[Rats] comments on draft-birkholz-rats-architecture-02
Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Wed, 25 September 2019 14:18 UTC
Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F40A12006F for <rats@ietfa.amsl.com>; Wed, 25 Sep 2019 07:18:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0rWdraAvTncC for <rats@ietfa.amsl.com>; Wed, 25 Sep 2019 07:18:06 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-db5eur03on060a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0a::60a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F10B6120048 for <rats@ietf.org>; Wed, 25 Sep 2019 07:18:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XRhWTDWDDAbMgtQHG2LR+sRDyL1EQAIb8E2BWT/6OG9qjihC5zf1tcESreNc89AH0gxMBNVnPCJrDHmiJu96oMIc908sNJvHE5FT9KxDFF16FMxTykMDbW4LKV2P+jHrkaRZSdaLe3i1/3NFXZ+Vl/k0DE2OtDPGoaNio+xHDm9Doez/BpN3kIsOw7ze9lXd3DlGI8fR9jCZGw+qIWQVgkmJBOoBAzWhbeOqLGDuuIMA2nhI6dQg+MyTcC/YaUDqZi9oTpOaeSQIO7r7BAPz4WrKpQb3ixrkxwhufbvJVbSzVFfHA3XTNE8CDQbDD04p79fxcfGwnT6Ws/QUSn0B0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1dRSu6Slvrkk7pJrDRYOgtegRWCzVNQ9C0u5FBOsnhk=; b=V+rahKtZiM37r6rPW5esEFNgM0SNncv0LmCz5dkgscH/XLPgcWWH4hefcI7oRFYehik2QN76oJ3QaZXVUIq2zuK3/v+kZ301+1l9xAbD3vFW2DxESzID0WyRzvre0702V7VLp/biJxA38+7WgSqdNiMw+0wJ6pSbNAJz+ClcpRoxHSCd0iumxawbY8nO1CDsMx+mfOYEK3aphhkZZR9BY5c5iIxlzV/C5otqPkiR69Tcts15qD6tLuFTPoQx5PviGTY9GB1nZRh7RVNoFhlc/qlkO3R90TayHpkyJBa50Q0N6atgor2TiGCMfMn0LviXUz7X4qCSTHqmGTe2IjN/7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1dRSu6Slvrkk7pJrDRYOgtegRWCzVNQ9C0u5FBOsnhk=; b=eXMhmYb5R3lgax5KvmRcdkm4SmyIUQCLaf2cjPkEjZKFfdGjzI7ZlOgvTCKyiPwzj/f19A4yttJVRUMs5lUT9dtJockYHrCuQbg8dtDSZB4Joj7prRg2UsMu5ENT58XHuKREvSpwWbW54gZ3XbHUNE1T4yBGMYAywrGeEgVOXms=
Received: from VI1P190MB0686.EURP190.PROD.OUTLOOK.COM (10.186.159.71) by VI1P190MB0717.EURP190.PROD.OUTLOOK.COM (10.186.157.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.21; Wed, 25 Sep 2019 14:18:04 +0000
Received: from VI1P190MB0686.EURP190.PROD.OUTLOOK.COM ([fe80::e061:7f73:a47f:2ad4]) by VI1P190MB0686.EURP190.PROD.OUTLOOK.COM ([fe80::e061:7f73:a47f:2ad4%2]) with mapi id 15.20.2284.023; Wed, 25 Sep 2019 14:18:04 +0000
From: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: comments on draft-birkholz-rats-architecture-02
Thread-Index: AQHVc6wLs8eXy3dKq0+sUkZ9OD7XJQ==
Date: Wed, 25 Sep 2019 14:18:03 +0000
Message-ID: <20190925141802.5kvcriaysbuw5dhi@anna.jacobs.jacobs-university.de>
Reply-To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: PR0P264CA0093.FRAP264.PROD.OUTLOOK.COM (2603:10a6:100:18::33) To VI1P190MB0686.EURP190.PROD.OUTLOOK.COM (2603:10a6:800:12e::7)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3264e798-6b08-4103-16ed-08d741c32dba
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1P190MB0717;
x-ms-traffictypediagnostic: VI1P190MB0717:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <VI1P190MB0717BB3F8168330D504001B3DE870@VI1P190MB0717.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01713B2841
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(396003)(136003)(366004)(39850400004)(189003)(199004)(478600001)(14454004)(66946007)(45776006)(316002)(786003)(5660300002)(25786009)(66556008)(64756008)(66446008)(66476007)(2501003)(52116002)(6506007)(386003)(8936002)(99286004)(8676002)(81166006)(81156014)(1730700003)(2906002)(2351001)(86362001)(3450700001)(6486002)(46003)(6512007)(71200400001)(71190400001)(1076003)(5640700003)(6436002)(6306002)(186003)(102836004)(43066004)(256004)(14444005)(6916009)(486006)(305945005)(476003)(7736002)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1P190MB0717; H:VI1P190MB0686.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7fKhVLi3pE+dhKhopTItcV6xKPWsbMJYK+wL89AWqBCI4FQtHuGU//No9ZGqkXCEjTxIzSlDgnrekqUzOqx1pxGT8B851TfD8fhUsl/DFXPRtWHii+5yD3UpcDoBBC8uRVAOWk8f8wZfLVyWZAL0/cNDZSPfPMt/tmZazfHg2RbEY2VP04FXQWGQF+ykgorisdv/1xGPsMQp6ZCwCQKz2+VTOqsK5ka7Urku4J//JV03FdHKGmJcjDyKPq/SV+IoWeG6oRJIu9EPnuPo4Bt8fE1logVidbL93ajArVfzFMPesbskXZgmlWdDG5hKZgiwrk7cQ2MiBT6pH8ck5Zr/jv4b4be4qtygA4LDsc0J+Kb6mWFSvuIUViG0I5wMiSict4QE7lHo6jgpfjt3t5GorltvD61r5fvnadZYOp5hXUKenlviKErLtDk5H8X7kdeJezDeJZ369hhC9Viv98pPsA==
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <FD42548B579AC242B28F67B048A71EAD@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 3264e798-6b08-4103-16ed-08d741c32dba
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Sep 2019 14:18:03.9734 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4A3w94BEwDbqzNW8z/QAreIh6/JUACmvwbfdiJEtoKGpySDX7grzfYFVlYqiCzPYuIV78lUqSD7li6HcOV3e5fg185VvLJ/ORirk61mstYU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P190MB0717
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/klJxIgIyj8AXwyS6CKdXf2rDE8I>
Subject: [Rats] comments on draft-birkholz-rats-architecture-02
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2019 14:18:10 -0000
Hi,
I am rather new here to please forgive my ignorance. I thought I start
by reading the architecture document. Some of my questions may just
show my ignorance but then this is what happens if you get fresh
reads...
- What is 'normative guidance'?
- Would it not make sense to also define the terms introduced in 1.1?
- Claims
- Evidence
- Known-Good-Values
- Endorsements
- Attestation Results
Perhaps section 1.1 should be folded into section 2 so that all
terminology is defined in one place. What about terms such as
- Attester
- Verifier
- Asserter
- Relying Party
- What are 'architectural constituents'?
- Separation:
A Computing Environment with the capability of remote attestation:
o is separate from other Attested Computing Environments (about
which attestation evidence is created), and
Does it always have to be separate? Is there an architectural
requirement for these to be separate?
- If you read this document for the first time, it is difficult to put
the various terms together in your head. Figure 1 helps but it comes
a bit late, it would help if it would be shown early. It would have
helped me if all key terms are defined upfront followed by a Figure
explaining relationships or interactions before the discussion of
details starts.
- Not sure this helps me understand things:
(e.g. Prinicipals that are Supply Chain Entities)
- What are Appraisals?
[...] Attestation Results are the output of appraisals.
There is text in 3.3 about appraisals that I do not understand. If
Attestation Results are the output of appraisals, then appraisals
are some form of a function. I thought that the Verifier is creating
appraisals based on the received Evidence and the received
Endorsements and that leads to Attestation Results, i.e., in a
functional writing style:
Verifier :: Known-Good-Values -> Endorsements -> Evidence -> Attestation Results
This is also how I understand the definition of Verifier in 4.3.1.
It seems appraisals are something internal to the logic of the
Verifier, i.e., they may be produced by the logic of the Verifier but
then the Attestation Results are really the output of the Verifier.
- Evidence
I understand that Evidence is a specific form of a claim. I am not
sure, though, what exactly turns a claim into Evidence.
o Evidence is provable Claims about a specific Computing Environment
made by an Attester.
What makes a claim a provable claim? Who is originating the claim
and who is originating the Evidence?
- Endorsements
It is not clear to me yet what the difference between Endorsements
and KGV really is.
- Security Considerations
RATS Evidence, Verifiable Assertions and Results SHOULD use formats
...
Should that be
RATS Evidence, Endorsements, Known-Good-Values, and Attestation
Results SHOULD use formats ...
to be consistent with terminology? The term 'Verifiable Assertions'
shows up here the for the first time...
[...] Nonce Claims often piggy-
back other information and can convey attestation semantics that are
of essence to RATS, e.g. the last four bytes of a challenge nonce
could be replaced by the IPv4 address-value of the Attester in its
response.
Despite wondering whether this is a good thing or a bad thing, I
wonder why this is in the security considerations of the
architecture document. The architecture does not define how Nonce
Claims look like, so why would it discuss specific issues about
Nonce Claims?
- Editorial
s/capabile/capable/
Singular/plural confusion in the following?
Likely, there are a set of Claims that is widely applicable across
most, if not all environments. Conversely, there are Claims that are
/js
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [Rats] comments on draft-birkholz-rats-architectu… Schönwälder
- Re: [Rats] comments on draft-birkholz-rats-archit… Hannes Tschofenig
- Re: [Rats] comments on draft-birkholz-rats-archit… Hannes Tschofenig
- Re: [Rats] comments on draft-birkholz-rats-archit… Henk Birkholz