[Rats] Re: Security considerations of remote attestation (RFC9334)
Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de> Fri, 15 November 2024 14:37 UTC
Return-Path: <muhammad_usama.sardar@tu-dresden.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAB24C1D4A93 for <rats@ietfa.amsl.com>; Fri, 15 Nov 2024 06:37:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=tu-dresden.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sHP3QycFFtXU for <rats@ietfa.amsl.com>; Fri, 15 Nov 2024 06:37:35 -0800 (PST)
Received: from mailout3.zih.tu-dresden.de (mailout3.zih.tu-dresden.de [141.30.67.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A754C1CAE9F for <rats@ietf.org>; Fri, 15 Nov 2024 06:37:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tu-dresden.de; s=dkim2022; h=In-Reply-To:From:References:CC:To:Subject: MIME-Version:Date:Message-ID:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=D3AItiCC7d22Fq0SBU9Q+RXt2KBX3h5JLkiB/6iw7PQ=; b=GPQasnoOnowNQOCBtRWJBOR2b8 p2c+SsRSYjy5SipsqQlmWnXwgOvTvfCUF4jDccaCU9uDrh3ZLTLHuoyfP2uwVvP/V5wX12xdxCxUS ilIy5mNc1SKMgc7iQd6qwsiZ/5kpnxxZu9TFNQ3owda/kzW2Qspq9eMARPnWJlst8NP0Wn6HHXHdG pXdpyHtacawSKF0CpH/cjzx0YtZ7q7yT8/4DrTFFim/+bxEdlvdiMwnFj+zV85IaPAC+o6Ur8UBFM QaB6Xj2CptQr9MviHZ3Q5jxHj6wj1O1lvHH+AQ5rwiboXHtKSLZAEaxTLw0xz1NELcSwbHrzQNG0+ U4pIMitQ==;
Received: from [172.26.35.111] (helo=msx.tu-dresden.de) by mailout3.zih.tu-dresden.de with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <muhammad_usama.sardar@tu-dresden.de>) id 1tBxRz-003Vgb-TB; Fri, 15 Nov 2024 15:37:32 +0100
Received: from msx-t422.msx.ad.zih.tu-dresden.de (172.26.35.139) by MSX-T311.msx.ad.zih.tu-dresden.de (172.26.35.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Fri, 15 Nov 2024 15:37:25 +0100
Received: from [192.168.1.2] (77.11.153.232) by msx-t422.msx.ad.zih.tu-dresden.de (172.26.35.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11; Fri, 15 Nov 2024 15:37:24 +0100
Content-Type: multipart/alternative; boundary="------------o1rPXPRwm0poKE78nNdZMU2o"
Message-ID: <c4648553-75e7-43dd-820a-cd01c6b61edf@tu-dresden.de>
Date: Fri, 15 Nov 2024 15:37:23 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: "lgl island-resort.com" <lgl@island-resort.com>
References: <4ffdd034-05ec-4565-9cad-b40ff82f83fc@tu-dresden.de> <CA+1=6yfZUNuy8gd2xj1eicL86qA5sq+=G8+4V9GT_3YffhuyfQ@mail.gmail.com> <AD3F6AC6-C112-4A7A-BBA4-8646CF277EED@island-resort.com> <2bed23f7-19bb-4c03-8ff8-58f12fb6a25a@tu-dresden.de> <6E00CCDE-4B56-4D81-B44B-4080170FFEDE@island-resort.com>
Content-Language: en-US
From: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
In-Reply-To: <6E00CCDE-4B56-4D81-B44B-4080170FFEDE@island-resort.com>
X-ClientProxiedBy: MSX-L316.msx.ad.zih.tu-dresden.de (172.26.34.116) To msx-t422.msx.ad.zih.tu-dresden.de (172.26.35.139)
X-TUD-Virus-Scanned: mailout3.zih.tu-dresden.de
Message-ID-Hash: IRCVZGETQTO6IERV5NPD6IPNQN66IOQS
X-Message-ID-Hash: IRCVZGETQTO6IERV5NPD6IPNQN66IOQS
X-MailFrom: muhammad_usama.sardar@tu-dresden.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-rats.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Thomas Fossati <thomas.fossati@linaro.org>, "rats@ietf.org" <rats@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Rats] Re: Security considerations of remote attestation (RFC9334)
List-Id: Remote ATtestation procedureS <rats.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/nsXcf5m22Eo7v5T31QGblVoOkpo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Owner: <mailto:rats-owner@ietf.org>
List-Post: <mailto:rats@ietf.org>
List-Subscribe: <mailto:rats-join@ietf.org>
List-Unsubscribe: <mailto:rats-leave@ietf.org>
Hi Laurence, On 14.11.24 19:45, lgl island-resort.com wrote: > Generally, I’m only hoping for some attention to be put on some of the > fundamentals that get less attention like key lifecycles. Certainly > not objecting to any work. Indeed, I misunderstood your previous email to mean that we should not work on these because they are pretty well-understood. Anyway, thanks for the clarification. > Maybe I’m missing something, but freshness doesn’t seem any different > for a TEE than any other environment. I feel that it is even less understood in TEEs - perhaps because of the complexity and the strict threat model. Additionally, the confidential computing hardware vendors as well as the framework developers either do not specify things at all or leave it underspecified. >>> Integrity and authenticity are pretty well understood too. >>> >> Disagree here as well and a couple of Pandora boxes for TEEs to get >> started: >> >> * For authenticity, we need identity. What exactly is the identity >> of the workload? >> * If the certificates tie the workload to a unique physical >> platform, how does the migration of workload work? >> > Agree that identity is not well understood. I wasn’t including that in > the “integrity and authenticity” frame when I made my comment. I'm > happy that we work on identify however we classify it. > To me, authenticity (or authentication) refers to the guarantee that Verifier communicates with the /intended/ Attester (as we defined in Sec. II.C.3 of [1]); and to distinguish intended Attester from other Attesters, we need to have some form of identity of Attester. Happy to know/discuss if WG interprets it differently. [1] https://www.researchgate.net/publication/375592777_Formal_Specification_and_Verification_of_Architecturally-defined_Attestation_Mechanisms_in_Arm_CCA_and_Intel_TDX > >>> How keys are stored in the device and how they are put into the >>> device is really important? Typically this is during manufacturing >>> and requires secure facilities. >>> >> Fully agree, and I think no vendor ever specified this. If anyone is >> aware of any spec, please point me to it. >> > Vendors may not share much here. From what I know it is often > proprietary. It may be in the realm of where physical and operational > security come into play. That doesn’t mean that we can’t have useful > things to say. Would be great to have your and WG insights added to the document, since I don't have much to add here. Regards, Usama
- [Rats] Security considerations of remote attestat… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Alexander Stein
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Jens Finkhäuser
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… junzhang
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Michael Richardson
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Giridhar Mandyam
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Giridhar Mandyam
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Michael Richardson
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Giridhar Mandyam
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… junzhang
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… junzhang
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Michael Richardson
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Thomas Fossati
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Carsten Bormann
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Carsten Bormann
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Panwei (William)
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Panwei (William)
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Laffey, Tom (HPE Aruba Networks)
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… John Kemp
- [Rats] Re: Security considerations of remote atte… Jens Finkhäuser
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… John Kemp
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Panwei (William)
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Giridhar Mandyam
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… lgl island-resort.com
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… John Kemp
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Dave Thaler
- [Rats] Re: Security considerations of remote atte… Dave Thaler
- [Rats] Re: Security considerations of remote atte… John Kemp
- [Rats] Re: Security considerations of remote atte… Kathleen Moriarty
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… Henk Birkholz
- [Rats] Re: Security considerations of remote atte… John Kemp
- [Rats] Re: Security considerations of remote atte… Michael Richardson
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar
- [Rats] Re: Security considerations of remote atte… Smith, Ned
- [Rats] Re: Security considerations of remote atte… Muhammad Usama Sardar