IETF Logo Mail Archive

Re: [Rats] Vetting claim definitions

"Eric Voit (evoit)" <evoit@cisco.com> Tue, 11 June 2019 21:03 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57510120090 for <rats@ietfa.amsl.com>; Tue, 11 Jun 2019 14:03:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=GEkBmbEz; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=aQs8nnvZ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1YbGL3wy7Mzx for <rats@ietfa.amsl.com>; Tue, 11 Jun 2019 14:03:34 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E80612006B for <rats@ietf.org>; Tue, 11 Jun 2019 14:03:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=40220; q=dns/txt; s=iport; t=1560287014; x=1561496614; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=sYCKYQy2FyTnn6Tvd+ovrCfeE4hVPhXDF+Fyswzw6tQ=; b=GEkBmbEzicrAC821OPD5j2g6qpM0HmhGktRWYgmrN+pk/+pe5J6MyA3a dCBCqaFjvo7c6mwkA1B7T77DDoZAzBEXjbsRZASVzP89qHtROR/Apm4dG LlWEjzb1BqFyuyaZhuO1dtgOlo1zH00frgwa7BgDkYTjUAwkMRSaJagiJ 8=;
IronPort-PHdr: 9a23:b3rHoRER9KvIng3t1F2zDZ1GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4w3A3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNVcejNkO2QkpAcqLE0r+efP0aC0mNM9DT1RiuXq8NBsdFQ==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BtAAAWFgBd/49dJa1mGwEBAQEDAQEBBwMBAQGBVAMBAQELAYEOLyQFJwNqVSAECygKhAuDRwOOXoJXfpY1glIDVAkBAQEMAQEnBgIBAYRAAheCZyM3Bg4BAwEBBAEBAgEEbRwMhUoBAQEBAxIRChMBASkOAQ8CAQgOByMHAwICAjAUEQIEDgUIGoI1TIEdTQMdAQIMnkcCgTiIX3GBMYJ5AQEFgTIBg1AYgg8DBoE0AYtcF4FAP4ERRoIXNT6CYQKBSxgVFgmCVDKCJotnK4IYhHAilXkJAoIQhkWNG4Ilhn2EB4l5lCqPKwIEAgQFAg4BAQWBZSKBWHAVgyeCDwwXg02KU3KBKYx6K4EEAYEgAQE
X-IronPort-AV: E=Sophos;i="5.63,363,1557187200"; d="scan'208,217";a="576404151"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 11 Jun 2019 21:03:32 +0000
Received: from XCH-RCD-017.cisco.com (xch-rcd-017.cisco.com [173.37.102.27]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id x5BL3WiJ024932 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 11 Jun 2019 21:03:32 GMT
Received: from xhs-aln-003.cisco.com (173.37.135.120) by XCH-RCD-017.cisco.com (173.37.102.27) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 11 Jun 2019 16:03:31 -0500
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 11 Jun 2019 16:03:30 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 11 Jun 2019 16:03:30 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sYCKYQy2FyTnn6Tvd+ovrCfeE4hVPhXDF+Fyswzw6tQ=; b=aQs8nnvZNtHmZOvt5Zlp+bvad3QaviZYKpYX4atDELJrL9d8/LNQD2Nwy7jtc7n7FQAQKahpekJTBNwYJZTqkjCKawbVwAf+2ohnzwGqfPpc45A+h6yJjO2s78zcWyXxAW1oxEYeakieI8PrvTCDnUzK4ZzeohFkh4baD//7U3I=
Received: from DM6PR11MB4089.namprd11.prod.outlook.com (20.176.126.30) by DM6PR11MB3145.namprd11.prod.outlook.com (20.177.219.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1987.11; Tue, 11 Jun 2019 21:03:28 +0000
Received: from DM6PR11MB4089.namprd11.prod.outlook.com ([fe80::d014:d7a3:270:e5a9]) by DM6PR11MB4089.namprd11.prod.outlook.com ([fe80::d014:d7a3:270:e5a9%3]) with mapi id 15.20.1965.017; Tue, 11 Jun 2019 21:03:28 +0000
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "rats@ietf.org" <rats@ietf.org>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
Thread-Topic: [Rats] Vetting claim definitions
Thread-Index: AQHVHSQrNP3gSrcbuEuedIL4RWxi86aQLzAwgABa8ACAABflIIAEoFOAgAAVAQCAAUD6gIAATHJw
Date: Tue, 11 Jun 2019 21:03:28 +0000
Message-ID: <DM6PR11MB4089B664568293A03AD6FD40A1ED0@DM6PR11MB4089.namprd11.prod.outlook.com>
References: <BC6D5D3A-BD2F-496E-AA68-D2A758A33843@island-resort.com> <12913.1559739926@localhost> <30754CD8-98AB-4080-952E-880BC630EC69@island-resort.com> <BL0PR00MB029274A33B44A0B8CE310C0BF5160@BL0PR00MB0292.namprd00.prod.outlook.com> <VI1PR08MB536061869B7BE623F861B821FA100@VI1PR08MB5360.eurprd08.prod.outlook.com> <DM6PR11MB408908B0F071051FEC0B090BA1100@DM6PR11MB4089.namprd11.prod.outlook.com> <902E75D8-D8AC-403B-A295-0EC3034E44B2@island-resort.com> <DM6PR11MB4089C31F977DD496B5CC49D7A1100@DM6PR11MB4089.namprd11.prod.outlook.com> <D990AE6C-3722-40EA-9B11-9B7EDEF9AFE5@island-resort.com> <DM6PR11MB4089D8274D816949BAC5215DA1130@DM6PR11MB4089.namprd11.prod.outlook.com> <8AA62B47-28EA-4D9D-B103-DBD1F3964BAF@island-resort.com>
In-Reply-To: <8AA62B47-28EA-4D9D-B103-DBD1F3964BAF@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evoit@cisco.com;
x-originating-ip: [173.38.117.75]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cd75d675-6715-44b4-e46c-08d6eeb040b1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM6PR11MB3145;
x-ms-traffictypediagnostic: DM6PR11MB3145:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <DM6PR11MB3145BE25CFEE9C2990C36DFFA1ED0@DM6PR11MB3145.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 006546F32A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(376002)(136003)(346002)(366004)(199004)(189003)(446003)(11346002)(66946007)(790700001)(606006)(71200400001)(73956011)(71190400001)(26005)(186003)(9326002)(316002)(68736007)(8936002)(66066001)(76116006)(66574012)(476003)(14444005)(256004)(8676002)(81156014)(81166006)(5660300002)(486006)(7696005)(52536014)(99286004)(6246003)(33656002)(2906002)(102836004)(86362001)(25786009)(6916009)(54906003)(6116002)(3846002)(54896002)(6306002)(55016002)(74316002)(4326008)(7736002)(14454004)(478600001)(66476007)(66556008)(966005)(64756008)(9686003)(6436002)(66446008)(229853002)(53936002)(53546011)(6506007)(236005)(76176011); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB3145; H:DM6PR11MB4089.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: asmhFV99s4fQGq0rvur1OXhrjD0F4rGPZ5Yai6Y1oRaUbwlA0MLW08RbwHbawMUMZicNHOCcB+BwBrPs8aKSHEzZ+wAPFYoHeLp2AHUUUYJo3Uy6gndGNvQHYW6LP9HGa3OL4i8oVCbUdSkuBTFdMai+y1G/a2ABXbzQmWDv8SDoOA4uGtS7iAdFhLO3u++1TdgYz0DmlneENwT5fnS8i/wrB4K1uJi92ijzQVRUPkBUqYeHOepLo7U6Fb+qyFMBaHM9LJSwu1a89BRGiRAKyJpCpTWlnOBW5ZNNeyJTUsS8l1CZpA39kV/iqHCIJ9QnyMm0PYzLhzyTXaYqDr95tfweVrtmTf3MPirHP7JK5s2oSe4gPFFDo8ccEH41KBtQlKjeQIgmjAsxYz5DESMf5WnHhGUX4I4HrZywQKd5mD0=
Content-Type: multipart/alternative; boundary="_000_DM6PR11MB4089B664568293A03AD6FD40A1ED0DM6PR11MB4089namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: cd75d675-6715-44b4-e46c-08d6eeb040b1
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jun 2019 21:03:28.4230 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: evoit@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3145
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.27, xch-rcd-017.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/fvoVmhPrk9Iynj5Ih1-8GYgUBeA>
Subject: Re: [Rats] Vetting claim definitions
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 21:03:39 -0000

Hi Laurence,

From: Laurence Lundblade, June 11, 2019 11:21 AM

Hi Eric,

What I’m trying to figure out here is where there can be real practical interoperability with extant YANG-defined objects and how we go about it as I assume this is your current objection to adoption.

<eric> I certainly intended no argument against adoption.  I did vote in favor of adoption.  It was just that I want to see this topic addressed as part of the draft's progression.  I think the vote summary from Kathleen covers my desire just fine.

On Jun 10, 2019, at 2:23 PM, Eric Voit (evoit) <evoit@cisco.com<mailto:evoit@cisco.com>> wrote:

Hi Laurence,

It is true that the YANG of draft-birkholz-rats-basic-yang-module is currently TPM2 specific.  But over the past month we have been having discussions on how to augment into this model case statements and a tree structure which allows exposure of information from alternative hardware types such as the TPM1.2.

Per your note below, I am guessing that draft-birkholz-rats-basic-yang-module could provide a query/response interface to access EAT information.  The Network Element's YANG model theoretically could allow access based on whatever choice of protocols the Network Element supports (e.g., NETCONF/XML. RESTCONF/JSON, CoMI/CBOR).  But the choice and protocols of used to access EAT objects over a YANG interface is something each platform would need to define.   The baseline choice for Interoperability here is tbd.

You mentioned a YANG interface. Seems like a point where there might be interoperability. Is this an interface on the router that is used to collect the claims data before signing? Or is it an interface on the back end / server / relying party that is involved in validating the data? Or maybe it is the rpc interaction defined in draft-birkholz-rats-basic-yang-module? I’m not sure what the intended endpoints of that RPC are. Router and Relying Party?

<eric>  It is the RPC mechanism.  The RPC mechanisms allow a relying party to fetch internal datastore objects within the Router.

One vendor specific example of a domain relevant YANG model is here:
https://github.com/YangModels/yang/blob/master/vendor/cisco/xe/16101/Cisco-IOS-XE-boot-integrity-oper.yang
This model allows information from within a cryptoprocessor to be inspected by both the router and the relying party *after* it has been signed by the one of the router's cryptoprocessors.

Note: this model is just one of almost 400 YANG models supported on that type of device:
https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/16101
Looking at this second link, you can get an idea of the level of investment placed into YANG by Router vendors attempting to unify the exposure of information.


Now that we are generally agreeing that an EAT is a CWT or JWT, the interaction model between device and relying party is inherited from them. Mostly we’re defining the format of a signed message and leaving the transport of the message open-ended so it can be embedded in HTTP headers, protocol extensions and such. If YANG is used to define interaction on routers, then some YANG RPC could be used (if that is what YANG RPC is) to define transport of CWTs (if CWTs are used on routers). There’s also draft-birkholz-reference-ra-interaction-model.

<eric> I have been seeing EAT as a useful way to define what comes out of cryptoprocessor hardware which might be located on a router.  For relying parties outside the router, the EAT raw payload might be fetched through RPC.  Or perhaps some or all of the corresponding YANG objects might be fetched.  Additionally, specific objects could be referenced so that logic on the router might be applied based on the value of that object.   A good example we have tested here is when we send a notification message to a relying party only when a specific PCR has changed.  This level of granularity means the relying party doesn't have to continuously poll for the router to see if the PCR has changed.


Whether it is even meaningful/relevant to support such YANG-EAT interoperability is something I don't know yet.  For me to consider EAT for implementation would mean EAT has been adopted within routers/switches.   As this is possible, I feel there is little for the WG to lose if we try to select/define some common objects which span our different domains.


Here’s comments on a pass through draft-birkholz-rats-basic-yang-module

grouping nonce {... Seems essentially compatible with nonce / cti / jai in CWT / JWT
grouping pcr-selection {...   TPM-specific so we probably go with the YANG definition
grouping pcr-selector {...   TPM-specific so we probably go with the YANG definition
grouping signature-scheme {… EAT will use COSE for this
grouping attestation-key-identifier {… EAT will use COSE for this
grouping tpm-name {… TPM-specific so we probably go with the YANG definition
grouping compute-node {… I think this one needs work to figure out what it is and if EAT’s UEID is similar
grouping node-uptime {… Seems simple to make exactly the same for EAT
grouping log-identifier {… and grouping boot-event-log {… and other log stuff… Maybe TPM specific; maybe needs work to understand
grouping ima-event {… and related. We do want some IMA claims in CWT format. Maybe they are part of EAT. Maybe they are separate. Maybe they use the YANG definition.

<eric> This is a nice start on the type of analysis I am hoping to see.   I think as we work this through, we can save mapping cycles for future developers.

Please understand that in no way do I claim that YANG is perfect.  And YANG models can take years to complete.   But on the plus side for YANG, I am sure it is possible to construct YANG models so that new hardware types can be inserted.  If you want a preview of the types of structure which might be used for this type of extensibility, check out at how draft-ietf-netconf-yang-push augments new case types into a the YANG model described within draft-ietf-netconf-subscribed-notifications.

YANG not perfect?? Huh? What?  :-)

I wish some YANG experts would chime in more here. I’m trying to learn on the fly and really should be updating the EAT draft instead.

<eric>  I encourage other YANG viewers out there to chime in as well.

Eric

LL




Eric

From: Laurence Lundblade, June 10, 2019 2:57 PM


Hi Eric,

So I think we have some agreement on general principles for how to structure the documents this work group produces so we can have both flexibility in the definition of new claims and well-defined concise sets claims for particular use cases.

In particular I appreciate the confirmation of this from Mike Jones. Hopefully lack of objection implies a lot of agreement.


Eric, I think you are now digging into the next level of detail on how to deal with TPM-based implementations and claims specified in YANG and how that will interoperate with CWT/COSE and JWT/JOSE based tokens.

I don’t really understand YANG and how to fully read draft-birkholz-rats-basic-yang-module yet. Working on it (but I should be working on the new EAT draft…)

draft-birkholz-rats-basic-yang-module REQUIRES a TPM to implement it. That implies to me that neither CWT/COSE and JWT/JOSE signed container formats can be used because I don’t think TPM’s can produce either format. Pretty sure we agree that EAT will always be CWT/COSE or JWT/JOSE.

(It is also odd to me that an IETF standard would require particular HW. It should just be about bits on the wire. EAT will have some means to indicate the security of the HW and SW that produced a given token, but will not require any particular security from the HW or SW)

But let’s assume that a relying party (I think you call this the Network Element) can unpack and verify signature that in the format of CWT and JWT and the TPM-style sig that I think is implied by draft-birkholz-rats-basic-yang-module. The result will be a set of claims in some syntax. It will be CBOR or JSON in the case of CWT or JWT.

What will it be for draft-birkholz-rats-basic-yang-module??? YANG-described stuff an be lots of different syntaxes by my understanding. How many of them will a relying party be expected to support so there is interop?

I’m going to stop here for the answer to that question.

LL

v2.23.0 | Report a Bug | By Email