IETF Logo Mail Archive

Re: [Rats] About (E)UID's

Simon Frost <Simon.Frost@arm.com> Tue, 11 February 2020 15:39 UTC

Return-Path: <Simon.Frost@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 591801201E5 for <rats@ietfa.amsl.com>; Tue, 11 Feb 2020 07:39:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=ilruOdoy; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=ilruOdoy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FW0WgkKpj6E8 for <rats@ietfa.amsl.com>; Tue, 11 Feb 2020 07:39:48 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2055.outbound.protection.outlook.com [40.107.21.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4536E1201B7 for <rats@ietf.org>; Tue, 11 Feb 2020 07:39:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vZ/5Um9XVIIjiU7bLqxiWwWKIeBc/aDHli2WB1WARmo=; b=ilruOdoyItdNOrZfHJ5KtUsArb9chCqVFACEEi3jZDHxtAqQxDd4fAwt/xXK3vZLhwp8+KNUURjJwVXPUQoXZfHiNMsfNnrIM0AlKUtTpFqCgH86mygN5fHbO+gbNwtVKnVZ7wKAeuqL+8CEx2EZGMOu0tltZtX1S3fpHCfSnT4=
Received: from VI1PR08CA0132.eurprd08.prod.outlook.com (2603:10a6:800:d4::34) by VI1PR08MB3422.eurprd08.prod.outlook.com (2603:10a6:803:7d::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2707.21; Tue, 11 Feb 2020 15:39:45 +0000
Received: from VE1EUR03FT054.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::201) by VI1PR08CA0132.outlook.office365.com (2603:10a6:800:d4::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2707.24 via Frontend Transport; Tue, 11 Feb 2020 15:39:45 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT054.mail.protection.outlook.com (10.152.19.64) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.18 via Frontend Transport; Tue, 11 Feb 2020 15:39:44 +0000
Received: ("Tessian outbound 846b976b3941:v42"); Tue, 11 Feb 2020 15:39:44 +0000
X-CR-MTA-TID: 64aa7808
Received: from 924c5f9a8694.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 9C3CFB4C-D310-4AF1-AF14-CFE16C6377A6.1; Tue, 11 Feb 2020 15:39:39 +0000
Received: from EUR04-DB3-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 924c5f9a8694.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 11 Feb 2020 15:39:39 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ALBzsqsASFwEQjvWbzOA6MadKBt2NxfM0BkRonqp4uIlPC2pcxIAj8y1XsmIDyQVNl0KqiMaUPfAdGh6dQwLf9cyFgxHknTsVbWOWz1qoUT9crJJ/WAVMnJCzM4imTnM1EATkR9v+JEaw46DGtoy105qcxzASQmUAKNr2T6FBOWW9FMtXsO5cCwyIXy/NJc5PJ6+Da1Rv1p3/lPDiG2ehcZzeB/8BbFFf002RRz+0jW/XE8zn+Y3VJ69u4HwAghV2Xo+T4cUaxT3403dSu2uraoBZCIXWpjjpy5MBHunvds7DBWl5bQr2guYW/mOqFRHLFLs/sgJb2HKvYtW/j9k7Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vZ/5Um9XVIIjiU7bLqxiWwWKIeBc/aDHli2WB1WARmo=; b=Tqld6UUSXD3mvwGBvah1AgZ1SLm9BpK6muCM22OqmGZInGBpZJwa0wvTb5511hdhAJh9DBZkXlsVGYi3bGPhfd7GegyyYZBnWCzZvlyNwBYvEe2F3PlyKkG+g9EMUFYflk3SAbxHXKJ00P7hWTyMcIpMvLvOyYrCg1+xVGzSHc5ptCB5GCX50RoEFlIOCkhcM6us+p1OxqlEW/PW42+ySU752dvZ9xEN2HnYusg0Q0e0nAfoF5JUY0W7a9N0s2qH7O0AmMfYEe4pG4LbHNdhzK4XcBqFRr0Qg7wVxn/07RZd559XtOMmQAMrLIw1uV6djhVv//WRFkuCLodVnD4Z0g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vZ/5Um9XVIIjiU7bLqxiWwWKIeBc/aDHli2WB1WARmo=; b=ilruOdoyItdNOrZfHJ5KtUsArb9chCqVFACEEi3jZDHxtAqQxDd4fAwt/xXK3vZLhwp8+KNUURjJwVXPUQoXZfHiNMsfNnrIM0AlKUtTpFqCgH86mygN5fHbO+gbNwtVKnVZ7wKAeuqL+8CEx2EZGMOu0tltZtX1S3fpHCfSnT4=
Received: from DBBPR08MB4903.eurprd08.prod.outlook.com (10.255.78.17) by DBBPR08MB4648.eurprd08.prod.outlook.com (10.255.78.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2707.21; Tue, 11 Feb 2020 15:39:30 +0000
Received: from DBBPR08MB4903.eurprd08.prod.outlook.com ([fe80::880d:db9f:7e7c:a934]) by DBBPR08MB4903.eurprd08.prod.outlook.com ([fe80::880d:db9f:7e7c:a934%7]) with mapi id 15.20.2707.030; Tue, 11 Feb 2020 15:39:30 +0000
From: Simon Frost <Simon.Frost@arm.com>
To: Laurence Lundblade <lgl@island-resort.com>, "Smith, Ned" <ned.smith@intel.com>
CC: "Salz, Rich" <rsalz@akamai.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] About (E)UID's
Thread-Index: AQHV3bXmW6h++AX9GUeMvr4rBHsANKgP5Z2AgABgOICAAayuAIAEFkMQ
Date: Tue, 11 Feb 2020 15:39:29 +0000
Message-ID: <DBBPR08MB4903356ED09601AA7A6006FAEF180@DBBPR08MB4903.eurprd08.prod.outlook.com>
References: <8BDAAE2E-9803-4048-AD5B-59233708E6FB@akamai.com> <1C16DAA0-D03B-417C-894A-30C4015AEED7@island-resort.com> <DBBPR08MB49031E717F69E4CF58CF67A1EF1C0@DBBPR08MB4903.eurprd08.prod.outlook.com> <509C8229-20DC-4888-BE1D-9109733A9E2D@intel.com> <5B9516E6-1441-462E-86D2-B630B32CE1C7@island-resort.com>
In-Reply-To: <5B9516E6-1441-462E-86D2-B630B32CE1C7@island-resort.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 892c681d-532f-4e36-99da-0781b0fb9fc9.0
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Simon.Frost@arm.com;
x-originating-ip: [217.140.106.52]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 92247f9b-718d-48c4-c450-08d7af089e6d
X-MS-TrafficTypeDiagnostic: DBBPR08MB4648:|VI1PR08MB3422:
X-Microsoft-Antispam-PRVS: <VI1PR08MB342234B5DE90AC2144746264EF180@VI1PR08MB3422.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:9508;
x-forefront-prvs: 0310C78181
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(376002)(136003)(346002)(396003)(39860400002)(366004)(189003)(199004)(4326008)(54906003)(110136005)(316002)(71200400001)(33656002)(86362001)(64756008)(8676002)(81156014)(66556008)(66946007)(81166006)(66476007)(66446008)(76116006)(8936002)(5660300002)(478600001)(186003)(53546011)(6506007)(55016002)(9686003)(52536014)(2906002)(966005)(26005)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:DBBPR08MB4648; H:DBBPR08MB4903.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: CxiIw+XajvkZSWME1Z8vm4L72C3HV0oXGvZ8YAulg2j2bGDcmDu4gU9M2AKotzzR1qai5mPzXkHFGMKYkS/THJGCeMYd/CRGd+mAPrmGzrJVSHjR/JeuHWS3maQVeJJLlM99bUv0bqdLtjXXJQtyzkLpuw2BI9fM+WQ5pAv+9X/Yiikqvhj/yjq4WJtRlX+FUvdhzp9rkl1l07YvK0jkq7LzywRbOZWPL+0hxVBMwnInbJGuXqTLCtre5uQm+fV26em85Vv616H/qsyxuuKYoeb/sBHd5kjiUMlYzY/j0ANwwBhPLmkpJeKCx1MdzUmh4bfjLPNvXz+GkIQXQdm790LdapmrpHBubGFd/Rk4BCXiY3rStTVOejqz6ayqWb2A7qWe+r1mKqqa6QEnoqv+7HqxIE3ygXDL/ntKaL4JEzyGMndO6f5q8scq6G5wgH29Qmu+9nn3QTnIl2MUcUzAUW7VjEQti8JANW4XrkQpBJi1JH582tKsB81/PDse8kD+JOgdbL6N9hfkiwCmlZI0jA==
x-ms-exchange-antispam-messagedata: 8/ApGy7IeqW7GqSTtsfkqElwsMufJt5MDlNLmrGHrJPCAQC66Fz2uFFxTFWYL847CS2w4CsGkiSrL5fhhHJSrFlYXSAQY7CjCyCB6dtKvCsV2Y2MNaw3RY4pvi48op5fZm0TySFyuTobN4o7nPNPDw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DBBPR08MB4903356ED09601AA7A6006FAEF180DBBPR08MB4903eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB4648
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Simon.Frost@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT054.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(396003)(346002)(136003)(39860400002)(376002)(189003)(199004)(7696005)(478600001)(336012)(86362001)(4326008)(8936002)(6506007)(53546011)(33964004)(26826003)(966005)(54906003)(30864003)(110136005)(9686003)(356004)(52536014)(70206006)(316002)(36906005)(55016002)(186003)(2906002)(26005)(8676002)(5660300002)(33656002)(70586007)(81166006)(81156014); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR08MB3422; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 0cadbd20-4755-4168-635c-08d7af08959a
X-Forefront-PRVS: 0310C78181
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: CF7KmjXysV5KspL5hOVhCzNof6ySXJ1dx7zYmHS0ZSAVevOy967JxAKX3bCIU+q/NjQZg/oTvB6qFbYaTMUT19LGTIuzgsAZnvkJ8j+14ww/licS+I9ncQmXdJ/dNXMF7fOEosz5N227yzJqzS64LVfRCnQnPsYzLZqHOts2CUSyrxain+QaFnuhOf//7mCMNr/HsEIX1E3mCHND5xoCq3i5rOZL0slL+0JeH2C+BfIHAHZh4S+HVmP8DRApk1t8zxjDQpuBCcLmMkkoe4yb7xI/T4MwdYmpxD7jsFRjCBCuUnHxyJ0OGG2moD2hyMtSYtD6wD55maeDzb2Ein7ovWrle5OZ/cuIo6kDjDYd/j8Q2d1LfnDnuN/zF9b4ouhaiaRTSwqLpPov1ZU2a53pnhe+0J1juWNGigTOLGDW082inttuVDVDo0USBHaC1kErq5miLfPxpZzgS8a5frstl681vVnAV3ERNWWXmBk2pA0l2hHZ9NyBzprnPfaN2R/65uAJakLJv3N6GA/6d8+DLg==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Feb 2020 15:39:44.7396 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 92247f9b-718d-48c4-c450-08d7af089e6d
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB3422
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/TXO2zajUE4fgqWYm5SHxEIBa0xQ>
Subject: Re: [Rats] About (E)UID's
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Feb 2020 15:39:52 -0000

The PSA Certification program doesn’t include any proofing on the identities but devices are expected to follow the PSA Security model in that they can be uniquely identified within their manufacturing and/or provisioning chain. The PSA attestation report (see https://tools.ietf.org/html/draft-tschofenig-rats-psa-token-04) includes a claim for the unique instance identity but also an implementation ID (claim) that identifies this manufacturer origin, quoted in the specs as identifying the immutable PSA Root of Trust for the implementation. There is a logical extension to use a group identity with an Implementation ID for use cases where an individual instance identity may not be appropriate.

I agree that there should have a UEID claim within the standard and also with the proposed bitlength representations.

I suggest we should change the description of the UEID claim to allow the standard to support more interpretations of what the locus of uniqueness might be to an implementation.

HTH
Simon

From: Laurence Lundblade <lgl@island-resort.com>
Sent: 08 February 2020 23:25
To: Smith, Ned <ned.smith@intel.com>
Cc: Simon Frost <Simon.Frost@arm.com>; Salz, Rich <rsalz@akamai.com>; rats@ietf.org
Subject: Re: [Rats] About (E)UID's

Responding to Simon, manufacturers only have to follow the the specification. They don’t have to cooperate beyond that.

I think the bottom line on UEID uniqueness is that we can’t do much better in an IETF standard. We have no means of enforcement in the IETF. Note that there are IMEI and MAC address options which have some good uniqueness characteristics. There’s lots of things in IETF standards that people can get wrong and we live with them.

To really have enforcement a certification program is needed. There is one covering EAT partly in PSA certified<https://www.psacertified.org>, though I don’t know if there are requirements on the UEID.

The PR I just merged allows lengths of 128, 192 and 256 bits. 8 byte increments should be enough and 192 bits is enough for all use scenarios.

The privacy issue is already mentioned in the draft.

I think we have to have UEID in the standard even though it may not used when privacy preservation is necessary. Note that the verifier could be the guarantor of privacy in some use cases and filter it out.

I think it is possible to design a system where UEIDs are unique per relying party if you strongly authenticate the relying party. That is complex to do and probably not for the first round.

LL





On Feb 7, 2020, at 9:50 PM, Smith, Ned <ned.smith@intel.com<mailto:ned.smith@intel.com>> wrote:

It was noted in the meeting that globally unique identifiers have privacy implications. One technique for protecting privacy is to limit the use of a particular identifier to a specific domain. Use in a different domain uses a different identifier making it hard to correlate transactions from Domain A with transactions in Domain B. This is essential to systems designed for privacy.

The IEEE802.1AR defines the notion of an IDevID and LDevID where the device receives a different identity following onboarding. Issuance of an LDevID has been used to protect privacy because within the community of devices sharing the same local context, they don’t recognize the device in terms of its IDevID identity. Not unless there is a UEID that is shared between the IDevID and the various LDevID credentials.

If UEID is defined to be globally unique, then it can’t be required for use if privacy is also needed.

I suspect implementations will ignore the wording in the EAT spec that asserts the value is globally unique and encode a value that is unique enough for their purposes. If there is some service out there that assumes global uniqueness but discovers collisions, then it will be a business decision whether or not to accept them.

Otherwise, the conversation for UEID should revolve around whether or not there are large domains that need an identifier that is unique within its domain. Based on the analysis there is enough space in 128-bits to allow for a domain of all people in the world being a member of the domain each bringing 100 – 100,000 things and where the things can be shared and exchanged within the domain context. I’m not aware of a real world use case for that domain. Hence, 128-bits with the flexibility to make them larger seems right. I like the suggestion to allow larger values in 8-bit increments because it allows the domain (of use) to optimize the cost/benefit trade-offs.

-Ned

From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> on behalf of Simon Frost <Simon.Frost@arm.com<mailto:Simon.Frost@arm.com>>
Date: Friday, February 7, 2020 at 8:15 AM
To: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>, "Salz, Rich" <rsalz@akamai.com<mailto:rsalz@akamai.com>>
Cc: "rats@ietf.org<mailto:rats@ietf.org>" <rats@ietf.org<mailto:rats@ietf.org>>
Subject: Re: [Rats] About (E)UID's

> While not stated overtly in the draft, UEIDs are intended to be the sole identifier needed to universally identify a device.

I think there’s a problem with the expectation here. The current UEID test says.

UEID's must be universally and globally unique across manufacturers and countries.
  <snip>
No two products anywhere, even in completely different industries made by two different manufacturers in two different countries should have the same UEID (if they are not global and universal in this way, then relying parties receiving them will have to track other characteristics of the device to keep devices distinct between manufacturers).

How do we expect this to be realised in practice? It implies that all manufacturers must cooperate to guarantee there are no dups, which will quickly break down. I think the most that can be expected for a UEID is that it be unique to a manufacturer and that the bracketed part of the second sentence will apply (e.g. considering origination / OEMID) unless the relying party is aware that their use case is satisfied by a dedicated supply chain.

Note that the signing key may be able to derive the locus for this in some use cases, but not all – there are circumstances with unique keys per instance.

Thanks
Simon

From: Laurence Lundblade <lgl@island-resort.com<mailto:lgl@island-resort.com>>
Sent: 07 February 2020 12:14
To: Salz, Rich <rsalz@akamai.com<mailto:rsalz@akamai.com>>
Cc: rats@ietf.org<mailto:rats@ietf.org>
Subject: Re: [Rats] About (E)UID's

While not stated overtly in the draft, UEIDs are intended to be the sole identifier needed to universally identify a device. This is to make life easiest for the relying party. They do not have to combine it with any other claims to uniquely identify a device. (Maybe I should add text explaining this)

This makes life simpler for the device maker and for us, as we don’t have to specify any rules that say what combination of claims must be used to get proper global uniqueness and device maker doesn’t have to figure how some system for uniqueness.

Generally, interdependency between claims seems like something to avoid for the sake of simplicity.

I’m reluctant to rely on public keys for anything but signature verification because I think we must support a variety of signing schemes some of which don’t have a typical public key. One of these will be HMAC for which there is no pubic key. Another is likely to be ECDAA or such where the verification key material is a bit more complex than a public key.

The vendor is also allowed to change signing schemes and the means of creating UEIDs in their manufacturing process.


Also, as described in the draft, the UEID as defined is very permanent. It never changes over the life of the device. Some of the UEID options are based on identifiers that are specifically not to change with owner, IMEI for example.

LL







On Feb 6, 2020, at 4:34 PM, Salz, Rich <rsalz@akamai.com<mailto:rsalz@akamai.com>> wrote:

I made a proposal during yesterday’s interim about EUID’s and I want to explain it here in more detail to the whole WG. I have made some clarifications.

We need ID’s.  Laurence has done a lot of good analysis on how many bits an ID needs to be to accommodate various users, devices, etc.  The TL;DR is that 128bits seems good for the size for now and at least the short-term future.

I suggest that the UID stays at 128bits. But in order to compare UID’s, relying parties should consider an “expanded” UID, which includes the SHA2 signature of the public signing key. For most cases, the “small” UID of 128 bits is sufficient to put into data structures, transport on the wire, and so on. Applications which present “unsigned” UID’s should either include a “key context” element, containing the hash. If not present, receiving applications should consider treat the key-id part as the SHA2 hash of the single zero byte.

One feature of this, as pointed out on the call, is that when a device gets a new owner, the expanded UID changes.

Hope this is useful.

_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email