Re: [Rats] comments on draft-birkholz-rats-architecture-02
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Wed, 02 October 2019 09:11 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15EA912010E for <rats@ietfa.amsl.com>; Wed, 2 Oct 2019 02:11:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=CL0PizuU; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=rOpAYPYy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qoy1UTw9ZFRi for <rats@ietfa.amsl.com>; Wed, 2 Oct 2019 02:11:31 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60059.outbound.protection.outlook.com [40.107.6.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31E301200FD for <rats@ietf.org>; Wed, 2 Oct 2019 02:11:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QoANPpy56QqwC3munRRFfG5JK8McrdGJ4RlpDt+HQYM=; b=CL0PizuUrcqDOqcWlfT4/NDgwHJXjIk0BpRuyokUh1SEOiQFmQDYT44G+ZqxpafiPMs90UCH0lsc0TKJNJ6JzpgeECYzwnakHOSrzzCKbpIz0EO2gEYOnOIlfwcb7Lh9/6RKIb5LMWivFFPrOAhgs3bfGlztK8Aox2LVkyAGz9U=
Received: from VI1PR08CA0156.eurprd08.prod.outlook.com (2603:10a6:800:d5::34) by AM5PR0801MB1954.eurprd08.prod.outlook.com (2603:10a6:203:4a::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.20; Wed, 2 Oct 2019 09:11:26 +0000
Received: from VE1EUR03FT009.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::206) by VI1PR08CA0156.outlook.office365.com (2603:10a6:800:d5::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2305.20 via Frontend Transport; Wed, 2 Oct 2019 09:11:26 +0000
Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=none action=none header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT009.mail.protection.outlook.com (10.152.18.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2305.15 via Frontend Transport; Wed, 2 Oct 2019 09:11:25 +0000
Received: ("Tessian outbound 0cf06bf5c60e:v33"); Wed, 02 Oct 2019 09:11:25 +0000
X-CR-MTA-TID: 64aa7808
Received: from 337e01eea63e.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.6.55]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id 32ECCFBB-25C8-482F-A201-7834E7C88E4F.1; Wed, 02 Oct 2019 09:11:20 +0000
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02lp2055.outbound.protection.outlook.com [104.47.6.55]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 337e01eea63e.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Wed, 02 Oct 2019 09:11:20 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A/sTh492sXVj6+LezK/iGztZuVsrf9IRarznoWc3rb5okhq2Jp6sCf0Br/Ddy4kULdqPTP5fgdkzh4kQ4rv+VQVYSX1HUlApZh7QBcEGGDFWGo4bCsW0fPYtyRlBYfh3wS2PJFeCXoo9vBtSXkVXC9Z6qZvqmoaAw+M5ToFXSsKYOpOoOv3ci0lbU+OQ40PL/tbCri93ZKhrqJ+Cgaxw3Q0/jW6Ll43MPDUW7dfxMweM5RAR5JVdvgQrd8uv4C9QagoWsiUW34mbj4M4bJbTYK7PvIpuDZbuLwA8bWXPXpQ2YFo1ZRHZA/arlgq+KfjA9muFjImr3aosNLh3sWo3ag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qL66ITDAc1EX7nwXvzubKtVep8eHWZpmfiB5p5Deiig=; b=UopmBh4b8uus/ALgtyNGbOuyMGH6EdHS4MPDcxQ0AUiLU9vZTQuWgO4nlGrVS19ek0M1BpdpUB2Z+Qsp8pJsuL84fw4+8DuUbc/SqpyAP7mekUwaUvoX9oou3jhRg438ozs8pE/x/xZF7wE6d70tmmHRaaVcDjbX3JME8HKB+fsRYmpf4WE+W8ob/DHvEjmjFUOmcfcaFM5g/duo73bU6vGQlTYa3k70xRQefhppSlUP43DfMX456d/1myVf1DY6Y9OONNCn0IF2KW1nn+syZLuvpDem3qbU3VHF83pcMABOGnr635q/fkD1xpBphAN/lXJZ2FA0Mdljzw9mPDdHCg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qL66ITDAc1EX7nwXvzubKtVep8eHWZpmfiB5p5Deiig=; b=rOpAYPYy60JwMq3vTkt9V+hS9/c+wEQpyL6TvIqRRPp8XygMw/owzJkN3V16E9dd2ea/liCFBEbbxyz6FVghku63VzHKWAqhVjK9EW8ykJE8k9M7fplBL6QIt31XvHUALe9nT2fRkP7TPZ5qeBEfcIX9UySg9rM9E1qHffL6X0I=
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com (52.133.245.74) by VI1PR08MB3053.eurprd08.prod.outlook.com (52.133.14.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.20; Wed, 2 Oct 2019 09:11:19 +0000
Received: from VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::b003:8767:35c7:e31]) by VI1PR08MB5360.eurprd08.prod.outlook.com ([fe80::b003:8767:35c7:e31%2]) with mapi id 15.20.2305.023; Wed, 2 Oct 2019 09:11:19 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: comments on draft-birkholz-rats-architecture-02
Thread-Index: AQHVc6wLs8eXy3dKq0+sUkZ9OD7XJadHF0IggAAA+/A=
Date: Wed, 02 Oct 2019 09:11:19 +0000
Message-ID: <VI1PR08MB5360B3EFF48F3731D07FB2B8FA9C0@VI1PR08MB5360.eurprd08.prod.outlook.com>
References: <20190925141802.5kvcriaysbuw5dhi@anna.jacobs.jacobs-university.de> <VI1PR08MB53607670A7762C9EABE9D1A3FA9C0@VI1PR08MB5360.eurprd08.prod.outlook.com>
In-Reply-To: <VI1PR08MB53607670A7762C9EABE9D1A3FA9C0@VI1PR08MB5360.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: bb5d3c4b-baa8-4f18-ae90-9fa978df129c.1
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [80.92.116.217]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 26666ce7-8fd4-4657-4d05-08d747188080
X-MS-Office365-Filtering-HT: Tenant
X-MS-TrafficTypeDiagnostic: VI1PR08MB3053:|AM5PR0801MB1954:
X-Microsoft-Antispam-PRVS: <AM5PR0801MB1954755530EE1E892B1F9E9AFA9C0@AM5PR0801MB1954.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0178184651
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(39860400002)(136003)(346002)(376002)(199004)(189003)(13464003)(66066001)(64756008)(52536014)(66946007)(66556008)(66476007)(66446008)(6436002)(2940100002)(71200400001)(71190400001)(76116006)(14444005)(86362001)(256004)(316002)(6246003)(81166006)(55016002)(81156014)(8676002)(110136005)(76176011)(74316002)(7696005)(478600001)(7736002)(305945005)(446003)(11346002)(66574012)(2906002)(2501003)(33656002)(102836004)(99286004)(186003)(3846002)(6116002)(486006)(229853002)(8936002)(9686003)(26005)(53546011)(14454004)(6506007)(5660300002)(476003)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB3053; H:VI1PR08MB5360.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: r1WUW9kJ1iJwANDXFOwFov1Tyuxj3o9wUgnhxl2ocL8mrgYqIbUJvbY4BqniE416z9p8fZsdqUv9aWizYU+MGLU5qMDkX8pYZs2bQ4za4UG99M8zl9C+Jf755m83LW3C/dT2Emeuy61Htcj1T7xtf80vwBui5+4GY7YZNUHAyqfc1NOlDhkJoYyePQdW1BjmdjO8w2ZSYPbHsc09Nh1QonkXdmjv1Ds73VmzGaRzjGcw/zq0e8pN5GU8FpbS+qT2RQwYIA0zKlyovquRQofKe6VPGZEtFVlmISRlzwrkWZes7YsBhzzhbgDR/N4Xy1yLYXluNorUoaM7GrlAdfgFYSgakA8l/kQ8bXb95rXwskuB9XosbQtULQ/oZJFriu7uqxlCzhiRNBbBg/oZ149xSzyBsMCftGitxlcYwNqXGss=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3053
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT009.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(396003)(39860400002)(136003)(346002)(376002)(40434004)(13464003)(189003)(199004)(110136005)(2940100002)(50466002)(229853002)(36906005)(316002)(26826003)(478600001)(66574012)(76130400001)(3846002)(14454004)(6116002)(356004)(52536014)(5024004)(14444005)(5660300002)(186003)(76176011)(8746002)(63350400001)(8676002)(8936002)(446003)(86362001)(336012)(11346002)(2906002)(47776003)(99286004)(33656002)(25786009)(2501003)(23756003)(55016002)(74316002)(22756006)(9686003)(70206006)(70586007)(6246003)(81166006)(81156014)(66066001)(126002)(486006)(6506007)(476003)(305945005)(7736002)(26005)(53546011)(102836004)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:AM5PR0801MB1954; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:TempError; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 44f90202-b38b-4e62-066b-08d747187c9a
X-Forefront-PRVS: 0178184651
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: B7oU2gqQ45HTq2nq+ZOxkG9bkdI7xSQ/wpmFpkvgshilbIjSRY2n2K/f8a2lu0PUjLJ4bPsrmPkMTNP6kRGJDqo0Ly2S3DUcmGW2lR8q3HVgHWoCGp8Yex1x917ma+9+wcFdXDKi18m0p5ST5NZ1KPS2iQxtBmxMDgFjxmFCDb1SMhMf4NG8X2++bh+lP2syOBUEGhHHl3i67gPS/d3jOfiYbOXo99sIav+LgeKFk74OOS2xZSE9w8sLiGu2xVuvef29PmOpag6XGvaIygXtJLzwDNgk8OBRbJ8VNwG4l6wFbIA/nbhCaUsxa6z6ZTgsN8DLHweItgJ/h2INCIRHqjLfY09Fi/nXB3eB4YZZ8vzLmx4WCmwFqWqDKDaQVbQOKbn4jedZOKGMJfJ9sbXpNXJWJ1IbmPiT5xWTL/w6PSA=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2019 09:11:25.5332 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 26666ce7-8fd4-4657-4d05-08d747188080
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0801MB1954
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/OzKYVZTgSvlCwVczMbYl9z4WIbw>
Subject: Re: [Rats] comments on draft-birkholz-rats-architecture-02
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2019 09:11:34 -0000
Clicked the enter key accidentally and sent the mail far too early.... Below is another try: -----Original Message----- From: Hannes Tschofenig Sent: Mittwoch, 2. Oktober 2019 11:01 To: Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de>; rats@ietf.org Subject: RE: comments on draft-birkholz-rats-architecture-02 Hi Jürgen, Thanks for your review. Looks of great questions. Below is my take on it. -----Original Message----- From: RATS <rats-bounces@ietf.org> On Behalf Of Schönwälder, Jürgen Sent: Mittwoch, 25. September 2019 16:18 To: rats@ietf.org Subject: [Rats] comments on draft-birkholz-rats-architecture-02 Hi, I am rather new here to please forgive my ignorance. I thought I start by reading the architecture document. Some of my questions may just show my ignorance but then this is what happens if you get fresh reads... - What is 'normative guidance'? [Hannes] Should just be 'guidance' but on the other hand an architecture document shouldn't provide guidance. I guess we have to change the sentence altogether from " In general, this document provides normative guidance how to use, create or adopt network protocols that facilitate RATS. " To: " This document defines terminology and describes the architecture of the remote attestation procedures (RATS) standardization work in the IETF. " - Would it not make sense to also define the terms introduced in 1.1? - Claims - Evidence - Known-Good-Values - Endorsements - Attestation Results Perhaps section 1.1 should be folded into section 2 so that all terminology is defined in one place. What about terms such as - Attester - Verifier - Asserter - Relying Party [Hannes] I agree with your observations. Section 1.1 should be merged with Section 2 and these additional terms should be added. - What are 'architectural constituents'? [Hannes] Should be replaced with 'entities' - Separation: A Computing Environment with the capability of remote attestation: o is separate from other Attested Computing Environments (about which attestation evidence is created), and Does it always have to be separate? Is there an architectural requirement for these to be separate? [Hannes] A figure would help here. In the model we use at Arm with TrustZone for v8-M the computing environment is separate from the attesting computing environment. Since the term separate is not further elaborated I doubt there is a problem. - If you read this document for the first time, it is difficult to put the various terms together in your head. Figure 1 helps but it comes a bit late, it would help if it would be shown early. It would have helped me if all key terms are defined upfront followed by a Figure explaining relationships or interactions before the discussion of details starts. [Hannes] I have to agree with you. Maybe it helps to move Figure 1 up or to re-arrange other sections. - Not sure this helps me understand things: (e.g. Prinicipals that are Supply Chain Entities) [Hannes] Maybe a complete example would help. - What are Appraisals? ~snip~ - Evidence ~snip~ - Endorsements ~snip~ [Hannes] If it makes you feel better I have also been wondering why the attestation community uses so complex terms. I yet have to find out how to make it simpler (or how to describe it better). - Security Considerations RATS Evidence, Verifiable Assertions and Results SHOULD use formats ... Should that be RATS Evidence, Endorsements, Known-Good-Values, and Attestation Results SHOULD use formats ... to be consistent with terminology? The term 'Verifiable Assertions' shows up here the for the first time... [...] Nonce Claims often piggy- back other information and can convey attestation semantics that are of essence to RATS, e.g. the last four bytes of a challenge nonce could be replaced by the IPv4 address-value of the Attester in its response. Despite wondering whether this is a good thing or a bad thing, I wonder why this is in the security considerations of the architecture document. The architecture does not define how Nonce Claims look like, so why would it discuss specific issues about Nonce Claims? [Hannes] I completely agree with you. Thanks again for the great review. Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Rats] comments on draft-birkholz-rats-architectu… Schönwälder
- Re: [Rats] comments on draft-birkholz-rats-archit… Hannes Tschofenig
- Re: [Rats] comments on draft-birkholz-rats-archit… Hannes Tschofenig
- Re: [Rats] comments on draft-birkholz-rats-archit… Henk Birkholz