[Rats] Mail regarding draft-ietf-rats-tpm-based-network-device-attest

"Mark D. Baushke" <mdb@juniper.net> Mon, 12 October 2020 14:43 UTC

Return-Path: <mdb@juniper.net>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2A373A1538; Mon, 12 Oct 2020 07:43:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.297
X-Spam-Level:
X-Spam-Status: No, score=-3.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=Pg5r8NT0; dkim=pass (1024-bit key) header.d=juniper.net header.b=KlLXt31E
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9L7bnkCyzZa0; Mon, 12 Oct 2020 07:43:35 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9419F3A1532; Mon, 12 Oct 2020 07:43:32 -0700 (PDT)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 09CEgt5L016036; Mon, 12 Oct 2020 07:43:32 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : from : subject : mime-version : content-type : content-id : date : message-id; s=PPS1017; bh=S1qb1cQZIr7Iuuq4WmbskxZzORATWsWs3L2EUXeqD00=; b=Pg5r8NT0ER5WoT2kZdGHfOV2Iv18hw/Mnms9vXIbQhgfXlgWqYLNuDCG5dtelvAvY1iY RGlKxfd+SSl4rEIz/Ebf7ZfnqR+LzGujG15bnjAeSCA3Vg8AibbmW7hzkejJBEfKL2/t aafSnU1GnPXzAHtHK8AqRuncyc3OjkLZa/Gy+PCJL0uU1ro4HGdyr9cT+yjcl1FbPy3P s17EonF9bMj1HDjed1SYrTEtdvyFtIiJYgYmUoKqlRpKphslQpXKT5gPctBygF/uAMhA YOH3hI63iowEBDhdQpqrPmhf/ccuX7i9JD0sxIaw5f8uDZN87zplokBX00AzJMYXBLJI JA==
Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2177.outbound.protection.outlook.com [104.47.58.177]) by mx0a-00273201.pphosted.com with ESMTP id 343bymthht-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 12 Oct 2020 07:43:32 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cs4N4jKs9aJ6/w/efVVvNjaaV9/mCYYsxgeR5RQHsiynWDaMGy9ZJ9bIhe3Ib9iD8TneWzrJYbOTb+fFl1rBSUGsk5lnQQP0Vr++ye2t6DRfFU8lQpL/9SK6tgtaDz87BkVVH1FcRwEIYcTJSjIgsYla5SVYjHDB8mEzhbak66L2Eu6uYWEA3odUXaTWepJIfpq0iwXyU0gSphSJT/z0izVHG/a3CIMBJ15pIFNr1eWJhI1LgE1zbIq/I2olWyUYZLI5AtCaEIrmzsq7y6Nva/eNJgP7iL3Fjk4MW5LMKiajz02jmJw2XQInqhc9B8lyfH+RIZDtQXJN4a9ml9xwbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S1qb1cQZIr7Iuuq4WmbskxZzORATWsWs3L2EUXeqD00=; b=Hyhl4rMGTcRIcdsJ0RQTX/WubTdhdK6fy2YYY4LkiRT8d558F+PY++1mFd54a8iOsG5k8fK+/UpI/p16Zdb5jNLblCFGkX4ukjtsaS4vCiAPyasj+1KlHxRcm2J+JrGgUzDoYkyOeNV8agXtZPYaoihIN26RiXn5YPsCtyvTg4e6dv0u6ElM+cEGLQrid1wUPW5PPNSWbM4M5D70FjpR3j8HSw/uNywwO4Y5b0O7FiDr87fdbWN0TR0igZCQzTT4JqRmS45FB3HMd90iZJnlpP2rkZk6a3uUDBeY/EtW8AYf/GwFO0yAb+hceBQamvm7KkahOZbLxqkpNtiVhIj5vg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 66.129.242.12) smtp.rcpttodomain=ietf.org smtp.mailfrom=juniper.net; dmarc=fail (p=reject sp=reject pct=100) action=oreject header.from=juniper.net; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S1qb1cQZIr7Iuuq4WmbskxZzORATWsWs3L2EUXeqD00=; b=KlLXt31EEHzY4Sbze7ON05ItuVPzSOUfTv3qXlPv4+hG+vX7ARzTx9ByE2kStBEzrpB+yqMEthWOh6jFxqPrFQh1rALNrWx5BaRLklRGNAjPylDGu4v6lqxyioTPSdnsd3fJFg6aj3C1jCUQFIWUzdSJbRfS/1YBTu6DOtPPVVw=
Received: from DM5PR10CA0015.namprd10.prod.outlook.com (2603:10b6:4:2::25) by SN6PR05MB3983.namprd05.prod.outlook.com (2603:10b6:805:1b::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.11; Mon, 12 Oct 2020 14:43:29 +0000
Received: from DM3NAM05FT016.eop-nam05.prod.protection.outlook.com (2603:10b6:4:2:cafe::9e) by DM5PR10CA0015.outlook.office365.com (2603:10b6:4:2::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.23 via Frontend Transport; Mon, 12 Oct 2020 14:43:29 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 66.129.242.12) smtp.mailfrom=juniper.net; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=fail action=oreject header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.242.12 as permitted sender)
Received: from P-EXFEND-EQX-01.jnpr.net (66.129.242.12) by DM3NAM05FT016.mail.protection.outlook.com (10.152.98.125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3477.11 via Frontend Transport; Mon, 12 Oct 2020 14:43:28 +0000
Received: from P-EXBEND-EQX-01.jnpr.net (10.104.8.52) by P-EXFEND-EQX-01.jnpr.net (10.104.8.54) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 12 Oct 2020 07:43:28 -0700
Received: from p-mailhub01.juniper.net (10.104.20.6) by P-EXBEND-EQX-01.jnpr.net (10.104.8.52) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 12 Oct 2020 07:43:28 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [10.160.0.88]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id 09CEhR7j022950; Mon, 12 Oct 2020 07:43:27 -0700 (envelope-from mdb@juniper.net)
To: <rats-chairs@ietf.org>, <draft-ietf-rats-tpm-based-network-device-attest@ietf.org>
CC: <rats@ietf.org>
From: "Mark D. Baushke" <mdb@juniper.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <67931.1602513806.1@eng-mail01.juniper.net>
Date: Mon, 12 Oct 2020 07:43:27 -0700
Message-ID: <67932.1602513807@eng-mail01.juniper.net>
X-EXCLAIMER-MD-CONFIG: e3cb0ff2-54e7-4646-8a04-0dae4ac7b136
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: bf629d4a-c9c1-4872-97e3-08d86ebd2f11
X-MS-TrafficTypeDiagnostic: SN6PR05MB3983:
X-Microsoft-Antispam-PRVS: <SN6PR05MB3983286BE06851CF947F6982BF070@SN6PR05MB3983.namprd05.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: l7HTHmONjwIjk7o6bDV64lqTgElK6L+81zgRbh4PN1rAMcETtSkCPDkob05ERxsckSVK3RjdLGeOYCzZcHyQSmPQNQHKcIdjUehAnru+5w+YEXUJMrax6G2rjl4MiAUKbtxzPuoViMNCBs0/6UtdTokDMSLj/Yf1zuscvsDXEkiqy5oDbWCtgsxUVRxFhMqAtITUIaAfX/psReyoW2IOU99gItiHwiBNWYCnqWlylwwEFbzcoWiKWD6tLEWjM3OYGz2mVnLpEVmZHdPYN/zXMdvpxexdrqVT1DroQbDukpeIeXkQKKk/zZyKwdcrpUryCYviZErzSKLd3qeRHYE65kqCjIxiDnCxfT9998QUjd5e7SnWMRedCXNiAfhI7LsyW/t9+49XuDurL1jFlwrW7q8gAZsOoj5RHlwckVaNHQKVC7q6+OtLFJpY2uumhS03KtCEnDQwtoub6fa4VGYE+tNRGnh7jUyTaCQzhSIC6UfFXAkM+fZ6Nj4+B4fFN/jp
X-Forefront-Antispam-Report: CIP:66.129.242.12; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:P-EXFEND-EQX-01.jnpr.net; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(376002)(396003)(39860400002)(136003)(346002)(46966005)(5660300002)(478600001)(966005)(186003)(70206006)(47076004)(426003)(336012)(15974865002)(82740400003)(70586007)(7696005)(110136005)(82310400003)(316002)(81166007)(86362001)(450100002)(4326008)(8676002)(8936002)(83080400001)(2906002)(26005)(356005)(18886075002); DIR:OUT; SFP:1102;
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Oct 2020 14:43:28.9368 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: bf629d4a-c9c1-4872-97e3-08d86ebd2f11
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.242.12]; Helo=[P-EXFEND-EQX-01.jnpr.net]
X-MS-Exchange-CrossTenant-AuthSource: DM3NAM05FT016.eop-nam05.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR05MB3983
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-10-12_12:2020-10-12, 2020-10-12 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 phishscore=0 bulkscore=0 adultscore=0 impostorscore=0 mlxlogscore=999 mlxscore=0 spamscore=0 suspectscore=0 clxscore=1011 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2010120118
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/QOJ4BF5yOCMxKRNHDZqbub3tWLs>
Subject: [Rats] Mail regarding draft-ietf-rats-tpm-based-network-device-attest
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Oct 2020 14:43:40 -0000

Greetings fellow members of the IETF Rats Workinggroup.

https://tools.ietf.org/html/draft-ietf-rats-tpm-based-network-device-attest-04

I would like to vote in favor of moving to the next step of publshing
this draft as an RFC.

The following is mostly editorial feedback on the current -04 draft:

 * Section 1.4 has [IEEE-802-1AR] and Section 3 has [IEEE-802.1ae]. I
   have been under the possibly mistaken impression that 802.1AR and
   802-1AR should be consistent. and is it 'AR' or 'ar' and is it 'ae'
   or 'AE' ? I respectfully suggest use of IEEE-802-1AE and IEEE-802.1AR
   be used consistently throughout the document.
   
 * Figure 7: RIV Protcol Stacks
 
   This figure explicitly lists UDP, but does not mention TCP even though
   TLS and SSH are noted. It is not a big deal, just a small omission
   that may make the picture too busy.
 
 * Figure 8: Component status

   'TCG TPM DevID' used twice in the table as the controlling
   Specification should probably be something that ties you back to
   either [IEEE-802-1AR] or [Platform-DevID-TPM-2.0] or some other
   reference as 'TCG TPM DevID' is not otherwise identified as a
   specifiction in the document itself.
   
   Gets a bit messy with entries like draft-birkholz-yan-swid in the
   figure. I expect it will be better when that one is an [RFC nnnnn].
   The 'ISO/IEC 19770-2' entry could have been [SWID] to be able to find
   it in the references. There are likely a few other controlling
   specificaiton that are hard to correlate from the table to the
   informative references.

Editorial remark:

  Note that [IMA] has a spurious space before the comma ('and ,') the
  IETF Editor would likely have fixed it anyway.

-- 
Mark D. Baushke
mdb@juniper.net
Distinguished Engineer
Juniper Networks, Inc.
www.juniper.net