Re: [Rats] Two types of secure attestation

"Smith, Ned" <ned.smith@intel.com> Sat, 23 November 2019 19:20 UTC

Return-Path: <ned.smith@intel.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5BA6120059 for <rats@ietfa.amsl.com>; Sat, 23 Nov 2019 11:20:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aAfDo6VKbxJi for <rats@ietfa.amsl.com>; Sat, 23 Nov 2019 11:20:02 -0800 (PST)
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60A85120024 for <rats@ietf.org>; Sat, 23 Nov 2019 11:20:02 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Nov 2019 11:20:02 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.69,234,1571727600"; d="scan'208,217";a="210722193"
Received: from orsmsx110.amr.corp.intel.com ([10.22.240.8]) by orsmga006.jf.intel.com with ESMTP; 23 Nov 2019 11:20:02 -0800
Received: from orsmsx109.amr.corp.intel.com ([169.254.11.161]) by ORSMSX110.amr.corp.intel.com ([169.254.10.52]) with mapi id 14.03.0439.000; Sat, 23 Nov 2019 11:20:01 -0800
From: "Smith, Ned" <ned.smith@intel.com>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Two types of secure attestation
Thread-Index: AQHVntzp4M6ZJzqVJUiVsZ6c2vuAXaeTFYmAgACwdgCAAA6xgIAAu9YAgAEdtgCAAAn4gIAABdyAgAADQoCAAAxJgIAAES0AgAEKygCAABdNAIACgfQA//+lc4A=
Date: Sat, 23 Nov 2019 19:20:01 +0000
Message-ID: <52AC3EB5-1BD0-4A41-8EAD-5A779E125BF8@intel.com>
References: <B099349B-711D-4A11-9E58-0886307FB7AF@island-resort.com> <CAHbuEH6qtVbzRXUALKBrr3butc8qT8Y81X-nQ6+PjC1n08CkvA@mail.gmail.com> <5DB30E08-9AB2-452A-B8D6-55BFD0AE5264@island-resort.com> <CAHbuEH4R4GZQCq9E1Nza8uPC=jxiM-FkV4tMrv9B==GsjvCLtw@mail.gmail.com> <34EB67FD-E76A-4132-87C4-C89EA70C9365@intel.com> <DC9F1051-E33A-477F-A855-2FBA33F8E8DF@island-resort.com> <cbb5f662-b073-5b5b-e504-56ea66b72744@sit.fraunhofer.de> <5A3105EA-8E54-4BB9-B266-96B6645811A1@island-resort.com> <c4967ed2-e484-d8c9-406b-8e1bb1b3b88d@sit.fraunhofer.de> <FF6F2CEE-1049-4B6C-8E12-9E21FE92D2F2@island-resort.com> <3285c3da-0748-5607-90ed-ac024ac826d0@sit.fraunhofer.de> <0384FAEE-6C5B-4A99-BBA0-F080DD27AA9B@island-resort.com> <def7a722-e357-a12a-1467-8ff8c442337e@sit.fraunhofer.de> <A9E1ED3A-80D1-4585-9029-A49CA5AE3AB6@island-resort.com>
In-Reply-To: <A9E1ED3A-80D1-4585-9029-A49CA5AE3AB6@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1f.0.191110
x-originating-ip: [10.251.148.166]
Content-Type: multipart/alternative; boundary="_000_52AC3EB51BD04A418EAD5A779E125BF8intelcom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/uCg0t05cNutc8j6TbNmYq1WID-Q>
Subject: Re: [Rats] Two types of secure attestation
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Nov 2019 19:20:04 -0000

@laurence - By “this” you mean the difference between implicit and explicit attestation?

From: RATS <rats-bounces@ietf.org> on behalf of Laurence Lundblade <lgl@island-resort.com>
Date: Saturday, November 23, 2019 at 8:44 AM
To: Henk Berkholz <henk.birkholz@sit.fraunhofer.de>
Cc: "rats@ietf.org" <rats@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "Smith, Ned" <ned.smith@intel.com>
Subject: Re: [Rats] Two types of secure attestation


On Nov 21, 2019, at 6:26 PM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de<mailto:henk.birkholz@sit.fraunhofer.de>> wrote:

There are no semantic difference between the "simple non-TPM EAT" scenario and the TPM-based implicit remote attestation scenario. They are if fact the "same types of secure attestation”.


I don’t have any need to drive taxonomic distinction when unnecessary, but note that the YANG module has to have explicit different facilities to be able to handle both.

The verifier implementations for these two types are also very different. in the "non-TPM EAT” scenario no known-good-values for SW hashes are need to be supplied to the verifier.

I don’t think these are the only differences that we’ll encounter in real implementations.

This should probably all be described the architecture document. Seems as significant as the passport vs background check distinction.

LL