Re: [Rats] RATS Digest, Vol 17, Issue 4
"Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com> Wed, 02 October 2019 09:52 UTC
Return-Path: <ian.oliver@nokia-bell-labs.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DBBC120857 for <rats@ietfa.amsl.com>; Wed, 2 Oct 2019 02:52:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ck_8wNF6punm for <rats@ietfa.amsl.com>; Wed, 2 Oct 2019 02:52:17 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50117.outbound.protection.outlook.com [40.107.5.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E6F31200B3 for <rats@ietf.org>; Wed, 2 Oct 2019 02:52:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dXsXAS7oGKjNBvesrARYK7B32dkKbpddZh/+6IbQt2M8VDYZxE87yYrTarbpYPQn1SQTafC6PN+AfSD6jrbPRDinBXP3hlw9e8/anrxYlWjXpsnZldlNwExewrKUIUavBtUjcys2eZU5fhzp8bHkDgOaCsSrMovPebypWALk5XyWz9d/JsjQd/jEjzGZr8yLwyFO4EinSo9S/bD7gkoQfUL1mafQ/ZGL1K2K2ckZa8YvL6NXSgtcEyYRDwICANixpAi0VQyfeB2l3oqGPmy9ZZCbHYAsykt0D7gMEpekekEtr6NtFZqDKtk2K+HrTeaoVzqFr0MXziwXKzXikUE3xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U+qcLUmwgWzF/1nHbmqpLQu7Tq7K8wNBvrJIfYW0kKs=; b=nD5EgI8gwXHmnLtmkqd++/s3QbBfPM+yN/0V4E3zpN8Iol5kVTdZl2fp8BCmksOeyIoEEjV13Sri+IcrIhiOx6rb86TOtjJnZMR1UjLvv+ahTnJ9JaqVUDnSvKgi0oiLUHAZfIAVkoYaxrmD87uo4IfGtlB7YTYUz98eb8VPYhkuGWAaMAaZR7l48pgM3qRue7ygZtai8uDRovBESoO2osmB/oJ+tsj4N6Q1bMUeBMhHQU2ZPobKqpa3HTdpSX2Vjt/oOPdv7KhI9L28c/Gt2ICVMObLqB4JtMdZK/cHIg9IXOxEsWL/2eehbmjWYcmfyWalovbf8DBeMoDKfgDWeg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia-bell-labs.com; dmarc=pass action=none header.from=nokia-bell-labs.com; dkim=pass header.d=nokia-bell-labs.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U+qcLUmwgWzF/1nHbmqpLQu7Tq7K8wNBvrJIfYW0kKs=; b=fZmNp0VftvCG1eBmYLL936POFWReWCMvH48LsEL6UwrB3VkSLdG9JvOpTwbmBS+itP4rDQrsPVMKrZL47mPeQgLJ8363qhDSw4TySUT5363uKW966AmtQgJtk+YeH/tM2wWYPvNXQm4f8GYZBkO8YUzEdM52kaHyTd0z2R6H394=
Received: from HE1PR0701MB2267.eurprd07.prod.outlook.com (10.168.35.143) by HE1PR0701MB2298.eurprd07.prod.outlook.com (10.168.126.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.12; Wed, 2 Oct 2019 09:52:13 +0000
Received: from HE1PR0701MB2267.eurprd07.prod.outlook.com ([fe80::f475:fe6d:ab5a:8359]) by HE1PR0701MB2267.eurprd07.prod.outlook.com ([fe80::f475:fe6d:ab5a:8359%6]) with mapi id 15.20.2305.023; Wed, 2 Oct 2019 09:52:13 +0000
From: "Oliver, Ian (Nokia - FI/Espoo)" <ian.oliver@nokia-bell-labs.com>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: RATS Digest, Vol 17, Issue 4
Thread-Index: AQHVeQFoPDXXN3d+60GMkyP4Vm5bAKdHGYPI
Date: Wed, 02 Oct 2019 09:52:13 +0000
Message-ID: <HE1PR0701MB22674914B23AB5DD29405A2C8F9C0@HE1PR0701MB2267.eurprd07.prod.outlook.com>
References: <mailman.449.1570007494.9499.rats@ietf.org>
In-Reply-To: <mailman.449.1570007494.9499.rats@ietf.org>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ian.oliver@nokia-bell-labs.com;
x-originating-ip: [109.240.172.143]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3f9d607a-93ab-41d3-dfde-08d7471e339d
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: HE1PR0701MB2298:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <HE1PR0701MB2298AF84C07882F5B4C185028F9C0@HE1PR0701MB2298.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0178184651
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(346002)(396003)(39860400002)(366004)(376002)(136003)(18543002)(10533003)(189003)(199004)(236005)(5640700003)(6116002)(9686003)(8936002)(6306002)(54896002)(74316002)(1730700003)(81166006)(105004)(52536014)(2501003)(81156014)(8676002)(64756008)(256004)(66556008)(66446008)(66476007)(14444005)(55016002)(76116006)(11346002)(5660300002)(476003)(486006)(33656002)(86362001)(446003)(66946007)(966005)(26005)(6246003)(478600001)(606006)(6506007)(229853002)(2351001)(186003)(53546011)(14454004)(71200400001)(6436002)(71190400001)(6916009)(25786009)(2906002)(76176011)(7696005)(102836004)(3846002)(7736002)(99286004)(19627405001)(316002)(66066001); DIR:OUT; SFP:1102; SCL:1; SRVR:HE1PR0701MB2298; H:HE1PR0701MB2267.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:0;
received-spf: None (protection.outlook.com: nokia-bell-labs.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: QaaT5ij2itel3OSEmA5b6n13z7rhmJbZTsIIM1Z3pjW43Vw4MgZACGcDwP/hzXlsiNjGYsS4xRV+CG+RbznfMRP0+oe37I3Mx6gnGkx6sS2OFRaWNbUgytWklSBIl3jNJjYnvlCv2N84HeCmsu2UIk8pGeYRzFyTvWB4M9nhlLpFuqAFk3MlssS4hDFBrnvBBkLhxyQkgl21K93uJtjZYHEPfSp+rP8N471BOXML3+Oy44GO3QXjjlAMw4D0sAOtWHGr8iU4pfu6oR9iggMkXsTAJTAX2UCEz6I+PuQCUMo055T4tiAn7/viJAqJ9irjPiQswbeUba16FrA++9me4QnIoq5RHAc4K32wkV2QORL2TCNjDvB9Ee3HCXjQRIlukWR2RwBD8rBsl/H9WogbU7yGvsv6UjpdiOaMgydWS48YE4NOqpxZoKUX2KTxgIkBzo4DUGPnAMm0GSAKNc7ovw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB22674914B23AB5DD29405A2C8F9C0HE1PR0701MB2267_"
MIME-Version: 1.0
X-OriginatorOrg: nokia-bell-labs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3f9d607a-93ab-41d3-dfde-08d7471e339d
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Oct 2019 09:52:13.5160 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gfmvXtUL9BnzZmH1g6R6p/KedDuURf30U7950FuAOBuvqCsWQkSLaUMApNY+Y7Qz9bRWOafuCYbn0/az5I+GJ+59PecL1Dv19fn7KeIReWA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2298
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/tPYN9dgT1ioeYitUtzp0UgzVp2c>
Subject: Re: [Rats] RATS Digest, Vol 17, Issue 4
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2019 09:52:20 -0000
HI, I'm in agreement with Hannes regarding the structuring of the document and how the division between the concepts and terminology is made. The terminology needs to be properly grouped together with the diagram being almost the first thing presented such that a pictorial overview of the relationships and terms can be ascertained by the reader. It appears that some terms are also being introduced and defined in the concepts section which I feel should be "less" formal. Section 3: Does the RATS architecture provide a framework for anticipating trustworthyness changes? I'm not 100% clear what is meant by this line. Section 3.2: I wasn't sure if this is a definition of trustworthyness or a statement about how the architecture established trustworthyness in a system I'd rewrite this as below if the latter is the case: "The trustworhyness of the remote attestation environment is also (or should also) be taken into consideration and the RATS architecture addresses this" Are we also addressing the how aspect of this? Do we also need to address roots and chains of trust/trustworthyness? Figure 1 & RATS Roles If I take existing remote attestation systems then it appears to me that the role of Attester is extremely broad taking into consideration quite a large amount of RA implementation and also, to give a concrete example, a large amount of the functioning of TPM 2.0, particularly the Quoting, PCR and Sigining mechanisms to my understanding of this. If this is the point then I'm quite fine with that. (Sorry to use the TPM+RA example, but it is widespread and we do have a working system that I'd like to be more compliant with this specification) t. Ian -- Dr. Ian Oliver Cybersecurity Research Distinguished Member of Technical Staff Nokia Bell Labs +358 50 483 6237 ________________________________ From: RATS <rats-bounces@ietf.org> on behalf of rats-request@ietf.org <rats-request@ietf.org> Sent: 02 October 2019 12:11 To: rats@ietf.org <rats@ietf.org> Subject: RATS Digest, Vol 17, Issue 4 Send RATS mailing list submissions to rats@ietf.org To subscribe or unsubscribe via the World Wide Web, visit https://www.ietf.org/mailman/listinfo/rats or, via email, send a message with subject or body 'help' to rats-request@ietf.org You can reach the person managing the list at rats-owner@ietf.org When replying, please edit your Subject line so it is more specific than "Re: Contents of RATS digest..."
- Re: [Rats] RATS Digest, Vol 17, Issue 4 Oliver, Ian (Nokia - FI/Espoo)
- Re: [Rats] RATS Digest, Vol 17, Issue 4 Henk Birkholz