IETF Logo Mail Archive

Re: [Rats] About (E)UID's

Michael Richardson <mcr@sandelman.ca> Fri, 07 February 2020 12:32 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45004120836 for <rats@ietfa.amsl.com>; Fri, 7 Feb 2020 04:32:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kEyF3pK2Fy1l for <rats@ietfa.amsl.com>; Fri, 7 Feb 2020 04:32:10 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FB4C12009C for <rats@ietf.org>; Fri, 7 Feb 2020 04:32:09 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [IPv6:2a02:8109:b6c0:52b8:1993:81d7:2ab0:b9b6]) by relay.sandelman.ca (Postfix) with ESMTPS id 452271F45A for <rats@ietf.org>; Fri, 7 Feb 2020 12:32:08 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id BBDCB1A29DA; Fri, 7 Feb 2020 13:32:07 +0100 (CET)
From: Michael Richardson <mcr@sandelman.ca>
To: "rats@ietf.org" <rats@ietf.org>
In-reply-to: <1C16DAA0-D03B-417C-894A-30C4015AEED7@island-resort.com>
References: <8BDAAE2E-9803-4048-AD5B-59233708E6FB@akamai.com> <1C16DAA0-D03B-417C-894A-30C4015AEED7@island-resort.com>
Comments: In-reply-to Laurence Lundblade <lgl@island-resort.com> message dated "Fri, 07 Feb 2020 12:14:09 +0000."
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 07 Feb 2020 13:32:07 +0100
Message-ID: <24800.1581078727@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/efrVkGn1vqvWoLRuNtTgSj6bbnA>
Subject: Re: [Rats] About (E)UID's
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2020 12:32:12 -0000

Laurence Lundblade <lgl@island-resort.com> wrote:
    > While not stated overtly in the draft, UEIDs are intended to be the
    > sole identifier needed to universally identify a device. This is to
    > make life easiest for the relying party. They do not have to combine it
    > with any other claims to uniquely identify a device. (Maybe I should
    > add text explaining this)

...

    > I’m reluctant to rely on public keys for anything but signature
    > verification because I think we must support a variety of signing
    > schemes some of which don’t have a typical public key. One of these
    > will be HMAC for which there is no pubic key. Another is likely to be
    > ECDAA or such where the verification key material is a bit more complex
    > than a public key.

HMAC is a symmetric signature system, and I don't know how that would be used
in practice.

    > The vendor is also allowed to change signing schemes and the means of
    > creating UEIDs in their manufacturing process.

I think that this is the bigger problem.

Making the UEIDs unique only within a manufacturer means that relying parties
and verifiers have to become aware of when manufacturers roll things.
Will TPM modules be updated with new keys?  I didn't think so, but they could
wind up with renewed certificates, and the signing chain to get there could
change.

This puts a lot of burden on the relying party.

So I think that 128-bit UEIDs are good enough for this decade, but I think
that they are not good enough for my lifetime, so I want 256-bit UEIDs
supported.  I don't want anything in between, because two sizes are enough.
The document should say that ::128-bit-UEID is acceptable as a 256-bit UEID.
That is, leading zeros can always be assumed.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

v2.23.0 | Report a Bug | By Email