[Rats] retrieving reference measurements

Guy Fedorkow <gfedorkow@juniper.net> Wed, 29 April 2020 13:56 UTC

From: Guy Fedorkow <gfedorkow@juniper.net>
To: Henk Berkholz <henk.birkholz@sit.fraunhofer.de>
CC: "rats@ietf.org" <rats@ietf.org>, Jessica Fitzgerald-McKay <jmfmckay@gmail.com>, William Bellingrath <wbellingrath@juniper.net>
Thread-Topic: retrieving reference measurements
Thread-Index: AdYeLLsj977MpbIWSBiRE1EIoB5bdg==
Date: Wed, 29 Apr 2020 13:56:28 +0000
Message-ID: <DM6PR05MB68895483D6F508C46748147FBAAD0@DM6PR05MB6889.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=gfedorkow@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-04-29T13:56:26.6866068Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=eea69583-02d4-4ccd-b201-763f49c0bf35; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.3.2.8
dlp-reaction: no-action
authentication-results: sit.fraunhofer.de; dkim=none (message not signed) header.d=none;sit.fraunhofer.de; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 54349b2e-23b9-463c-f1fa-08d7ec451db1
x-ms-traffictypediagnostic: DM6PR05MB5100:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM6PR05MB5100B9ACAE781907567D1035BAAD0@DM6PR05MB5100.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 03883BD916
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: nzmZSK5gJr6IJhjpbauLXV7pk6YUFOnPsiyzs2a52i+wq1frDHBJEuHis4J6OAL3n/PWgXl2vjv0QHVY22S+G5pOHuQ7YNQL2ZMqWneS3DqmEpCFMdVXroL+VKPZbjgx4a+NNrXrhsjQK7ttgrx3BpCknQ3Di3cHWHieJg/Dv9wAZQxjo8L2sFK/lSW3O0lkxgcxBUpgEHJQy1A8ahRt/NoSbxtYbn5vDDaMbWQWSAWXXPRMhxOzRDaVq1UospPbeNWwOmGXNHBR6LaHZ6c0wIST6n4mhAn6bFi8vqVIEQ7pfnZEtxhpKArd3hCqxcs3hS1J9UmqabYqUVRLO8RjXeUT/anZ+u/YQ3q5N5Tg56yTJAe16zogdUI9CnzwYCmjAgtNK1o4IRYZvziqGD/Cwak0SvQRP0BVSrSO9YpAFxdyU/OAfRhsTd7xZPJH4OUaub4NfqFuAXYT3M64FdAZgNIUiETrnw4hTDntKFhJxddPn26hPruwa/w9DclN/NC5/25Hgl+eP9TKmLssfQ7NWH6l0lIphFI8XqeBvM2iCQtDkkpXs08fhWPGGygdJNzt
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR05MB6889.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(136003)(376002)(396003)(366004)(346002)(8676002)(71200400001)(7116003)(6916009)(966005)(478600001)(107886003)(66476007)(66446008)(9686003)(66616009)(64756008)(55016002)(66574012)(4326008)(4744005)(66556008)(5660300002)(76116006)(66946007)(3480700007)(52536014)(99936003)(26005)(8936002)(7696005)(9326002)(33656002)(186003)(6506007)(54906003)(316002)(2906002)(86362001)(133083001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: GnVW9y3IPCnuEUCWtrSQKl5qjcDR0fgxiqJ1fgo65FFTw//aQX7b0lg53I7Zz9Si1o5STHMCgTTXOf/FKXdw6NK+50i0TV+pyx62X6nmBJ0t79tECyun5uTXiWOoDEPNsrMlIA0gXQNv8ppo+8jJFE7fIa6va1BkKepaKjiaRGuLGTlgVR6VcqfP/nlLsUdVMKl7BsrMZHycAEzpItNFalL032kRcEOqe8d5CS9KJMRxdeTfRKl9K04D3c4Tw4/Y/ppPh/3/BNhpGSA63Ml9zoUXtUHEGVZdPj2VlMixHodOX06EYr8fs/jsmsWg5+nmXBaEIjUm7o09673cVBwTn9xKT7OauEQWzm13icKy93ReCgWgNbll6ZXGFKljdchR9Yq4oRNweiRoml1mBvZbx2Uqc8bxKf3vm4TEOcyOhtfaohMWkvYigArdpBFNHP/5wHRyEqZnbaelneHrbbqF78bEehJx+zu4WvMdTVUn/WRgcTIoQQMqtoDTsZ3oC5GjGq5uVkqcd5fRot2ISof/it7o3zpEnVoRt7N2cwCc12vkculrcyiFJfaWfKoSbiLj1eVh7gCs0D2yvxxooan4gNeICv0WIYJxMo2ZiUonIc7yGyI3Ab2oyxYRFKNKsUG8GfPc3dJD+VsLr+hh47fPegMsMJvzNI9qYOpsJgg/5RUAwdHBzq8Kv/+EnsZTRAxUue9OCQrgq4hUoY+D3pRzSzYy1if+F5xo1rAcJ1BAtCj+gc8/D3m6X1VPS0uBRBpdtE0pBozxh0jVx64eMx6fElSozuJkWc3QonjiWrGmJCc=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_00F3_01D61E0C.72BE4000"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 54349b2e-23b9-463c-f1fa-08d7ec451db1
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Apr 2020 13:56:29.0474 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OB+xJRnlnh8Fn5DgDRiuN1PCEi9V7fapjkG4FEykC0kcef25GknK5KrgxcDkEJmsRXZrM4JBei/tqCtO5R8iVw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB5100
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-29_05:2020-04-29, 2020-04-29 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxlogscore=999 lowpriorityscore=0 suspectscore=0 adultscore=0 spamscore=0 impostorscore=0 clxscore=1015 mlxscore=0 malwarescore=0 priorityscore=1501 phishscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2004290115
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/5gBrySkdtKz1M83tvHgcHHDtxhg>
Subject: [Rats] retrieving reference measurements
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Apr 2020 13:56:35 -0000

Hi Henk,

I see your proposal for identifying URIs for reference measurements in
https://tools.ietf.org/html/draft-birkholz-rats-mud-00

 

  I realize that some constrained devices may not want to do this, but do
you think draft-charra could be extended to allow retrieval of the signed
reference measurements directly from the device being attested, via the YANG
/ Netconf interface?

  Ironic as it may sound, I'm sure you know that many operators ensure that
their internet routers cannot access the public internet.

 

  Thanks,

/guy

 


Juniper Business Use Only

Attachment: smime.p7s

[Rats] retrieving reference measurements Guy Fedorkow
Re: [Rats] retrieving reference measurements Henk Birkholz
Re: [Rats] retrieving reference measurements Guy Fedorkow
Re: [Rats] retrieving reference measurements Henk Birkholz
Re: [Rats] retrieving reference measurements Eliot Lear
Re: [Rats] retrieving reference measurements Panwei (William)
Re: [Rats] retrieving reference measurements Henk Birkholz
Re: [Rats] retrieving reference measurements Shwetha Bhandari (shwethab)

[Rats] retrieving reference measurements

Attachment: smime.p7s