Re: [Rats] Questions about Horn Clauses and CORIM
Dionna Amalie Glaze <dionnaglaze@google.com> Wed, 10 April 2024 15:41 UTC
Return-Path: <dionnaglaze@google.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5038C14F6F6 for <rats@ietfa.amsl.com>; Wed, 10 Apr 2024 08:41:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -22.6
X-Spam-Level:
X-Spam-Status: No, score=-22.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ju1fwWY3TzbW for <rats@ietfa.amsl.com>; Wed, 10 Apr 2024 08:40:59 -0700 (PDT)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B335C14F6B7 for <rats@ietf.org>; Wed, 10 Apr 2024 08:40:59 -0700 (PDT)
Received: by mail-ed1-x52f.google.com with SMTP id 4fb4d7f45d1cf-56fd95160e5so7349a12.0 for <rats@ietf.org>; Wed, 10 Apr 2024 08:40:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1712763657; x=1713368457; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=fL/rt/5Lcm+BMVFw25MIAEDWEjxrn7WYmNa671fa5Cs=; b=R7vGeAbvKcwOAtt0T9DLq6pYH5GzD/YYzIndq/K4Qn0OMavatEJt4wmrC49QQILj+h pM2jStQ7dfB+EQV9suyZNFbzY7RJ5U+5mZPlYp/4iyfrKsRJFP7+3YJKMcuV6oGm6uCl ZyvY4aoW16qpq6EXprHLw3GkehwNGn5sQBffXer2rr/2jqqqEIa2dp9GoR/pOxclraPV aSVYfW5K+wXTFBvMsXi8xeX9hJ+xouDycxezOeirb3SsQxyWnbyTas97TXNXynGUwgnU cPWpuG5pDQSzdqOISXQLNz29JMNrRBxqGEJGRohHVbKSX0z7QS9SVS2Dg9YIGJl7qtb7 xuoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712763657; x=1713368457; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fL/rt/5Lcm+BMVFw25MIAEDWEjxrn7WYmNa671fa5Cs=; b=JuTt5ku+cChliVEq4DgmFeXmLbhlqHOngfgwBnB9TxNw/XNHoLafHKyvoAKTprxKyZ EYFnBkQPVOD/BuTCnkYlS2Oy8ehU3QOYj3Sp4LWWDhNKoFnQUOw8gpaubydhgNzo2K9l zVXACC6vXW2wHlITfXBJgO+gAFBfDid777gyvNnSreZe/hXyV7UspRCrqlCf/Wi7+u/0 aXVHt/SeyJN0Vv9aPGOi0Fe0Y3SNjlgtuFItPftN+3DC0pUwZND6/0/M87nV0GzOMeYe hFlApDbEdvOqnhlFMdJ1twKLcqFhFqzv+p8nnR9srDNx8vXj0fcRIX6h4iikk0JA3Dw8 QxcQ==
X-Forwarded-Encrypted: i=1; AJvYcCX2dXaDT2DsGVmpYcrv+I8W1tI5bsSRsL1WOdz+W5NQmP7Xen7v/ZFyiCUK9WfKOMhtldbYfvyJkGbDxfhq
X-Gm-Message-State: AOJu0Yx2CeCG3nw9XMqQIGloIMpGSS646fXPayMwePRPxkp7l+9/bdnH UbH0UbiGvuKyooEDQzkz+OGZf1EE/iA6esDd9w3SimJlGjDo4OU0srjjbSHAjnRjKcyijc6+KzW pA65tOqU98Tz9ZBj4ypUaOPrP6r+Q+pJenetd
X-Google-Smtp-Source: AGHT+IF/p5OwMAXDC+ZginynJot/HSp8Be5fOvdVQCaIhkzlFfjd3mpx9gzNyX5QfHgb3eAvcmD5pzbYMxt0prnADjs=
X-Received: by 2002:a05:6402:206a:b0:56f:ce8c:dca4 with SMTP id bd10-20020a056402206a00b0056fce8cdca4mr109888edb.5.1712763656435; Wed, 10 Apr 2024 08:40:56 -0700 (PDT)
MIME-Version: 1.0
References: <625ef0f6-486e-4584-911d-f0d514585e9c@tu-dresden.de>
In-Reply-To: <625ef0f6-486e-4584-911d-f0d514585e9c@tu-dresden.de>
From: Dionna Amalie Glaze <dionnaglaze@google.com>
Date: Wed, 10 Apr 2024 08:40:36 -0700
Message-ID: <CAAH4kHbc4jnJihye6pnkdWwF65E6-gQ=DYXg+q4mEhrM5cKAtg@mail.gmail.com>
To: Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de>
Cc: Thomas Fossati <thomas.fossati@linaro.org>, rats <rats@ietf.org>, "Draper, Andrew" <andrew.draper@intel.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/qwPBmmKMiofu12X6dHX_DrYFnRQ>
Subject: Re: [Rats] Questions about Horn Clauses and CORIM
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 15:41:04 -0000
+rats On Wed, Apr 10, 2024 at 6:11 AM Muhammad Usama Sardar <muhammad_usama.sardar@tu-dresden.de> wrote: > > Hi Dionna, > > I hope you are doing well. We missed you at the EuroProofNet event. Hope we can meet at some future conferences. > > At the IETF 119, Ned presented the "Horn Scalability Clauses" which I believe is actually "Scalability of Horn Clauses" but the question is where do Horn Clauses come from. I was informed that Ned is currently on sabbatical until end of April. You seem to be the next most knowledgeable person on the topic. So in the mean time, I was wondering if you have answers to some preliminary questions: > > * How are "Horn clauses" relevant to the CoRIM draft? I don't fully > understand the link of the CoRIM draft to Horn clauses. Let's say we have a Verifier that has access to a database of supply chain-provided CoRIM documents. Some of these documents include conditional endorsement triples. The antecedents are stateful environment maps, so there are specific claims that need to be present in order to introduce the consequents into the accepted claim set. [E, x0 ^ .... ^ xn] => [E, y0 ^ ... ^ ym] [E, y1 ^ y3] => [E, z0 ^ ... ^ zk] When this is your model, and you need to match your current accepted claim set against a database of conditionals, is horn clause resolution. You can match, extend, match more, extend more, etc. (aside, which is a limitation of the current draft) Accepted claim sets are only with respect to the profile under which the claims are made, otherwise vendor-specific indices get misinterpreted, or digests apply to the wrong context, etc. This makes it particularly difficult to say that your environment or component of your environment has been tested against a particular test suite, as those would be different profiles–one about your test suite claims, and one about reference values for the attester's form of evidence. When what is known is for profile X (measured value Y authorized by Z) can't be used in antecedents for profile W (reference value Y passed test suite U), it's unclear how we can bind X/Y meaning in the W/Y antecedent with the current spec. Binding scope is hard. > * How are the Horn clauses generated? CoRIM issuers create conditional endorsement triples. > * What are the assumptions/facts? Stateful environment maps, which are environments plus claims that need to be known about those environments. > * Which rule engine do you plan to use to analyze the Horn clauses? > I don't have any such rule engine in mind, since our use case does not depend on such a complicated mechanism. I think Andrew Draper has the endorsement use case. Veraison has its own boolean constraint propagation system that I haven't inspected myself. > Thanks in advance, > > Usama -- -Dionna Glaze, PhD, CISSP (she/her)
- Re: [Rats] Questions about Horn Clauses and CORIM Dionna Amalie Glaze