Re: [Fud] My notes
"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Thu, 20 July 2017 15:23 UTC
Return-Path: <david.waltermire@nist.gov>
X-Original-To: fud@ietfa.amsl.com
Delivered-To: fud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04108131C43 for <fud@ietfa.amsl.com>; Thu, 20 Jul 2017 08:23:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3NQdkjqSYUne for <fud@ietfa.amsl.com>; Thu, 20 Jul 2017 08:23:10 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0133.outbound.protection.outlook.com [23.103.201.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20C0C131CE6 for <fud@ietf.org>; Thu, 20 Jul 2017 08:23:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=LmSh4S46Up6WPXExaP4//HiqaVKWPVlbztT+N8bnwUY=; b=YKanAUe/rE6TpPGGGU1pTXCphbe60ypnlFfL9glzUj2//y1cTsjXY89JXv3jN9W4WWx9QU0tSGl5BZWSNkumrfs24BybBGZUcYlIkd56S/RWu5XiH3AbvN37OtuBmZmfV/pyVM6s6HalmWVRhqGhv3yMlRBYqaC//iXAny/NqHA=
Received: from MWHPR09MB1440.namprd09.prod.outlook.com (10.173.50.14) by MWHPR09MB1438.namprd09.prod.outlook.com (10.173.50.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.13; Thu, 20 Jul 2017 15:23:08 +0000
Received: from MWHPR09MB1440.namprd09.prod.outlook.com ([10.173.50.14]) by MWHPR09MB1440.namprd09.prod.outlook.com ([10.173.50.14]) with mapi id 15.01.1261.024; Thu, 20 Jul 2017 15:23:08 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "fud@ietf.org" <fud@ietf.org>
Thread-Topic: [Fud] My notes
Thread-Index: AQHTAWp8EkyFkNMNIU2E7nW5X9HxBaJc1SdF
Date: Thu, 20 Jul 2017 15:23:08 +0000
Message-ID: <MWHPR09MB1440667DAD8CBE9AC9DDCC45F0A70@MWHPR09MB1440.namprd09.prod.outlook.com>
References: <ad75252e-1e87-6efa-6a46-b3994a1c7535@gmx.net>
In-Reply-To: <ad75252e-1e87-6efa-6a46-b3994a1c7535@gmx.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmx.net; dkim=none (message not signed) header.d=none;gmx.net; dmarc=none action=none header.from=nist.gov;
x-originating-ip: [2001:67c:370:128:b5a6:c156:31d7:2673]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR09MB1438; 7:C1dLJDh+i7DzTDyXHSUFMPuLSvAWbK5iTciCqtS+cX8JVknru91mlYKP7ozfhdlLvJSkPfnHeUJuXnnoxehWuIfJ+ThUbXnXKQz9t35A9knXpKsm/N8I+UBmK01j+GhjmV2t/FK9/jGZjxKvencSykknaSNi4L2N5XuEFeUqp0ruCZSE81jzg9Rh97ZWXaUV6PncQ/3LlcNoRYiob91mtiLH3F2aafL3lLNHuGy+WnDFHZBxq5+bC2+gDTJRJI6N0WQcuccBtjk6Lv9wvJE45HRxNFuU3uh3RS2VuAj6+ZWdHoHrB9dYAbYjCJTSxCZY7/L6hbSH9WLA6IzE5qw8uKk87MKu9/Gj9QxnpLXYxXTC2lVG6WSBmN8rphBrjGW6MZMEIXXC6GkTvlmSDkpjtzg8vxDXC1G+xR/Tg2eG8kcA66w9J1SaF9rTlD/6dQpunO5Jjd1+oBZEVguVjsj+/MCJptALU7V3Be/Rk0MeolDQwtw1DppU37F9qWTtvSDs6jREeWCMqEfa4zjmRjJQLAMDBG47klgQgC2s1vDNv+/E4SDIREitZ0x2jZ0Ni0JvS1N4Qgj59/o71E8eWOadZfaoBaJPLlCBO7Jl+/Ksk5DuLUHlbJiDuTdXUV83PimvcV8VYEeWbK1wFSp5rTA7lryKaI5faSBBZB0GSygtbv0RWe64RfDleybsH7xuNSq7I5SExX2PVAPsMnYd3c2j1h+0g+GilprHOoHyaFOShbdZ/VU0XG+rO/l/LaQyiP1VbK5JoB+uQuij2sgF9oy33OvWZllSwD6ARVSFZkX5/yY=
x-ms-office365-filtering-correlation-id: b6c13b40-4152-4298-cb4a-08d4cf8339f5
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(48565401081)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:MWHPR09MB1438;
x-ms-traffictypediagnostic: MWHPR09MB1438:
x-exchange-antispam-report-test: UriScan:(278178393323532)(158342451672863)(133145235818549)(166708455590820)(26388249023172)(236129657087228)(192374486261705)(248736688235697)(167848164394848);
x-microsoft-antispam-prvs: <MWHPR09MB143849627D1FA339814BB387F0A70@MWHPR09MB1438.namprd09.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(2017060910075)(3002001)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(20161123560025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123564025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:MWHPR09MB1438; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:MWHPR09MB1438;
x-forefront-prvs: 0374433C81
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39840400002)(39850400002)(39400400002)(39860400002)(39410400002)(39450400003)(377454003)(76176999)(50986999)(99286003)(55016002)(9686003)(236005)(6506006)(86362001)(38730400002)(2950100002)(74316002)(3280700002)(2906002)(6436002)(53546010)(77096006)(33656002)(5660300001)(606006)(6246003)(54356999)(8676002)(7736002)(54896002)(478600001)(229853002)(2501003)(81166006)(3660700001)(6116002)(25786009)(2900100001)(53936002)(14454004)(966005)(7696004)(8936002)(6306002)(189998001)(102836003); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR09MB1438; H:MWHPR09MB1440.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR09MB1440667DAD8CBE9AC9DDCC45F0A70MWHPR09MB1440namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jul 2017 15:23:08.4126 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR09MB1438
Archived-At: <https://mailarchive.ietf.org/arch/msg/fud/NUYU5k9IDFtcjHt3HBxioDrRjSE>
Subject: Re: [Fud] My notes
X-BeenThere: fud@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: FUD - Firmware Updating Description <fud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/fud>, <mailto:fud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/fud/>
List-Post: <mailto:fud@ietf.org>
List-Help: <mailto:fud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/fud>, <mailto:fud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2017 15:23:13 -0000
Thanks Hannes! Dave ________________________________ From: Fud <fud-bounces@ietf.org> on behalf of Hannes Tschofenig <hannes.tschofenig@gmx.net> Sent: Thursday, July 20, 2017 11:11:19 AM To: fud@ietf.org Subject: [Fud] My notes A small group attended the informal FUD meeting today and I started with an explanation of what we had been doing with firmware updates at ARM by going through the two documents I recently submitted. The manifest format is inspired by RFC 4108, uses asymmetric crypto only, and an ASN.1-based encoding. (Not in the scope of the standardization effort in FUD is the actual delivery mechanism but we have been using LwM2M.) We spoke about the difference between a software update mechanism and firmware updates and Emmanuel (working on the RIOT OS) mentioned that they have use cases where IoT devices run an embedded version of JavaScript and need to also get code/scripts in addition to the firmware and he wants to have that use case covered as well. In this context the issue of the class of IoT devices we are targeting and Emmanuel argued that we should aim for class #1 devices (based on RFC 7228). This means ~ 10 KiB RAM and ~ 100 KiB flash. There have been doubts whether this is possible. Henk posted a link to the mailing list pointing to the firmware manifest description based on RFC 4108. Here is the document: https://tools.ietf.org/html/draft-ietf-sacm-coswid-02#appendix-B So, we looked at the SACM COSWID work and were wondering about the need to also support alternative encoding formats for the manifest (in addition to an ASN.1 format), such as CBOR. Erik Nordmark asked for a more detailed threat description and we talked about the threat where an attacker blocks access to the update server. This lead to a discussion about what we should cover in the architecture document even if it is outside the scope of the standardization effort of the manifest format itself. Russ suggested to also take hash-based signatures into account (see https://tools.ietf.org/html/draft-housley-cms-mts-hash-sig-07 and https://tools.ietf.org/html/draft-mcgrew-hash-sigs-07), as it was already suggested at the IOTSU workshop. There was an agreement among the participants that we should explore this option. Russ argued that the performance is for verifier is good. The signature size is rather large in comparison to an ECDSA signature but given that the firmware image size it may not matter much. Steve mentioned ongoing activities by NTIA about firmware/software updates that are relevant to this effort, namely "Multistakeholder Process; Internet of Things (IoT) Security Upgradability and Patching" https://www.ntia.doc.gov/other-publication/2016/multistakeholder-process-iot-security We talked a bit about the use case where a device consists of multiple microcontrollers that all need to be updated and how the individual components are identified and how this use case is captured within the manifest. The 'dependencies' attribute was used in the draft-moran-fud-manifest-00. Finally, we spoke about the next steps, namely (1) reaching out to various IoT OS developers and middleware providers. We need more implementers of this technology in the group. Emanuel promised to send a message to the folks from the Contiki OS and the MCUBoot project (see https://github.com/runtimeco/mcuboot). I will reach out to the guys from the IAB IOTSU workshop and to ARM partners. (2) starting to draft a charter text with the focus of standarding a manifest and to capture the overall architecture. The plan is to charter a working group before the next IETF meeting. _______________________________________________ Fud mailing list Fud@ietf.org https://www.ietf.org/mailman/listinfo/fud
- [Fud] My notes Hannes Tschofenig
- Re: [Fud] My notes Waltermire, David A. (Fed)