IETF Logo Mail Archive

[Rats] Re: Open Architectural Issues

Mike Ounsworth <Mike.Ounsworth@entrust.com> Sat, 21 September 2024 22:34 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97941C14F682; Sat, 21 Sep 2024 15:34:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.804
X-Spam-Level:
X-Spam-Status: No, score=-2.804 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zYyx0yyU57F5; Sat, 21 Sep 2024 15:34:03 -0700 (PDT)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) by ietfa.amsl.com (Postfix) with ESMTP id 4447DC14F61D; Sat, 21 Sep 2024 15:34:03 -0700 (PDT)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 48LMDVaq005124; Sat, 21 Sep 2024 17:34:00 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=mail1; bh=c/qxPEHaAeqrJE9OPGxThZecJjxX UvsDuvPES7x0/EI=; b=T8yt1qTKnbrhb1Vd041wuyqs3YjX3a5QBNIAObUvDXnu hqvLhsOyjcFC+SR9btiZC7q0JDiuO0LA6+soaKRjCcWzZffCA/uo6QcILM/fBUe1 NnUX9o6ywfHZGuNNYkzOod/XABN9AnJNqrwmUE9l2Qik34D0leJq6JHlMb9OmsBZ M6e2pQmmfFGpz8Nxs71Wb8RnxrRPlQqTa44jB709PDNUBG4vOlJxwi1HqH5NpXrL RKl3jwcZ7RrqfKDEuDCRfX9MK4sc6/ruihYVDqEarQkSl6PAreORgMtgTCdJmsqM RPBaaOoIzXia0jqp77+MoT14yYMmlu5itaxJglPAzQ==
Received: from nam04-dm6-obe.outbound.protection.outlook.com (mail-dm6nam04lp2042.outbound.protection.outlook.com [104.47.73.42]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 41stty1kqc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 21 Sep 2024 17:34:00 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=cFa1EyyTrFjLDyAcvjUj/DPqfE4BFrmM3149UIxduvc0PnzbRiUGjLxtchHtPbWB1PfL4DXFVrPjTg3OfU6zp7FOTnKWcfMV8XttSoMMlMHVcSyXDkN62ff6llWxzHoRRR1yfG/So1PO+646LB+PDX7lJSFW5+v690jhJJQICfVZLLRt087TAm/LX7R5H/x8LZyelYQ8pkkwG6soI6Wer8vC/eVBqnyvfJ5sKnYV//Qn9anaqn8KJjhBQMtgdASoDtSK480c9UMAgSstS9c8sTrX8xSyo9Zb6xGZgSCmclQJcC1KjNJ/Wxz8UXMXBj5yRgg8MD/e5LdYXa4dC/sfSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bH6eKLUm6wuwv0zbN8xWO1CWaacIEk0X6ds0OHTf7mg=; b=xK+xQ+gUMPDj3GDQEmqSOj+VUHVfXeZQlu+KhN8sXDu8Kdb2RdDkaKshAQ4aeBJXDBd65/FJJKTRnND7FA020Dygh/NgEwGvtXiBkI/vZJuINEsOwYx+31HPoscXSK0Ot/IRSb0jjKYf5Vwu5l/OndPq2CnOiwIBzbl3kH0CKbsIQ0ZdMxJ3rKaEtavcYf/V8fvb2DpxSrrBBMceY1uIxQQwD3rTD/DzvN76vs4DgoPaHq7fXjuUiZxlndR2Q3knWdmNQK6LepJDhXeUwNprMRTO34FGYlJXR1ZCCECYBYJ5re1r05Df/Cl5L5cSpJPizpVCtVNsnDjq408ZTPUmsA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by IA1PR11MB6371.namprd11.prod.outlook.com (2603:10b6:208:3ad::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7982.17; Sat, 21 Sep 2024 22:33:55 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::b93d:b2d:3ad8:9702]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::b93d:b2d:3ad8:9702%4]) with mapi id 15.20.7982.022; Sat, 21 Sep 2024 22:33:55 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: "Tschofenig, Hannes" <hannes.tschofenig=40siemens.com@dmarc.ietf.org>, rats <rats@ietf.org>
Thread-Topic: Open Architectural Issues
Thread-Index: AdsJuqSA1NJUUHH7R5GhuyFtcmIsDwCucB9Q
Date: Sat, 21 Sep 2024 22:33:55 +0000
Message-ID: <CH0PR11MB57399630B998FEDBE73CF8199F6D2@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <AS8PR10MB74273AB73353191E135EA8EFEE622@AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <AS8PR10MB74273AB73353191E135EA8EFEE622@AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=db21d8c1-8707-4eed-9a45-975d290d9d1e; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2024-09-18T11:05:05Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|IA1PR11MB6371:EE_
x-ms-office365-filtering-correlation-id: d37d0f25-e196-4d57-bcfc-08dcda8d7a02
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018;
x-microsoft-antispam-message-info: uF90w6fzPTSN+xA4faBz7rQfW5cCBwcjLeybpnwvdG+V7IH3JUdFZKqp16RNE8aIAa0E2yM6p6mfVNwqvKkBSsSPZSFFZURkqvhxjyA2M36occtjRcllihHvI6dJzEhsHxtvZdPYluY4TTZ8icxI0I/SMX1msPFk6Yv8nlHta/HyFr/e8aIUM85zcESpbRcEZzaEHE3uP/XJnxSgYepGZ55IMQyaROCU85cbyq1ovvPMkP7W79YzjhbupmjDyM6L7TmqRSYfmq3gGqymwmBHBCRamnY5nk7RZlyAsGYgaxH4He8L0q7mdnqiHlhW+I19FNLWWHTODe5KBpfQaROkNSfSN8pgtrHw2MTdn7Z5rtyWSsZJvP3s6cvmqQxZv14FlWYmyao2Zlea+3Gzq2N19TSfx4ZjOOgSigeLeJ2aatz9xxZCdnS0Jp1zDQBnmogMJgkU9N8QgE+Sf5i+IDxeHEx1vQQ1pyB3pBLhaxmdtYqxBvRq38or3XYogbOq2AudzYgsJvhQ6c07BPNOvJbqNmP8OXnS+RuGhlHLA1FydF2gupovz114ugatL9vKesyHtELokmVouXPB7GR5bLJpR8N1nKgBlCvEwU4JYd+gRVKVAqd1BDayVT4ZzroieXJGJe0pujaV2ODxYPpB7OUQZUzRUXKpWhjimTPWY+GBEq6naCO+d615NVc60T3xq1vx3HNsgDXxG84s/W5zjhhm+XUAGIyX7MZPgfACA2idMZNYreU1ZLlc1R/1CyLNh2Ke/k050J9uDCyxPdqIZhx7WWlzQTG9yGG0ioxm0j13PUAQoBoH06mfbVMUcmKlhB1kQwxqWCcdwM7zh5R7idi+RxQwMklh79r7Dxj1ZSZ0rw1ZrIATmIDh1NmUEX9h6yOJikqjWkk8Wi3DBsc85SaAmkI/qwZ4Jc/yVRnkE8rO/mo6m3RP1okEsweID0WbbNKjP/Eh8Eg7UJj5VmuI/VyGnelMbyL11kHm5+BQFzIi5CMHK7klUuumTbKKqLU/kfMqWAcVecOZPFBaMyXpkOwY5NM8Mltkd1kQtCwnbh581Qtyde32ppfsme19+UpPV/zxqUBKeD43P5M76qLf7C51DHI8NudepLXxcu3KVcJpRzODuehsImW4qX808la1go19l8NRHfVe/pqfnfRPNFFf9YI09ijQf+pv4HQKP+piiK6oUl+i7CON7xzvPxOh/b3oSMcodaqobSeke6yQbXAXPLGvF9vJeHdXCNmU86GmYmCJYsZXnA4ZQCpKte/S8lYHnO8TBKJJIJtZJGY8/ad0M1tvg2GLCE7gYvPr7t4RVp4x9r9/WQi944l7LnO9SRJIFqWfmmVY+HPk+AjVijX1VTWmZZonIosuvKCcflrVTHPCVY0gXmsrk8AqNbJIPmtealDS88h7LLB7OX7+Bo+/vA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CH0PR11MB5739.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: eQxh6Xrjoc6K0GpEiDZ735xLjJ+FzxYft0fpaQEMJ/Lh1zG5/p964pqOVuh3TYUmSrnRQTnODoO609qA+DmM2flEIGwAZ9paMKuPhZFDN2R55QUIpnn4sZmCiZSNP/RQ34y9KyfQggUdHApM9VK/VmAXIAPYqwH6HLKPOkJDH59IxR00NlFk4QtR7VAfbcZYfX3WW/aZej5YZx4MDsAgBoAqN3Eg6MwWSldNs+Ezuy3bSnSEOB4zUZPHasMTp7y+BYqP2ILjuAhiKpUMmoH5qgqGUyFbE7MCUKoL6AyJy0hrLWyIbaBe8X7KdQ9tqZaL5TTBMM8VpgxdVOPAT2gdEvVcp7bsiDnvYchpcAbEHq4ogU2RnVOWgtdf5xAIJk4JuhTZbNn6a7rBEtxLJ18flLzMCEAEZbIroGriUvPJkv3Sa80DXiSmc42B7jOigt9GlqhXbJUMKUrtaIe1QJiaXfkgnmg6SuTXCMYAohzGbm3fPIg3pmlrrvapasZE0bfFH40H0cxeujVYV55cLzJF1bYtMLO4qDqqJBGJGec6Xpy5cMstAtAbUvSTIyXDymvLJFv4uWfN6wWD37cORMptr3my6Z2fTtcU+Q7LWUEbvWpT/5Z5IqMxLGdYPMgLx9TDvOZAcfdv8aCzcZK4b3o4mQhw4r2YoxyWzdr6mg+LoU8VB6abXLH9bq0pbsZbbJ+Qz0YI+P8zXR/mbBaIGPNTus9d6hQO8LezMHigiHI5o8iWMhYyg4iba/exgGmtu7Gvb/tpJi5rzefGq+lVWatl3DlgVBgRu2DF2A7jtX4aKT77MModu5rEcoifYRBiwc0GWeKlt5DcGtnS+p1Jk+csiZ+MyhoikwLsZydiOylVXAUdthvAPgADlxWGIk+vaSVImW5Acr3YqoSP9v8ScWS+yAXl4rUr40X99fXgVojLk0g8J7zc1cHqLUunvyE3RJQXvoFNl6LID3QX6eEdF/EEU+ljXoH/rsCypOOj/dtIFqaslHFFwtouVOZo3B3Wve/lJN44kBkUftq4H3ZupFbhFqN4OdMGsbWUJZjkp7n9vTPMKNKDdKW+pKTfKXfbKuddSQb/efHuU3d94Rv8bNJVAfOsZWqVggxO0luj2M6RtVfpsSoaW7d9eRbs3NQLW9j+3xsuyr2hG7KE1fEHvLMC3Uk/EarMVcO9lMocu1BFPUy+5um/8CWM15twd3iaK170QS9clVZ7XRb0nBkrPuUfxm9uvhaVua0je02iBgdvm2WjDMmB3xW/a+k0UVKYyzoYkijNLxUl2oSrpd69lZh9PNtFW5fNNR26Dc4o5N1qH29ggkgeaFPS0yeHQF8OPkck+C/+mt/rJpUZpWAvKugPvwPj7yJRfYxwiZRLZArXB1eDbc5fB7QKE89umtmG7AikT+KbESOuj6hANhVZeNFnOzaSN4VRVHHJdGXD+4xco27AUSfRbyuBgmqJ2HNmx9nu4N0eXwcezqrL4uDXqiwGjUISddJybWJgwkO6r4gmMUVCVXfa8YR60M42o3HWsjBdf08mZ9ehsEWrfyUd8/yHp53kgDbeokaP7jvj5KKTCywmlKdslnZi/kflW6uMtGyl
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_007C_01DB0C4C.6E1B43D0"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d37d0f25-e196-4d57-bcfc-08dcda8d7a02
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2024 22:33:55.1949 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hxjaV9kd5C+9D94nNEvBN2d2qlhXqxbCCnPvgYUjAMWZv8UOk0LudeUfANGm1hxYVw0IHpFPwj0g2MqJrKIvg0aovdSsLg7qo89FEaP2iLw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR11MB6371
X-Proofpoint-GUID: tyFRk-sZkD1WjIS-W6yMMukEjECqCQKz
X-Proofpoint-ORIG-GUID: tyFRk-sZkD1WjIS-W6yMMukEjECqCQKz
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1051,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-21_08,2024-09-19_01,2024-09-02_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 clxscore=1011 spamscore=0 lowpriorityscore=0 phishscore=0 suspectscore=0 mlxscore=0 mlxlogscore=999 priorityscore=1501 bulkscore=0 impostorscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.21.0-2408220000 definitions=main-2409210173
Message-ID-Hash: ASJ4S7YMOKXLOZRPEGL4LICZUY6O6G62
X-Message-ID-Hash: ASJ4S7YMOKXLOZRPEGL4LICZUY6O6G62
X-MailFrom: Mike.Ounsworth@entrust.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rats.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Rats] Re: Open Architectural Issues
List-Id: Remote ATtestation procedureS <rats.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/cVmsy6V974aL1DIVQqECFnVjOtY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Owner: <mailto:rats-owner@ietf.org>
List-Post: <mailto:rats@ietf.org>
List-Subscribe: <mailto:rats-join@ietf.org>
List-Unsubscribe: <mailto:rats-leave@ietf.org>

Hannes,

 

Are you suggesting that perhaps RATS should specify the full API between an
RFC 9334 Relying Party and Verifier? If you are not suggesting this, then I
will.

 

I know that the IETF traditionally defines wire protocols and not abstract
APIs, but I believe the issue that Hannes is alluding to that came up in the
CSR Attest design team is that the current state is that each Verifier will
be some proprietary piece of software which presents its own proprietary C++
DLL API, or CLI or REST API, or morse-code-over-ftp interface, or whatever.
>From the perspective of an RP, figuring out how to integrate with a dozen
Verifiers from a dozen vendors might actually be more work than just looking
at their data blob and writing your own Verifier. So in this case, I think
that if IETF defined a Verifier API, it would greatly help overall adoption
in the kinds of large-scale deployments Hannes is referring to where an RP
needs to plug in dozens of Verifiers.

 

 

In my opinion, CMW and EAT are half-way to a "Verifier API" in that they
(somewhat) specify the data that will be passed in (Evidence, Endorsements,
Reference Values), and passed out (Attestation Results). But it could go all
the way and define an actual API - I'm imagining a document that defines two
APIs: one for statically-linked libraries, and one REST-over-HTTP, that
fully exercise all functionality of a Verifier under RFC 9334. 

---

Mike Ounsworth

 

From: Tschofenig, Hannes <hannes.tschofenig=40siemens.com@dmarc.ietf.org> 
Sent: Wednesday, September 18, 2024 6:28 AM
To: rats <rats@ietf.org>
Subject: [EXTERNAL] [Rats] Open Architectural Issues

 

Hi all, I was wondering whether we could use the virtual interim meeting to
discuss an important architectural issue that surfaced with the work on the
attested CSR draft. Here is the issue: How should we deploy remote
attestation on a larger



Hi all,

 

I was wondering whether we could use the virtual interim meeting to discuss
an important architectural issue that surfaced with the work on the attested
CSR draft.

 

Here is the issue: How should we deploy remote attestation on a larger
scale? In particular, the RATS architecture assumes that the task of
verifying attestation evidence is outsourced to the Verifier. Now, the
question is: how does the Verifier get the necessary endorsements, reference
values, trust anchors and appraisal policies? 

 

Of course, all these questions are easy to answer for deployments where one
company operates all entities. That is, however, rarely the case. 

 

If the Verifier is tiredly integrated with the relying party, then the
relying party owner needs to collect the required information. This is
relatively easy if the relying party is also the owner or manufacturer of
the device(s) since it knows what hardware and software the devices are
supposed to be using.

 

For a more flexible deployment, the story gets complicated. We can see an
example deployment with the FIDO meta-data service. It makes several
assumptions that may not easily be generalizable. For example, it assumes
that all vendors of FIDO authenticators share their endorsements, reference
values, and trust anchors with the FIDO Alliance and that they are
subsequently shared (for free) with everyone. The FIDO meta-data service is
also not involved in any real-time interactions.

 

The FIDO Alliance model is a model where the relying party is co-located
with the verifier. The FIDO Alliance is, in the end, only a convenient way
for the relying parties to get access to the necessary information to
operate the verifier. 

 

So, if you are planning to deploy remote attestation, it would be
interesting to know what deployment model you are interested in. Afterall,
we want to ensure that the standards match the expected deployment.

 

Ciao
Hannes

v2.46.0 | Report a Bug | By Email | System Status