Re: [Suit] draft-ietf-suit-firmware-encryption-18.txt
"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Sat, 04 November 2023 12:40 UTC
Return-Path: <david.waltermire@nist.gov>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 105A3C3315A4 for <suit@ietfa.amsl.com>; Sat, 4 Nov 2023 05:40:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.008
X-Spam-Level:
X-Spam-Status: No, score=-3.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.999, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LIhC81tMTXch for <suit@ietfa.amsl.com>; Sat, 4 Nov 2023 05:40:31 -0700 (PDT)
Received: from GCC02-BL0-obe.outbound.protection.outlook.com (mail-bl0gcc02on2128.outbound.protection.outlook.com [40.107.89.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36262C2E0E9E for <suit@ietf.org>; Sat, 4 Nov 2023 05:40:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VWKorfhqyLQZmur4saSWgGyMEYIan9qLxMGVP+kzHHSROgG7fc++xz9p3cg3kWkNTx1IbZCubEiPleMi4RUAhuQTMpgVjMTTpGEqbFg0AgVd2tuPjm/bbaXZxUIPepUjCpXnbjRJoEeH6MOI/r1iZAHw0xArf5Hd2e1hwxgQU4+8uuYPu2bjBdSqZTv4WM2D1qnwuWx6AIo/EIjsLhJft7+39gTFNLgZWCqsbVwVw3U1TKFQy9ZVKEiLZatAbFaKMIy7HR667ux/zdI3wNIGxKpfbvbuEN/iy/gyhpf7ZP0JaiOt8kVH0NvMY0UAOb3SJHi56m4MgksgcKfUecIi7A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jMpPjqri7rg0opdx4AO5kJS2qk1IIVJ1HHWsyWBRbDc=; b=KCdHamYblC30UErSIw6uZ5VH708ZgxOyR+3vwNEXf4vOE90R08LJyy3RJ4nUyLldue8XPZYXSIsps5TU8TwwquYLMq7cR6TOw6YMO0+YW5yheitSKCVbiFs3uFEdNyy7V1N+1Ajt9zgT3r/OObRA/STZACoVYZEWTW5ASCZXIrcLjR1FosGUbbKJr4T9AMKVsuUH3ayOr0jGRR0Hh0ndTFuDIt8q5WqlnhnBiiiGw1cYtOHl2UA83Nj6L4dBNpdWV0lxwUY1RXEHIQzHnGWx2P3HlywE83UUTWNSR6W4tCtAvQoThQ5pllWkUwsWFiw8Zrfq9PsVZFQ8jalVe7pnsg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jMpPjqri7rg0opdx4AO5kJS2qk1IIVJ1HHWsyWBRbDc=; b=DdL0d+Hh8xnkyiPbqhjsqnEt06oJ9JxkGLNRELK4KnZslg19zxsOXzPai5G0mXHN1N7jiwSIXHNHsv+FfaZw6uw8wymMvfE2aoSzSI/Q+YQjQ+Veem+FO8nd5hZjR5jXezfaBbwSPATaG9Di0q6O0EsRL7/XcMAx1q6B7gAH65xEvEmKiOTHPd5Nv8Bhp5CU7f+RQ9BFhlWjoJXwKsogaIbDoXOv6p8BDrjKbr06X29rqet5mA6OxEChkss1pziGhSkXjRQHAAzYY6/zoFXCCg0Rw5UY0lOTPgbK2AievT3TI4CCZDXrvY5tPQKMssIPTUNwImZ4cwJtuNQRgpGEAA==
Received: from MW4PR09MB9886.namprd09.prod.outlook.com (2603:10b6:303:1f0::5) by SA0PR09MB6537.namprd09.prod.outlook.com (2603:10b6:806:ac::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6954.25; Sat, 4 Nov 2023 12:40:28 +0000
Received: from MW4PR09MB9886.namprd09.prod.outlook.com ([fe80::7f14:9331:f574:8469]) by MW4PR09MB9886.namprd09.prod.outlook.com ([fe80::7f14:9331:f574:8469%7]) with mapi id 15.20.6954.025; Sat, 4 Nov 2023 12:40:28 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "suit@ietf.org" <suit@ietf.org>
Thread-Topic: [Suit] draft-ietf-suit-firmware-encryption-18.txt
Thread-Index: AQHaDLuWPF6AF6HVsUWJdYOCmBq0F7BqHfBd
Date: Sat, 04 Nov 2023 12:40:28 +0000
Message-ID: <MW4PR09MB9886D6A8534C980B281A235FF0A4A@MW4PR09MB9886.namprd09.prod.outlook.com>
References: <cdb450fc-4036-46bd-b1ae-378986b2e993@gmx.net>
In-Reply-To: <cdb450fc-4036-46bd-b1ae-378986b2e993@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MW4PR09MB9886:EE_|SA0PR09MB6537:EE_
x-ms-office365-filtering-correlation-id: 10a51548-9efe-487d-23fc-08dbdd3339f2
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bgovqpMxHBzskY3qY/uI6FFoWnqWNVTQszzbsaBCQ9s+3ZJIQfd0J/Bw/04j6N1mO8zO/EoGI6mD71cfWyACrvWN8wVCs7M5ZpImp8lyLGUM17INnSv/SbWNJwWvDkh8+UQbZV7+EI+xDS9PpK2DgYxbmnLx5/FOEwK79IJyh+qd/5jKmcdsJf/iUBLwSFIuLyqT50H5tSp3VZbRoOOQdPLyoKaoLzJcKWIXqUP2DYETy7YBNk9iMOFO/dgUAYWbEZvH8O6ZW8FYak6M1KRqA4wJm+EDTIcFjVMlbyMn2iuwRkwJVs+j7hK8AysifuSzVn5fgaIBELUmn0m5hC2htE5G2pfDQ5lGOawtdmCz2FLb4TG/THRqin57xzHNTWQmWMrlj9J3eWXDFO4o1J0Y7daru1hC/3x1+qcQB52xhpf5Yg9c3Z+N2BUjDlbIW+qFECohyKblO3c7LVI2xt6DuCn4VLVYampyYNNZKRoWDHjIFhFxknGvwuivo5ilEq3rw+8MR4+UBRQXkkDhehT71TcJCTDjWmT1/GT99rxbaD2PQBYB3XISc9CFOEoqhpIuqqigVNWcuxcwjbfx6CiK7lrti8WyMzQTeND06L34O8o=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MW4PR09MB9886.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(230922051799003)(1800799009)(451199024)(186009)(45080400002)(6506007)(71200400001)(7696005)(53546011)(19627405001)(38100700002)(166002)(83380400001)(55016003)(122000001)(82960400001)(9686003)(8676002)(8936002)(2906002)(33656002)(86362001)(5660300002)(52536014)(64756008)(66446008)(110136005)(91956017)(66556008)(66476007)(76116006)(66946007)(498600001)(966005)(38070700009)(1015004); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 82Bv0AUmVKJ4mDLcrqTFh76FKUlZYGJGQ0Hyk3b1D6J16iH6CqbvKOKm24dKHTOMR2lfU8mj16eW9sTBi4HGachz2E7DehLbnS4wc9LQo1TSDLud3cKSqbjK0+KWAOFQ8N06TbrjmI71gm5jslsGa0SdTU1Uo3mXuTMCEshyBMpBjuzuwfwIrqBVaP9sxDmZ1mPBaKjljw4RdINkLk03IWxRhAcr7bDtIhx71hXHueu8qO6zKQZyZYKDT8hQM0u7o8H1xsbe/N5741BVse9da6jPftru8fzB0yc1CNQFkQ9DONfVeELodoRGwwqty6G28CFjdy0MTN3fiBKax1Ol8MMjrDaKhLCfyCMgqR3bue7j724FhjplDctP2Ocz5XMT/bH6+fRPuXbsFSYf72AcbNSdluTe6DtIonhndzeuT7mvGqBYDmawFLG6sbI2XUMyAqYR3YrDWsfHlURSU++7tGdLtYywvA4d+3XCkTA/cXuTe2NyqDlJduU10gEq8ft0Aaxdc/13dgswkKqt7tuaoYTJWgx41RvavMhnVnoGNcT04Z/n+LaLeivntZaX/ht8tlh6VFz2Sr6pbvyC7++etSvu8VzTQI4VrMSqgd+HLBXc6EDsUa6VeXSu8QxrsnXuomX86Qo4aj6k0Pr0fl9eVOdBEy7xHcZZYb2HzWnfSBWtLLykbTekbQtFPPVLp1/JJlYaYRn/DFI8p34a8/cupYKSeBVd0rgW72JyNeidC6b4DI8tAA+NG2xhIGBP+SZmB5yicoqimqpvy4KIJYrijbWEUnWnaFLKF3P8zSKP5uBt49vLsMgLD4yHa0eB6F8LiLuxWuJ7L+qVaSccfpatlWzS3lCEKQQKJJLsxxsL4yMY1NvC9lMNS8ewQOxCDRuK+ffyew70rjQollh7Lw5hz9u1ByWAzyqGS4QTwFMV+/Q3y0nRfyB8aY6ebTHOwB7WifiGJ9LCnyoz0+bOS5pd2u43hepa2xmLuo29S2N5pg/3T7uebJbtCpQ1F2V27FOaEDjtsh6SxzzjMUp5oRILANq8WVMGDKeTPlJ+lPS7N4rPCQUDr5C+C3lS/z08Z0dg0MxnzdreIT6HX4vZ7dFniCbhOXkFQ+3akbH7O1p3FvjCWHyS/ByoUejSGcC7D8y3YdEwsmbwv7HLyN7wDU6KfqshbZqUda8w8/PJmllxBb/yEK2WMzpWkHGhQYiBxbaCINWQlISzMSsbNbHbx5hI4OAdL/nEDagivIVITXWDLZZ5T6Jxs2olD8qr5RloSh9WW424/It7ZaSH/837jRJjAyOf7fZCWhRr2FjuQ3ekTj1uvZSwWWtzlGV4P4GFv8uac3WPMgHH9DohTbY6//DHdBj3sZXJ3NtifDOOx+gDUPRpwA40KLzZFu9PZeFLLNHLkf66rrci9PkJT4KoQyvav/Ju0YiWz1GsI/TosWU0BglhZ3IvIYNhtWYzSygJK7RTkNKQVcVy+FSIFy60o+AD9fjzzPNAAlO0lzrTVNoCnoyhwh7fHcdBn2TP0Of0obntbgbdHNI9ic+NXRSXoUEdD89gldIMtzFmIZx5tuRkp9YG7QkG/h0c8c7okhInzY3j
Content-Type: multipart/alternative; boundary="_000_MW4PR09MB9886D6A8534C980B281A235FF0A4AMW4PR09MB9886namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW4PR09MB9886.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 10a51548-9efe-487d-23fc-08dbdd3339f2
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2023 12:40:28.7832 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR09MB6537
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/EGdINHiHR3CSpfaU8SCvK7A3vaA>
Subject: Re: [Suit] draft-ietf-suit-firmware-encryption-18.txt
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Nov 2023 12:40:35 -0000
Hannes, Many thanks to you and your co-authors for the hard work on this since July. The summary of changes is also appreciated. We have time for this draft on the agenda. Please post slides ASAP to the datatracker. Thanks, Dave ________________________________ From: Suit <suit-bounces@ietf.org> on behalf of Hannes Tschofenig <hannes.tschofenig@gmx.net> Sent: Wednesday, November 1, 2023 8:04 AM To: suit@ietf.org <suit@ietf.org> Subject: [Suit] draft-ietf-suit-firmware-encryption-18.txt Hi all, the firmware encryption draft has seen a lot of updates since the last IETF meeting. This is partially due to the WGLC issued by the chairs (see https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarchive.ietf.org%2Farch%2Fmsg%2Fsuit%2F8neAh2-H2cZ_Uzqs4FY1x9_42sM%2F&data=05%7C01%7Cdavid.waltermire%40nist.gov%7Cb5d1398d57c4426c71fa08dbdad2b7bf%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638344370786975480%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=pcLrVa1XCN4VydZ9%2FI%2BHZyHazdnqB7oZKqVMQvF%2BDFM%3D&reserved=0)<https://mailarchive.ietf.org/arch/msg/suit/8neAh2-H2cZ_Uzqs4FY1x9_42sM/> and the responses we have received afterwards. Thanks again to all reviewers. We submitted in total 5 (!) draft updates since July. As expected, the diff is fairly large and hard to read: https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl1%3Ddraft-ietf-suit-firmware-encryption-13%26url2%3Ddraft-ietf-suit-firmware-encryption-18%26difftype%3D--html&data=05%7C01%7Cdavid.waltermire%40nist.gov%7Cb5d1398d57c4426c71fa08dbdad2b7bf%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638344370786975480%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=4YgrjBW1biDEkk0PZ%2FecuMq8D6wDpRfLZSiWlyKTND4%3D&reserved=0<https://author-tools.ietf.org/iddiff?url1=draft-ietf-suit-firmware-encryption-13&url2=draft-ietf-suit-firmware-encryption-18&difftype=--html> In summary, we made the following changes: * The context information structure was changed based on the discussions at the San Francisco IETF meeting. This required updates to all examples (and consequently to the code). * More examples have been added, which now use AES-CTR and AES-CBC in Section 7 regarding the use of firmware updates on devices with flash memory. There are now also complete examples with ES-DH in addition to AES-KW. Big thanks to Ken for writing the AES-CTR/-CBC code to produce the examples! * Countless wording changes and editorial improvements. The document is getting very close to completion (from the WG point of view). I would like to request a presentation slot to discuss the remaining reviews/open issues (which can be found at https://github.com/suit-wg/suit-firmware-encryption/issues). Ciao Hannes _______________________________________________ Suit mailing list Suit@ietf.org https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsuit&data=05%7C01%7Cdavid.waltermire%40nist.gov%7Cb5d1398d57c4426c71fa08dbdad2b7bf%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638344370787131718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=eMhcKZAyZtQuekyNg0zot2LoYcnDY%2FrAQygcZncSrPg%3D&reserved=0<https://www.ietf.org/mailman/listinfo/suit>
- [Suit] draft-ietf-suit-firmware-encryption-18.txt Hannes Tschofenig
- Re: [Suit] draft-ietf-suit-firmware-encryption-18… Waltermire, David A. (Fed)