Re: [Rats] watchdog use case ... RE: Use cases in draft-ietf-rats-architecture-04

Dave Thaler <dthaler@microsoft.com> Tue, 16 June 2020 14:04 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42AF63A1579 for <rats@ietfa.amsl.com>; Tue, 16 Jun 2020 07:04:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dXquJ_Nmlwj5 for <rats@ietfa.amsl.com>; Tue, 16 Jun 2020 07:04:14 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2096.outbound.protection.outlook.com [40.107.223.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60CB73A1578 for <rats@ietf.org>; Tue, 16 Jun 2020 07:04:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=c8+pjDgIuziwHnaX9/RL24ngjZ7TtpERUHolGME8U/VSq5lKmWMaCTKt1dIfB5/5Of+PRArVWkP93w7SPCYMUqPuo0+39+ixzQA4sCczt4dfwKD0VJ4m8xpiYhjSIctP6D3k9Yhh3pBL5hOzMiY0e2J6n+VjYabvZ0WdyEP9sSvQLJAI/8DjRLH3pFveNyZBnb8ot8i4fV5bn+UcUEU9L32+D9LLDEhjNIhY8L2yYuv4tlfX6l1dfQbVtGU4rssQjpgU8GH7U/RB8LXZmVfN+Qy09dUjsNGUDLuVypVrfnlMJT9GgTtIBChgjWCThKQv6Y4V4BChTzSzH7YYIyoCIg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YPAjwEATedQGprlKmGS+rvtD7Wzwv/DAk8Pjm43Z1/Y=; b=EN9POMSBwQeLk6pBAPm47Be8hvKGuSA0NdI+4GShxjWUmmICtaXB+bapx/JbziF3wgOsvuUUN3qYWGuvOvxemLe6B2IcLXO/LmLyfogCStFeRR0qjIQvRhbW6kgUNJ4igfBQeslFLJszKHBud55S8lqHDwYKbkFpyrZheTi4619hUGyIoHmmXpYHYsY7vxVRvjDTr+jTlrJWPSU6ujJCuh/3T02f2qGIexkFJO50leRGZhkrFg1TXWnDq59Aupfm1tANecUGREJh4f5sFoWrQAtEBp6+/iwxizUKfcSeYaovmmrCvV4Qqqs0zpjWY7kB2ChQoojVojlaqqOodre6kA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YPAjwEATedQGprlKmGS+rvtD7Wzwv/DAk8Pjm43Z1/Y=; b=eonsJqdjBBdlzQ8kZPXS5QKQWiK1hT5B+G3PXUEPzbPXz4YxQxC1UCtTwxve3hz9bd8m7dlYUShu8qsg1u6syPRX1P6fyg1WMh7nRejjTcyVjivxbade/O//eqTMsqSNfXxqZ8wSknwcLOxm12CxuGSVt70diXqW6Ya2ydtjUH0=
Received: from BL0PR2101MB1027.namprd21.prod.outlook.com (2603:10b6:207:30::33) by BL0PR2101MB1811.namprd21.prod.outlook.com (2603:10b6:207:1e::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.8; Tue, 16 Jun 2020 14:04:12 +0000
Received: from BL0PR2101MB1027.namprd21.prod.outlook.com ([fe80::29cb:295d:97bc:3f7f]) by BL0PR2101MB1027.namprd21.prod.outlook.com ([fe80::29cb:295d:97bc:3f7f%9]) with mapi id 15.20.3131.009; Tue, 16 Jun 2020 14:04:12 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] watchdog use case ... RE: Use cases in draft-ietf-rats-architecture-04
Thread-Index: AdZDxzg1dMUxu36vSHG7cRcC1apYowAH6M3Q
Date: Tue, 16 Jun 2020 14:04:12 +0000
Message-ID: <BL0PR2101MB10272130B6B053169384CAA5A39D0@BL0PR2101MB1027.namprd21.prod.outlook.com>
References: <AM0PR08MB3716A2C59320D3FB8D403FADFA9D0@AM0PR08MB3716.eurprd08.prod.outlook.com>
In-Reply-To: <AM0PR08MB3716A2C59320D3FB8D403FADFA9D0@AM0PR08MB3716.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-06-16T14:04:10Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=f0b1067e-0911-4412-a97e-0f67d1cf4afa; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0
authentication-results: arm.com; dkim=none (message not signed) header.d=none;arm.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2601:600:9780:16f0:163:b41f:2414:db3a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 0ea843be-2365-47ef-d755-08d811fe258e
x-ms-traffictypediagnostic: BL0PR2101MB1811:
x-microsoft-antispam-prvs: <BL0PR2101MB181188A06C6FA74D85771298A39D0@BL0PR2101MB1811.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 04362AC73B
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6s1/1TgULPktlElFuaJpE5fQskYdMrkMRNKiVaraXtKfROvEDWx1s+VvzGDVBUgWN9q2KAm86fzfw3j3H1gNU3fBEUwp6lPNZD3FCaNRdEP0Nv2zC1ns/GRC+g3n186B5EEUsx819SXLvL41QbvLu1pjGVCkSZCqs98T07W/fj/wPK+oWqaTFafhL6mVsQpkiagYC+C4GgYdkfCWmcXaXBRIFFzEjP1Q3EmoR64xnX/3AAojdyNm45mwjh6DfLKHzumigJq+yH5VZRe3tM7JeUOjhgvplCfvrMxEa1hsX9my2KG1665UrfDQjCWsrRgWOHt+IqLIbp7dsD2FSPXOxmfWqKAhwBfwcTUE2yj+O1oPNUuwtypI28jg4IBrQ1Z4KnOyrNHKIqP7Pr7CSwIld8Z/DkkSzV9AnxXdX/r4jtxRgNRr5sOlRZrWh/2EaB+LATcnFKLHz64xVNlGR69Gap/7yPdDGPNcT7XKUMTijB97nbNSlQAkLdd0nk3Of3G3djeWaNE3pxD02mK7M/yZsQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR2101MB1027.namprd21.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(396003)(366004)(136003)(376002)(346002)(186003)(110136005)(478600001)(33656002)(316002)(66946007)(8990500004)(66556008)(10290500003)(66446008)(64756008)(166002)(66574015)(53546011)(71200400001)(8676002)(66476007)(76116006)(55016002)(6506007)(9686003)(8936002)(83380400001)(7696005)(966005)(4326008)(86362001)(82960400001)(82950400001)(52536014)(2906002)(5660300002)(12290500007)(15398625002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: KOj5Ou7SmUVc9sfw//JnTkeDPj3m5Ad9yOcts0JE8QQAmR4n8pTISXdiQVng2ufNMiIOS8fUpuqO9xCbOsnrJtESwdFZFx9PDX4LMQun99a71RmTMpu0cLmba3rJg76LThujYKIhB6mDJTI264waFaTPwS+tYFQJdMIgJvc4XMy200/TaiaUV4yGItJmthtkkSKbNrQY3d6dRl6dhD7if+QNeu3Q/7c10TML2Q4Ed/90pFkXSmoDjantUODQRZY2z8oY6ri8SWFsj63NGJK2d8caDxwUuGq6ys6d3uqE+k2J5MIYcLnLum/CoXF5vFC3R0zeNQa0y9nRv22m+9Zq/JxiJkU3G08vVSjtHLZULwQAMF5gnRv2knc32MsZhvoR7ZDcFQgvRTAM7ZIojtTPF1CO2FA408401yCfkITSoQtNuzxOpvIm91o/7xBulFqfzRDJBa2eKTuyP+BOyRB/rOhqd9DMZAIHhRajNjArwuRU/nGbrpOsMsTOL1FkVhNS+z9z/GzXMb0q0Fw5mm19wTmerV9d/iFmvRSv5LGRB1Z3R0I/77LWVbvrJVlI5xAk
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BL0PR2101MB10272130B6B053169384CAA5A39D0BL0PR2101MB1027_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1027.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ea843be-2365-47ef-d755-08d811fe258e
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jun 2020 14:04:12.1059 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Bug6Wzt/WFIUiXLulHHNILt9x587MKQ3M1fgVqamSoFwgEhQmSovSMAYfVcV+2qYAw16QdTSOTJDQHkv16ylOzj0SEAN2A/vyU3TnSm4aQk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR2101MB1811
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/v7VhEp_JH0quyCfZ65Dc0igJuHU>
Subject: Re: [Rats] watchdog use case ... RE: Use cases in draft-ietf-rats-architecture-04
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jun 2020 14:04:16 -0000

Thanks for the feedback.  One reference we can add is
https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p62_Part1_Architecture_7july2020.pdf
section 43 (especially 43.3).

Dave

From: RATS <rats-bounces@ietf.org> On Behalf Of Hannes Tschofenig
Sent: Tuesday, June 16, 2020 3:26 AM
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>om>; Oliver, Ian (Nokia - FI/Espoo) <ian.oliver@nokia-bell-labs.com>om>; Michael Richardson <mcr+ietf@sandelman.ca>
Cc: rats@ietf.org
Subject: [Rats] watchdog use case ... RE: Use cases in draft-ietf-rats-architecture-04

Hi RATS architecture authors,

Could the authors of the use case explain the watchdog use case a bit more?

I do not understand how this is supposed to work. How is the device allowed to reboot when it sends attestation information to a remote server?
If malware prevents the device from rebooting, as the text indicates, why doesn't that malware also prevent the interaction with the attestation server (for example, pretending that network connectivity is down)?

Ciao
Hannes

From: RATS <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> On Behalf Of Hannes Tschofenig
Sent: Tuesday, June 9, 2020 9:31 PM
To: Oliver, Ian (Nokia - FI/Espoo) <ian.oliver@nokia-bell-labs.com<mailto:ian.oliver@nokia-bell-labs.com>>; Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr+ietf@sandelman.ca>>
Cc: rats@ietf.org<mailto:rats@ietf.org>
Subject: Re: [Rats] Use cases in draft-ietf-rats-architecture-04

Hi Ian,

can you provide a bit more details about what your domain is?

Ciao
Hannes

From: Oliver, Ian (Nokia - FI/Espoo) <ian.oliver@nokia-bell-labs.com<mailto:ian.oliver@nokia-bell-labs.com>>
Sent: Tuesday, June 9, 2020 9:27 PM
To: Michael Richardson <mcr+ietf@sandelman.ca<mailto:mcr+ietf@sandelman.ca>>; Hannes Tschofenig <Hannes.Tschofenig@arm.com<mailto:Hannes.Tschofenig@arm.com>>
Cc: rats@ietf.org<mailto:rats@ietf.org>
Subject: Re: [Rats] Use cases in draft-ietf-rats-architecture-04

Just to add to that, the watchdog case is relevant in our domain

Ian


--

Dr. Ian Oliver

Cybersecurity Research

Distinguished Member of Technical Staff

Nokia Bell Labs

+358 50 483 6237

________________________________
From: Michael Richardson
Sent: Tuesday, June 09, 2020 22:00
To: Hannes Tschofenig
Cc: rats@ietf.org<mailto:rats@ietf.org>
Subject: Re: [Rats] Use cases in draft-ietf-rats-architecture-04


Hannes Tschofenig <Hannes.Tschofenig@arm.com<mailto:Hannes.Tschofenig@arm.com>> wrote:
    > Regarding the hardware watchdog I just feel it is a made-up use
    > case. Is this something people actually want to use in practice?
    > Today's use of hardware watchdogs aim to deal with non-security use
    > cases (mostly dealing with crashing software).

We've heard from Enterprise people that this is important.
It's not a constrained case.

--
Michael Richardson <mcr+IETF@sandelman.ca<mailto:mcr+IETF@sandelman.ca>>, Sandelman Software Works
 -= IPv6 IoT consulting =-
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.