[Rats] review of draft-birkholz-rats-uccs-02
Thomas Fossati <Thomas.Fossati@arm.com> Tue, 16 March 2021 00:59 UTC
Return-Path: <Thomas.Fossati@arm.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E788F3A14F6; Mon, 15 Mar 2021 17:59:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=jQqUE0Ul; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=jQqUE0Ul
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6lNXgFdALbyN; Mon, 15 Mar 2021 17:59:17 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2083.outbound.protection.outlook.com [40.107.21.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0613F3A14F5; Mon, 15 Mar 2021 17:59:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O8YMTntOdl/KwUYDmOafwttJnuC5d7nTsBpBgvWLJd8=; b=jQqUE0UlANP9cswZ5nqNBBlhsSodoWVSodQzVBenJDLk3mfyk+trR4UHRy37Y587tmygTBXbe5Jeq+9aA2b9CzTxU09uFpa8mh4seLuxS/4qvivXXgw1T9aVAR1Tdo1GnekAqnorEC+zXH+rummOj+OgRKS2Beu0gjbXDkw0/3E=
Received: from MR2P264CA0025.FRAP264.PROD.OUTLOOK.COM (2603:10a6:500::13) by AM0PR08MB4547.eurprd08.prod.outlook.com (2603:10a6:208:140::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.32; Tue, 16 Mar 2021 00:59:10 +0000
Received: from VE1EUR03FT021.eop-EUR03.prod.protection.outlook.com (2603:10a6:500:0:cafe::1e) by MR2P264CA0025.outlook.office365.com (2603:10a6:500::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.31 via Frontend Transport; Tue, 16 Mar 2021 00:59:10 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=pass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT021.mail.protection.outlook.com (10.152.18.117) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.31 via Frontend Transport; Tue, 16 Mar 2021 00:59:09 +0000
Received: ("Tessian outbound 3151b67811f0:v87"); Tue, 16 Mar 2021 00:59:09 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 3a0017cd6f86201a
X-CR-MTA-TID: 64aa7808
Received: from b6bd4903ee2e.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 5677C337-58A4-4D89-9B32-FE9C45CD5FFB.1; Tue, 16 Mar 2021 00:58:58 +0000
Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id b6bd4903ee2e.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 16 Mar 2021 00:58:58 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GWvSDFwL+/UF9ttieqphSCo6CzHDXPnhWgy7fzxiktv0uYPerBNV6M9WhvCK9/QypoVAga7v5/5VDeHfmmLxZshQNZQ54Da0RICyLSEaYQmvjK8TXJ76ZaWFnnfh4PCKEJNPOqBsVSZol4y99KCJYtyI7ayZZJ9dqHhlThXzZblAMejjLJN98NyZMALPCQBkVYU7won3Dy1rdKYFdli0DquuK3GQRbn1ZR/l7k06rjg2Ku8GhXTToC9NCei8kldS2jx9pPjaolYRgZGgec2wNw0xUetUGiD/booTEFfExZZm2Y0XL8iEQ7C/SZ1WwsJ0WXsD2bK6zxeOt1XKFHipNg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O8YMTntOdl/KwUYDmOafwttJnuC5d7nTsBpBgvWLJd8=; b=CcmbPReM8HooDFN9sBMowrvmAAOvS1GuSA2sUvIe48IuMNb/Mkm9q9VoQB7LJpcvQgkT/r1liRioz+hIgNFe0oxH7Ro4rTnwL/YvkF2CsoKKDmcph30d8cJENN6/JXO4qlSoFx+mi2TJT3LIA86DqyziQu9yv1jEsMAxZEMWDdZ/AgXoT2UAG9WPYOQF5KKoTw11uh1xS1fUctYvvuunitxbyPfz3CnvvEjOSvHO4R544uVFuVR8/VhCoaFur2zDTvnFku8I+wg5Hq6BYwkusm7jCyIB3FxSe0a7eTrIvW2W0PdB82sxXqd1GEQe3mylL+s/QBe3eOZVlxsFtPNfLQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O8YMTntOdl/KwUYDmOafwttJnuC5d7nTsBpBgvWLJd8=; b=jQqUE0UlANP9cswZ5nqNBBlhsSodoWVSodQzVBenJDLk3mfyk+trR4UHRy37Y587tmygTBXbe5Jeq+9aA2b9CzTxU09uFpa8mh4seLuxS/4qvivXXgw1T9aVAR1Tdo1GnekAqnorEC+zXH+rummOj+OgRKS2Beu0gjbXDkw0/3E=
Received: from DB9PR08MB6524.eurprd08.prod.outlook.com (2603:10a6:10:251::8) by DBBPR08MB4743.eurprd08.prod.outlook.com (2603:10a6:10:d9::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.32; Tue, 16 Mar 2021 00:58:56 +0000
Received: from DB9PR08MB6524.eurprd08.prod.outlook.com ([fe80::1f5:375c:310f:7df5]) by DB9PR08MB6524.eurprd08.prod.outlook.com ([fe80::1f5:375c:310f:7df5%4]) with mapi id 15.20.3933.032; Tue, 16 Mar 2021 00:58:56 +0000
From: Thomas Fossati <Thomas.Fossati@arm.com>
To: "draft-birkholz-rats-uccs.authors@ietf.org" <draft-birkholz-rats-uccs.authors@ietf.org>
CC: Thomas Fossati <Thomas.Fossati@arm.com>, "rats@ietf.org" <rats@ietf.org>
Thread-Topic: review of draft-birkholz-rats-uccs-02
Thread-Index: AQHXGf+K+kf+ALiX8EuhWlqwm5G0/Q==
Date: Tue, 16 Mar 2021 00:58:56 +0000
Message-ID: <1F11989C-8FF6-4DFE-B17C-FDABBE1EEC32@arm.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.46.21021202
Authentication-Results-Original: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
x-originating-ip: [82.12.10.179]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 413c17c5-fd64-4cc7-66ec-08d8e816b54b
x-ms-traffictypediagnostic: DBBPR08MB4743:|AM0PR08MB4547:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <AM0PR08MB4547F304012956CACEA003289C6B9@AM0PR08MB4547.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:8882;OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: fwUqGgQCjnga135Itx+Gvv5QRsowbyE92EzgRpgjBSrtOQonRnE4SPmACjc6vpiSZKX2hq0PPmnb8XTHmeKJTKLD8yKe3KQkMrNzdTASxPilpCZEtNgFS4SWalR6lM16FBoUOPcRwrtmFPCWQVYY/t+RVrx68XOmy+RHhnS9TCLNQ7+Hb2UDFMh90yBtGRexe5aWqQi1KeQi1jikMFP0Rii1fJfX3qSwP+Lq4rKLMDVVdOFjLobdFWTdv6ZriGlUK6MXF5G2egAN07JCda3KKMn1KKBZvp9swLD7E52BW/vg7ZLWzRo+FiWZbctzg0TWAbT9j+IBYen0C3khjFsAx2ORqmVh4V8WaK8BbIOzODssrdcAhqAunVqJkp9ZV1B47PqwVHx10GdlSMuA6vTivP6RClIR2Fphly/Be+q532Pn1QG8piAJ0MMypOJhx6HJ+Ql92OF6sT4boz2zSqx2EBp6wXq7LVOu9epzpG0DLfjU2ltssYUftkL509jffmT0oNgII/kaXCpcX7JkJfOWtewqDAaxvc3+rC+Mi8FnckDmbi23jIrfoAs8Oxkbct+QR8vivZKStZJBaUpZKUFkMvcy1ivyzukr/IZeALxuV4sl74xZagItlCtulQ+fGwI6
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR08MB6524.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(39850400004)(376002)(346002)(136003)(396003)(8676002)(2616005)(6916009)(186003)(54906003)(2906002)(76116006)(66946007)(316002)(64756008)(66446008)(66556008)(91956017)(66476007)(8936002)(6486002)(71200400001)(6512007)(4326008)(86362001)(478600001)(26005)(450100002)(33656002)(83380400001)(6506007)(36756003)(5660300002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: D1v0Wjj/9zNgZpZm1ugyOWyIwL0vYktA7h+IZtPkk+XyWzNyvGt6MQ+0uVHMzszQ4ofsfv5QhYi9DzmlQDigxmyPyS3VzikxCTsGPnNj+IUZJS2cKtQvKkLuCdkXQ8eRzSRFSe71F7xCxzVYLGogG+Wm6PIOvcw1Fra2BqsabJRl8kIP5OLULhyQ2w1C0K+ikj84e2tYTQyq29ApjUwQrxRWjYcQw1wGydaX6j0/5T0slYh4EP5++hzql1wyKWWAKTR4/soUyu0/fXS/nl6divDaooDPoIcJXnDRLmZLuYBMDKo9sHnS2newckZM3TBNP2aODrIFsWBZubHgOHTeUdsMBvsLCMfLXniKce87GR7h1+7hYsrg6ZdbtbytCcWcaRUAWLU6vrJdyDgHUomR+SQoNPBo05HjxSQHbYCUbL3ckyA47D2uFadP0Cy5ZBtqfIbVix4d6eiY+eHLwx3HANlm40qjebrooycJfdM6nKzuwOaejsMGYGP/9qQ/M8/Sz+S6MDr+5DFhHB3uwG8Y3vkFpU2nAzqgHDl5t5iDnN0nb/QLYuQKF6wuzWX8sK3pqUX55m4pOxykjUBEB8y/itH8VCoJjkos2obwc8LmiWp/ZmAD4tk8BPRSZh7Nalx4muVYAGIITcP9fdH4liOsmIzZWePhSNTE0AxLK9TOg/q6nZODr31Oo1elewmIN0iUm0CdSShOzqKCW5dEirTdvgS3S8+q83JIo/kinfMdTZJzerFvyIhzJYOeaImbYC6OAONiUURgTeoanHSNEg2dlIMTcehroZY//aIbNIz1s3rWJoXzijmFbdDOHx9WWbcBF/yYHCyHlLaxFRc9QLqIroKkSBDbcVtxTZy4s8B+AhIAUPUfMOctICLS2l5028ORjTf/iR+eib6eM36wHc3D+0B481b8mi9IvfIhmnro28bLsLjr0t9O/zgbgg73VzWuja07mle05sYztM4myR/KZavRUWInsKO/EQXRkhJtBy1ia5kF1D0HKXPP3vlI9s4xeOiW3dbrH7KIXRgmrO5btaCSTZmYcZA8dc4LqYN6YcQf9sW1Epb/y4jDtQJnzoM1QYo+KNhknAXAHe37jNh7NmQpZCurPctB/r8oq5SYF3A/kvwZx1hTSgf8wUxnVbJYqM5Gh7e1mff9AJxGBNcIZ/C+EVS7d0lXVReHpiNscHIKvaiWMOfeiu7EalhsJ5lKk3ZcK6bxGdwSZM8gnLDKQva7btDnTuZj2CJiDb4JmaH0/nIPEKZCfwPAXhvb14Ytnda9eYNsamt/SvDWvOdqGHOlYX9sxIFbMLjiR0fqIiJMiRTo9kMWiO8RYUJ4jq7r
Content-Type: text/plain; charset="utf-8"
Content-ID: <0FE533A4139AA748AC0DD03F65A2CAF9@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB4743
Original-Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT021.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: 311cb532-f90b-4b85-567f-08d8e816acfb
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 3XFmWcPmd0pAW1pDSKcBfsyEMY6+wzCT2QDDyDcVVtXaOTmTDlj9pdB2tD/CuJUP9hHKQpTYg2dTJX8rzWkyHQJXYMPHkX0gQQ2E+CkNdyP/+w5kbQLa6T9ZJHXlvQdosZ9U3uY2u5kJbFYmlx+7c35EY46uLtgivvT8Q/ak8w2oAxzWtvZr5Ve3j1PgBUo0tM0ddR2aGtgtNogLXnGy3qE7YuqCpE1q3eOfzEuupY5wGK2xUl2WCBitSNOAeJ0h27dyaECHF6NGiwXbuU7OBMVWfikervq8AGTPfsip36VC78kto4LQgOKhfEawr9cDyWHr7k6eggbUh5kJ6UJ+eC0JCrH4D05GTXRo9Ryww4imInYTmqRe3ybVgyW9Nt01GZOC0F3m2IhyDuEPK6ABTbgWqX5wZlvfd90hxfV/TxBfxKAhnX8RYpu+IPcRr7e3kT/pR/KO8pyrn7qEpQ1i02Xx1C3UKYY1huAN10aZeOl9vzHwYiyd6kS4aIDH4wdZOUqixuHiwpR8OE0mRV+gUn8NLj7p/ar3XDN2gD3wL829DYrOBo3Z/GcusD6itLSyqCriv8MfnAs0jlf9mHZsCnvl3sZ/8Gu0OUA+Ul1c4iuIUcxZXy1dY8ELAxvBq0F/4eMDb0VurlO+NuSsnpRJqq56RKmGz2mc5Gfzd/pZkbo=
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(346002)(376002)(396003)(136003)(39850400004)(36840700001)(46966006)(316002)(6506007)(33656002)(6916009)(2616005)(36860700001)(186003)(6512007)(70206006)(82310400003)(6486002)(478600001)(5660300002)(54906003)(86362001)(450100002)(26005)(8936002)(4326008)(8676002)(70586007)(2906002)(83380400001)(47076005)(81166007)(36756003)(336012)(82740400003)(356005); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Mar 2021 00:59:09.9298 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 413c17c5-fd64-4cc7-66ec-08d8e816b54b
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: VE1EUR03FT021.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4547
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/sxmbwzg5nfyP8m7epGVk8dTUI7M>
Subject: [Rats] review of draft-birkholz-rats-uccs-02
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Mar 2021 00:59:20 -0000
Dear draft-birkholz-rats-uccs-02 authors,
I have reviewed your draft and here's a list of comments.
The general impression is that the content should be streamlined and
reorganised a bit. To that purpose, I am adding a few suggestions
according to my personal taste that you may find completely rubbish.
As a reviewer I think I need to exercise this privilege though :-)
Let's go.
* Section 1
* "the integrity protection mandated by RFC 8392"
* is "mandated" the right word? What about alg:none?
* "COSE provides - amongst other things - the integrity protection
mandated by RFC 8392 and optional encryption for CWTs."
* I think the other important security property that COSE
provides is it identifies the principal of the asserted claims
* Another relevant feature is that COSE provides the security
properties end-to-end, not just in transit.
* "Under the right circumstances"
* What are these "right circumstances?" Please provide a
precise characterisation (in place, or as a fwd ref).
* "If a mutually Secured Channel is established between two remote
peers, and if that Secure Channel provides the correct
properties, it is possible to omit the protection provided by
COSE, creating a use case for unprotected CWT Claims Sets."
* I am now reading the third para and I don't know yet what
these "correct properties" are. The impatient reader - like
yours truly - is going to be scratching his beard at this
point :-)
* "Consequently, in a well-defined scope, it might be acceptable to
* use the contents of a CWT without its COSE container and tag it
with a UCCS CBOR tag for further processing"
* Please do not suggest this, it'd have the effect of changing
the semantics in a surprising way - from something with an
associated principal to something that is completely lost, the
Kaspar Hauser of RATS. If you need to forward "naked" claims
- e.g., as you do in the verification pipeline once you have
checked the signature - you just do that. No need for extra
tagging: pass the CBOR map on and the calling site will know
what to do with it.
Comment: the intro seems to never get to the point. What I'd like to
see here is "the why of UCCS". A couple of lines should be enough:
* Rationale for using UCCS
* Basic principle of using resources parsimoniously: when RATS roles
have a pre-existing security association they can reuse it to
implicitly sign their conceptual messages
* (There is also the case in layered attestation of an attesting
environment that does not have a signing key. In this case the
protection is delegated to the outer attesting environment. The
expected output is a nested EAT with a UCCS submod. However, this
case doesn’t need further discussion because it falls back to the
usual signed EAT.)
* Section 2
* The motivation could be made less obscure
* The title seems partially incorrect: in fact, the requirements are
absent (the reader is forwarded to "following sections")
Comment: I'd just remove this section and merge whatever is relevant, if
anything, into the intro.
* Section 3
* "The handshake protocol establishes the authenticity of one of
both ends of the communication."
* Typo: one of both => one or both
* s/authenticity/identity/
* "Analogously, the considerations discussed in Sections 2.1, 3.1,
and 3.2 of RFC 8725 apply to the use of UCCS as elaborated on in
this document."
* Are these references really applicable? I have followed the
ref and I couldn't find anything relevant to UCCS there.
* Section 3.1
* I don't understand the SHOULD in "the Verifier and the Attester
SHOULD mutually authenticate when establishing the Secure
Channel". If there are valid reasons to make the behaviour
discretionary, it'd be useful if they were stated explicitly.
* Last para: I don't understand the use of the term "endorse" here.
(I might be confused by the special meaning it is given in the
RATS architecture document though.)
* Section 3.2
* "A Secure Channel which preserves the privacy of the Attester may
provide security properties equivalent to COSE"
* Could you please provide an example of such privacy-preserving
secure channel? You mean running an attestation protocol over
Tor?
* I am slightly confused about the intended meaning of the
second part of the sentence: which COSE properties are
relevant here?
Comment: what I'd have liked to see here is a crisp "applicability
statement", answering the simple question:
* Under which circumstances the signature "recycling" is warranted,
i.e. it does not degrade the security assumed by the RATS architecture?
* For both Evidence and Attestation Result
* The signing key that identifies the "secure wrapping"
entity (e.g., the secure transport endpoint) is or can be
linked directly to the same key that would have signed the
attestation Evidence/Attestation Result, were it encoded
as "proper" CWT.
* The robustness of the key material and algorithms employed
in lieu is comparable (i.e., use modern secure protocols
with recommended cipher suites)
* For further applicability considerations, see the bottom
of Section 7.4 of I-D.ietf-rats-architecture
Also, I think it's important to state the caveats that apply, e.g.:
* the different protection span
* temporal
* the cryptographic protection provided by a secure channel
is ephemeral
* Spatial
* The cryptographic protection provided by a secure channel
is only effective inside the perimeter of the tunnel
* As a corollary: when UCCS arrives at destination, it MUST be
consumed by a trusted entity and never forwarded outside the
TCB
* Also, compared to CWT, UCCS is vulnerable to an active MitM who
can distort the Evidence / Attestation Result modifying, adding,
or removing claims at will
* Section 5
* I have followed the ref and it's unclear to me why the security
considerations of RFC8392 apply here. Maybe be more specific
about what exactly can be transplanted from there.
That's all. Cheers!
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Rats] review of draft-birkholz-rats-uccs-02 Thomas Fossati