Re: [Suit] draft-ietf-suit-report: result code values?
Brendan Moran <brendan.moran.ietf@gmail.com> Wed, 08 November 2023 10:56 UTC
Return-Path: <brendan.moran.ietf@gmail.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EF22C16F3E7 for <suit@ietfa.amsl.com>; Wed, 8 Nov 2023 02:56:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id grg9o-cZKWJf for <suit@ietfa.amsl.com>; Wed, 8 Nov 2023 02:56:13 -0800 (PST)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47BE1C16F400 for <suit@ietf.org>; Wed, 8 Nov 2023 02:56:13 -0800 (PST)
Received: by mail-ot1-x32e.google.com with SMTP id 46e09a7af769-6ce2b6cb933so3819812a34.0 for <suit@ietf.org>; Wed, 08 Nov 2023 02:56:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1699440972; x=1700045772; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=OwPEbJQ93XBWJYomv0kGUh9Gwe7BbZFW5WEbuzUzDto=; b=jJ8p8D9EcWsoE8mApvB7TAkXJMnklGzrqPknrWH+Gia4GBdq8cOPpEBoLDAf73pM36 ZnRyO7XQHduyC7RfJSpB2nkqna7d6HetaYwyl+ZFEUvmor83DCLuTNlcllHfy44VcP5K OInVKU7Rxq35Fqcv4lWpZGhNrlI9C5vWmDFBmH3Cju/NLooMkx2e6acXJMi/Zemwigx2 ealE6sL7RAF7T2Z8YDgQuWZjdNTmhLygRDvRIJzsHEDmSJEiDy+hrc5YGeWzgIHeb8e+ 4XSgi3OImI+g0f8EAXOeETfl+MAOM8AnYLORAQ/cpW5pMIgbCece0Kg/7N0X88dKPD6C NG2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699440972; x=1700045772; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OwPEbJQ93XBWJYomv0kGUh9Gwe7BbZFW5WEbuzUzDto=; b=tj9csihkfoZJl/DPWrsIkPib/1aBsb3oow/IdJa7II1RuPkVSgmG+Au6pfx9YLFG37 EkaKBziU3r/F3fvSvuDtOqrpWGq/qOxVbpa6QFvGmMlvonXiV5Z1RZi5/mECqI/IOKfe TdZixfM4IfFmph7p+CNj1iw/AR/qPREoRrxoyt87VBnwxYRYbeHbce9R39XuJGDByCv4 FP7u8sUrdLYz3Ego9+HzM9BixVlii2sXPHSRgPfkGpI18nyIAV61r8jiJEf4SJc9Pf0Q ucIZWl2yW9gPT9BYm34329cGzRY7+TVrPjza3+ZaVw+EynmaKAlYpE9WJyLlsx3l9gzm czeg==
X-Gm-Message-State: AOJu0YxW965Lx9Ugxo0+vVZPdCEVqq9dREQmWMExYWYE3KBylFKoRSzx OyIeIUQuuYag6NyrNCx3jWtq9d4+Bq6vCsIIRKvavhhc5k4=
X-Google-Smtp-Source: AGHT+IGDpL/EdKSE7GPfrBKHQGS0/vUQLx2y2pXA+nz5bS+bQihIH/l1lhSXYDd1aeNCHUGTEF6h0sJ6w1pbLyO2uu4=
X-Received: by 2002:a05:6830:1e55:b0:6b9:9f84:dc8b with SMTP id e21-20020a0568301e5500b006b99f84dc8bmr1566509otj.19.1699440972250; Wed, 08 Nov 2023 02:56:12 -0800 (PST)
MIME-Version: 1.0
References: <00df01da0ff5$f81c7670$e8556350$@gmail.com> <018501da0ff9$6bc11420$43433c60$@gmail.com>
In-Reply-To: <018501da0ff9$6bc11420$43433c60$@gmail.com>
From: Brendan Moran <brendan.moran.ietf@gmail.com>
Date: Wed, 08 Nov 2023 10:56:01 +0000
Message-ID: <CAPmVn1OWh=AAGK7O+aWA_w1taz9eEs--6pXs-XYvdGB+SNMTvA@mail.gmail.com>
To: dthaler1968=40googlemail.com@dmarc.ietf.org
Cc: dthaler1968@googlemail.com, suit@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/1NrH-wr60nMm3iZ07w28Zn-Vz3Y>
Subject: Re: [Suit] draft-ietf-suit-report: result code values?
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Nov 2023 10:56:18 -0000
Hi Dave, draft-ietf-suit-report defines a capability report document. I believe this is what you're looking for. The SUIT_Capability_Report is defined as follows: SUIT_Capability_Report = { suit-component-capabilities => [+ SUIT_Component_Capability ] suit-command-capabilities => [+ int], suit-parameters-capabilities => [+ int], suit-crypt-algo-capabilities => [+ int], ? suit-envelope-capabilities => [+ int], ? suit-manifest-capabilities => [+ int], ? suit-common-capabilities => [+ int], ? suit-text-component-capabilities => [+ int], ? suit-text-capabilities => [+ int], ? suit-dependency-capabilities => [+ int], * [+int] => [+ int], $$SUIT_Capability_Report_Extensions } The relevant part here is: suit-crypt-algo-capabilities => [+ int], This is a list of all the COSE Algorithms (https://www.iana.org/assignments/cose/cose.xhtml#algorithms) that are supported by the reporting Manifest Processor. suit-crypt-algo-capabilities can be used to determine which profiles are supported. Profiles are defined as: suit-sha256-hmac-a128kw-a128ctr = [-16, 5, -3, -65534] suit-sha256-es256-ecdh-a128ctr = [-16, -7, -25, -65534] suit-sha256-eddsa-ecdh-a128ctr = [-16, -8, -25, -65534] suit-sha256-es256-ecdh-a128gcm = [-16, -7, -25, 1] suit-sha256-eddsa-ecdh-chacha-poly = [-16, -8, -25, 24] suit-sha256-hsslms-a256kw-a256ctr = [-16, -46, -5, -65532] These are each a list of COSE algorithm identifiers: Hash, Signature/MAC, KEX/KEM, Encryption A profile is supported if each of the COSE algorithm identifiers in the profile is present in suit-crypt-algo-capabilities. The SUIT_Capability_Report is not currently carried in every SUIT_Report. Maybe it should be? Under what circumstances would a SUIT_Report carry a SUIT_Capability_Report? Best Regards, Brendan On Sun, Nov 5, 2023 at 3:04 PM <dthaler1968=40googlemail.com@dmarc.ietf.org> wrote: > > > -----Original Message----- > > From: dthaler1968@googlemail.com <dthaler1968@googlemail.com> > > Sent: Sunday, November 5, 2023 3:40 PM > > To: suit@ietf.org > > Subject: draft-ietf-suit-report: result code values? > > > > draft-ietf-suit-report-07 has: > > > > > SUIT_Report = { > > > suit-reference => SUIT_Reference, > > > ? suit-report-nonce => bstr, > > > suit-report-records => [ * SUIT_Record / > system-property-claims > > ], > > > suit-report-result => true / { > > > suit-report-result-code => int, ; could condense to enum later > > > suit-report-result-record => SUIT_Record, > > > } > > > $$SUIT_Report_Extensions > > > } > > [...] > > > The suit-report-result-code indicates the reason for the failure. > > > Values > > are expected > > > to be CBOR parsing failures, Schema validation failures, COSE > > > validation > > failures or > > > SUIT processing failures. > > > > However I don't see any actual values defined. What should this field > > contain? > > E.g., if an unsupported suit-cose-profile was used in the manifest, what > > should the SUIT record have? > > > > Dave Thaler > > Another question: does SUIT reports intend to have a way to express > what suit-cose-profiles are supported when an unsupported one was > tried? If not, TEEP or other transports can have a way to express this > but don't want to duplicate. > > Dave > > _______________________________________________ > Suit mailing list > Suit@ietf.org > https://www.ietf.org/mailman/listinfo/suit
- [Suit] draft-ietf-suit-report: result code values? dthaler1968
- Re: [Suit] draft-ietf-suit-report: result code va… dthaler1968
- Re: [Suit] draft-ietf-suit-report: result code va… Brendan Moran