Re: [Rats] Android attestations: Re: draft-richardson-rats-usecases-00 comments

Michael Richardson <mcr+ietf@sandelman.ca> Wed, 19 June 2019 02:31 UTC

From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Anders Rundgren <anders.rundgren.net@gmail.com>
cc: Thomas Fossati <Thomas.Fossati@arm.com>, Laurence Lundblade <lgl@island-resort.com>, "rats@ietf.org" <rats@ietf.org>, Anthony Nadalin <tonynad=40microsoft.com@dmarc.ietf.org>
In-reply-to: <bf003513-209a-7d5f-a9a5-58ade6c23545@gmail.com>
References: <MW2PR00MB03963ABEB87211AD28A16240A6490@MW2PR00MB0396.namprd00.prod.outlook.com> <12503.1552447661@localhost> <219648D6-188A-429D-A13F-ED6155DE9016@island-resort.com> <14288.1553710783@dooku.sandelman.ca> <4EB6FF13-2DAF-4BDC-AC90-C46720D61AF0@arm.com> <bf003513-209a-7d5f-a9a5-58ade6c23545@gmail.com>
Comments: In-reply-to Anders Rundgren <anders.rundgren.net@gmail.com> message dated "Fri, 19 Apr 2019 08:08:10 +0200."
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 18 Jun 2019 22:31:42 -0400
Message-ID: <21417.1560911502@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/WkrMaSC6RSO7v5LXpCninNzFpdM>
Subject: Re: [Rats] Android attestations: Re: draft-richardson-rats-usecases-00 comments
Precedence: list

Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
    > Here you have another link:
    > https://developer.android.com/training/articles/security-key-attestation

    > As an application developer I find this scheme and the associated
    > "AndroidKeyStore" quite impractical.  The recent addition of
    > "StrongBox" makes it worse.

Interesting. What is it that you find that you can not do?

    > With a two-level TEE/SE session-key based scheme you only need to
    > attest the session permitting you to perform any number of secure
    > operations and close the session with a "commit" which in turn responds
    > with a (session signed) message to the SP that everything went right.

Or is this what you wish you had?


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

Attachment: signature.asc

Re: [Rats] More use cases for draft-richardson-ra… Carl Wallace
Re: [Rats] More use cases for draft-richardson-ra… Laurence Lundblade
Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
Re: [Rats] 答复: More use cases for draft-richardso… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
[Rats] draft-richardson-rats-usecases-00 comments Anthony Nadalin
Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
Re: [Rats] draft-richardson-rats-usecases-00 comm… Laurence Lundblade
[Rats] More use cases for draft-richardson-rats-u… Laurence Lundblade
Re: [Rats] draft-richardson-rats-usecases-00 comm… Anthony Nadalin
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
[Rats] 答复: More use cases for draft-richardson-ra… Xialiang (Frank, Network Standard & Patent Dept)
Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Carl Wallace
Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
Re: [Rats] draft-richardson-rats-usecases-00 comm… Thomas Fossati
[Rats] Android attestations: Re: draft-richardson… Anders Rundgren
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
Re: [Rats] Android attestations: Re: draft-richar… Anders Rundgren
[Rats] aligning the use case documents appropriat… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Smith, Ned
Re: [Rats] More use cases for draft-richardson-ra… Anders Rundgren
Re: [Rats] draft-richardson-rats-usecases-00 comm… Shawn Willden
Re: [Rats] Android attestations: Re: draft-richar… Shawn Willden
Re: [Rats] Android attestations: Re: draft-richar… Carl Wallace
Re: [Rats] Android attestations: Re: draft-richar… Anders Rundgren
Re: [Rats] draft-richardson-rats-usecases-00 comm… Laurence Lundblade
Re: [Rats] More use cases for draft-richardson-ra… Thomas Hardjono
Re: [Rats] More use cases for draft-richardson-ra… Benjamin Kaduk
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] draft-richardson-rats-usecases-00 comm… Michael Richardson
Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
Re: [Rats] Android attestations: Re: draft-richar… Carl Wallace
Re: [Rats] Android attestations: Re: draft-richar… Michael Richardson
Re: [Rats] Android attestations: Re: draft-richar… Carl Wallace
Re: [Rats] More use cases for draft-richardson-ra… Dave Thaler
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson
Re: [Rats] More use cases for draft-richardson-ra… Dave Thaler
Re: [Rats] More use cases for draft-richardson-ra… Michael Richardson

Re: [Rats] Android attestations: Re: draft-richardson-rats-usecases-00 comments

Attachment: signature.asc