[Rats] Use case document -05

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Mon, 07 October 2019 20:43 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62DC312008A for <rats@ietfa.amsl.com>; Mon, 7 Oct 2019 13:43:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xaB4VvmlSEuN for <rats@ietfa.amsl.com>; Mon, 7 Oct 2019 13:43:50 -0700 (PDT)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D399120020 for <rats@ietf.org>; Mon, 7 Oct 2019 13:43:50 -0700 (PDT)
Received: by mail-qt1-x836.google.com with SMTP id r5so21316070qtd.0 for <rats@ietf.org>; Mon, 07 Oct 2019 13:43:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=content-transfer-encoding:from:mime-version:date:subject:message-id :to; bh=FXFewDT6JWA+D1xnRMJeUYd4HdHRjDrq2GzXtcseFik=; b=tFbbVwDPplgujeZe/PGDLKsZCYdz2Kp3BXTrbKa9/Odg2o/HRjk/xO+xDaeQiUkOL7 C1PHymQi9zKObWqHx4DMA3tx5B9U/ED24U+LA+XnVLeEMid1rSAGlmWwneROFGRERNKt u6gnep2uCMWrnnYth2Hi2Mwp1kIlWdqPpS+dbb3cb5YzjcSqzpwZaulN51Y9eeMCWLh+ XV759JuCoiJYAV/6HhRFP9aMdLCmM94eiJR5ZL63R7sMISGhSmqq+haaaJ850c3B50do F8d/Mbhn2/WHnFTdno7zIH+K6kQvlJKk8K+7/eZtzPMMuKF6N5nZUeI9aPqpcStslZYV 5NSg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version:date :subject:message-id:to; bh=FXFewDT6JWA+D1xnRMJeUYd4HdHRjDrq2GzXtcseFik=; b=MCBjaVStuqW0RdjgDtT8Cl+DTOsdUnOKkuz/jNKP63q2Ad50RPD6ymFWnTWXQggszs t/NOU50Ss3otGvHS5COionL0jyXV/4EMk+whDLT6lKjTl3QxOsOzQoiGE0VzVTJXlzkf T5bc9Bwr41q2n6m5Pt8DNmWXhOxjdpszvQIlmX+hl9QejTS2LPW06mFx2qvVB+qarwMJ vJEO8ITPMGx3coe+fbayevUy3pOb8KfXo0v3qP4hAZtjV1ThyXBlFYsJYBpDGEteDZJf NxHEXNx5fJ80tksqz9zwuQUBXlHY9PmGaBYW7fcBJou/8G5Na+X/Uxl51rFmVqQ+DCKu uZ9w==
X-Gm-Message-State: APjAAAWE8G/LBL+Z/ACspeixC7ZFUS/WAy/aEHHy4mo5v02zdDrmcKIy 9kR+B39tnJv1qZc5DfuUzCQgtQTPZbk=
X-Google-Smtp-Source: APXvYqx4B3rZ1TNNQeC85M+OazdL/Bua1ma/uh85u+opFRsGIJ5ANxjaNa/9lR24PzAtiwIK3ggI2A==
X-Received: by 2002:ac8:340d:: with SMTP id u13mr31417907qtb.103.1570481029157; Mon, 07 Oct 2019 13:43:49 -0700 (PDT)
Received: from [192.168.1.4] (146-115-73-78.s5196.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [146.115.73.78]) by smtp.gmail.com with ESMTPSA id a134sm8365923qkc.95.2019.10.07.13.43.48 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 07 Oct 2019 13:43:48 -0700 (PDT)
Content-Type: multipart/alternative; boundary=Apple-Mail-9B31F079-0254-432C-8CA2-7D96BFE3B177
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Mime-Version: 1.0 (1.0)
Date: Mon, 7 Oct 2019 16:43:47 -0400
Message-Id: <B07A4355-94CB-4343-9570-63C01A310A37@gmail.com>
To: Michael Richardson <mcr@sandelman.ca>, rats@ietf.org
X-Mailer: iPhone Mail (17A860)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/aKQfcOcfEG1oB8oLB3oCyiOCKPk>
Subject: [Rats] Use case document -05
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Oct 2019 20:43:53 -0000

Hi Michael,

I just did a quick review and sent one nit separately before coming up with some more clarification questions/suggestions.

Nit in 5.1.4:

The
      infrastructure is in control of a single operator and is already trusted.

I think you meant “is in the control”.  

Otherwise, we are in trouble. :-)

Also, what is being validated?  The running and configured software from root of trust and/or the software from vendors as provided?

5.1.5
Would each system really do the assessments themselves?  Wouldn’t it be easier to have a relying party (management station/repository) of collected information from each administrative domain?  How do you scale the interactions in a highly complex data center scenario with virtualized systems that are also isolating tenants in container clusters for instance?

5.1.6 - my question above spills into this one.
Also note the typo of having medium in this one.

5.5 critical infrastructure 
Are you providing protection from malware by only allowing specific signers or specific attested code  or both forms of white listing?  Or something else?  I’m assuming both forms of white listing and it would be good to explain that if it’s the case.

Excellent work on this document!  I think we should formally adopt it.

Best regards,
Kathleen 



Sent from my mobile device