Re: [Rats] Use case -> architecture document
Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Sun, 03 November 2019 18:37 UTC
Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68963120018 for <rats@ietfa.amsl.com>; Sun, 3 Nov 2019 10:37:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eyy0D3TByhbG for <rats@ietfa.amsl.com>; Sun, 3 Nov 2019 10:37:19 -0800 (PST)
Received: from mailext.sit.fraunhofer.de (mailext.sit.fraunhofer.de [141.12.72.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A83DB12008C for <rats@ietf.org>; Sun, 3 Nov 2019 10:37:18 -0800 (PST)
Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.15.2/8.15.2/Debian-10) with ESMTPS id xA3IbAG0020885 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NOT); Sun, 3 Nov 2019 19:37:11 +0100
Received: from [192.168.16.50] (79.234.112.245) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.468.0; Sun, 3 Nov 2019 19:37:05 +0100
To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>, Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>
CC: "rats@ietf.org" <rats@ietf.org>
References: <CAHbuEH7f0jjquR=iZDgof4DkgpZKgxEP86NcQ0A1NQ=SP+_FHA@mail.gmail.com> <C02846B1344F344EB4FAA6FA7AF481F13E9560C0@dggemm511-mbx.china.huawei.com> <CAHbuEH7WkqeyUW3sL5bdw5N25B6O7ZEF0Qkx03fE5c42Sd4M5w@mail.gmail.com> <b91baad2-2fc3-a5e4-6898-e2cddcda300d@sit.fraunhofer.de> <20191009145006.r2pjsoo6jxirah64@anna.jacobs.jacobs-university.de> <CAHbuEH6u-6GsJjK8s0eFQPLeSuGjPMgonhyQkmaeA6Q+rp42kA@mail.gmail.com> <9379d880-2b7e-6657-c547-b37bb7a9e466@sit.fraunhofer.de> <CAHbuEH7XfWgPT+=T-Za9Cw-5GRQj0_+WT3L+Kd4aPp6VvU9jAQ@mail.gmail.com> <MWHPR21MB078499E5D4A2A5E697924EC7A3900@MWHPR21MB0784.namprd21.prod.outlook.com> <20191015154500.ruv2ie36hsxfb3qq@anna.jacobs.jacobs-university.de>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <df88e230-53ac-7f52-2534-d1e9dc1a508a@sit.fraunhofer.de>
Date: Sun, 03 Nov 2019 19:37:04 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <20191015154500.ruv2ie36hsxfb3qq@anna.jacobs.jacobs-university.de>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Originating-IP: [79.234.112.245]
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/QlJtPqdksFmBU1IaCb75HSZXX_4>
Subject: Re: [Rats] Use case -> architecture document
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Nov 2019 18:37:21 -0000
Hi Jürgen, in the RATS WG we split that specific challenge/response interaction (there are others, but this is the best understood one) out into this document: > https://datatracker.ietf.org/doc/draft-birkholz-rats-reference-interaction-model/ An complementary approach was recently introduced here: > https://datatracker.ietf.org/doc/draft-xia-rats-pubsub-model/ Both types of (and by inference - all) interaction adhere to the same "attestation principles" (which we are currently relabeled to "attestation characteristics" but this is more a matter of finding the most intuitive title here), which are included in one of the architecture documents. I think you highlighted a good question that we should put to a call for consensus: Are attestation characteristics, such as freshness, provenance (often referred to as origination), or veracity defining (or vital) concepts for remote attestation procedures so that they belong into the architecture document? Viele Grüße, Henk On 15.10.19 17:45, Schönwälder, Jürgen wrote: > Henk's architecture discusses 'Attestation Principles' that are not in > Dave's proposal. I guess the WG needs to decide whether to include > them or not. Are these important for understanding or guiding the RATS > work? > > I also like to mention that there are research papers where the remote > attestation process is described more in the form of a challenge > response interaction, where the verifier sends a specific challenge to > a device and the device returns a response that is than evaluated by > the verifier. An example is "compute a hash over certain memory areas > within a certain time limit" and then the device returns the result > and the verifier checks whether it is what is expected. The time > limit is used to control that an infected device can't reasonably > forward the challenge to obtain an answer from an unaffected device > that is then relayed back to the verifier. The question is whether the > architecture includes models where a stimuli is used to trigger the > production of a certain Evidence or whether this is left out of the > architectural picture on purpose. For more details, see for example > <doi.org/10.1145/2988546> (you will find a preprint if you search).
- [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Dave Thaler
- [Rats] 答复: Use case -> architecture document Xialiang (Frank, Network Standard & Patent Dept)
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Diego R. Lopez
- Re: [Rats] Use case -> architecture document Eric Voit (evoit)
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Ira McDonald
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Guy Fedorkow
- Re: [Rats] Use case -> architecture document Diego R. Lopez
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Carsten Bormann
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Laurence Lundblade
- Re: [Rats] Use case -> architecture document Dave Thaler
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Thomas Hardjono
- Re: [Rats] Use case -> architecture document Ira McDonald
- [Rats] Question about WG Procedure -- Re: 答复: Use… Thomas Hardjono
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Roman Danyliw
- Re: [Rats] Use case -> architecture document Laurence Lundblade
- [Rats] draft-thaler-rats-architecture (was Re: Us… Michael Richardson
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] draft-thaler-rats-architecture (was Re… Schönwälder
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] draft-thaler-rats-architecture (was Re… Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Kathleen Moriarty
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Smith, Ned
- Re: [Rats] draft-thaler-rats-architecture (was Re… Dave Thaler
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Laurence Lundblade
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Nancy Cam-Winget (ncamwing)
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Nancy Cam-Winget (ncamwing)
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Kathleen Moriarty
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Henk Birkholz
- Re: [Rats] Use case -> architecture document Dave Thaler
- Re: [Rats] Question about WG Procedure -- Re: 答复:… Guy Fedorkow
- Re: [Rats] Use case -> architecture document Henk Birkholz
- Re: [Rats] Use case -> architecture document Schönwälder
- Re: [Rats] Use case -> architecture document Michael Richardson
- Re: [Rats] Use case -> architecture document Dave Thaler
- Re: [Rats] Use case -> architecture document Schönwälder