[Rats] AD review follow-up on draft-ietf-rats-eat-20
Roman Danyliw <rdd@cert.org> Thu, 22 June 2023 21:26 UTC
Return-Path: <rdd@cert.org>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30A37C14CE44 for <rats@ietfa.amsl.com>; Thu, 22 Jun 2023 14:26:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WZYzMoQkcFma for <rats@ietfa.amsl.com>; Thu, 22 Jun 2023 14:26:28 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0098.outbound.protection.office365.us [23.103.209.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA980C14CF0D for <rats@ietf.org>; Thu, 22 Jun 2023 14:26:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=DIrKr96hR+zBp5QsQ4mtpAPOjzJZv7GqAOp4CGxmkWmFdUy1S5iaqh8hn7ZV48RQ1PyixlLI7XgUCV8DoHoLUrwpRkDnWrYl3KfhK2uFJg+r27ikvBjkDh7BLnF/gtZKlbvgWtZtRR+ijJJrYg4aU2QQeq4YcIiKfxLnxYJQVtKo4VY6tqqgyBYe4HG1nB/dlQKPvlTMdXm5/+3JMxXg3CMgoOBIgWq0Wsi8OWvMQf2bzTaHrYwO4U6T/QoSIS2Lh7H78tlZuqMT3GCVuf/5hRpO8qiCfrD4wavEG66zHQJd+GMNTIsDS0mjCtndPDrNnaDbwCj2BJK10SDAZ89D4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2jS+fOrDGZt4dtrJ7i2WE+R2/2oDUOici+Y1u+aoiII=; b=g06aJJRYFu1s6qLbdLfj5HVfVG+9BJVYYQbEEe+ZSbNkjE6u+7fwtK2nuPPvb9Bm915xewFSHRAP92LGOR33qUJOT2ZFXXBFkgpCoPRuDYQodJz4sqK750g6srDwnDQlK3HVaEV8JTcvzP4rN1/8JmKAsEpeAXZsUwv73UTugJMPSfrJ9TrOaHfvfmGpmH2oJM0iFa/+MO9Em4IfpS+SmRitSDTNLzxcmBZNecrUHMuDGdfZfGmBHuQx7/hw75ev/Jw1wZeR8nE7/P/R+Rh8UG3Hy344qaKiUK25fxhdiyJGp8WowaeIQVDW3Du812KzJN/n8tU6nlqbrNsKsUewmg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2jS+fOrDGZt4dtrJ7i2WE+R2/2oDUOici+Y1u+aoiII=; b=PDN7WKKbI5e8GgIlPQLVgN6xMvqVLfpmFix15YumqAsReHUTgngbPMKXC5yMMA/9Ngo59t3dAv/46euIBgo+Nr81aArFMpCVI5lRg/h4WOC+IFeRqSgFMvV6fx45oPA56e/fW16BPZcHldlKcxQRWX4QWVFWwa4gzHZpqZNdHWA=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1716.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:169::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.38; Thu, 22 Jun 2023 21:26:22 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::9e97:3a3a:a27b:1b82]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::9e97:3a3a:a27b:1b82%7]) with mapi id 15.20.6500.031; Thu, 22 Jun 2023 21:26:22 +0000
From: Roman Danyliw <rdd@cert.org>
To: "rats@ietf.org" <rats@ietf.org>
Thread-Topic: AD review follow-up on draft-ietf-rats-eat-20
Thread-Index: AdmlT9vW3QERVJ1DSsKzbzG1StHoLw==
Date: Thu, 22 Jun 2023 21:26:22 +0000
Message-ID: <BN2P110MB11073923A8FA0526876A0184DC22A@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1716:EE_
x-ms-office365-filtering-correlation-id: 17e67db6-3bf8-426d-0eaa-08db736753d4
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: OzgtLx2ygAzxFYjQ5/pDX0pisofcn8fnz9H7kqNT1KhRRRqzp+LLVRTAnBHg/OBxKyifAn4KHkomFCqxXR9kMuWHa38NQI2jULmO3d7oum25aZkFUUrlnSdpxIalMnIhKIZwVtYB27DACPjlI30SUWZTpXeZGiRpg/igDvrKwglWnOSOSlVRM+/uXuLNDNgSK/V4F4Zyb+mQHzTZF+tCKCVwLBTppL8kEBBoO79ksaQGQmR4YV4idmOxNfmSYb59PrTulV8eOj1cmxlx8ZivaEHrlV36nB9GeL0cj+xoDKcioVY1tS89WefvCPT+qvZBbq+XMKLQB8LdS4D0O+YKRYXZP65Ol5pgMI1RzZ27rwMEO4NR+KmkSu+Fcz8yCMzjQ2brMgDRpL9JLPzJbeGI6WvQIaXpn1M4DW/nsfVG7g8VGrr0Rz7TcTXqw0jx5qP+aARrCFTQK1gX+TbePErBfeJzUSAK1QVt/J/g7pei3k1BqlVcP1Anz+ct2dJi8dGNPf1QVvAk6CRt1JUtDhFh4ATP5mgwzjUzlAPLWVcZ91bm+Zf4+1jRSqGAu1uHAkjy7MHx5SV9QFM3mt/3FnvmsWHRl24TNV7jJOezEndWJ6Bdm5/4OFFktu0Verca6sGi
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230028)(4636009)(396003)(136003)(366004)(39830400003)(451199021)(7696005)(508600001)(76116006)(71200400001)(186003)(6506007)(9686003)(66946007)(41320700001)(966005)(66556008)(2906002)(26005)(64756008)(6916009)(66476007)(41300700001)(8936002)(8676002)(5660300002)(66446008)(52536014)(38100700002)(82960400001)(86362001)(38070700005)(33656002)(83380400001)(55016003)(122000001)(15398625002)(43620500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4quM9mrqE85o0aC4Akkzm13U5aNRII0SfXBS8bZs6hKeBZFbZttQ9M/0t0mXtYpoDb86ladDZ4WLMbEeYQ5IOZDBAxGNpdJWirLWwfSRAdq3G2XOjahVijSAR3jr9C0m2OPot4Hqy2bZsHSqDS35fHnGqC3HD8ZREPxUv1lIj1w5o0xIzTCKB69DtPRYz3oDWJ4S6mnTDPqhvWW3dXWGkiVBpy88L/c55Ee52yoVaTE+0QbLLdygTSflM5Let1FxNJHH7Y8FuqblmwolJM3LWp0nWiMBhOM0WyGVd8+FzT4fKXCdzH8966Zpz0bRSiLrVpc0O5jJV69wrEiR5RyqJZ6B5pCANuSjfj0+UyJaSV3KeP+0f3bKQjWAhgjjvCGJOIlSCuqDCi4AxSYmk02gltfs36/ml5B6cLKCmcz7mKU=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 17e67db6-3bf8-426d-0eaa-08db736753d4
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2023 21:26:22.7957 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1716
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/wuRFnZKg2nhSjW0-JlYz06EaEkg>
Subject: [Rats] AD review follow-up on draft-ietf-rats-eat-20
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2023 21:26:32 -0000
Hi Laurence! Thank you for the very thorough response at https://mailarchive.ietf.org/arch/msg/rats/lPKyXpRSria9YGdTvZVxNlB08gk/ to my AD review of draft-ietf-rats-eat-19 at https://mailarchive.ietf.org/arch/msg/rats/50ZbUkhSrU1cgOLYkir3f1kKFiY/. The vast majority of my feedback has been addressed or you have explained the underlying rationale for the current approach. I have a few remaining comments, primarily around the new text in -20. To make it easier to track this feedback, I’ve started this new message instead for providing further snipped inline comments in the previous thread. ** Section 4.2.1. Thanks for the new Sections 4.2.1.1 and 4.2.1.2 to distinguish between the producer and consumer. This clarifies my previous questions around the type byte. The associated updates introduced the following text: Section 4.2.1.1 In the unlikely event that a new UEID type is needed, it MUST be defined in a standards-track update to this document. Two things: -- This is roughly restating IETF policy. As this document will be a published as a standard track RFC, lacking any other guidance, another standards track document would be the only way to modify it. Are you sure it is needed? -- The most flexible way to ensure future extensibility would be to create an IANA registry for these type values. Assuming there needs to be very tight control, the registration policy could be standards action. ** Section 4.2.1. On the topic of additional UEID algorithms, the following feedback came in to use v5 UUID (draft-ietf-uuidrev-rfc4122bis): https://mailarchive.ietf.org/arch/msg/rats/YOWRagymNnmZZOoMznvMrJ0ELCw/ Does the WG want to add it? ** Section 4.2.14. Are there Security Considerations around retrieval of DLOA from a given URI? Thanks for adding the following text in -20: The retriever of a DLOA SHOULD follow the recommendation in [DLOA] and use TLS to be sure the DLOA registrar they are accessing is authentic. A search of [DLOA] at https://globalplatform.org/wp-content/uploads/2015/12/GPC_DigitalLetterOfApproval_v1.0.pdf revealed only one place where TLS guidance is given: ==[ snip from [DLOA] ]== 5.2.3 Security Mechanisms TLS security with server authentication SHALL be set up between the Management System and the DLOA Registrar to ensure the Management System that it is talking to the right DLOA Registrar. The DLOA Registrar MAY require authentication of the Management System to restrict access to some DLOAs. In that case, TLS with mutual authentication SHALL be used. Minimum TLS version 1.2 [RFC 5246] SHALL be used. ==[ snip ]== [DLOA] seems to mandate the use of TLS between the management system (which I assume is the part of the RATS architecture checking the DLOA) and the Registrar. With the use of the phrases “SHOULD follow”, the guidance in -20 appears to provide flexibility not afforded by [DLOA]. Is this divergence intentional? ** Section 9.3. Should there be a normative "MUST" about providing a freshness mechanism? > author’s response to -20 > We were avoiding 2119 language in security considerations as security > considerations aren’t enforceable the same way protocol elements are. That > said, I don’t mind adding it. > There is no comment on 2119 language in guide lines for writing security > considerations. RFC 9053 and 9052 don’t do it. TLS 1.3 does do it. COSE > counter sigs has one occurrence. Many RFCs put normative language in the Security Considerations. Doing so here wouldn’t be an outlier. Please s/must/MUST/ ** Section 9.4. [per -19] Since any COSE encryption will be removed by the receiving consumer, the communication of claim subsets to any downstream consumer should leverage a communication security protocol (e.g. Transport Layer Security). -- Should there be some mandatory equivalent made that the transport security properties should be at least as strong as the object security properties of the EAT? [per -20] I didn’t see this addressed or didn’t understand the PR. Thanks, Roman
- [Rats] AD review follow-up on draft-ietf-rats-eat… Roman Danyliw
- Re: [Rats] AD review follow-up on draft-ietf-rats… lgl island-resort.com