IETF Logo Mail Archive

Re: [lamps] I-D Action: draft-ietf-lamps-csr-attestation-01.txt

Michael StJohns <msj@nthpermutation.com> Wed, 04 October 2023 16:49 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C696C151983 for <spasm@ietfa.amsl.com>; Wed, 4 Oct 2023 09:49:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.995
X-Spam-Level:
X-Spam-Status: No, score=-1.995 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QvTivOGAoMlE for <spasm@ietfa.amsl.com>; Wed, 4 Oct 2023 09:49:18 -0700 (PDT)
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6362C1516E2 for <spasm@ietf.org>; Wed, 4 Oct 2023 09:49:18 -0700 (PDT)
Received: by mail-qk1-x730.google.com with SMTP id af79cd13be357-77574c076e4so234185a.1 for <spasm@ietf.org>; Wed, 04 Oct 2023 09:49:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20230601.gappssmtp.com; s=20230601; t=1696438157; x=1697042957; darn=ietf.org; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=2tuWVtjNU/NvleI2yCqE1fFQ5BHvqskMSQKiYNoJbB4=; b=Z9afrXR+td6XMkn52T1NwoEOyVuJ/RHfjIG29dJRbAMW5oZa8sqvDFWRWutuxH6GKJ zqiHcSxE1CNa1Zxie/KJdH9Hk8tlI5bOJ6eRSQVYP/mm+DqhH9B0s+43Rvbk0ZOtYdBG z1t+uJRmCDhvHIBnV3Vdh6A9eB67mzr864sMZvvK17f9A7axD1TuKEN/avAon/CSvXF+ my5nGMX1S08bk9ZT2V6iD5KElVCCy9VI0OPgtIJ+RedeCdAOKR0dpitjl6WwHg+tOT7O gyZ7Kn9d6ADI8n0emIk45o2g2Y0/4kCYw/tSjZXnanD47juMMoySJq+UkbB09ufMzE11 p2Gw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696438157; x=1697042957; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2tuWVtjNU/NvleI2yCqE1fFQ5BHvqskMSQKiYNoJbB4=; b=VXrE1AsGDg2FNFAHKM6e33S1oiVfmaKfIELk7MM6j3GIDKCp63C0/RcQl0OfDB8gn+ 4shXIab0gZZYQ5fDHu3EFJz+bljc39s/UWOrdNS4iRXMtMdnkqwcw84ffHl5rxUGrlku OsHjZHnuVXNzkB/wE4id9VpPYjtrc/dZeRe7O9JynG6RWIvHGXGOm4EJnNs9nkXL28Fb 39xVrT1OVbJKZxxLYOl7I1uUIZZefhSc+H5vVXNomeNzMqYNb0ze62FeYi6ruAxnEv8v 9M879KEavhRI3cWMAH4u+p+pH0qxreKjAqLDwSeDustUgiTZO57MyveduyqP/XecAEzH ZDdw==
X-Gm-Message-State: AOJu0YxVNNX8h77LhJSTZKJ95p50ecl4jMHbJ7+x1xY9NmdvarfTN9Ya xFjynqyysWYgC0nSUgwABzwNIpgDX9OnGS0fVVw=
X-Google-Smtp-Source: AGHT+IE41Hi1T26UJd7BZ58IqtBMApdArHFanotFnsqUdUFRxQIt3V26uEvNOzkRalpRyGS/gIolcw==
X-Received: by 2002:a05:620a:294b:b0:774:2fb3:fe62 with SMTP id n11-20020a05620a294b00b007742fb3fe62mr3567844qkp.27.1696438156964; Wed, 04 Oct 2023 09:49:16 -0700 (PDT)
Received: from [192.168.1.23] (pool-108-31-156-76.washdc.fios.verizon.net. [108.31.156.76]) by smtp.gmail.com with ESMTPSA id j9-20020a05620a146900b00775ab978009sm1392623qkl.36.2023.10.04.09.49.16 for <spasm@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 04 Oct 2023 09:49:16 -0700 (PDT)
Message-ID: <797d438c-1efc-fb36-bfc7-87a4b40ba398@nthpermutation.com>
Date: Wed, 04 Oct 2023 12:49:15 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1
Content-Language: en-US
To: spasm@ietf.org
References: <169643178196.11341.18089605191288570532@ietfa.amsl.com> <7E7D7745-CF45-4192-90A0-D00208F77400@vigilsec.com>
From: Michael StJohns <msj@nthpermutation.com>
In-Reply-To: <7E7D7745-CF45-4192-90A0-D00208F77400@vigilsec.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/xJBwvYSbQF3aOrUuFB4iN-DnkRU>
Subject: Re: [lamps] I-D Action: draft-ietf-lamps-csr-attestation-01.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2023 16:49:20 -0000

On 10/4/2023 11:42 AM, Russ Housley wrote:
> I do not understand why we want to include opaqueCert in CertificateChoice.

Yup - I'd agreed to remove it before I passed the document over, and it 
should be removed.

>
> Also, I think that CertificateChoice is a poor name.  It is too likely to be confused with CertificateChoices that is defined in RFC 5652.

This is new.  There are so many different ASN1 modules and AFAICT no 
central registry of names that it's hard to find collisions like this 
without deep knowledge.

And then there is "ATTRIBUTE" which has way too many overloaded meanings...

ChoiceOfCertificateType instead?   At some point this will collide with 
someone else doing something slightly different.

Alternately, this could re-use CertificateChoices, but that's using the 
old ANY syntax so not ideal I would think.


>
> Russ

The semi-repetative nature of the bundle definitions is problematic.  
Both the ATTRIBUTE and EXTENSION are defined as "SEQUENCE OF 
EvidenceBundle", and then Evidence Bundle has "evidence SEQUENCE of 
EvidenceStatement" leading to multiple possible ways to encode the exact 
same attestations, even without the infinite duplication of the same 
certificate data within multiple EvidenceBundles.     SEQUENCE OF may be 
necessary to convey multiple attestations in a CRMF EXTENSION, but 
ATTRIBUTE already wraps everything in a SET and so provides for the 
carriage of multiple EvidenceBundles within a single attribute.  The 
statement at the end of 4.2 justifying this SEQUENCE OF approach isn't 
persuasive.

Since "certs" is optional in "EvidenceBundle", what happens if it's 
omitted in all of the bundles?  Where do you carry the certs needed to 
validate the attestation(s)?  Note that the EvidenceCerts attribute is 
missing in the ASN1, but still mentioned (as an unnamed attribute) in 
the introduction.

EvidenceBundle is not defined in the text (but is in the ASN1 appendix) 
and should be.

The discussion of certs to be included in 4.2 excludes any discussion of 
the interaction of multiple attestations (EvidenceBundles) in the same 
structure all chaining back using the same certificates. Is duplication 
required?  If not, where are the certs placed - first attestation? last? 
anywhere?  What does a relying party do if the certificates are missing 
(since the field is optional?)

Later, Mike

>
>> On Oct 4, 2023, at 11:03 AM, internet-drafts@ietf.org wrote:
>>
>> Internet-Draft draft-ietf-lamps-csr-attestation-01.txt is now available. It is
>> a work item of the Limited Additional Mechanisms for PKIX and SMIME (LAMPS) WG
>> of the IETF.
>>
>>    Title:   Use of Remote Attestation with Certificate Signing Requests
>>    Authors: Mike Ounsworth
>>             Hannes Tschofenig
>>             Henk Birkholz
>>    Name:    draft-ietf-lamps-csr-attestation-01.txt
>>    Pages:   21
>>    Dates:   2023-10-03
>>
>> Abstract:
>>
>>    A client requesting a certificate from a Certification Authority (CA)
>>    may wish to offer believable claims about the protections afforded to
>>    the corresponding private key, such as whether the private key
>>    resides on a hardware security module or the protection capabilities
>>    provided by the hardware.
>>
>>    This document describes how to encode Evidence produced by an
>>    Attester for inclusion in Certificate Signing Requests (CSRs), and
>>    any certificates necessary for validating it.
>>
>>    Including Evidence along with a CSR can help to improve the
>>    assessment of the security posture for the private key, and the
>>    trustworthiness properties of the submitted key to the requested
>>    certificate profile.  These Evidence Claims can include information
>>    about the hardware component's manufacturer, the version of installed
>>    or running firmware, the version of software installed or running in
>>    layers above the firmware, or the presence of hardware components
>>    providing specific protection capabilities or shielded locations
>>    (e.g., to protect keys).
>>
>> The IETF datatracker status page for this Internet-Draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-lamps-csr-attestation/
>>
>> There is also an HTML version available at:
>> https://www.ietf.org/archive/id/draft-ietf-lamps-csr-attestation-01.html
>>
>> A diff from the previous version is available at:
>> https://author-tools.ietf.org/iddiff?url2=draft-ietf-lamps-csr-attestation-01
>>
>> Internet-Drafts are also available by rsync at:
>> rsync.ietf.org::internet-drafts
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email