[Rats] comments on draft-birkholz-rats-architecture-02
Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Wed, 25 September 2019 14:18 UTC
Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F40A12006F for <rats@ietfa.amsl.com>; Wed, 25 Sep 2019 07:18:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0rWdraAvTncC for <rats@ietfa.amsl.com>; Wed, 25 Sep 2019 07:18:06 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-db5eur03on060a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0a::60a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F10B6120048 for <rats@ietf.org>; Wed, 25 Sep 2019 07:18:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XRhWTDWDDAbMgtQHG2LR+sRDyL1EQAIb8E2BWT/6OG9qjihC5zf1tcESreNc89AH0gxMBNVnPCJrDHmiJu96oMIc908sNJvHE5FT9KxDFF16FMxTykMDbW4LKV2P+jHrkaRZSdaLe3i1/3NFXZ+Vl/k0DE2OtDPGoaNio+xHDm9Doez/BpN3kIsOw7ze9lXd3DlGI8fR9jCZGw+qIWQVgkmJBOoBAzWhbeOqLGDuuIMA2nhI6dQg+MyTcC/YaUDqZi9oTpOaeSQIO7r7BAPz4WrKpQb3ixrkxwhufbvJVbSzVFfHA3XTNE8CDQbDD04p79fxcfGwnT6Ws/QUSn0B0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1dRSu6Slvrkk7pJrDRYOgtegRWCzVNQ9C0u5FBOsnhk=; b=V+rahKtZiM37r6rPW5esEFNgM0SNncv0LmCz5dkgscH/XLPgcWWH4hefcI7oRFYehik2QN76oJ3QaZXVUIq2zuK3/v+kZ301+1l9xAbD3vFW2DxESzID0WyRzvre0702V7VLp/biJxA38+7WgSqdNiMw+0wJ6pSbNAJz+ClcpRoxHSCd0iumxawbY8nO1CDsMx+mfOYEK3aphhkZZR9BY5c5iIxlzV/C5otqPkiR69Tcts15qD6tLuFTPoQx5PviGTY9GB1nZRh7RVNoFhlc/qlkO3R90TayHpkyJBa50Q0N6atgor2TiGCMfMn0LviXUz7X4qCSTHqmGTe2IjN/7A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1dRSu6Slvrkk7pJrDRYOgtegRWCzVNQ9C0u5FBOsnhk=; b=eXMhmYb5R3lgax5KvmRcdkm4SmyIUQCLaf2cjPkEjZKFfdGjzI7ZlOgvTCKyiPwzj/f19A4yttJVRUMs5lUT9dtJockYHrCuQbg8dtDSZB4Joj7prRg2UsMu5ENT58XHuKREvSpwWbW54gZ3XbHUNE1T4yBGMYAywrGeEgVOXms=
Received: from VI1P190MB0686.EURP190.PROD.OUTLOOK.COM (10.186.159.71) by VI1P190MB0717.EURP190.PROD.OUTLOOK.COM (10.186.157.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.21; Wed, 25 Sep 2019 14:18:04 +0000
Received: from VI1P190MB0686.EURP190.PROD.OUTLOOK.COM ([fe80::e061:7f73:a47f:2ad4]) by VI1P190MB0686.EURP190.PROD.OUTLOOK.COM ([fe80::e061:7f73:a47f:2ad4%2]) with mapi id 15.20.2284.023; Wed, 25 Sep 2019 14:18:04 +0000
From: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: comments on draft-birkholz-rats-architecture-02
Thread-Index: AQHVc6wLs8eXy3dKq0+sUkZ9OD7XJQ==
Date: Wed, 25 Sep 2019 14:18:03 +0000
Message-ID: <20190925141802.5kvcriaysbuw5dhi@anna.jacobs.jacobs-university.de>
Reply-To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: PR0P264CA0093.FRAP264.PROD.OUTLOOK.COM (2603:10a6:100:18::33) To VI1P190MB0686.EURP190.PROD.OUTLOOK.COM (2603:10a6:800:12e::7)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3264e798-6b08-4103-16ed-08d741c32dba
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1P190MB0717;
x-ms-traffictypediagnostic: VI1P190MB0717:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <VI1P190MB0717BB3F8168330D504001B3DE870@VI1P190MB0717.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01713B2841
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(396003)(136003)(366004)(39850400004)(189003)(199004)(478600001)(14454004)(66946007)(45776006)(316002)(786003)(5660300002)(25786009)(66556008)(64756008)(66446008)(66476007)(2501003)(52116002)(6506007)(386003)(8936002)(99286004)(8676002)(81166006)(81156014)(1730700003)(2906002)(2351001)(86362001)(3450700001)(6486002)(46003)(6512007)(71200400001)(71190400001)(1076003)(5640700003)(6436002)(6306002)(186003)(102836004)(43066004)(256004)(14444005)(6916009)(486006)(305945005)(476003)(7736002)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1P190MB0717; H:VI1P190MB0686.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7fKhVLi3pE+dhKhopTItcV6xKPWsbMJYK+wL89AWqBCI4FQtHuGU//No9ZGqkXCEjTxIzSlDgnrekqUzOqx1pxGT8B851TfD8fhUsl/DFXPRtWHii+5yD3UpcDoBBC8uRVAOWk8f8wZfLVyWZAL0/cNDZSPfPMt/tmZazfHg2RbEY2VP04FXQWGQF+ykgorisdv/1xGPsMQp6ZCwCQKz2+VTOqsK5ka7Urku4J//JV03FdHKGmJcjDyKPq/SV+IoWeG6oRJIu9EPnuPo4Bt8fE1logVidbL93ajArVfzFMPesbskXZgmlWdDG5hKZgiwrk7cQ2MiBT6pH8ck5Zr/jv4b4be4qtygA4LDsc0J+Kb6mWFSvuIUViG0I5wMiSict4QE7lHo6jgpfjt3t5GorltvD61r5fvnadZYOp5hXUKenlviKErLtDk5H8X7kdeJezDeJZ369hhC9Viv98pPsA==
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <FD42548B579AC242B28F67B048A71EAD@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 3264e798-6b08-4103-16ed-08d741c32dba
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Sep 2019 14:18:03.9734 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4A3w94BEwDbqzNW8z/QAreIh6/JUACmvwbfdiJEtoKGpySDX7grzfYFVlYqiCzPYuIV78lUqSD7li6HcOV3e5fg185VvLJ/ORirk61mstYU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P190MB0717
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/klJxIgIyj8AXwyS6CKdXf2rDE8I>
Subject: [Rats] comments on draft-birkholz-rats-architecture-02
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2019 14:18:10 -0000
Hi, I am rather new here to please forgive my ignorance. I thought I start by reading the architecture document. Some of my questions may just show my ignorance but then this is what happens if you get fresh reads... - What is 'normative guidance'? - Would it not make sense to also define the terms introduced in 1.1? - Claims - Evidence - Known-Good-Values - Endorsements - Attestation Results Perhaps section 1.1 should be folded into section 2 so that all terminology is defined in one place. What about terms such as - Attester - Verifier - Asserter - Relying Party - What are 'architectural constituents'? - Separation: A Computing Environment with the capability of remote attestation: o is separate from other Attested Computing Environments (about which attestation evidence is created), and Does it always have to be separate? Is there an architectural requirement for these to be separate? - If you read this document for the first time, it is difficult to put the various terms together in your head. Figure 1 helps but it comes a bit late, it would help if it would be shown early. It would have helped me if all key terms are defined upfront followed by a Figure explaining relationships or interactions before the discussion of details starts. - Not sure this helps me understand things: (e.g. Prinicipals that are Supply Chain Entities) - What are Appraisals? [...] Attestation Results are the output of appraisals. There is text in 3.3 about appraisals that I do not understand. If Attestation Results are the output of appraisals, then appraisals are some form of a function. I thought that the Verifier is creating appraisals based on the received Evidence and the received Endorsements and that leads to Attestation Results, i.e., in a functional writing style: Verifier :: Known-Good-Values -> Endorsements -> Evidence -> Attestation Results This is also how I understand the definition of Verifier in 4.3.1. It seems appraisals are something internal to the logic of the Verifier, i.e., they may be produced by the logic of the Verifier but then the Attestation Results are really the output of the Verifier. - Evidence I understand that Evidence is a specific form of a claim. I am not sure, though, what exactly turns a claim into Evidence. o Evidence is provable Claims about a specific Computing Environment made by an Attester. What makes a claim a provable claim? Who is originating the claim and who is originating the Evidence? - Endorsements It is not clear to me yet what the difference between Endorsements and KGV really is. - Security Considerations RATS Evidence, Verifiable Assertions and Results SHOULD use formats ... Should that be RATS Evidence, Endorsements, Known-Good-Values, and Attestation Results SHOULD use formats ... to be consistent with terminology? The term 'Verifiable Assertions' shows up here the for the first time... [...] Nonce Claims often piggy- back other information and can convey attestation semantics that are of essence to RATS, e.g. the last four bytes of a challenge nonce could be replaced by the IPv4 address-value of the Attester in its response. Despite wondering whether this is a good thing or a bad thing, I wonder why this is in the security considerations of the architecture document. The architecture does not define how Nonce Claims look like, so why would it discuss specific issues about Nonce Claims? - Editorial s/capabile/capable/ Singular/plural confusion in the following? Likely, there are a set of Claims that is widely applicable across most, if not all environments. Conversely, there are Claims that are /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [Rats] comments on draft-birkholz-rats-architectu… Schönwälder
- Re: [Rats] comments on draft-birkholz-rats-archit… Hannes Tschofenig
- Re: [Rats] comments on draft-birkholz-rats-archit… Hannes Tschofenig
- Re: [Rats] comments on draft-birkholz-rats-archit… Henk Birkholz