Re: [Rats] Verifier Input instead of Endorsement?
Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Thu, 02 July 2020 13:31 UTC
Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 855FC3A00D4 for <rats@ietfa.amsl.com>; Thu, 2 Jul 2020 06:31:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XSnzke6wawlP for <rats@ietfa.amsl.com>; Thu, 2 Jul 2020 06:31:16 -0700 (PDT)
Received: from mail-edgeKA24.fraunhofer.de (mail-edgeka24.fraunhofer.de [153.96.1.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 027E33A0365 for <rats@ietf.org>; Thu, 2 Jul 2020 06:31:14 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2EYAwDy4P1e/xoBYJlfHAEBAQEBAQcBARIBAQQEAQFAgUqBdYEkgTMKhCeRFJt+BgsBAQEBAQEBAQEGAQEYCwoCBAEBAoRFAoIeASQ4EwIQAQEGAQEBAQEGBAIChkQMg1GBAgEBAQEBAQEBAQEBAQEBAQEBAQEWAkNVEgEBHQEBAQEDAQEhBAsBBS8HCxAJAg4DAQMBAQECAiMDAgInHwECBggGAQkDAQUCAQGDIgGCewULjU2bBHZ/M4VRg2eBOgaBDiqMWQ8PgUw/gREnD4IsLj6CXAEBAoFHgyyCYASPIw8IgnyhUFwoB4FZgQaBBwQLmCgFCh2RGAaNf5FZnmACBAIJAhWBai83gRNNJE+CaVAXAg2XI4VEcgI1AgYBBwEBAwl8jB2BNAGBEAEB
X-IPAS-Result: A2EYAwDy4P1e/xoBYJlfHAEBAQEBAQcBARIBAQQEAQFAgUqBdYEkgTMKhCeRFJt+BgsBAQEBAQEBAQEGAQEYCwoCBAEBAoRFAoIeASQ4EwIQAQEGAQEBAQEGBAIChkQMg1GBAgEBAQEBAQEBAQEBAQEBAQEBAQEWAkNVEgEBHQEBAQEDAQEhBAsBBS8HCxAJAg4DAQMBAQECAiMDAgInHwECBggGAQkDAQUCAQGDIgGCewULjU2bBHZ/M4VRg2eBOgaBDiqMWQ8PgUw/gREnD4IsLj6CXAEBAoFHgyyCYASPIw8IgnyhUFwoB4FZgQaBBwQLmCgFCh2RGAaNf5FZnmACBAIJAhWBai83gRNNJE+CaVAXAg2XI4VEcgI1AgYBBwEBAwl8jB2BNAGBEAEB
X-IronPort-AV: E=Sophos;i="5.75,304,1589234400"; d="scan'208";a="22730635"
Received: from mail-mtaka26.fraunhofer.de ([153.96.1.26]) by mail-edgeKA24.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jul 2020 15:31:12 +0200
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BIAQBO4P1e/1lIDI1fGwEBAQEBAQEBBQEBARIBAQEDAwEBAUCBSoF1NW8DVDAsCoQnkRScBAsBAwEBAQEBBgEBGAsKAgQBAYRHAoIcAiQ4EwIQAQEFAQEBAgEGBG2FWwyFbgEBAQEDAQEhBAsBBS8HCxAJAg4DAQMBAQECAiMDAgInHwECBggGAQkDAQUCAQGDIgGDAAuNTJsEdn8zhVGDZ4E6BoEOKoxZDw+BTD+BEScPgiwuPoJcAQECgUeDLIJgBI8jDwiCfKFQXCgHgVmBBoEHBAuYKAUKHZEYBo1/kVmeYAIEAgkCFYFqIgw3gRNNJE+CaVAXAg2XI4VEQTECNQIGAQcBAQMJfIwdgTQBgRABAQ
X-IronPort-AV: E=Sophos;i="5.75,304,1589234400"; d="scan'208";a="85520169"
Received: from mailext.sit.fraunhofer.de ([141.12.72.89]) by mail-mtaKA26.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jul 2020 15:31:08 +0200
Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.15.2/8.15.2/Debian-10) with ESMTPS id 062DV86W028361 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NOT); Thu, 2 Jul 2020 15:31:08 +0200
Received: from [192.168.16.50] (79.206.156.41) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.487.0; Thu, 2 Jul 2020 15:31:03 +0200
To: Laurence Lundblade <lgl@island-resort.com>, Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>
CC: "rats@ietf.org" <rats@ietf.org>
References: <878E068C-DAFD-4441-94F7-BA79CAF7FED6@island-resort.com> <BL0PR2101MB10279501A4ECA5BB7B6AED63A36F0@BL0PR2101MB1027.namprd21.prod.outlook.com> <BF5071AC-0C8D-4B26-8330-8589736B6EF5@island-resort.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <af8e64b9-41b3-f42a-183d-1c9544fc1d7d@sit.fraunhofer.de>
Date: Thu, 02 Jul 2020 15:31:02 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <BF5071AC-0C8D-4B26-8330-8589736B6EF5@island-resort.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Originating-IP: [79.206.156.41]
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/kGjU6v_tUHUJZxIbxIAas5Q-MhQ>
Subject: Re: [Rats] Verifier Input instead of Endorsement?
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2020 13:31:21 -0000
Hi Laurence, while I think that I understand where you are coming from here, I have to say that I also think that: * "manufacturer(s)" is a too arbitrarily restricting term, which is why we agreed on endorser * every arrow is of course "input/output", but we are not calling evidence "Attester Output". So, Verifier Input is in contrast a too ambiguous category (it does not add any semantics to the arrow) * the itemized list that starts with key material provides a very intuitive example and maybe we could use that kind of list as a more prominent example in the arch I-D The question, if reference values are endorsements or appraisal policies or a third item is... probably okay and I am interested in an answer - but that is a detail, I think. As long as they are also mentioned, I can follow all three lines of thought. Also, I am in strong doubt that the following statement is always correct: "The transfer of all these inputs to the Verifier does need to be secured.". I am confused by the exceptions that follow that statement which basically say, I think: in some cases they have to be secured. Maybe we mean different things by "secured"? Viele Grüße, Henk On 02.07.20 03:46, Laurence Lundblade wrote: > Here’s rough proposed text and diagram. Not sure where it would go in > the doc yet. > > LL > > ******************* ************ **************** > * Manufacturer(s) * * Verifier * * Relying Party* > ******************* * Owner * * Owner * > | ************ **************** > | | | > Manufacturer | | | > Verifier | |Owner | > Input | |Verifier | > | |Input | Appraisal > | | | Policy for > | | | Attestation > | | | Result > v v | > .-----------------. | > .----->| Verifier |------. | > | '-----------------' | | > | | | > | Attestation| | > | Results | | > | Evidence | | > | | | > | v v > .----------. .-----------------. > | Attester | | Relying Party | > '----------' '————————‘ > > Conceptually there are four main inputs to the Verifier aside from the > Attestation Evidence. They are: > > - Key material for verifying trust in the Attester > - Known-good/reference values for comparison with Claims in the > Attestation Evidence > - Static implicit claims for the particular Attester that are pass > to the Relying Party in Attestation Results > - Policy Configuration > > Any of these four can come from either the Manufacturer as Manufacturer > Verifier Input or from the Verifier Owner as Owner Verifier Input. They > key material usually always comes from the manufacturer and the policy > from the Verifier Owner, but there is no strict requirement for this. > The known-good/reference values and static implicit claims often come > from either or both. > > There is no strict separation between Manufacturer and Verifier Owner. > They could be the same. There could also be 3rd party intermediaries > between the Manufacturer and the Verifier. > > An Endorsement is one established format for some of these inputs. It > usually comes from an Endorser that is usually the Manufacturer. It is > usually a signed document. Alternatively, the Verifier may perform > queries against a database, perhaps one maintained by a Manufacturer, to > get inputs. Alternatively, the root key of a key hierarchy may be > transferred in a one-time physical ceremony. This architecture sets no > protocol or procedure for this input. > > The transfer of all these inputs to the Verifier does need to be > secured. For all cases, authenticity of the Manufacturer and Verifier > Owner and their inputs are required. Without authentic inputs, the > Verifier will not do its job correctly. In some cases confidentiality of > the inputs is required. Finally, in some cases the Manufacturer and > Verifier Owner will authenticate the Verifier. > > This architecture sets no requirement for a particular protocol or > security mechanism. For example, TLS could be used, but it is not the > only protocol that could be used, > > > > >> On Jun 29, 2020, at 8:56 PM, Dave Thaler >> <dthaler=40microsoft.com@dmarc.ietf.org >> <mailto:dthaler=40microsoft.com@dmarc.ietf.org>> wrote: >> >> I don’t like the term “Verifier Input” since “Appraisal Policy for >> Evidence” is also Verifier Input, so I would find it confusing. >> I think that the rules for what to put in Attestation Results (bullet >> 3), as well as “known-good/reference values” if such exist >> (and there can be valid policies where they may not exist, or rather >> where the policies use more complex rules than >> a simple test for equality against a constant) are conceptually part >> of Appraisal Policy. >> I do agree that Appraisal Policy can be conveyed to the Verifier in >> many different ways, and may be composed >> of different things from different sources. >> Dave >> *From:*RATS <rats-bounces@ietf.org <mailto:rats-bounces@ietf.org>>*On >> Behalf Of*Laurence Lundblade >> *Sent:*Monday, June 29, 2020 11:34 AM >> *To:*rats@ietf.org <mailto:rats@ietf.org> >> *Subject:*[Rats] Verifier Input instead of Endorsement? >> Stepping back a bit on the definition of an Endorsement, I think the >> four inputs to a Verifier are these: >> - Key material for verifying trust in the Attester >> - Known-good/Reference values for comparison with claims >> - Static implicit claims that are passed to RP's via Attestation Results >> - Appraisal Policy >> These can and will be conveyed to the Verifier in many different ways: >> - X.509 certs with extensions >> - Signed documents >> - HTTP queries against the Attester/device manufacturer >> - Remote SQL or some other sort of database access to manufacturer(s) >> - Data storage like flash drives the are hand carried into the >> Verifier's site >> - One-time special file transfers >> - Ceremonial procedures with M out of N people physical present >> approving transfer >> It seems like shoe-horning all of the above (except policy) into an >> Endorsement, like I’ve tried to do >> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-rats-wg%2Farchitecture%2Fpull%2F94&data=02%7C01%7Cdthaler%40microsoft.com%7Cf15ace6e8b4b447eebc008d81c5b1f33%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637290524986365098&sdata=2NktPX%2B3LJXjMEjEFoM8kpUIy6yOxte%2BuhFYr1ETN4g%3D&reserved=0> >> is too much. I tried this shoe-horning because I think the >> architecture document needs to cover all this and Endorsements was >> what was in it. A typical Endorsement seems to be just the first two >> mentioned, X.509 and signed documents expanding its definition to >> include database access is a stretch. >> Rather than defining Endorsement, I’d like to define Verifier Input: >> ******************* ************ **************** >> * Manufacturer(s) * * Verifier * * Relying Party* >> ******************* * Owner * * Owner * >> | ************ **************** >> | | | >> Verifier Input| | | >> | |Appraisal | >> | |Policy | >> | |for | Appraisal >> | |Evidence | Policy for >> | | | Attestation >> | | | Result >> v v | >> .-----------------. | >> .----->| Verifier |------. | >> | '-----------------' | | >> | | | >> | Attestation| | >> | Results | | >> | Evidence | | >> | | | >> | v v >> .----------. .-----------------. >> | Attester | | Relying Party | >> '----------' '————————‘ >> >> Endorsements must still be mentioned, but as one form of Verifier >> input just like EAT is one form of Attestation Evidence. >> Verifier Input would be defined as: >> - Key material for verifying trust in the Attester >> - Known-good/Reference values for comparison with claims >> - Static implicit claims that are passed to RP's via Attestation Results >> To do this, I’d replace the current PR >> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-rats-wg%2Farchitecture%2Fpull%2F94&data=02%7C01%7Cdthaler%40microsoft.com%7Cf15ace6e8b4b447eebc008d81c5b1f33%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637290524986365098&sdata=2NktPX%2B3LJXjMEjEFoM8kpUIy6yOxte%2BuhFYr1ETN4g%3D&reserved=0> and >> issue >> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-rats-wg%2Farchitecture%2Fissues%2F65&data=02%7C01%7Cdthaler%40microsoft.com%7Cf15ace6e8b4b447eebc008d81c5b1f33%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637290524986375092&sdata=GfM5qElO4teNdjfABlmVayeGXuYHWBDqHTVtpeeew7g%3D&reserved=0> I >> have on Endorsements with a new PR. It will be a fair bit of work, so >> I want to see if there is some consensus first. >> LL >> _______________________________________________ >> RATS mailing list >> RATS@ietf.org <mailto:RATS@ietf.org> >> https://www.ietf.org/mailman/listinfo/rats > > > _______________________________________________ > RATS mailing list > RATS@ietf.org > https://www.ietf.org/mailman/listinfo/rats >
- [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Dave Thaler
- Re: [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Henk Birkholz
- Re: [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Michael Richardson
- Re: [Rats] Verifier Input instead of Endorsement? Simon Frost
- Re: [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Michael Richardson
- Re: [Rats] Verifier Input instead of Endorsement? Simon Frost
- Re: [Rats] Verifier Input instead of Endorsement? Henk Birkholz
- Re: [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Henk Birkholz
- Re: [Rats] Verifier Input instead of Endorsement? Michael Richardson
- Re: [Rats] Verifier Input instead of Endorsement? Laurence Lundblade
- Re: [Rats] Verifier Input instead of Endorsement? Henk Birkholz
- Re: [Rats] Verifier Input instead of Endorsement? Michael Richardson