IETF Logo Mail Archive

Re: [Suit] Surprising push back on the need for a customer to verify the trust relationship between a software supplier and software signer during digital signature validation on signed code

Laurence Lundblade <lgl@island-resort.com> Fri, 11 June 2021 19:12 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 860A53A118F for <suit@ietfa.amsl.com>; Fri, 11 Jun 2021 12:12:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sGVgU3Nt0iUT for <suit@ietfa.amsl.com>; Fri, 11 Jun 2021 12:12:25 -0700 (PDT)
Received: from p3plsmtpa07-05.prod.phx3.secureserver.net (p3plsmtpa07-05.prod.phx3.secureserver.net [173.201.192.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B4BE3A1165 for <suit@ietf.org>; Fri, 11 Jun 2021 12:12:24 -0700 (PDT)
Received: from laurences-mbp.lan ([66.75.226.193]) by :SMTPAUTH: with ESMTPSA id rmZnlxP7jdOvmrmZplVT7S; Fri, 11 Jun 2021 12:12:22 -0700
X-CMAE-Analysis: v=2.4 cv=ep4acqlX c=1 sm=1 tr=0 ts=60c3b596 a=OzioJMgUBeUwR0bSiUZaCA==:117 a=OzioJMgUBeUwR0bSiUZaCA==:17 a=Bdk5y5bkLMlwFYwr:21 a=WOIJDy4HAAAA:8 a=7CQSdrXTAAAA:8 a=48vgC7mUAAAA:8 a=N3cV3U-FDv1ITlag-0oA:9 a=QEXdDO2ut3YA:10 a=1mu1EmazcPUw2CwM:21 a=_W_S_7VecoQA:10 a=iBVYX6SDV-quVgkUmf4t:22 a=RH9Et_pqK2yyrEzRTb3T:22 a=a-qgeE7W1pNrGK8U0ZQC:22 a=w1C3t2QeGrPiZgrLijVG:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <C17B1A8C-9CD6-41E0-B887-2EDA8966C16E@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_806DE70D-1182-414A-BEDC-254CDB2CC3D3"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Fri, 11 Jun 2021 12:12:18 -0700
In-Reply-To: <CAMm+LwjOttzKEA8=BkLJw1-n8RthEtYwToiUkix8=83c-TnkQw@mail.gmail.com>
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, suit <suit@ietf.org>, Russ Housley <housley@vigilsec.com>, "dick@reliableenergyanalytics.com" <dick@reliableenergyanalytics.com>, Brendan Moran <Brendan.Moran@arm.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
References: <0f9601d75adf$5856cf50$09046df0$@reliableenergyanalytics.com> <DBBPR08MB59155DB5DBE123F55B25894BFA359@DBBPR08MB5915.eurprd08.prod.outlook.com> <CAMm+Lwg36Y-tpB+XTwYYpC3psCNEj3O33BzrnzzC8gtMjgkD3Q@mail.gmail.com> <DBBPR08MB5915A4EAB8B59778AD9DCAD9FA349@DBBPR08MB5915.eurprd08.prod.outlook.com> <CAMm+LwjOttzKEA8=BkLJw1-n8RthEtYwToiUkix8=83c-TnkQw@mail.gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
X-CMAE-Envelope: MS4xfB2Lxdv5R/N/Saf6Jy4il0XjXBXZLEA1T3JbslPzY5o4HVIuoZYSf1XYaI4BqahHp3X2xSmDCmUB9y3VQQKX7wsyvufhy7wMvAOEJlme6EMy1nPCxr1U B6RzrSAZ8mWWBcbSx3qETayHkYbU8gCszVBh/Q8midtuMb8IU1J1iDWxkH87ddYKFUICH+fBELDHL0loIKqNWR9dULnVvxQQZoTDtMOvn0OzTu0iYf55Tu6B kcsrVEbtq2GctS9ka2/u6YxPuQUMZUqN4Kd7nhqBJHufEBfm3UW4YjUhpJBbxbYyLYHx62i5CQ+l4DBU9YdsDn0lhdnb5KeXKsyI0vhqWKw2u8FEHd6n0E/S 2mm8NbRk7qQMVO5+lsX8rjA+/awlAw==
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/Oo3AKSMIiVm7BAYJFOyyU56xHCE>
Subject: Re: [Suit] Surprising push back on the need for a customer to verify the trust relationship between a software supplier and software signer during digital signature validation on signed code
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2021 19:12:29 -0000

Maybe this an operational, marketplace, policy and certification issue that is often use-case specific?

Apple decided that everything on an iPhone is signed and manages the ecosystem

Google did the same, but a little different.

Certification of FIDO authenticators at higher levels requires SW be under control of the authenticator vendor with signing being a good way to do it.

Maybe GlobalPlatform should run an TEEP certification program that requires signing.

Individual industries, like automotive, industrial infrastructure and such can come up with their operation requirements and/or certification programs.

Maybe Linus can say how signing should work on Linux and get enough momentum to make it happen.

It seems hard for an organization like IETF to know the details of all the use cases and to have enough leverage to make this happen. It doesn’t seem that effective to try to put policy into security considerations.

LL


> On Jun 11, 2021, at 11:39 AM, Phillip Hallam-Baker <phill@hallambaker.com> wrote:
> 
> 
> 
> On Fri, Jun 11, 2021 at 2:34 AM Hannes Tschofenig <Hannes.Tschofenig@arm.com <mailto:Hannes.Tschofenig@arm.com>> wrote:
> Hi Phil, 
> 
>  
> 
> a few clarifying questions. 
> 
>  
> 
> What is a “trustworthy credential” for you?
> Who is the “provider” here?
> What do you mean by “Must identify such machines”? Are you saying that the software / firmware update must identity the machine it applies to?
> When you say “Every software distribution MUST be signed without exception” are you trying to distinguish between the signing the software vs. securing the distribution? With regards to the exception you are not talking about what happens during manufacturing.
> 
> I am distinguishing between Sign ( Zip (files) , k) and Sign (files, k).
> 
> Authenticode only signed the software distribution package, most of what has followed has done the same. That is a useful control of course because an installer is an executable that runs on the machine. But it is necessary but not sufficient: Every executable, every piece of installed data should be signed without exception.
> 
> On the other issues, well it totally depends on your application and your regulator. In the aftermath of Diginotar we had a lot of discussions of what should be subject to audit. My position was that is actually something the CA decides. Basically, the CA can define their boundary to be anywhere they like, that is purely a matter for them to decide. 
> 
> The catch here is that if you are going to show that your practices meet your policy, then you have to show that all your cert issuing machinery is subject to audit. Contrawise, the more of your machinery you stick within the audit boundary, the harder time you are going to have showing it is secure.
> 
> I would apply the same approach here. The pipeline provider etc. has to show that its operations are secure. I am not going to write a list of what they have to pur inside or outside of their security perimeter, I am merely saying that they have to define one, they have to show that all the necessary operations are inside it and that everything inside it is sufficiently secure.
> 
> If we are talking about a pipeline then CABForum EV certs are probably sufficient. For civil nuclear, I would consider that a starting point, I would want all software to be signed under a cert that was individually enumerated and credentialed. 
> 
> It is worth pointing out that the reason colonial pipeline was affected so badly was probably that they were sending multiple types of fuel down the same pipe in batches. That game is only going to work if you can absolutely guarantee that you aren't going to put the load of tar into a tank full of top grade aviation fuel. So their problem probably wasn't on their actual operations side itself, the thing they were looking at. They had not understood that the database of what fuel is where was actually critical to operations.
> 
> 
> On provider, I am being deliberately vague because sometimes the provider is going to be the developer, other times it isn't. A large amount of Ubuntu packages are signed by the people who are putting the packages together who are not the actual developer. This third party work does have value in that there is a curation process going on there and it is possible to imagine mechanisms whereby detected insertion of malware could be revoked. But we don't have those at this point of course.
> 
> _______________________________________________
> Suit mailing list
> Suit@ietf.org <mailto:Suit@ietf.org>
> https://www.ietf.org/mailman/listinfo/suit <https://www.ietf.org/mailman/listinfo/suit>

v2.23.0 | Report a Bug | By Email