[Rats] draft-ietf-rats-tpm-based-network-device-attest
Daniel Migault <mglt.ietf@gmail.com> Mon, 01 November 2021 21:06 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45E973A2F9F for <rats@ietfa.amsl.com>; Mon, 1 Nov 2021 14:06:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dpN6AO_o_3kC for <rats@ietfa.amsl.com>; Mon, 1 Nov 2021 14:06:11 -0700 (PDT)
Received: from mail-vk1-xa29.google.com (mail-vk1-xa29.google.com [IPv6:2607:f8b0:4864:20::a29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7219D3A2F9D for <rats@ietf.org>; Mon, 1 Nov 2021 14:06:11 -0700 (PDT)
Received: by mail-vk1-xa29.google.com with SMTP id a129so3503159vkb.8 for <rats@ietf.org>; Mon, 01 Nov 2021 14:06:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=3sjhIbfF4O0NM6Q4fhjRbC2b19LR9Bn3bZuHTjzA9s8=; b=GIaRPUCiVqQ5gbY9cKRhDd8SFWFZMc0VO9YuiBgLB3Q5cBDmG8g1iknaUDE+E2HVo8 0f25m9hYbtwIL2vmsKXYKF1FmOkDNDGVcXwsc/BBBJczTLfhr1Q+9x1DAUFcATgpYxhn y8bmQhIvnuVdykUo4KsFFv7RkQVv8LrEjt1LrQwGrs19Gv+gByO5xokiu3bzvPOGCgb6 q+GUejkRu4qSxHLuP6mkgr/uyYoyVgcOdYqvaqz+2QaGIIYgUc8AVdy1HnHq67kPm+q5 iyZevmrB9IIloOahFcksKHa18Iz7DZJYL0Wj83IEI8aBFe1BbUZOsFd/4Wq/+X8ZrRzp 53NA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=3sjhIbfF4O0NM6Q4fhjRbC2b19LR9Bn3bZuHTjzA9s8=; b=rggE7F75TQEpaJaVuEHpK7ULWAFZZJ1PoJClLHI0ASR/xzQ8WrIM+dksaLThW2FB42 C0pubpoUDDNgPDwQLtC3D08nLMBvRWZsJlxGVyD36OaHzaihnEJUXrwTCwBxnZAnAA4y cgMxX7HTvhfUj1zGP3yVuWU84YUYflneeDhqMsV2BgdXUUxNrWl/UchzJN5kMEXGRpYO IyVanqdN/9jBeoegCg2UzxUrBKAcjRxGvVVaqmjG3XBqhQ5u/PPT+x3qigWYBs6BYnED kOEO8GTarVAmrAvAWvXdGsh7I3mmSUax8PB5OeZ9urLPtnfohOuJMFqjXG8InlCdv5Is WXDw==
X-Gm-Message-State: AOAM532Ga+fxLGlhHIPpuUOQgcCC8i231hjsEoA/x6IkKdy19cNQtLfW o8os0b0zlEk8xZ0+EC1Uu0OdlMz1w/Ad2T4AJJKDL2Kyjtg=
X-Google-Smtp-Source: ABdhPJwRMnbc9mZzgnRU2JcLzB0OaSsYHX30b/4xIIflh6LoaMcrL1wNE2NLgI0e7Sg0GXuhByxhhhqhCm5foO6dOyQ=
X-Received: by 2002:ac5:cadb:: with SMTP id m27mr10135627vkl.10.1635800769608; Mon, 01 Nov 2021 14:06:09 -0700 (PDT)
MIME-Version: 1.0
From: Daniel Migault <mglt.ietf@gmail.com>
Date: Mon, 01 Nov 2021 17:05:58 -0400
Message-ID: <CADZyTkkq3jXzi19dQOiS9RA4nwHGz_nfuC_T7J7GtqdUXE_DzA@mail.gmail.com>
To: rats@ietf.org
Content-Type: multipart/alternative; boundary="000000000000cbbdfd05cfc08b55"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/idGfFTirFLZ353QvXCgWGfhtPAo>
Subject: [Rats] draft-ietf-rats-tpm-based-network-device-attest
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Nov 2021 21:06:15 -0000
Hi, Though draft-ietf-rats-tpm-based-network-device-attest has passed the WGLC, I am providing some potential editorial nits as well as one question I have. The document appears to me very clear and I apologize for the late comments. Yours, Daniel section intro verify that what's there matches the intended configuration. I am wondering if there is not a nits there and that it should not be whether they match the intended configuration. Not being native english speaker it might be just me. section 1.3 Remote Integrity Verification should be RIV I guess. Privacy and Security shows maybe should be "Privacy and Security sections show" to remain more coherent to the section enumeration. Similarly the last bullet should maybe be Appendix provides supporting material. section 1.4/1.5 I understand Software Inventory as the software release installed in the TPM but considering section 1.5 I am unsure the scope is not the software to be attested - in other words the BIOS. Assuming it means the software release in the TPM, I am wondering if the software version is provided via a measurement by, for example, extending the PCR registers. In other words how the TPM release can be provided. -- Daniel Migault Ericsson
- [Rats] draft-ietf-rats-tpm-based-network-device-a… Daniel Migault