IETF Logo Mail Archive

Re: [Rats] Attestation Timing Definitions

"Eric Voit (evoit)" <evoit@cisco.com> Tue, 10 March 2020 22:10 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35D2C3A0F12 for <rats@ietfa.amsl.com>; Tue, 10 Mar 2020 15:10:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=a41FiraC; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=guV5p0+G
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z9TgIxN-VXe0 for <rats@ietfa.amsl.com>; Tue, 10 Mar 2020 15:10:24 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 058703A0F3B for <rats@ietf.org>; Tue, 10 Mar 2020 15:10:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=22089; q=dns/txt; s=iport; t=1583878223; x=1585087823; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=dqZhtibXL3PBTEww3DezREwH2ORSKQPf4Rw9X8DBzTk=; b=a41FiraCos1r4Lp/8KT+j/I51Bt2Dzn+XGBbnfdxNS0QerZntoAbjqHb ITDc+NLXAYR3gzdEWCADDTJBDEV5107Je/u8ggBXIQjYaYi+T8htX4ld0 UmGjy3EfTA1sVpk54RUuKzti3bdtpeNWw9CmFB5XLxxzlZsETbM2+ToHT 0=;
X-Files: smime.p7s : 3975
IronPort-PHdr: 9a23:erEsZhG//CoIKjY3FxL3Pp1GYnJ96bzpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4w3A3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNVcejNkO2QkpAcqLE0r+efP0aC0mNM9DT1RiuXq8NBsdFQ==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C1BwA/D2he/5NdJa1mHAEBAQEBBwEBEQEEBAEBgXuBJS9QBWwrLSAECyoKhAuDRQOKcYJfkzOEYoJSA1QCBwEBAQkDAQEtAgQBAYRDAoIGJDgTAgMBAQsBAQUBAQECAQUEbYVWDIVjAQEBAQMSEQQGEwEBNwEPAgEIDgQDKgMCAgIwFAMOAQEEDgUIBhSDBYF9TQMfDwGebgKBOYhidX8zgn8BAQWFDxiCBQcJgTiBU4pKDxqBQT+BWIJNPoJkBIFlNIJbMoIsjXSCd59CCoI8g3GCPJBamzqqSwIEAgQFAg4BAQWBaSKBWHAVgydQGA2EV4lGg3OKVXQCgSeMRwGBDwEB
X-IronPort-AV: E=Sophos;i="5.70,538,1574121600"; d="p7s'?scan'208,217";a="459748818"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 10 Mar 2020 22:10:22 +0000
Received: from XCH-ALN-003.cisco.com (xch-aln-003.cisco.com [173.36.7.13]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 02AMANeO010643 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 10 Mar 2020 22:10:23 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-ALN-003.cisco.com (173.36.7.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 10 Mar 2020 17:10:22 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 10 Mar 2020 18:10:21 -0400
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 10 Mar 2020 17:10:21 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PkVldIBrK0tSfp58U4AvyYTblesxLfY4vAw5fNWmdKE8V69hBA32xtTCdUFla/76HJKlmBs8p7TPdPlEp3RFK7G0zKbrJzpTMki+7jKvPmP1RpfTbCerowcQDky4pxDhkintvm4JHdTVRPrJGWcCA7Jiugc9HwSBPe3utw8sTKWwVCTsURasY06jBQn/w4PXcicmJVlC+8m4j7jFIZBHJSW2QxkjkigMUDoO60MWE62jAk5/Q258iGd8z5fZxpTH0xgb9ZRSWcYn49pAZBmhk5+x9Qj+586PMFQHE4sk24zhrtiaee86aIHF9pD0lyq987Hjtv5UU6lHJqcX4V8bpg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=rN8NrhyNbE24R3ZWcnd3EmtcZxFbzoiA5Nkml/JW1qU=; b=AoS5MGvIA7hmbfRvnHxS8f+IDsefRFZ+2w4eOwOWTvGMhthwm7cJ9Q0l6nXOOAFDFFhXlO5jlKm19fTdhcAXIN1xikoWeRxAfKEoFwkNoAfzt9nkMOSfyJhp0ohg/mNrrfRoPEe1VOvdYJNO2NVt1JpPv/cbjTDJFqWGdcwN+DUIJ9Lq1/N4EFMz7aRC6HkY76O70ZY1DJ/BAYiyBePXciaiw0KTMmLfDS8cXSgJrAhN8f5zvC1DohBo52q8pZBZYjQjkmkFyaHCJ9hU63EEgCsqBt3QYr7RQO3VxIxukXzultusPE6Cuo994qgS9i43HGFVWq1sUB7S1/XWY/I33w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rN8NrhyNbE24R3ZWcnd3EmtcZxFbzoiA5Nkml/JW1qU=; b=guV5p0+Go9a58tFwQwydeyAsYt4BoYmocsk4rmGwHuqvZp4EpVawSzcVvYHneLXUY1hGxZBtKo7XKC07H/wxn5JFxeLnX3rbxOw30GA28l1215PyTpK5UDR1Da799E1tLK5wWnFmOGJmT6m2DYRy11nk18maW7LleVX9k/1XBbQ=
Received: from BYAPR11MB3125.namprd11.prod.outlook.com (2603:10b6:a03:8e::32) by BYAPR11MB2664.namprd11.prod.outlook.com (2603:10b6:a02:c7::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.14; Tue, 10 Mar 2020 22:10:20 +0000
Received: from BYAPR11MB3125.namprd11.prod.outlook.com ([fe80::c27:87cf:ca4:d86e]) by BYAPR11MB3125.namprd11.prod.outlook.com ([fe80::c27:87cf:ca4:d86e%4]) with mapi id 15.20.2793.013; Tue, 10 Mar 2020 22:10:19 +0000
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Laurence Lundblade <lgl@island-resort.com>
CC: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: [Rats] Attestation Timing Definitions
Thread-Index: AdX3Ey664zQelNNbRnODHHrrt7v6IwADGMYAAAF6neA=
Date: Tue, 10 Mar 2020 22:10:19 +0000
Message-ID: <BYAPR11MB312543840E706D6A0DBC8013A1FF0@BYAPR11MB3125.namprd11.prod.outlook.com>
References: <BYAPR11MB31256F11BD86730AF9D21B6CA1FF0@BYAPR11MB3125.namprd11.prod.outlook.com> <CD539706-7F11-4FF1-8483-17F51329C014@island-resort.com>
In-Reply-To: <CD539706-7F11-4FF1-8483-17F51329C014@island-resort.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evoit@cisco.com;
x-originating-ip: [173.38.117.67]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dd2ded3e-e877-4063-d37d-08d7c53fd231
x-ms-traffictypediagnostic: BYAPR11MB2664:
x-microsoft-antispam-prvs: <BYAPR11MB266452C5235291979895EAFDA1FF0@BYAPR11MB2664.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:5516;
x-forefront-prvs: 033857D0BD
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(136003)(376002)(396003)(366004)(39860400002)(189003)(199004)(6916009)(66946007)(33656002)(316002)(66616009)(64756008)(66446008)(66556008)(66476007)(26005)(76116006)(8936002)(186003)(9326002)(52536014)(5660300002)(7696005)(2906002)(6506007)(478600001)(86362001)(53546011)(9686003)(71200400001)(55016002)(81166006)(4326008)(81156014)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB2664; H:BYAPR11MB3125.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: YRd7SZ1afBVivLB8jKnKG1w/7bH/KBPOPo9U++cWyjPpA1d8icfCC7ATam7CCVkPbp3UcMloJm3rDCl6WBBMAZnFRVfamntnhq28ah43E/T5r7v+D16DcYcaxJEXzvOARPvzSRt15rdP95byVgJWE4CicYollTBP9+e91qpWhu+S8kFUsx3RtUV2KLnBmSkV1yUDFBm2VvIHbFQ25Y01fAbQ+KXv6a8BPJ/y29XeYirepHUR6siHnQRWQzmIlI43tSuRVr767LejdUiUNT0NBWTkF4PpUqfEG7qAeWPhW9eyq0rBWr2wHOE1zYDiOAptaJAfu3Pjiy4hQXSz2l20GaBhskilmb6ci6xJA3GkGm/GpX/LFyqGJmCL4+qoemybgvVc1HmReMVV7NtDwawl/vX77cO6TjSD63ysJW4iZF9Hn6Wnn6sIv4ryoNDQbRTM
x-ms-exchange-antispam-messagedata: iLH4U/Pql3oxYPFdaS+eX1IGhyPAnAMxobV+dgBLG/vgkeQfTdFG9fVNoRSQhw7a8pLsC99hM8BVvhcAkUZKpzR7/IqAUSsXjfK1UmXbDmYkL+0Fs0sAtMCM0lB6TnPRtScJdHQkcrm7zSYFMPpAoA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_01E9_01D5F707.266E9230"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: dd2ded3e-e877-4063-d37d-08d7c53fd231
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2020 22:10:19.4008 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: bzThFQyRbH+twK1/5D1h0D1Fz9Ub9JoXzX3AmOMpUumgvvioIqnjSegMAK9BERaO
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB2664
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.13, xch-aln-003.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/uFgQTN3pQFHAlklgcv-IcEX4JdI>
Subject: Re: [Rats] Attestation Timing Definitions
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote Attestation Procedures <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2020 22:10:33 -0000

Hi Laurence,

 

In-line with <eric>

 

From: Laurence Lundblade, March 10, 2020 5:05 PM



On Mar 10, 2020, at 1:09 PM, Eric Voit (evoit) <evoit=40cisco.com@dmarc.ietf.org <mailto:evoit=40cisco.com@dmarc.ietf.org> > wrote:

 

2. Nonce based Composite Evidence Passport.  

This figure matches to the sequence diagram from Figure 3 of draft-voit-rats-trusted-path-routing

   .----------.                     .----------.  .---------------.

   | Attester |                     | Verifier |  | Relying Party |

   '----------'                     '----------'  '---------------'

      time(a)                             |               |

      time(b)                             |               |

        |                               time(c)           |

        |<-----nonce--------------------time(d)           |

      time(e)                             |               |

        |------Evidence---------------->time(f)           |

        |                               time(g){@time(h)} |

        |<-----Attestation Result-------time(i)           |

        |                                 |             time(c)

        |<-----nonce------------------------------------time(d)

      time(e)                             |               |

      time(j)                             |               |

      time(k)--Attestation Result + Evidence----------->time(l)

        |                                 |             time(h)

 

Something seems off here. By my understanding of the passport model, the Attestation Result is the passport and can only be created by a Verifier. This diagram seems to show the Attester creating there Attestation Result. 

 

<eric> Agree that Attestation Results can only be created by a Verifier.  The reason this was on the diagram was that Figure 4 from draft-ietf-rats-architecture showed "Attestation Evidence" as part of this specific flow.  And it *is* part of the flow.  But there is other Evidence in the flow too.  To reflect this, I have added "+ Evidence" to the figure above.

 

Generalizing the question a bit, adding Evidence to a passport is a natural thing.  Think about your US passport.  Every time you go through a port, it is stamped with additional information.   And this becomes a part of that passport which subsequent countries can see.  But it wasn't information attested by the US.

 

Seems like one fix is to remove the second nonce and time(e) and say the the Attestation Result is exactly the same in both occurrences — classic passport where the attester just passes the result through.

 

The other fix is to have the Attester produce a second Attestation Evidence that includes the first Attestation Result, route that to a second verifier and then on to the RP. Then you have composition.

 

<eric> Hopefully my answer above clears this up.  There is more in draft-voit-rats-trusted-path-routing section 4.2 which addresses specific topics on this flow.  

 

The main intent of this thread was to dive into the specific definitions of the timing definitions.  Perhaps if you have questions on this Section 4.21 flow, comment on the thread about "draft-voit-rats-trusted-path-routing"?

 

I don’t think Attesters can produce Attestation Results.

 

<eric>  Agree they do not produce Attestation Results.  

 

Eric

 

LL

v2.23.0 | Report a Bug | By Email