IETF Logo Mail Archive

Re: [Rats] New RATS Architecture document

Simon Frost <Simon.Frost@arm.com> Mon, 16 September 2019 17:08 UTC

Return-Path: <Simon.Frost@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FE70120883 for <rats@ietfa.amsl.com>; Mon, 16 Sep 2019 10:08:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=ahTOGjB0; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=P9V5v93V
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y92K2vQlmaiO for <rats@ietfa.amsl.com>; Mon, 16 Sep 2019 10:08:27 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60079.outbound.protection.outlook.com [40.107.6.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0CE1120870 for <rats@ietf.org>; Mon, 16 Sep 2019 10:08:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pNuns6spb2uJsZ4OXK9EQd58//HL7l37N4Py/vqoQm4=; b=ahTOGjB0elCV9OOhmcyMVkUP9TTLmxhfkg32vqCdFdim7SDJ9I/OZ+IxqlSgiyV7/qDVn+NPz5pFIxpbY45XyY0Eq0hqoC/eVe8nNM4NiAcm/RDHrhKGofYNIGOYBhAqZVZgqli5XWIoxcwF+G46yh1NBa30DV1Ukjc7t96m8Dc=
Received: from DB7PR08CA0051.eurprd08.prod.outlook.com (2603:10a6:10:26::28) by AM4PR0802MB2257.eurprd08.prod.outlook.com (2603:10a6:200:61::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17; Mon, 16 Sep 2019 17:08:20 +0000
Received: from AM5EUR03FT012.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::206) by DB7PR08CA0051.outlook.office365.com (2603:10a6:10:26::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.13 via Frontend Transport; Mon, 16 Sep 2019 17:08:20 +0000
Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=none action=none header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT012.mail.protection.outlook.com (10.152.16.161) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.14 via Frontend Transport; Mon, 16 Sep 2019 17:08:18 +0000
Received: ("Tessian outbound 55d20e99e8e2:v31"); Mon, 16 Sep 2019 17:08:18 +0000
X-CR-MTA-TID: 64aa7808
Received: from b85ea1ef39fc.1 (ip-172-16-0-2.eu-west-1.compute.internal [104.47.6.56]) by 64aa7808-outbound-1.mta.getcheckrecipient.com id 37A9B79F-51FD-4A81-BBA8-5FA5610E8650.1; Mon, 16 Sep 2019 17:08:13 +0000
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02lp2056.outbound.protection.outlook.com [104.47.6.56]) by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id b85ea1ef39fc.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 16 Sep 2019 17:08:13 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ftVWJNwrjFWfTRNTbfEhfBUvRa/shZ6q1DhsTTUS98i+EvFM87+bqkK7kysqjecY96cFf1029jIjGZqLPk97BTGd9lA+jOJ7HR6rBopdCHsIILQMnCKQY1pfr3fUNdzC7yPEDOiDj9uGofsznMqwrVuBYIUlRk+t3Br3FY0KUhhVy4l/nbHZAgmDqdU3Os8mDpskTwBUI3RjDX9NClqVfyZdTDxYg0YgH56qcP86+Djc2kcKjG7y36bSeG36ko4GkhdcVroJR1CLQcScj/S0ijFdjsY7o7cv3qs5V3D/McMaAGWZNL9nI+jekbBI1ziXTxVI0+HfQKg2dMYQDEmjqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xFJeMYNThQfYLa3nNvWh3+SKj4ZuRlpjrBxbzG1BEiQ=; b=Vu/IBkBCe4p/gGgolqm7A4RnKQ9m7TpLAwxoCvzMXpVbci0r/ObVulU1fMKDCLLHFBqltUMfRVQan/uR1b/hInMTw0Roa4ZzOf9CY/Ea+h7LcX3X9ZAY/yjhrjGxus+qt3uMOob4+nNHybdzVmuvYUOofUbP0A3MA405av0IjHSh31PjPLPIq+KfEsRpZkNpMfUnZFeMCvDA5hVeUcSupX/c5+Xk243PSq7kA56Sg57vwwxP4vwnpqlPfwZaQPcmP8iB6y5vSSPpxYYeZF6JUkVod7j589S9IT9PJoeAdqgeyaW0+8iadik2UIUGskKKsFCUBMW0VTSUQtWu+4c4Tw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xFJeMYNThQfYLa3nNvWh3+SKj4ZuRlpjrBxbzG1BEiQ=; b=P9V5v93V4oJ1bVao/Grep476VbDQmxWAtXLYKdBem2t4wxHwUz0wy7SE4xSSi/n+sa8pbLYfb963lKuzhj5QESZ7EKYH4IQdnRKd03VUb4DCIJ6Kh9q5riFaCfMVMxrPaPTVRIm+ewb4YB6L9vur+du+5nFvLGVzvurToUWVdqU=
Received: from DB7PR08MB3642.eurprd08.prod.outlook.com (20.177.120.148) by DB7PR08MB3259.eurprd08.prod.outlook.com (52.134.111.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.23; Mon, 16 Sep 2019 17:08:11 +0000
Received: from DB7PR08MB3642.eurprd08.prod.outlook.com ([fe80::cdbb:2b2d:aaa:d368]) by DB7PR08MB3642.eurprd08.prod.outlook.com ([fe80::cdbb:2b2d:aaa:d368%4]) with mapi id 15.20.2263.023; Mon, 16 Sep 2019 17:08:11 +0000
From: Simon Frost <Simon.Frost@arm.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] New RATS Architecture document
Thread-Index: AQHVZ/TUIlT3S2s5B0W/zk5nGK8uEqcujWFA
Date: Mon, 16 Sep 2019 17:08:11 +0000
Message-ID: <DB7PR08MB3642E058C598DFB92020CBB1EF8C0@DB7PR08MB3642.eurprd08.prod.outlook.com>
References: <471c785f-1cd8-62ff-431a-075ce9c35058@sit.fraunhofer.de>
In-Reply-To: <471c785f-1cd8-62ff-431a-075ce9c35058@sit.fraunhofer.de>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 05939956-a75a-4d61-95e4-b50732d2f49a.0
x-checkrecipientchecked: true
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Simon.Frost@arm.com;
x-originating-ip: [217.140.106.49]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 4e59b88d-39dc-479a-155e-08d73ac87886
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DB7PR08MB3259;
X-MS-TrafficTypeDiagnostic: DB7PR08MB3259:|AM4PR0802MB2257:
X-MS-Exchange-PUrlCount: 2
X-Microsoft-Antispam-PRVS: <AM4PR0802MB2257157BE6863DE83161970AEF8C0@AM4PR0802MB2257.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:9508;
x-forefront-prvs: 0162ACCC24
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(346002)(396003)(136003)(366004)(39860400002)(376002)(13464003)(189003)(199004)(53754006)(74316002)(7736002)(2501003)(71190400001)(229853002)(81156014)(81166006)(8936002)(71200400001)(256004)(8676002)(486006)(6436002)(33656002)(561944003)(478600001)(25786009)(966005)(14454004)(305945005)(86362001)(99286004)(6306002)(9686003)(14444005)(66066001)(446003)(110136005)(55016002)(66946007)(66556008)(64756008)(66446008)(66476007)(76116006)(52536014)(6116002)(3846002)(7696005)(53936002)(5660300002)(76176011)(186003)(11346002)(26005)(53546011)(6506007)(2906002)(102836004)(476003)(6246003)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB7PR08MB3259; H:DB7PR08MB3642.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: gB87mLvk9Ou+fFpScuBZdOFUCDVmk9yXheD8O8SHIDQg1PLpyp5+Qb5megSXdjy9Uld60n3valcVNaly3y5TZhSFEJ/mafdJ2DRtgQ+53tVJUFSc6/qFxVcSG4nSlBK/7ju/2I99qfs2dUA1UCY1Ppztivbj6qXQoz0qxPkF8jl6rZ8Rk7Z7FSmSHkuXeZlDCc+5VckSkxfp9+tGdYktCvsQVQY6Q31w9Xbj1pjy4fpIPadv2wrcwStXagarXdH2PQFc8PUxzW9r+NWkYmGSgvRKkZCz8wF1IyDUINpu61Ihd8BYLv2TJMh8M25/BJzlXD1lTdgl16knTyjhBLn38LezKvssIuhWIT9s5Yb3TpvUUOxqW3d/45sVsd16EvWkYNWhjf9pvisSug2creZaHlpxrKvifFslQifVbEQFRE0=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB3259
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Simon.Frost@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT012.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(39860400002)(136003)(396003)(53754006)(199004)(189003)(40434004)(13464003)(22756006)(53546011)(14444005)(5024004)(305945005)(8936002)(63350400001)(50466002)(436003)(476003)(36906005)(316002)(70586007)(33656002)(70206006)(76130400001)(14454004)(52536014)(110136005)(478600001)(86362001)(5660300002)(11346002)(561944003)(26826003)(966005)(446003)(66066001)(25786009)(47776003)(2501003)(7736002)(102836004)(2486003)(76176011)(3846002)(6116002)(6506007)(26005)(8676002)(81166006)(81156014)(126002)(336012)(74316002)(6246003)(9686003)(229853002)(186003)(55016002)(23676004)(99286004)(6306002)(356004)(7696005)(2906002)(486006); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0802MB2257; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:TempError; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 47bd330b-c2dd-42f4-7e34-08d73ac8747c
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(710020)(711020)(4605104)(1401327)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:AM4PR0802MB2257;
X-Forefront-PRVS: 0162ACCC24
X-Microsoft-Antispam-Message-Info: P7o2zBppWIFTBoQ6J/iUXsYHSzPOHE7HtHunRVEZm0E3qBAyngX6kxaAPvAvxcsOa7Paip49CE0uEDbiZLrUZOjjb7KNmchyJcpUPZR0fq1PhT5PR337zsUTbuZvmDDrkB+iWB+0ZQWvFHTED92uam68eYGJRV0zFl6W5RynpyfLtXd7WEz6VBlFppHv0JgefJfczLo1pgS+lBuVMxPpgLFUfxb6m2mVuLQENiZNSXbNuA4yV2QnzCab2z9av2ZssxQq4ZI6iuMyZJl93kwwoJOeeHzy9+GFY3uTPASig01EXMaf0TCIR8qdo9niys+FOjgEATbax5hOIdERVsmTrRFDVi1m9fssc2h0UnqQJUcvd4eF33iT4A//vCcsTvwCy0oNWPnbnT+o4dQN7bWlptJjjgWzCMO9LwycUWqQlxk=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2019 17:08:18.5577 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 4e59b88d-39dc-479a-155e-08d73ac87886
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0802MB2257
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/mZYSW1fWfBNa5-g6iLRqvQkuk1g>
Subject: Re: [Rats] New RATS Architecture document
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Sep 2019 17:08:31 -0000

At a first pass through this, I'm concerned that the interaction model (Fig 1 etc) has been restricted to a single pattern, the 'passport' model to use the terminology from the TEEP/RATS  slides. I don't recall this restriction being discussed. Also allowing the 'background check' model allows the relying party to have much greater flexibility on selecting an appropriate verifier. While the origins of Attester and Known Good Values are going to have close alignment, multiple verifiers may exist. A relying party may choose an alternative verifier based upon the approach to appraisal, to the form that the attestation results are presented or due to business model.

Thanks
Simon

-----Original Message-----
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Sent: 10 September 2019 14:13
To: rats@ietf.org
Subject: [Rats] New RATS Architecture document

Hi all,

we created a fully revised architecture document that maps and represents the state of the current discussion and the material presented at the last IETF meeting.

The current Editor's version can be found here:

> https://ietf-rats.github.io/draft-birkholz-rats-architecture/draft-bir
> kholz-rats-architecture.html

We will submit a new version the day after the RATS virtual interim.

TL;DR
Below you can find a list of essential changes & a list of action items still to be addressed.


This version of the RATS Architecture document:

* does not define or uses the terms "root(s) of trust" (RoT) or "Trust
Anchor" (TA) at the moment. (Note: It is a fact that the Asserter Role
_is_ a TA for the Verifier Role and that an Attester Role _could_ rely
on RoTs. But - this content will not go into the main body of this
document),

* does define RATS Roles, Messages, and Principals formerly known as
"Actors" (borrowing heavily from ABLP),

* provides an even more "base" interaction model diagram for the RATS
Roles than presented in the last IETF meeting slide deck:

> https://datatracker.ietf.org/meeting/105/materials/slides-105-rats-sessb-rats-architecture-interaction-model-challange-response-yang-module-information-module-00.pdf

* introduces a framework for "level of confidence" in the
trustworthiness of an Attester and the endorsement of the protection
characteristics of its "Attesting Computing Context", allowing for other
entities to use this framework and fill it with, e.g., openly defined
levels of confidence metrics,

* is not based on the primitive of "trust" but the concept of
"trustworthiness" as illustrated by the RATS charter,

* simplifies the definitions of Attester and Verifier that seemed to
have caused some unfortunate confusion following the proposal of Giri
and starting with commonly-accepted definitions and then justify why
they may need to be modified,

* differentiates between the Attesting Computing Environment and the
Attested Computing Environment better, which both are components of an
Attester,

* uses the "Claim" concept as a building block to compose Evidence,
Known-Good-Values and Endorsements. Conversely, the "Assertion" concept
is dropped in this proposal (as initially suggested by Laurence, IIRC?).
(Note: this was done to simplify the discussion about the information
model. Please also note: Due to the {J|C}WT definition of "Claim", a
key/value pair is implied, which is already a data model decision and
not mandated by an information model), and

* analogously, now uses the term Known-Good-Values instead of
Attestation Assertions.


For future versions the authors intent:

* to elaborate on the use of RATS Principals, including more exemplary
diagrams of RATS Role composition and interaction between RATS
Principals based on the use case document (and by that address a unified
mapping to TEEP, RIV, and models that use EAT),

* to shift some of the focus on technical-trust as proposed by Thomas.
(the Endorsements provided by an Asserter are a first step into that
direction),

* still not to define the roots of trust terms nor invent new words for
them :) But - start to reference them on a minimal level and define a
base set of primitives they can provide in order to describe what they
actually are and can do in the context of RATS as proposed by Ira, Simon
and Thomas,

* to introduce and define a concise scope for layered attestation,
addressing, e.g., the staging of Computing Environments and the
(un-)availability of an Attesting Computing Environment at certain
points of time, or, another example given, addressing the
differentiation of an attested boot sequence of an Attester and an
Attester running TEEs or rich systems for years,

* to address the change of Roles of a Principal over time as proposed by
Ian,

* to move the remaining architectural sections in the EAT draft into the
RATS Architecture draft, and

* to shift some of the focus on the out-of-band trust establishment in
order to illustrate a coherent RATS ecosystem (e.g. the provisioning of
key material is not include in the "base diagram" anymore for now - this
will be more elaborated on in future section of the architecture).


Viele Grüße,

Henk







IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email