IETF Logo Mail Archive

Re: [Rats] Android comments on EAT draft

Shawn Willden <swillden@google.com> Thu, 16 May 2019 20:34 UTC

Return-Path: <swillden@google.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 412461201A8 for <rats@ietfa.amsl.com>; Thu, 16 May 2019 13:34:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.509
X-Spam-Level:
X-Spam-Status: No, score=-17.509 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q1Qr1zo0CmyP for <rats@ietfa.amsl.com>; Thu, 16 May 2019 13:34:47 -0700 (PDT)
Received: from mail-yw1-xc29.google.com (mail-yw1-xc29.google.com [IPv6:2607:f8b0:4864:20::c29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF8E812019D for <rats@ietf.org>; Thu, 16 May 2019 13:34:46 -0700 (PDT)
Received: by mail-yw1-xc29.google.com with SMTP id e68so1882657ywf.3 for <rats@ietf.org>; Thu, 16 May 2019 13:34:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Lh9YmrOkckTEcN98Lt5KgzOybDuEnYt/MdITrVPQu9g=; b=Qy8sgyrACBXpKNu6pK0QGbrzfGZ1/AIDMY+HqXFRsszWUrX2fmUgptPZk+i/GLmbZ2 0NlaKP+a8E7jW4pdm8GJMkc5fIVpSNx14iPF/dbwr1mUyXpy1b0beHAAACy3E+Gnx2sb s8+Kw0rLy/RyJ7n79/cwBhm7s3ZLS1vDZgPz8AGyMEJ53FCSCg+dke/8r4lOru9313Pz 3+47xFlVae8K1tQD0YUfUDEtDlR4bl4MXHR1bLhu7V1NPofVrve54uz6T0e8XD65dIUb SqVmPOSE5cNcDNmzT5/u0Kj7/jROKgKqzdmjsePAGBubVGgrlwrCrE75Zam8mxg5PU/5 XzDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Lh9YmrOkckTEcN98Lt5KgzOybDuEnYt/MdITrVPQu9g=; b=c6QSmtNE57k/TqM+JLWkXaZfygrIxuGOjxUcEvQNa7xxVF4xlT7WHKc0wJMVnZ6IAn J8pHkXN50Hc0waxv4ogydwx4ZSUi2qfk14Bu8BgyhwLAEmDohQRn8rnnClBoszx1lVUk Tp9euf3ID0CMsaxyLw+pVVIIiM1409fR8NioOSeC+9tQxCc1rt+WoqzhoGUTSwHykaNv k4yK0bIW1BngeGNoAGMCLqGRnTVsbbyR3p9RS5TGlMj62uFKgkiKsn14MsBbcx81iTuX OAQ1ZberU3IDdevQ3uNCAgrd5CO+DW1FzYx+hXZU7y3T05uK676gPPWwk55zpZPQAsbU SskA==
X-Gm-Message-State: APjAAAVZb8qKFoAidCfJIZU8PXFSrXZNNVvPOJ4xCFvoGgi44htDeZBM 4ZKlwEP1HLqBjX2tBmt/GH6prqN3GE+N6AZE6WcxhTmzS9o=
X-Google-Smtp-Source: APXvYqyvjOyQayfAu27yKKPhQbnjUhmM67F2kWQwVCHYpyxgeGJkKzo78cPhleoBeYkrFv9ubspgfSUYlOB4wGUpg0s=
X-Received: by 2002:a81:3357:: with SMTP id z84mr5994078ywz.457.1558038885719; Thu, 16 May 2019 13:34:45 -0700 (PDT)
MIME-Version: 1.0
References: <CAFyqnhVJ-ps4bdhsyQDOHdzHVZsXeK7_kCDXxUVUcuyDzWS3uA@mail.gmail.com> <35459D73-3D08-4E0B-814B-780AD60DD600@island-resort.com>
In-Reply-To: <35459D73-3D08-4E0B-814B-780AD60DD600@island-resort.com>
From: Shawn Willden <swillden@google.com>
Date: Thu, 16 May 2019 14:34:34 -0600
Message-ID: <CAFyqnhXymf9jnthTUL9F0Ny7u161c+sYZw=Dgr6r0PHHVjTxXQ@mail.gmail.com>
To: Laurence Lundblade <lgl@island-resort.com>
Cc: rats@ietf.org
Content-Type: multipart/alternative; boundary="00000000000054ce9405890732c0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/_xmQlpd9IcI2vJnyno-pKE00f2o>
Subject: Re: [Rats] Android comments on EAT draft
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2019 20:34:50 -0000

*From: *Laurence Lundblade <lgl@island-resort.com>

> - The claims in EAT are just a start and by no means complete. Adding
> claims that carry and describe keys is certainly on the list.
>

That's great to hear.  The existing claim set seemed to go an entirely
different direction and I wasn't sure if it would be considered a
"pollution" of the claim space to attest such radically different things.
I'll be glad to provide the set of key attestation parameters that Android
uses as a starting point for key attestation discussions.


> - All claims are considered optional and many claims are expected to be
> left out in some use cases for privacy reasons.
>

Perfect.  The Android case is kind of interesting because although we
specify the secure area implementations (and write reference
implementations), most of the implementations on actual devices are written
by third parties, often organizations that aren't as careful about privacy
as Google.


> Personally, I’d like to see EAT be useful for Android and would value
> yours and Google’s input to make it so.
>
> LL
>
> (Not sure what rats@ietfa.amsl.com is, have replaced that address with
> rats@ietf.org)
>

Hmm. Me neither.  At least it didn't fall into a black hole.  Thanks for
correcting it.


>
>
> On May 15, 2019, at 5:43 PM, Shawn Willden <
> swillden=40google.com@dmarc.ietf.org> wrote:
>
> Hi all.
>
> After being invited by Laurence to join this WG some time ago, I have
> completely dropped the ball. I apologize for that; in the interim period I
> have expanded my team from one engineer (me) to six, and we all still have
> more to do than we can accomplish, which gives a good indication of how
> much I was dropping on the floor.  I think I have now delegated enough that
> I can begin to put some time into this.
>
> After reviewing the draft (which I like a lot, in many ways), I notice a
> crucial divergence of focus between EAT and Android Keystore Attestation.
> Perhaps this means that EAT is not applicable for Android; but I'd like to
> explore the question a bit.
>
> Specifically, EAT is about attesting to a *device* while Keystore
> Attestation is about attesting to a *key* -- though we also attest to
> quite a bit about the context of the key, i.e. the device. Indeed, the
> device information we provide is growing with every release, because
> there's a strong pent-up demand for device attestation.  So Keystore
> Attestation is gradually expanding to include the device attestation role,
> but must also retain its key attestation purpose.  For EAT to be directly
> applicable, it would have to include claims about a key as well.
>
> Perhaps another option is that we could use an EAT attestation as a
> sub-element inside a CBOR structure that attests to a key.  Or maybe there
> are other ideas about how an EAT attestation may fit into a larger
> attestation that describes characteristics of entities other than the
> containing device?
>
> Another, more tractable, area of difference is that EAT provides Claims
> for several data items which Android will likely never allow to be attested
> because of their privacy implications and potential for ecosystem
> fragmentation (apps choosing which devices they'll run on -- we generally
> try to deny them the information they'd like to have to make those
> choices).  These are:
>
>    - UEID
>    - Origination
>    - Location
>
> We do allow OEM Identification, though it's a different format and is
> restricted.
>
> Some other claims that we have, and think are important, are OS version
> and patch-level (represented as a date, YYYYMMDD); secure boot verification
> key digest; secure boot digest (hash of all verified code); application ID
> (a digest of the requesting app signing key); and secure app version (hmm,
> don't have a patchlevel, but we should!  I'll see about adding that for R).
>
> I suppose all of this could be address by registering additional claims.
> I'm not sure it would make sense to add a set of claims (or a complex
> claim) that addresses key attestation, though.  That seems to significantly
> change the semantics. Or does that sort of extension seem appropriate to
> folks?
>
> I also have a set of more detailed comments and questions, plus some
> editorial suggestions.  I put the draft into a Google Doc and added
> comments.  I've asked my team to take a pass through it as well, and I'll
> share it with this mailing list as soon as they've had a chance to weigh in.
>
> Again, my apologies for jumping in late.  Let me know if you think EAT
> just isn't appropriate for Android.
>
> --
> Shawn Willden | Staff Software Engineer | swillden@google.com |
>  720-924-6645
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats
>
>
> _______________________________________________
> RATS mailing list
> RATS@ietf.org
> https://www.ietf.org/mailman/listinfo/rats
>


-- 
Shawn Willden | Staff Software Engineer | swillden@google.com | 720-924-6645

v2.23.0 | Report a Bug | By Email