.w3.org/TR/webauthn/#browser-permissions-framework-extensions).

It seems that the Android permissions framework could be similarly leveraged for an EAT-based location claim.

It could, yes, but I don't think Android will enable that.


-Giri Mandyam, Qualcomm

From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> On Behalf Of Shawn Willden
Sent: Saturday, July 6, 2019 7:25 PM
To: Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr%2Bietf@sandelman.ca>>
Cc: rats@ietfa.amsl.com<mailto:rats@ietfa.amsl.com>
Subject: Re: [Rats] Android comments on EAT draft


CAUTION: This email originated from outside of the organization.


On Fri, Jul 5, 2019 at 12:28 PM Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr%2Bietf@sandelman.ca>> wrote:

Shawn Willden <swillden=40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf.org>> wrote:
    > Specifically, EAT is about attesting to a *device* while Keystore
    > Attestation is about attesting to a *key* -- though we also attest to
    > quite

I have include a section in the use case document called "Cryptographic key
Attestion"

Great!

    > Another, more tractable, area of difference is that EAT provides Claims
    > for
    > several data items which Android will likely never allow to be attested
    > because of their privacy implications and potential for ecosystem
    > fragmentation (apps choosing which devices they'll run on -- we generally
    > try to deny them the information they'd like to have to make those
    > choices).  These are:

    > - UEID
    > - Origination
    > - Location

Can you say more about location?
Are you saying that Android would never provide a relying party (say, an
open-protocol implementation of Pokemon GO) with where a device is?

I strongly doubt that we will ever provide that..  I understand the benefits, but the privacy team feels like the risks are too great, that it's important that it always be possible to spoof privacy-critical data elements like location.

    > Some other claims that we have, and think are important, are OS version
    > and
    > patch-level (represented as a date, YYYYMMDD); secure boot verification
    > key
    > digest; secure boot digest (hash of all verified code); application ID (a
    > digest of the requesting app signing key); and secure app version (hmm,
    > don't have a patchlevel, but we should!  I'll see about adding that for
    > R).

These are all intended to be covered under "network attestation", but
now I wonder if that term is mis-leading.

Hmm.  Yes, you're attesting to the device state, not anything about a network.  I guess "network attestation" is because you're expecting the relying party to be the network?


--
Shawn Willden | Staff Software Engineer | swillden@google.com<mailto:swillden@google.com> | 720-924-6645


--
Shawn Willden | Staff Software Engineer | swillden@google.com<mailto:swillden@google.com> | 720-924-6645
_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats



--
Shawn Willden | Staff Software Engineer | swillden@google.com<mailto:swillden@google.com> | 720-924-6645

v2.23.0 | Report a Bug | By Email