IETF Logo Mail Archive

Re: [Rats] Requesting a Nonce from a Verifier

"Smith, Ned" <ned.smith@intel.com> Wed, 28 February 2024 01:51 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C534C15152D for <rats@ietfa.amsl.com>; Tue, 27 Feb 2024 17:51:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=intel.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4PeTMqc148Bn for <rats@ietfa.amsl.com>; Tue, 27 Feb 2024 17:51:34 -0800 (PST)
Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7766FC14CE42 for <rats@ietf.org>; Tue, 27 Feb 2024 17:51:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1709085094; x=1740621094; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Rnn1TNUNfZZqeFPL/dgIR4nJ+amUcez7JPemnSnR9VQ=; b=Enp2rb7TdlN7NDvIPL6JHuPLPqJ4QqFEcmM+qiQpWISztqybajyApibb EWdw8Qq8j7i2CL1niPIPOIEj0NGLAQMlaSL1DIRk1um3nGCxM8mpKakaR luGOFC0Z0sR351kdLRcPX1C5Trn8xap32uMMc6Qq0T8CHC5oPfTbJqfpa JtjfsRGfKo9VmuCXPRdPnIRgAtMyAONX2iBUF7HKe//X+XsrL84X6pK1D 4y9IEl8+SJLfmMHhYLGQNZ4xNraIZBI5zcXQpgepAg+mZd/LWYRuqQRPT rVPRNn8QSL/FBrOJ3Bw2c0vtuxL9eEe3HjheQMcyWiIjZiqn58QTK3D3j Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10996"; a="14903933"
X-IronPort-AV: E=Sophos;i="6.06,189,1705392000"; d="scan'208,217";a="14903933"
Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2024 17:51:34 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.06,189,1705392000"; d="scan'208,217";a="7224254"
Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by fmviesa010.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 27 Feb 2024 17:51:33 -0800
Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 27 Feb 2024 17:51:32 -0800
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Tue, 27 Feb 2024 17:51:32 -0800
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Tue, 27 Feb 2024 17:51:32 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cFzkJt5u5dxfa3ZEuDYkcMjgBvGSVK7mp7EMnyZ64YBuI5lv1+vkHlk7Uh23xPQqdUJfsQK+Phu183XBOPwj5BskUoT7MOkQE07AIKSceqzYxRltovXwxV4Sa6tko69NIdJqQ1bbCjIanmLXjpC99NV/TPN54XkkHtuiJr6dH3xHDvz05ZaRiM2uQMPc6dajoVegGo4AABI5Dhnt/pczL7s+DKRJS+nBbyB3UJjp7cFV9KdeLaAaKMLFcL+rStTq4IvSQnOVMBmC2sksNG8+aznxCiRzrOERUqKL/SDvizdAFO9k1EN2slZhKPfY+caf3UNGSmJKIHA+Z74mr3KpQw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Rnn1TNUNfZZqeFPL/dgIR4nJ+amUcez7JPemnSnR9VQ=; b=HZDSh4sM78PrMZqb/sGSeRt8KpavzmV3Lm4Q40eNkvVkPAGouPRxtHzcH7DQAQ9K++IOwA//VaBXwmtezzNER4XQLmq6kG/pGiiTf8oAL/sLJLwfroCn+w5WUOKInYetoZ7kSzMOozOXMUZE0S/fD1AKqZpUoBwTN7v5Gp2Q4eeB0rQ1t0awn6nyApd4pcKf90vFRjNo10py7fe7ZgoyJr0ztpmeG3tcltCCti1JWRJF2dBIbOPzvv7Wcqny5Av6X4m4g+337mkcaeQn1GqSZbOCfNlaVzqPlfXqh3BGowmkDmXGfuLOQSJ6xI9U3f/QpVlfhy+S6ebF0R2G7kuyIw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by DM4PR11MB6551.namprd11.prod.outlook.com (2603:10b6:8:b9::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7339.25; Wed, 28 Feb 2024 01:51:27 +0000
Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::2747:3470:9f2b:b835]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::2747:3470:9f2b:b835%5]) with mapi id 15.20.7339.009; Wed, 28 Feb 2024 01:51:26 +0000
From: "Smith, Ned" <ned.smith@intel.com>
To: Orie Steele <orie@transmute.industries>
CC: Henk Birkholz <henk.birkholz@ietf.contact>, rats <rats@ietf.org>
Thread-Topic: [Rats] Requesting a Nonce from a Verifier
Thread-Index: Adpph2/sCzoh1slqSSKBshTevR+ZrgAArLOAACmMAQD//23iAIAAmZ6A
Date: Wed, 28 Feb 2024 01:51:26 +0000
Message-ID: <BDA046C7-F844-48EF-80CB-24926280F1E0@intel.com>
References: <02c501da6987$d2d64490$7882cdb0$@gmx.net> <ecf9ac86-82f2-80b7-160a-bdde42387ef0@ietf.contact> <2E3E84DF-F528-420D-BB70-B6E23FEE0978@intel.com> <CAN8C-_LO+J+gj3=RutGiyxzpvint3Jb40-OwEEraGht-1dhdBw@mail.gmail.com>
In-Reply-To: <CAN8C-_LO+J+gj3=RutGiyxzpvint3Jb40-OwEEraGht-1dhdBw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.82.24021813
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO1PR11MB5169:EE_|DM4PR11MB6551:EE_
x-ms-office365-filtering-correlation-id: e7b9fc51-8f05-4099-4355-08dc37ffc69f
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: m3vpTKHPXZDZxnznTOESPbJfOJFmoNIGsbi8wk4QvxYQmLJQ7SamIuDMYWbMdZ49DnnDTiptIsJatDlPNy7b0ZlujWH3LP0SkHw+ZiKgPtgfNzhFXAfp9OZOTog9UZMCzXAsZFbh2GFFfTQAhBgJRmBBWHSN6TLP3lZPH/FHzvkhPDq5+CCi25RsTNbk3tKeyG9bZxLc+leAPNxO0D4QB84dlpqDZNJEP+J1aidkrz+pjAl0imG8ry0ZwXk0pipj8r/9GVnu737xa1fjvY570PfgnoF2NlSblHFBS1x200D0tCOuYBQGTxAPq7kfKljWnJQK0iRaybOnLsFrp0Z9B5p1oFybqz0u0xD7gQPcFGSurpXXeegP36/yGzwVDk451r26Bw7xg+Wp6SBuWCRPgLeY1i9x2ANkvJhR+zw3q8avGthYxLLxtO4jNwJvbYqfPxKOjMwFQlIhX9p+mTKFC2KQc1GNWxkMP1Cva05UFrCnUEpYJYMOHwQBZCrA1+pLdJvfs3sNDuuVTT+W5kmQEVd31xHkdBUjUtW16QGGke/ZFF7UX7cv00jle/6TuNFmC3IQEBiM64Xgv3EeF0X1fLQvxOKBgq+f2HgvavMvDT2yNPCIeJT3+hGmT00ttkZ/FFK8k7GJOhC1qtDa/oL0hkdwQyDosNBUhu8Rsky8OJkgnW5W95m6Vg2RPEOMXy1aXUAub5xTLOZIiT/UHd3fMg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /4GRHsinWrj65gqNgro5J04Djk0R3dQLtVtQUu3ULauK37uHnrlRql+k1vq9gA8XwV8R7Tj0amHE3i7qbAm2FxRRAWe5Pp2NIQYnW8HtV6Uf/V56CWbKlfSgVG5tS+55xy+uyPlR7hnxPh9F4EV6npHgvu3mAuaY5gDLB/4P/l7kgAM0NYRR2VsIurmZsAMELPreXzGT1tLqBvyRATvLWvrPgYMPSFBWgkeBuyEDt8bGZiYQgo690ZtihoeepvoLGtIBd1whgPHOgbniD04SV8BKmij6BjqRR0Siew3aIKwMirTIMss27rRzQXBN34BOycwG14R6Ze28Qvs3xaQkJlazzjHjgbQtfZRP8KXRkUBQBb8NK1Dz2XW8itehQuHHBEbIFzapAJALzs3KUTYLYuCyDtmrKWi0EAh1K+Wuf+Vlua9FPepK0NnQv+RECQuXi386nkFCt1SZlsF0y6Zcr5vRVsyiWuRD5/DdZQNIIv3VexAlHRvQqY6xyxwJ3P+a7oYOOeZ89wz3dR6b5PlO5oeDQQTdsrH9LymO/VIu+zes7B9u6SL2kNHK4uV8SYaPvInGA78ELaKaVVHglj0jrb3vGi9l8XgSfR/Z86OvOy/8zK8wTTwGOcxMSyW9b1rUByjpj3x/WKt67w+1tqtwyfvrku4wfoLiqTDQWvx/AbAGIM/KSdy8qHLhnjSmuVxYoW2TI8bbADRToCWxmejTDn2a9lz3NkdvVWaVyavGzbtjijL4P/z24InRmiafRkjeRfS6o+5PktPzCH/p0W12WRFSOqWJbsGzSvhapWnVq1cvm2UszEfWg6GKiMpKanxZ8kqFe4UYNoEAnokEoTEHhtXaWxs+Lj66u0Azg3o8S3DBj23WJwB12FFkdHbtGD3b9oSVHh9hXWBxRHVq9/ks+E3kcXI3DoHw7NRxyVDtNCntyLvKHUAjrLNO+jgr5Li+Q8cgnT29gJFmrU4/sTPmbqgSp0SFGk5owleAVv/AAXZj+zGEecuQl+7GTyG2dD1k2rpqD0TG7FBzy8QDW91bRdkMTXF1HFz9eOBLITKV0Kb40QjhYOnV795rEyFmMAbxl0iWmsxkVzi83ZA6/a0TwdpMgx3qgVoBb+RXr05jBiWDthP6TS2aWLuL7bR2zhEKnybz7lqXxbn/QfeBxswElpHlHqsdVEHCAXTJdfBJAGEk+qmigEr6LGZEOt83A36qs2hpX2b60ZhyPDtPk620/KcV1A/mUmhMAGLQv4wEVDASCgLWFRjxiDjoCkSWx8EN59Y6t/PtSV1+TU2lp//+lDWolRVFBTXndarwN/ycQWSsS+bkzMozZukaxRnwas75bHxl8/vPDHcjzpbunQpci4l+LgYk4LERL3rKq7+1coGZBD+8quS0AgUiUWIKR41ugy1xyAkWCZa+++X7jkPtqbSV/nVDyhxaxA8zvUtmQaF2f8iiHRzPV7RcmeDEJOaeYu/o8dsg+BM9qTL35tJJgmK7eJUdNI2kR3ufrDZUPeVVNVLxgjLdvW0ytXfX5lXf6QHxsSe0O1Zxd14Eb+kbtesewz1Nb56tzyf4WjAzCwOracLdj00nitOfvGAgCu/Z/+cnvWESi+YxoUteKH5UVA==
Content-Type: multipart/alternative; boundary="_000_BDA046C7F84448EF80CB24926280F1E0intelcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e7b9fc51-8f05-4099-4355-08dc37ffc69f
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Feb 2024 01:51:26.8128 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pmD0mfgx1teLwTZFapVjZ7+TLgUA8v54MpwGueA5fHeMZWTn4aJ0S8vNzUqDhDSzw7IbHMgDZTldQJfn0rZ+Qw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB6551
X-OriginatorOrg: intel.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/o7IrKk4TsasbCLHglV0IMGPnyZs>
Subject: Re: [Rats] Requesting a Nonce from a Verifier
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2024 01:51:38 -0000

The way in which the interactions models I-D could add value to the I-Ds Orie mentions is it could describe the effect on recentness given Evidence collection could be triggered to re-collect recent evidence as a result of receiving the nonce. Of course there is an equivalent discussion where epoch markers are used.
-N

From: Orie Steele <orie@transmute.industries>
Date: Wednesday, February 28, 2024 at 10:42 AM
To: "Smith, Ned" <ned.smith@intel.com>
Cc: Henk Birkholz <henk.birkholz@ietf.contact>, rats <rats@ietf.org>
Subject: Re: [Rats] Requesting a Nonce from a Verifier

In the context of OAuth DPoP the same endpoint that requires proof of possession, can return a fresh nonce, in error messages, and there is also this draft:

https://datatracker.ietf.org/doc/draft-demarco-oauth-nonce-endpoint/

Which seeks to solve a similar challenge, without overloading an error response.

OS

On Tue, Feb 27, 2024, 7:24 PM Smith, Ned <ned.smith@intel.com<mailto:ned.smith@intel.com>> wrote:
Given 9334 outlines several possible ways to incorporate freshness and recentness and given the reference interaction models I-D provides patterns for exchanging information that should possibly include freshness and recentness considerations. And considering the WG charter biases the WG to focus on augmenting existing protocols over designing new ones, it seems Henk's suggestion to improve the reference interaction models I-D make sense.

If this thread is focused on an I-D that modifies an existing protocol with freshness and recentness, then would it make sense to use the interactions models I-D to work out the general principles for how freshness/recentness is achieved first. Then, can it be cited as background for other I-Ds that describe specific modifications for an existing protocol?

-Ned (not as chair)

On 2/27/24, 11:35 PM, "RATS on behalf of Henk Birkholz" <rats-bounces@ietf.org<mailto:rats-bounces@ietf.org> <mailto:rats-bounces@ietf.org<mailto:rats-bounces@ietf.org>> on behalf of henk.birkholz@ietf.cont <mailto:henk.birkholz@ietf.cont<mailto:henk.birkholz@ietf.cont>>act> wrote:


Hi Hannes,


I am in a weird TZ offset, so just a quick reply.


On 27.02.24 15:18, hannes.tschofenig=40gmx.net@dmarc.ietf.org<mailto:40gmx.net@dmarc.ietf.org> <mailto:40gmx.net@dmarc.ietf.org<mailto:40gmx.net@dmarc.ietf.org>> wrote:
> Hi all,
>
> Hendrik and I have been working on an update of the CMP/EST extensions,
> which allow an Attester to request a nonce via the Relying Party (in the
> background check model). This “nonce draft”, see
> draft-tschofenig-lamps-nonce-cmp-est, aims to provide freshness for the
> CSR attestation draft (see draft-ietf-lamps-csr-attestation).


Why focus on a nonce for a combination of recentness and freshness, when
you could also use an epoch marker?


>
> We have been wondering about the design of this protocol interface. At a
> minimum, the attester needs to indicate the length of the nonce being
> requested from the verifier.


Why? It can cut it short, the Verifier will understand? Are there
obvious security considerations that I am missing here? The nonce is
requested via an authenticated channel, I assum?


> EAT, however, supports also an array of
> nonces in the nonce claim. Should such a protocol interface allow a
> request for multiple nonces?


Sure, the you do not have to request a nonce for ever interaction and
the Verifier can keep track.


> Furthermore, the Attester may also need to
> provide information about the Verifier. This is necessary when there are
> many Verifiers in the system and not everyone of them might be able to
> successfully verify the Evidence. Should the request for a nonce also
> include information about the attestation technology supported by the
> attester?


Discovery of appropriate Verifier and "requesting nonces" (which kinda
is still shooting from the back into the eye) are different things. You
can compose both protocol action, but my initial reply would be:
Discovery, Feature negotiation, and then epoch marker requests are quite
different things.


>
> We thought that this type of foundational feature is described in detail
> in one of the RATS working group documents and the
> draft-ietf-rats-reference-interaction-models seemed like a good starting
> point for such details. Unfortunately, this document falls short in
> explaining these types of aspects because it is heavily focused on a
> specific TPM deployment.


That is bad. Please help us fix that.


>
> Has someone in the group thought about this aspect already or has
> otherwise gained experience with this aspect?


Requesting a nonce and therefore taking on the role of a challenger in
arequest/response interaction model to then get a nonce to provide a
solicited push of Evidence is bit of a flaky procedure, isn't it?


How do you assure that the recently received nonce is used to convey
fresh evidence? Is there a timeout? Can you cache it? (like with the
array of nonces). Why can't the Attester just trigger the Verifier to do
the challenge/response? That seems a bit more straight forward? Maybe I
am missing something very obvious here.


>
> Ciao
>
> Hannes
>
>


Viele Grüße,


Henk


> _______________________________________________
> RATS mailing list
> RATS@ietf.org<mailto:RATS@ietf.org> <mailto:RATS@ietf.org<mailto:RATS@ietf.org>>
> https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>


_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org> <mailto:RATS@ietf.org<mailto:RATS@ietf.org>>
https://www.ietf.org/mailman/listinfo/rats <https://www.ietf.org/mailman/listinfo/rats>



_______________________________________________
RATS mailing list
RATS@ietf.org<mailto:RATS@ietf.org>
https://www.ietf.org/mailman/listinfo/rats

v2.23.0 | Report a Bug | By Email