IETF Logo Mail Archive

Re: [Suit] draft-ietf-suit-firmware-encryption-18.txt

"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Sat, 04 November 2023 12:40 UTC

Return-Path: <david.waltermire@nist.gov>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 105A3C3315A4 for <suit@ietfa.amsl.com>; Sat, 4 Nov 2023 05:40:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.008
X-Spam-Level:
X-Spam-Status: No, score=-3.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.999, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LIhC81tMTXch for <suit@ietfa.amsl.com>; Sat, 4 Nov 2023 05:40:31 -0700 (PDT)
Received: from GCC02-BL0-obe.outbound.protection.outlook.com (mail-bl0gcc02on2128.outbound.protection.outlook.com [40.107.89.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36262C2E0E9E for <suit@ietf.org>; Sat, 4 Nov 2023 05:40:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VWKorfhqyLQZmur4saSWgGyMEYIan9qLxMGVP+kzHHSROgG7fc++xz9p3cg3kWkNTx1IbZCubEiPleMi4RUAhuQTMpgVjMTTpGEqbFg0AgVd2tuPjm/bbaXZxUIPepUjCpXnbjRJoEeH6MOI/r1iZAHw0xArf5Hd2e1hwxgQU4+8uuYPu2bjBdSqZTv4WM2D1qnwuWx6AIo/EIjsLhJft7+39gTFNLgZWCqsbVwVw3U1TKFQy9ZVKEiLZatAbFaKMIy7HR667ux/zdI3wNIGxKpfbvbuEN/iy/gyhpf7ZP0JaiOt8kVH0NvMY0UAOb3SJHi56m4MgksgcKfUecIi7A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jMpPjqri7rg0opdx4AO5kJS2qk1IIVJ1HHWsyWBRbDc=; b=KCdHamYblC30UErSIw6uZ5VH708ZgxOyR+3vwNEXf4vOE90R08LJyy3RJ4nUyLldue8XPZYXSIsps5TU8TwwquYLMq7cR6TOw6YMO0+YW5yheitSKCVbiFs3uFEdNyy7V1N+1Ajt9zgT3r/OObRA/STZACoVYZEWTW5ASCZXIrcLjR1FosGUbbKJr4T9AMKVsuUH3ayOr0jGRR0Hh0ndTFuDIt8q5WqlnhnBiiiGw1cYtOHl2UA83Nj6L4dBNpdWV0lxwUY1RXEHIQzHnGWx2P3HlywE83UUTWNSR6W4tCtAvQoThQ5pllWkUwsWFiw8Zrfq9PsVZFQ8jalVe7pnsg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jMpPjqri7rg0opdx4AO5kJS2qk1IIVJ1HHWsyWBRbDc=; b=DdL0d+Hh8xnkyiPbqhjsqnEt06oJ9JxkGLNRELK4KnZslg19zxsOXzPai5G0mXHN1N7jiwSIXHNHsv+FfaZw6uw8wymMvfE2aoSzSI/Q+YQjQ+Veem+FO8nd5hZjR5jXezfaBbwSPATaG9Di0q6O0EsRL7/XcMAx1q6B7gAH65xEvEmKiOTHPd5Nv8Bhp5CU7f+RQ9BFhlWjoJXwKsogaIbDoXOv6p8BDrjKbr06X29rqet5mA6OxEChkss1pziGhSkXjRQHAAzYY6/zoFXCCg0Rw5UY0lOTPgbK2AievT3TI4CCZDXrvY5tPQKMssIPTUNwImZ4cwJtuNQRgpGEAA==
Received: from MW4PR09MB9886.namprd09.prod.outlook.com (2603:10b6:303:1f0::5) by SA0PR09MB6537.namprd09.prod.outlook.com (2603:10b6:806:ac::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6954.25; Sat, 4 Nov 2023 12:40:28 +0000
Received: from MW4PR09MB9886.namprd09.prod.outlook.com ([fe80::7f14:9331:f574:8469]) by MW4PR09MB9886.namprd09.prod.outlook.com ([fe80::7f14:9331:f574:8469%7]) with mapi id 15.20.6954.025; Sat, 4 Nov 2023 12:40:28 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "suit@ietf.org" <suit@ietf.org>
Thread-Topic: [Suit] draft-ietf-suit-firmware-encryption-18.txt
Thread-Index: AQHaDLuWPF6AF6HVsUWJdYOCmBq0F7BqHfBd
Date: Sat, 04 Nov 2023 12:40:28 +0000
Message-ID: <MW4PR09MB9886D6A8534C980B281A235FF0A4A@MW4PR09MB9886.namprd09.prod.outlook.com>
References: <cdb450fc-4036-46bd-b1ae-378986b2e993@gmx.net>
In-Reply-To: <cdb450fc-4036-46bd-b1ae-378986b2e993@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MW4PR09MB9886:EE_|SA0PR09MB6537:EE_
x-ms-office365-filtering-correlation-id: 10a51548-9efe-487d-23fc-08dbdd3339f2
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bgovqpMxHBzskY3qY/uI6FFoWnqWNVTQszzbsaBCQ9s+3ZJIQfd0J/Bw/04j6N1mO8zO/EoGI6mD71cfWyACrvWN8wVCs7M5ZpImp8lyLGUM17INnSv/SbWNJwWvDkh8+UQbZV7+EI+xDS9PpK2DgYxbmnLx5/FOEwK79IJyh+qd/5jKmcdsJf/iUBLwSFIuLyqT50H5tSp3VZbRoOOQdPLyoKaoLzJcKWIXqUP2DYETy7YBNk9iMOFO/dgUAYWbEZvH8O6ZW8FYak6M1KRqA4wJm+EDTIcFjVMlbyMn2iuwRkwJVs+j7hK8AysifuSzVn5fgaIBELUmn0m5hC2htE5G2pfDQ5lGOawtdmCz2FLb4TG/THRqin57xzHNTWQmWMrlj9J3eWXDFO4o1J0Y7daru1hC/3x1+qcQB52xhpf5Yg9c3Z+N2BUjDlbIW+qFECohyKblO3c7LVI2xt6DuCn4VLVYampyYNNZKRoWDHjIFhFxknGvwuivo5ilEq3rw+8MR4+UBRQXkkDhehT71TcJCTDjWmT1/GT99rxbaD2PQBYB3XISc9CFOEoqhpIuqqigVNWcuxcwjbfx6CiK7lrti8WyMzQTeND06L34O8o=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MW4PR09MB9886.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(230922051799003)(1800799009)(451199024)(186009)(45080400002)(6506007)(71200400001)(7696005)(53546011)(19627405001)(38100700002)(166002)(83380400001)(55016003)(122000001)(82960400001)(9686003)(8676002)(8936002)(2906002)(33656002)(86362001)(5660300002)(52536014)(64756008)(66446008)(110136005)(91956017)(66556008)(66476007)(76116006)(66946007)(498600001)(966005)(38070700009)(1015004); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 82Bv0AUmVKJ4mDLcrqTFh76FKUlZYGJGQ0Hyk3b1D6J16iH6CqbvKOKm24dKHTOMR2lfU8mj16eW9sTBi4HGachz2E7DehLbnS4wc9LQo1TSDLud3cKSqbjK0+KWAOFQ8N06TbrjmI71gm5jslsGa0SdTU1Uo3mXuTMCEshyBMpBjuzuwfwIrqBVaP9sxDmZ1mPBaKjljw4RdINkLk03IWxRhAcr7bDtIhx71hXHueu8qO6zKQZyZYKDT8hQM0u7o8H1xsbe/N5741BVse9da6jPftru8fzB0yc1CNQFkQ9DONfVeELodoRGwwqty6G28CFjdy0MTN3fiBKax1Ol8MMjrDaKhLCfyCMgqR3bue7j724FhjplDctP2Ocz5XMT/bH6+fRPuXbsFSYf72AcbNSdluTe6DtIonhndzeuT7mvGqBYDmawFLG6sbI2XUMyAqYR3YrDWsfHlURSU++7tGdLtYywvA4d+3XCkTA/cXuTe2NyqDlJduU10gEq8ft0Aaxdc/13dgswkKqt7tuaoYTJWgx41RvavMhnVnoGNcT04Z/n+LaLeivntZaX/ht8tlh6VFz2Sr6pbvyC7++etSvu8VzTQI4VrMSqgd+HLBXc6EDsUa6VeXSu8QxrsnXuomX86Qo4aj6k0Pr0fl9eVOdBEy7xHcZZYb2HzWnfSBWtLLykbTekbQtFPPVLp1/JJlYaYRn/DFI8p34a8/cupYKSeBVd0rgW72JyNeidC6b4DI8tAA+NG2xhIGBP+SZmB5yicoqimqpvy4KIJYrijbWEUnWnaFLKF3P8zSKP5uBt49vLsMgLD4yHa0eB6F8LiLuxWuJ7L+qVaSccfpatlWzS3lCEKQQKJJLsxxsL4yMY1NvC9lMNS8ewQOxCDRuK+ffyew70rjQollh7Lw5hz9u1ByWAzyqGS4QTwFMV+/Q3y0nRfyB8aY6ebTHOwB7WifiGJ9LCnyoz0+bOS5pd2u43hepa2xmLuo29S2N5pg/3T7uebJbtCpQ1F2V27FOaEDjtsh6SxzzjMUp5oRILANq8WVMGDKeTPlJ+lPS7N4rPCQUDr5C+C3lS/z08Z0dg0MxnzdreIT6HX4vZ7dFniCbhOXkFQ+3akbH7O1p3FvjCWHyS/ByoUejSGcC7D8y3YdEwsmbwv7HLyN7wDU6KfqshbZqUda8w8/PJmllxBb/yEK2WMzpWkHGhQYiBxbaCINWQlISzMSsbNbHbx5hI4OAdL/nEDagivIVITXWDLZZ5T6Jxs2olD8qr5RloSh9WW424/It7ZaSH/837jRJjAyOf7fZCWhRr2FjuQ3ekTj1uvZSwWWtzlGV4P4GFv8uac3WPMgHH9DohTbY6//DHdBj3sZXJ3NtifDOOx+gDUPRpwA40KLzZFu9PZeFLLNHLkf66rrci9PkJT4KoQyvav/Ju0YiWz1GsI/TosWU0BglhZ3IvIYNhtWYzSygJK7RTkNKQVcVy+FSIFy60o+AD9fjzzPNAAlO0lzrTVNoCnoyhwh7fHcdBn2TP0Of0obntbgbdHNI9ic+NXRSXoUEdD89gldIMtzFmIZx5tuRkp9YG7QkG/h0c8c7okhInzY3j
Content-Type: multipart/alternative; boundary="_000_MW4PR09MB9886D6A8534C980B281A235FF0A4AMW4PR09MB9886namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW4PR09MB9886.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 10a51548-9efe-487d-23fc-08dbdd3339f2
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2023 12:40:28.7832 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR09MB6537
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/EGdINHiHR3CSpfaU8SCvK7A3vaA>
Subject: Re: [Suit] draft-ietf-suit-firmware-encryption-18.txt
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Nov 2023 12:40:35 -0000

Hannes,

Many thanks to you and your co-authors for the hard work on this since July. The summary of changes is also appreciated.

We have time for this draft on the agenda. Please post slides ASAP to the datatracker.

Thanks,
Dave

________________________________
From: Suit <suit-bounces@ietf.org> on behalf of Hannes Tschofenig <hannes.tschofenig@gmx.net>
Sent: Wednesday, November 1, 2023 8:04 AM
To: suit@ietf.org <suit@ietf.org>
Subject: [Suit] draft-ietf-suit-firmware-encryption-18.txt

Hi all,


the firmware encryption draft has seen a lot of updates since the last
IETF meeting. This is partially due to the WGLC issued by the chairs
(see
https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarchive.ietf.org%2Farch%2Fmsg%2Fsuit%2F8neAh2-H2cZ_Uzqs4FY1x9_42sM%2F&data=05%7C01%7Cdavid.waltermire%40nist.gov%7Cb5d1398d57c4426c71fa08dbdad2b7bf%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638344370786975480%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=pcLrVa1XCN4VydZ9%2FI%2BHZyHazdnqB7oZKqVMQvF%2BDFM%3D&reserved=0)<https://mailarchive.ietf.org/arch/msg/suit/8neAh2-H2cZ_Uzqs4FY1x9_42sM/>
and the responses we have received afterwards. Thanks again to all
reviewers.


We submitted in total 5 (!) draft updates since July.


As expected, the diff is fairly large and hard to read:

https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl1%3Ddraft-ietf-suit-firmware-encryption-13%26url2%3Ddraft-ietf-suit-firmware-encryption-18%26difftype%3D--html&data=05%7C01%7Cdavid.waltermire%40nist.gov%7Cb5d1398d57c4426c71fa08dbdad2b7bf%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638344370786975480%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=4YgrjBW1biDEkk0PZ%2FecuMq8D6wDpRfLZSiWlyKTND4%3D&reserved=0<https://author-tools.ietf.org/iddiff?url1=draft-ietf-suit-firmware-encryption-13&url2=draft-ietf-suit-firmware-encryption-18&difftype=--html>


In summary, we made the following changes:


* The context information structure was changed based on the discussions
at the San Francisco IETF meeting. This required updates to all examples
(and consequently to the code).


* More examples have been added, which now use AES-CTR and AES-CBC in
Section 7 regarding the use of firmware updates on devices with flash
memory. There are now also complete examples with ES-DH in addition to
AES-KW. Big thanks to Ken for writing the AES-CTR/-CBC code to produce
the examples!


* Countless wording changes and editorial improvements.


The document is getting very close to completion (from the WG point of
view).


I would like to request a presentation slot to discuss the remaining
reviews/open issues (which can be found at
https://github.com/suit-wg/suit-firmware-encryption/issues).


Ciao
Hannes


_______________________________________________
Suit mailing list
Suit@ietf.org
https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsuit&data=05%7C01%7Cdavid.waltermire%40nist.gov%7Cb5d1398d57c4426c71fa08dbdad2b7bf%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638344370787131718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=eMhcKZAyZtQuekyNg0zot2LoYcnDY%2FrAQygcZncSrPg%3D&reserved=0<https://www.ietf.org/mailman/listinfo/suit>

v2.23.0 | Report a Bug | By Email