[secdir] Re: [Last-Call] Secdir last call review of draft-ietf-asdf-sdf-18

"lgl island-resort.com" <lgl@island-resort.com> Tue, 28 May 2024 17:30 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08D9FC14F6B2; Tue, 28 May 2024 10:30:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ksw8ZNfe4P8h; Tue, 28 May 2024 10:30:19 -0700 (PDT)
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2134.outbound.protection.outlook.com [40.107.237.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 303F3C14F6E3; Tue, 28 May 2024 10:30:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YiWRGcH91CLvD+xNZ6GLa9XlFDn4fRIaQmjU5kC6TE+bczLJeS7Ev0ZOi7/ctDfLSDMTOFFk3iNo8al4N6IY3kKHWXLMlJJDTBElt+KCePy59gBRi0RJ49KKhMctE6f6F8QKZsfh5EDDbA/A8VHwHGP3n0RxBgaNKEeHx6JoWlZtJ7bAyXBaIW+BIg3nROXCkLb24VcfcaRpcScQQFKgkOQGC0Ye9KORZ8lmZCO6IIcA46u5pZ6zhWz7Jq0SVoccTcL2mGM6KsO9Z7n51tV92TiEH0H5tVfezEJB+qgWtkKRSyDcrualsS+SbDa5D/dOi1Sn9b/dddJ+25Hy/OZ8Og==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5injFuRWJCEQ+X1QphoLPvGIzrYH1djl6Iv/uA1LaAc=; b=Hb5XVfZnjwj+FcGsv4R/ZwuXGnAw23ipLwALvZAYTWEepChGqlt55rr7X5lnUKDtS74u0EU4+BfQtAxK+twbBOfrZzL6dhmRgRBmnMD8YHVKf0pt96PLK3c4xc9vYZ/56jn9B9a9AAqzzt/wQq6+wXdMpxusPeRLuA3vB69bqzVlwFDa6nLANGvwWIuIjxFqvVpKkwZ2EH+omR9Y4OqylOJX8Ca2bGVya6ZRa3oyBCdK0a82Er6k2I92BnuUmAh/rvfP+t+ir1Un8AGjmAYBPqmHofzx+4IJpwgKIHWgX4cGEHH3RpGRg1h4hCR2ZwBI5cK9SiLbJklEeEtYIsaU0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by PH7PR22MB4773.namprd22.prod.outlook.com (2603:10b6:510:317::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7611.29; Tue, 28 May 2024 17:30:16 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::8515:3aa6:3ced:15e]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::8515:3aa6:3ced:15e%7]) with mapi id 15.20.7611.030; Tue, 28 May 2024 17:30:16 +0000
From: "lgl island-resort.com" <lgl@island-resort.com>
To: Magnus Nyström <magnusn@gmail.com>
Thread-Topic: [Last-Call] Secdir last call review of draft-ietf-asdf-sdf-18
Thread-Index: AQHasSS0hAquvUWjgUSq6CigBKxxWg==
Date: Tue, 28 May 2024 17:30:16 +0000
Message-ID: <82131F5D-9C3B-4E06-B359-68A264100F4D@island-resort.com>
References: <171687277928.58506.15548370459995846366@ietfa.amsl.com> <FAFF4355-359E-4436-BAE5-9CFB206ED70C@tzi.org> <CADajj4anBnFQxznan-uE73ZgV4BmeEBtY=V0S2cpk9_jfZMXYw@mail.gmail.com>
In-Reply-To: <CADajj4anBnFQxznan-uE73ZgV4BmeEBtY=V0S2cpk9_jfZMXYw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH7PR22MB3092:EE_|PH7PR22MB4773:EE_
x-ms-office365-filtering-correlation-id: 0418d282-f68a-44f6-e17c-08dc7f3bd6ab
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230031|376005|1800799015|366007|38070700009;
x-microsoft-antispam-message-info: b18Wul0kqPhUiuX4r9uMRKYAk9pxX9H/1nBwge5AveScRolITB8oYV/BXVZASjMyFysU2zo4H0rjxpgDbu+oV9p6e5QWcTrf/njHWv//jXYJypgMJwfn/GLm0PU8nG2qYoJcEz+DWpa9QlK8pH/G52TgKyyiS2GygplUy4v7+niNj0kp6HOWsmg1nGGnXu0Tyejg8BmUCDEm+2H8WpxFngyR7TOXzKO1/5K7BNnEyADb/+tB/TTX33GqXWK3g/OrOccdN1CGxmFDU3qtuQ6dcBuCS4yBkIqcV6IcY8C7CDkr8uvsdmx3N5iZEbw662Na8ieQVS4km0QWb8YSnErSCXtoIvcdK/2huYp/MUM+dXzqEQaQEip6ry0L9RSCPbaBCZCfjJ8ebO3xwq5ADFNee7chKEt6yC8dYxnKkHX5wBUmoM/ltjmoJrSwqs73IZqePXZ45fJBAfl68WoQP2UM0zJbidMdvZqyfc9lKOioSqeLmT5AnCCsxyUg8SyH/2xSVLoBQx1hG7iiMpZafbyi3KFUqfiCWJIKPlOtLYx2HEt3ATTQ28Vk8SIh0B5yPkrEb9kCHp8fDaN0sDbaSxKF+lIuXntEv8xO647fS53nKLvfHROIDUfsHZIRmRuCwQc5jcOoxU9cdWeMD3BQgiCWzpNy+jElxGPtwoDE3ANbcM2rkyt/A9FuqBrqgm860tHStRPu6po4oHxQlaMLQ5m1LE6dmuNRTMGuH+DAxqKOh1lI3a9/ugNxVyTe6LO3ltWZUcJhIGvnqdogZNFqEofEzYgnzjFzFZSz32NHPqGVttDjNaNW8YwNn+JYlPKSDtTlYt+Zhb62SeCikkGppcGdSiM64WYD5+MqEjSVGkBdJvyICzZpGJ1RIoC2wPKulOYZGo6PElhHHjjW5VknyBI8pS2LV2pLTZFlKMRkJjuzW4nyBBFZzpgbxyJcJg2Ul+tFOBEHmgfkksxaejQLrcvNimvuAcEp+5Wur2n569p3hFBc4ct7lGccJHw4i2YJb0jfv8eoAdBbXcIj/53M7kGme/sLb8Y7VUbUNPELOPy1R48WXvRx8isqevP72jrfPm6Y5vGOXATY8wfYtT7Bq9xx8+b1fHmWe5YYRoNQvkE0ULcfHXD5h58Domoz2C/1M2mtBCe66APhk4J51BqbtNnhKI3Sb73CnTQ2lZJhrOWDK5xIfc8zR07gvfTd527XfBOZnIdngFc9kuuKNdR0THHbk0PH1jtkuAyD3q59537hYZQRwlISu8sN+H6lZcI5puAt32z15PJu6HrorGy9cUSDCQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH7PR22MB3092.namprd22.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376005)(1800799015)(366007)(38070700009);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: G3d9x6X2/iNO89pN7X+AijYSC1JnwlSve9mCLoFDpzlOPlp3kv/9p5W7HXiPVxri/++521CUqTLUuXgKZu9sZEQgkkgg8LzYDjoNs3ViYsHkTjEG6LAE86x5xsoinVXgo7wizhjhS6KsHIkLEwdVx5aEEG9zF6zhd2/PLBkh9j/nt4iGwhiD4C/iKch+QHlqfpODdBgABFd1KAduTsqVlfd03M8UebVYD1NJH9zOmGaaHOGszkE3pwfZWN0vVlA+coQe2M8QsCwObkQ97ogUeVEMsdggnSVS1pEWdlhUVVZZcu49pBhYDueiMTdYANEGbaWf41oZaLqr64ikSWsT8uu67lxeBhsOGD7OvX0yDiCtFJiKqHikZX69+6BR+7zRiPIuFa/jP9ALfHXMcaykBdKScYjUztScWydhgtl5vLtZawfJ65lAKT+Sz4WMpQU6FXN8GdAkXOsm67eKZZqNtd87TzYJ9qzCjdpHCd03OFo+dzkKT9xkNKFoapoIkejjz5CJD3HETf/4aNdnRw5e2j92sYa7P6beSIW145t5brQFTQmleGrzA9eM21H1WGdj6V1TJRPWnUI0DWqL2l0CJq3wAe0+4gvEue0T9qutyIMy++oOlPYiiAE11/RgSV/N9NbwDBa1k3pVSyBJLsxfO+/ztTI/wEn8FUoJXo6IUvK6Hybshx8L484vJzeElcvmsCSeTuqNoRukmeL1mvy/34+77nZAy/hup3RZo2cCeXtlTExxQ2mH2IIcSM8XIgJWoCwd4Lh43TsY8zrqEn28S7Y05+SfwZ1yzmvF1vw5g4fB3WDw95zGEz5fRGmlnkk4PfVwspg7aZCBiv3fjLjhxELI3BKqgOeAVBx9s9DlW5doFNd3K6Zj4DMDpF/dDuGn1PNuAwlFk8zi9i/0T4RdD0eZqNqOH8anP46RSGTC0DEV/YOfnqbbZeMAT4OE1bvT8phgQvV3zaVafaXbOGj2wE2VAe2gZ035zjscqN8JPkBfNiPQUAtqDmukOE5s9KxPN5+gqP0pa+tZnATNhV7PVpttnm86H1YMtOoCTsSUp8kXU3SQF9Nmegx7YbsewwvepB9El9atoRmdND3wUf+ozotBPFMATqsZ+Vvaj845rgoV3G44LjAR/CPPKyFDZ2Yj67lHeWJhCp4L7o9ZGnTqAlOH2jsf3y6gIti/kqbjLb/8HwITig0Npr+44/1UwhODd2UM6k3QvLucgXet7klTMAl6zV42q89ckIdC9VTXDM6QmxSrUkzAs40NjRSCcu26foEMVNCK4GL9LR7OxQo7B5IECrZz8/Z0ltTjBFhNvN1327NusJDOcUePAGVTF9tB8s6ggMbIh61UA3z8H8wdl1Z5S7ULgq3JODe0EiqvFJbSAIKAdbNQ8/yJKCxEKuhSp8qAdMEt7slC31E3mZOLtcynn/PBKKlv4wH+OOHatWpRrM0uq4W8j4L44MWLtDrmXQj8fc98+IlHgrkj5vHmrMSQh8hSraZhNVnRpsE08q4HQ0OVISShA2bV6Lc6b0IO4F8b/opQ0frSi6vkJ5KzrGW6xvVPCc8F0j/ZN/Cg1JiVKQVon7qKx6rVQN1L5AXBDvcCyLriAfyWjEwggK+yFg==
Content-Type: multipart/alternative; boundary="_000_82131F5D9C3B4E06B35968A264100F4Dislandresortcom_"
MIME-Version: 1.0
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0418d282-f68a-44f6-e17c-08dc7f3bd6ab
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 May 2024 17:30:16.0753 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oNTsIlK/5LmQXueFP3SwQBxzaxdIGbjsq7OPK8VtKSDwMkF3+8A7rYZCRGjrIjgmvkAFkV7++c2Q860aozAjng==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR22MB4773
Message-ID-Hash: JLD6C6AKVST5IS5NX76SCAISOVWVCHF5
X-Message-ID-Hash: JLD6C6AKVST5IS5NX76SCAISOVWVCHF5
X-MailFrom: lgl@island-resort.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Carsten Bormann <cabo@tzi.org>, "secdir@ietf.org" <secdir@ietf.org>, "asdf@ietf.org" <asdf@ietf.org>, "draft-ietf-asdf-sdf.all@ietf.org" <draft-ietf-asdf-sdf.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [secdir] Re: [Last-Call] Secdir last call review of draft-ietf-asdf-sdf-18
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/8L8LiJKAHuRutY68DblVSLwk7-8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Having one term for integrity + authenticity seems really useful, but not sure this use of “provenance” aligns with this: https://en.wikipedia.org/wiki/Provenance#Computer_science or https://www.w3.org/2005/Incubator/prov/wiki/images/0/02/Provenance-XG-Overview.pdf

I agree with Magnus. The terms integrity and authenticity are in wide use. Provenance isn’t (yet)?

LL


On May 28, 2024, at 10:04 AM, Magnus Nyström <magnusn@gmail.com> wrote:

Thanks Carsten. It could be that I am not familiar with the terminology used in the SDF area, but "provenance" is not a term that I immediately would have recognized as covering authenticity and integrity. This is just a  suggestion, but perhaps you could consider changing

FROM

Implementations need to ascertain the provenance (and thus authenticity and integrity)
TO

Implementations need to ascertain the authenticity and integrity (i.e., provenance)

But, leaving that to you and the team to decide.

No concerns from my side,
/M


On Mon, May 27, 2024 at 10:56 PM Carsten Bormann <cabo@tzi.org<mailto:cabo@tzi.org>> wrote:
Hi Magnus,

thank you for this review.
A couple of quick comments to your specific items:

> - The Security Considerations section mentions the possible need for
> confidentiality of an SDF model ("There may be confidentiality requirements on
> SDF models, both on their content and on the fact that a specific model is used
> in a particular Thing or environment"). Couldn't there also be a need for
> integrity/authenticity of a given SDF model? The document is silent on this.

Actually, we use (twice) a much stronger word: provenance.
This combines integrity and authentication with some appraisal (or at least policy) of how the data from the authenticated source can be used.
We are not pointing to a specific mechanism here, as that is likely to be ecosystem specific.
We could, however, explicitly remind the reader that provenance has integrity and authenticity as a prerequisite.
A minimal change in:

https://github.com/ietf-wg-asdf/SDF/pull/157

> -
> Related to the previous point, was it ever discussed to allow for an integrity
> or authenticity value accompanying or being part of an SDFThing instance?

Given the role of SDF as a hub format, SDF needs to be agnostic to the kinds of integrity protection and authenticity that is used with it.  Embedding a model into an SDFThing instance is certainly one way to provide this information in a way that could make use of protection already available for the Thing in general.  It is more likely, though, that a Thing will provide a reference to its model that is stored somewhere else.  That would be described in a model using an extension such as that proposed in [1] (if it is offered as an affordance from an instance) or possibly [2].  (These are likely to become WG documents after the current rechartering.)

[1]: https://datatracker.ietf.org/doc/draft-bormann-asdf-sdftype-link/
[2]: https://datatracker.ietf.org/doc/draft-laari-asdf-relations/

Grüße, Carsten



--
-- Magnus
--
last-call mailing list -- last-call@ietf.org<mailto:last-call@ietf.org>
To unsubscribe send an email to last-call-leave@ietf.org<mailto:last-call-leave@ietf.org>