Re: [SCITT] Should verification keys go onto the transparency log
Henk Birkholz <henk.birkholz@ietf.contact> Tue, 05 March 2024 07:56 UTC
Return-Path: <henk.birkholz@ietf.contact>
X-Original-To: scitt@ietfa.amsl.com
Delivered-To: scitt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12778C14F616 for <scitt@ietfa.amsl.com>; Mon, 4 Mar 2024 23:56:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.196
X-Spam-Level:
X-Spam-Status: No, score=-2.196 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ietf.contact
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bU11hCZyNVYW for <scitt@ietfa.amsl.com>; Mon, 4 Mar 2024 23:56:26 -0800 (PST)
Received: from smtp01-ext2.udag.de (smtp01-ext2.udag.de [62.146.106.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0340C14F694 for <scitt@ietf.org>; Mon, 4 Mar 2024 23:56:26 -0800 (PST)
Received: from [134.102.156.190] (eduroam-pool12-1214.wlan.uni-bremen.de [134.102.156.190]) by smtp01-ext2.udag.de (Postfix) with ESMTPA id 5BD90E0405; Tue, 5 Mar 2024 08:56:22 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ietf.contact; s=uddkim-202310; t=1709625384; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=V3gX5y6cNmfUtnZIerZG7NhrqHCuZun5YqgD8KH1j3A=; b=V9/ir34d1z9rkkqRbbduszW7gGV06GfH338bQa72KLogifeH4oHLyKkhnsIluJtc9IbE61 R09OTCuz74mij4ll5Y23uyexSqWkYzdu+nx/5zvPXl65fe8N0O+Iy3LFI5w6Pf0GPYZssZ 00TMJbzKVbrkrghtIfomQ9CQBOZln6YeWPmUBxtHUFiwQjcjyEleqggZ7MdjkgUZzcxuGx ph8QqjAf2I4pbmDwVdEkRkTSgvca4jMrk5roifx3uUk8rxR7GNEgQL9tbUM/1kRD/3HV7R bFPY7G0BEfg47+3qVzuJZKNQJBkpHtVntKugWq9jk7J70U31z6BKIfKniEok1A==
Message-ID: <791a4122-8f58-9ff8-b509-78b59e26110d@ietf.contact>
Date: Tue, 05 Mar 2024 08:56:21 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Content-Language: en-US
To: Robin Bryce <robin.bryce@datatrails.ai>, Orie Steele <orie@transmute.industries>
Cc: scitt <scitt@ietf.org>
References: <CAN8C-_K_the7Mrq7d2QCsjF32tWJtyCe3F+9iQuP5jJL86Wt_Q@mail.gmail.com> <LO4P265MB4247DCDAA645650BF200EB00E4232@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM> <CAN8C-_JT+JCFew6Y9yGmF1=WxEXHbBTB8We5h3ucoEucLKAv4Q@mail.gmail.com> <LO4P265MB4247D72139C060BC58B175DDE4222@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM>
From: Henk Birkholz <henk.birkholz@ietf.contact>
In-Reply-To: <LO4P265MB4247D72139C060BC58B175DDE4222@LO4P265MB4247.GBRP265.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Authentication-Results: smtp01-ext2.udag.de; auth=pass smtp.auth=henk.birkholz@ietf.contact smtp.mailfrom=henk.birkholz@ietf.contact
Archived-At: <https://mailarchive.ietf.org/arch/msg/scitt/whQTsd4EfV5pCFODwLVDx1CBMsw>
Subject: Re: [SCITT] Should verification keys go onto the transparency log
X-BeenThere: scitt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Supply Chain Integrity, Transparency, and Trust" <scitt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scitt>, <mailto:scitt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scitt/>
List-Post: <mailto:scitt@ietf.org>
List-Help: <mailto:scitt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scitt>, <mailto:scitt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2024 07:56:31 -0000
On 05.03.24 08:15, Robin Bryce wrote: >> TBH given that receipts are already divided by which verifiable data > structures are supported, I think it's fair to say > >> that SCITT does not work without agreeing to a profile, which at a minimum restricts the verifiable data structures. > >> Perhaps that profile is where the Policy constraints belong, and not in > the architecture. > > That makes a lot of sense to me. It sounds like the choice for the arch is: > > a) Accept a very prescriptive approach, and be “one and done” subject to > agreeing the prescriptions. > > b) Decide that profiles are made possible by the current text and, > especially, their minimum mandatory requirements. And be essentially all > good ? The current slimmed down architecture I-D is exactly going down path b), I think. "Profiling" can also have an effect on the higher API layers and we can discuss that at IETF 119. > > From the abstract in the draft: > > > “This document defines a generic, interoperable and scalable > architecture to enable transparency across any supply chain with minimum > adoption barriers. It provides flexibility, enabling interoperability > across different implementations of Transparency Services with various > auditing and compliance requirements” > > For me b) does that better than a), especially re the minimum adoption > barriers, and the ability to meed ‘various auditing and compliance > requirements’ > > But is b) consistent with achieving > > “Issuers can register their Signed Statements on any Transparency > Service, with the guarantee that all Auditors and Verifiers will be able > to verify them.” > > I think that the arch is complete in the sense that profiles are how > that is accomplished. But possibly incomplete unless there is a minimal > model for auditor verification to compliment the minimal mandatory > requirements. I, instinctively, prefer putting it all on profiles. I can > imagine various profile qualification and certification programs > evolving to suite the various domains. For the sake of becoming the smallest common denominator, suggestions via PR are exactly the thing we can talk about such discussions. As you highlighted, I think: there must be a comfortable balance between "putting it all on profiles" and "resilient interoperability enabled by the core architecture" > > Cheers, > > Robin Viele Grüße, Henk > > *From: *Orie Steele <orie@transmute.industries> > *Date: *Monday, 4 March 2024 at 22:04 > *To: *Robin Bryce <robin.bryce@datatrails.ai> > *Cc: *scitt <scitt@ietf.org> > *Subject: *Re: [SCITT] Should verification keys go onto the transparency log > > Inline: > > On Mon, Mar 4, 2024 at 2:14 PM Robin Bryce <robin.bryce@datatrails.ai > <mailto:robin.bryce@datatrails.ai>> wrote: > > *> *Putting the keys somewhere else presumes a retention policy > without assuring it. > Agreed. > > > > Let's say I don't believe a vendor is honest about their "Registration Policy", and I want to see if they actually authenticated the issuer. > > Were that the case, I’m not sure I would believe anything I see in > the log at face value – be it positive or negative. And I think that > is actually a reasonable default position. In which case, the keys > being somewhere else is a strength because a second independent > source is then what I would want. > > > That's a fair comment. > > I think the entire purpose of the "Auditor role" (in the current draft > text) is that the auditor does not trust the log operator, and wants to > confirm their inclusion proofs are computed consistently. > > In addition to checking the log consistency, the auditor might want to > check individual receipts against the log, and verify everything. > > It seems like the draft text has been revised so that the auditor does > not verify receipts, and only checks consistenecy. > > > > A policy could be: no authentication, admit everyone (ignoring normative spec text, as implementers frequently do), and if anyone asks to audit, tell them to find the keys themselves... > > Yes, and adjacent services can, and I expect would, develop to > independently solve the problem of key availability for auditing. > > > SCITT does not need to mandate storing verification keys in the same log as the signed statements, but it is problematic to assert security properties that arise only from having all of: - payload (software artifact); - signature (cose sign1); - verification keys (x509 cert or cose key) > > Yep, I see that. Is it “Auditability” as a whole you think is just > impossible to specify without all of those ? > > > The latest draft defines the auditor as essentially "a guy who can see > the whole log and recompute inclusion proofs". > > The auditor is not a role that has key material, can verify receipts, or > confirms if a registration policy was correctly applied. > > If we are good with that definition of auditor, then we are perhaps > ready to ship the document. > > > > I feel we need to either move all these in scope, and address them... or move the policy out of scope. > > I have a fear that moving them into scope will lead to specifying, > essentially, that transparency services have some sort of consistent > way of logging _/everything/_ they do to verify signed statements. > So that auditors can replay and decide if they agree. And as pointed > out on the issue, that seems to require a very prescriptive approach > and also that a lot of work needs to be done before last call ? > > > That's right, to give the auditor an ability to do more, additional > requirements would need to be enforced on all transparency services. > > As is, all the auditor can do is collect receipts and confirm merkle > proofs (assuming that merkle proofs were used for the receipts). > > This is a spitball, and not connected to any implementation I had > currently imagined: > > If it is possible in this kind of spec to allow a transparency > service to declare, possibly via its registration policies, what it > captures and what it expects auditors to have to hand, then adjacent > services, or any services, will have a means to index that sort of > material in support of auditors. I think the interoperability and > auditability then comes from enabling the indexing and collection. > This seems like a team sport ? > > > Sounds like you are suggesting profiles are required to ensure > interoperability. > > That's a valid solution to the problem. > > > And if there is a super clever implementation that can solve it all > in one place for a wide range of use cases, so be it. I don’t think > that implementation is undermined by drawing the line this way ? > > > TBH given that receipts are already divided by which verifiable data > structures are supported, I think it's fair to say that SCITT does not > work without agreeing to a profile, which at a minimum restricts the > verifiable data structures. > > Perhaps that profile is where the Policy constraints belong, and not in > the architecture. > > Cheers, > > Robin > > -- > > *ORIE STEELE > *Chief Technology Officer > www.transmute.industries > > *Error! Filename not specified.* <https://transmute.industries/> > > > -- > > *ORIE STEELE > *Chief Technology Officer > www.transmute.industries > > Image removed by sender. <https://transmute.industries/> > >
- [SCITT] Should verification keys go onto the tran… Orie Steele
- Re: [SCITT] Should verification keys go onto the … Robin Bryce
- Re: [SCITT] Should verification keys go onto the … Orie Steele
- Re: [SCITT] Should verification keys go onto the … Steve Lasker
- Re: [SCITT] Should verification keys go onto the … Dick Brooks
- Re: [SCITT] Should verification keys go onto the … Robin Bryce
- Re: [SCITT] Should verification keys go onto the … Henk Birkholz