Re: [Rats] Function of an endorsement relative to evidence
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 09 June 2022 13:31 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 511C2C15AAFB for <rats@ietfa.amsl.com>; Thu, 9 Jun 2022 06:31:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.709
X-Spam-Level:
X-Spam-Status: No, score=-1.709 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mSu-WeesoZ5J for <rats@ietfa.amsl.com>; Thu, 9 Jun 2022 06:31:32 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76767C15AAD9 for <rats@ietf.org>; Thu, 9 Jun 2022 06:31:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 3E5EC38B15; Thu, 9 Jun 2022 09:46:53 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 48S24Z01Akpp; Thu, 9 Jun 2022 09:46:52 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 61D9638B01; Thu, 9 Jun 2022 09:46:52 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1654782412; bh=4EQLCQnTBex0OpsnMQHwlrRQM/I1hqPEcct88viPXec=; h=From:To:Subject:In-Reply-To:References:Date:From; b=224+AHE2UTA7IHS88/+DkSVBvwBWtPyVsfmt2PATwM43E4IjoNhe8EW3i7HvsDEBe lE01EDpcgEbbHvSvJIHSo3WId/M97P44fNyt8ifJSxYw+Mbb1TMVlieUqDRRDQR0qu wH5PYmOg7gUsuNefYNXsFoXFU94b6ReHusPdrRaLT6LqimhF4ObxR2k3I2HJNWK4yQ F1EUUk0SWRRDEayXlyPHBALjxHPMJqLgKfpIwwpWjtVDbNZhglZum4d+j5OH1NqGhI eomPtwlHdtqt53Li81lKfvwff3i6uerKbUWGnRU48IEG7sETi5KXpQckytC86N+5vY L9L1KhaGXADxQ==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id B5E84442; Thu, 9 Jun 2022 09:31:29 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "Eric Voit (evoit)" <evoit=40cisco.com@dmarc.ietf.org>, rats <rats@ietf.org>
In-Reply-To: <BL0PR11MB3122F2DB02AAD9FCD0966E11A1A49@BL0PR11MB3122.namprd11.prod.outlook.com>
References: <6F919543-37BA-484B-AA7E-BAC3497EB125@island-resort.com> <ee639c74-b365-e127-b4ec-d6f9df0014e6@sit.fraunhofer.de> <3907E124-5080-442C-801C-C14F227687E6@island-resort.com> <BL0PR11MB3122F2DB02AAD9FCD0966E11A1A49@BL0PR11MB3122.namprd11.prod.outlook.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 09 Jun 2022 09:31:29 -0400
Message-ID: <4799.1654781489@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/xUkXWB3NrVW2eauB6BnZ1NUrAj8>
Subject: Re: [Rats] Function of an endorsement relative to evidence
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2022 13:31:36 -0000
>>>>> Laurence <Lundblade, June 6, 2022 3:45 PM> writes: > Think about these static Attestation claims set by the Attester Manufacturer: > OEMID: Set once at manufacturer time and never changes; it is the same > for large numbers of devices > UEID: Set once at manufacturing and never changes; it is different for > each device > HW Version and Mode: Set once at manufacturing time and never changes; > large groups have the same ID > We’re fine with these being set and sent as claims. They don’t have to > be in an Endorsement, right? Some of them could be in an Endorsement, > but there is nothing wrong with them in Evidence. They can even go into an IDevID certificate. Then it's the manufacturer making a claim (an Endorsement) about the holder of the private key. In my world, the IDevID gets replaced by an LDevID for many things, so the contents are no longer quite as trustworthy, depending upon the relationship of the Verifier and the (Enterprise) owner. The SUEID could go into the LDevID though, with the Enterprise Registrar acting as RP for the initial onboarding. > Of course if they are sent in Evidence, then there has to be an > Endorsement that tells the Verifier they can believe these claims in > Evidence and the signature on Evidence has to be verified. One reason why one might want these as Evidence is if the Verifier wants proof of possession of private key. If a TLS connection with a client authentication is used to convey Evidence, then that might already be accomplished. If the the conveyance is something else, then there might be value. Of course, in that situation, a freshness nonce might also be included, so problem solved. > To me security-level (the static statement of designed security level; > see here <https://mailarchive.ietf.org/arch/browse/rats/?qdr=d> ) is > pretty much the same as the above claims in the way it is conveyed > securely. I agree. > <eric> The three claims listed above are focused on establishing > instance identity. A policy of the Relying Party needs to establish an > instance identity to understand the context of other claims. An > endorsed security level should be a known function of the instance > identity once that identity has been established. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Rats] Function of an endorsement relative to evi… Laurence Lundblade
- Re: [Rats] Function of an endorsement relative to… Ira McDonald
- Re: [Rats] Function of an endorsement relative to… Michael Richardson
- Re: [Rats] Function of an endorsement relative to… Laurence Lundblade
- Re: [Rats] Function of an endorsement relative to… Henk Birkholz
- Re: [Rats] Function of an endorsement relative to… Smith, Ned
- Re: [Rats] Function of an endorsement relative to… Laurence Lundblade
- Re: [Rats] Function of an endorsement relative to… Henk Birkholz
- Re: [Rats] Function of an endorsement relative to… Eric Voit (evoit)
- Re: [Rats] Function of an endorsement relative to… Michael Richardson
- Re: [Rats] Function of an endorsement relative to… Smith, Ned
- Re: [Rats] Function of an endorsement relative to… Laurence Lundblade