[Rats] yang tpm defining a datastore?

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Fri, 19 February 2021 13:21 UTC

Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58BC03A0C62 for <rats@ietfa.amsl.com>; Fri, 19 Feb 2021 05:21:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nuigLHLAtOHC for <rats@ietfa.amsl.com>; Fri, 19 Feb 2021 05:21:40 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150058.outbound.protection.outlook.com [40.107.15.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F9E63A0C5F for <rats@ietf.org>; Fri, 19 Feb 2021 05:21:39 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O436ab+VpVnOeKZgRW0V+vf0R0vevRHCsRXnO9A9LaBc3pJxuD+BL82VNdHMFEXxsulWAAU9AZMaVi/JjCvdAjGhxY3Abbfs5k//moFb+lLpJzdYXg/8Lgm/U1wz0i/oGI6UxuUa6+avIofHiOPWcWtqZI5VRf9VBczlhFsWuayAe+rtKvjqb/M0HplqxZsFmAhw2gQP1D0/9RZF8Qe5R/fjRljnhhoSLVWEKtH9vh2nrKHfgwtZ3JUR/ERTIRoscKQlEgFwD1JA/wAECrYnEDLHRGV0TmMzliUlHfuSd2m8I+XLfHWq2gFAwXkphhrfoxr6zTXq4xuuyF9WgGKPNA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TJq2tlEYTF6Ky0jnoPUBz2JqWQgIaGYCZGyWvpRI/lU=; b=ewNBrE74PNnKRAszpWDEfepxVFDnlRr4UHmmCUn+xsr/9PqjHr1ZC2WRdH0j22JTMV7p4OU2CTFerGmT3SY66whk+CeLSmsGtDN3GG7ANAWjdaZoTyGM1LmxuLuBXJ5533J+yz5rriYAR2+6AhNK0I5jSv+6vdjbpziBPCMGAI5Lg99cVDVODqZe83pt6XAqttssUkCqa+mVfey5xDucNsVW366TBNB57pCHTdKDo894e8z1BaNFQ6XeVpYn8lOmmuxOo4WEBbmFsNw1MLMrPHsvfn1gQuBeomYDEoZVxmTuo4M/rBoEkoNSYeg5i86d0eQIKZ00MdaqPmsoBYYpDQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TJq2tlEYTF6Ky0jnoPUBz2JqWQgIaGYCZGyWvpRI/lU=; b=dOsOccjew8qypGW7/nuzmmfeJ4aRwDGmkaGKZZbmLPFmncuQzjGfKTpblsrgvDuhiyi/NMGKzF43bO5Oi7jD6NVQscEowfGqQobL7s9UU1ePAJJuBtwmvjj60W1IUI/FdTzVukmOGQJ6SGTJHTMdmVL6An9R8p9YpBNxjAYFBUk=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=jacobs-university.de;
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23) by AM9P190MB1252.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:262::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3846.26; Fri, 19 Feb 2021 13:21:37 +0000
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::1ce1:49e3:3e54:804d]) by AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::1ce1:49e3:3e54:804d%5]) with mapi id 15.20.3868.029; Fri, 19 Feb 2021 13:21:37 +0000
Date: Fri, 19 Feb 2021 14:21:37 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: "rats@ietf.org" <rats@ietf.org>
Message-ID: <20210219132137.otltbtrhbew7yb6r@anna.jacobs.jacobs-university.de>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: "rats@ietf.org" <rats@ietf.org>
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Originating-IP: [212.201.44.244]
X-ClientProxiedBy: AM4PR0302CA0029.eurprd03.prod.outlook.com (2603:10a6:205:2::42) To AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from localhost (212.201.44.244) by AM4PR0302CA0029.eurprd03.prod.outlook.com (2603:10a6:205:2::42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.28 via Frontend Transport; Fri, 19 Feb 2021 13:21:37 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 918b212a-4bc4-4cd9-a8b2-08d8d4d9494c
X-MS-TrafficTypeDiagnostic: AM9P190MB1252:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: <AM9P190MB1252ED8DD80879FD0E1D301DDE849@AM9P190MB1252.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: a2no0XwJs09TbsDzc+ZY5Fp/lVYIhj0MlIqBDGTwrX9a76CqKde9vWD6/tSiLjyrq7kroyV9xQU27pnLWgevAmkqf8/1MtVIVXYrcBBr3AKt8AATVGRRvd/GqOYf+HF1r125SfcV4YfUpgEvdzb1D2LG6AWsPAKbLiOB+7E3TCP8H44LCinFiPL0qYikgKzw2F5ujcI+paZm6PSIUaVYLepS1vrlh57SqoOuOkqOvsLYejJ1KXABmIW6ozvC1dmXXG0XQAQnUH5AS3ck/RHdXvq3mdoK8e1N3167p1anQ+3hZoboRseg97D3Iky+w4AmBaPNr2VIq5vTMrpL8+PHu2kIzUzWDQjWHFTZus4/1/C5i23rwvCRvyrEKRKM2eWFGqTBC8ZZB2e41qwfyXxpSuNT8E4BxrsujLfbIFIl63lPOex44VKTk75iTRZf0lN26T8D98uWJYpV4ZV1puqM42cnMe2WgKxOr1ARUlFJlOgRbkTE5Co3RgLijq+RSZSLQjTq2BpPzLymn/fQR/jkdZqTycs838fLA+eZ7CEaAeHB4k12SGl4cFG10srTxtvK09IiCGUiHwgvJV7qq9ojvpk2KLqYy3MBAn24U1H2DLcF2wymkOnMztJ9uW+hmP/kfskMiW4KWs9nVFzuVtdtajNgBF5cLf+6ssEYo0YsQFc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0P190MB0641.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(136003)(396003)(366004)(376002)(346002)(39850400004)(786003)(6916009)(5660300002)(316002)(3450700001)(83080400002)(66556008)(16526019)(26005)(66476007)(8936002)(6486002)(956004)(86362001)(186003)(2906002)(52116002)(83380400001)(6496006)(66946007)(478600001)(1076003)(8676002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?TblvcP6Atyn71U3+3RS8xaS0HBurs61ujO7tY3fu4mKCrNGF/+5/2vcb1z4B?= =?us-ascii?Q?QR3+OBLo/DkjylQXKYLoopA5JPvCDZ4RWjEx3YLHJ+oBpcjYE77q3ec4coOA?= =?us-ascii?Q?qQywHJ1r6eEDeGEezFaaNFezZEGSvmoSmxO06tCvjV/Dt5WuABFjpqB69RuA?= =?us-ascii?Q?qKcTjGorqvgjDu47AinaRIJ6VqxRmdgw+pYbbJIjnOX8G+JU52NMVWUqX+31?= =?us-ascii?Q?svz8GUVti5kE4u7dYUd4FU+WTgC92VTgCZB8uZXPRq9Ra0tQAmC4EdsB57uK?= =?us-ascii?Q?nYPo+9X4nvvUSKxLcOY64J1me2Bxa6uhf4i6t/miFti1FV+O2aAT1aMmsU2/?= =?us-ascii?Q?KLdPcsIn4P2qU66QJTTzC0HNvW0yvj1KRGyED+Se7CiJh44kobu6wqAUyP5b?= =?us-ascii?Q?h5WS+OsIV3tCYor4cK1eXUaozSahtHHFEV7uiAYqKTU0QkI+PVCbmQDEDgWO?= =?us-ascii?Q?/4qL5m3GRSNNMc/um6C0rFeBF1upXIBuuLfdOkex+Z/IwCFSO6aYOIhJY51K?= =?us-ascii?Q?Z9JfAJAIw06x0lZY16xzdIFEdKOuNTAfiCueryV/1olqqBSustlWFeOL+KhW?= =?us-ascii?Q?JPUHjN6nU/gY9rum5YnIyuqct9c1E/xQjzhKork8jxdY9CSCC1iar/lbaeRu?= =?us-ascii?Q?YDr+ZHuNu/G5Rnb9Bp4eiFXewN/CGPvZyo5vlXhnPyuZDr8Z1rh1i8kfoFi+?= =?us-ascii?Q?RgnfaaA1LSIWbebP1ArWa6koLTV6yZnlyijnwpuSx+TSLpsOwbmjQ+nfwH0Z?= =?us-ascii?Q?FLJMlmFdnD6ebK1MD1jSx26hrN3axpKeQ6lcxVFKcVQ0rdE/wqe7vvkDrsmX?= =?us-ascii?Q?m87fPE5HWDEkkt4Aild8QLdFWkgPBS0T8X+oegbPWJWAw3h3q+OTF31EQmYN?= =?us-ascii?Q?OnYpxmXCBWKK4T2BY4e07ZRBZ90LdoY24ptUW+k4YOjlN2Aw1/UtNgv6IO8F?= =?us-ascii?Q?tXG0EKjiVOLO23LZSrVcG+eON8TRSzVC2jMmD7l8BKqJyBuenE3brQK1gOd9?= =?us-ascii?Q?RFTYfJB6bM/0Swull+2G4h3oF9xXCOmBfvY0XhcRoiRcEL7S6OxuCP2gtQVL?= =?us-ascii?Q?xoguRavfd1ExFYW+e6yG2jiITyvejdnSLm41BFDrPReGARZIzQ3sJgykwtHL?= =?us-ascii?Q?47Wr6fi8uf20q9n7q6ac/Las4rTi/iJFy+aiTOLJQGdzWAbpBTlrb0kPLPGL?= =?us-ascii?Q?1SjvXACbaz35PmFkG3R43hBDwk9zCOA8kU07f96vFz8KyvmlOpQoFDN8Md40?= =?us-ascii?Q?C/zwN3LxK1fZ7KJPzsODgy5rqz1UbWXabJhxU1NxhmXXzAv+0iErzJQ+1Hmw?= =?us-ascii?Q?HcmEZRGOAevY99r0/wo12eJ9?=
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 918b212a-4bc4-4cd9-a8b2-08d8d4d9494c
X-MS-Exchange-CrossTenant-AuthSource: AM0P190MB0641.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Feb 2021 13:21:37.6822 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: U3tlKfgfZ04C2CjhcPJ3PSV4FZVhUjepq+U8UgcWXcywM/r+d2VrXJi+Joa8j9SXlVMPS6+IyZNocKHdGRUFnf6H0z0L6P4Ffl7Dc169JiM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P190MB1252
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/xH9deStC2st7TqSMCdq4XDWQMXA>
Subject: [Rats] yang tpm defining a datastore?
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Feb 2021 13:21:42 -0000

draft-ietf-rats-yang-tpm-charra-05 says:

   This document defines a YANG RPC and a minimal datastore required to
   retrieve attestation evidence about integrity measurements from a
   device following the operational context defined in TPM-based Network
   Device Remote Integrity Verification.

Does it define a datastore? To me, it seems the document defines a
data model but not a datastore.

   [I-D.ietf-rats-reference-interaction-models] document.  A fresh nonce
   with an appropriate amount of entropy MUST be supplied by the YANG
   client in order to enable a proof-of-freshness with respect to the
   attestation evidence provided by the attester running the YANG
   datastore.

The "YANG datastore"?

  container rats-support-structures {
    description
      "The datastore definition enabling verifiers or relying
       parties to discover the information necessary to use the
       remote attestation RPCs appropriately.";

I guess this is all just sloppy wording, it does not seem like you are
defining a datastore. Note that a schema element like a container can
be instantiated in several datastores, not just one.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>