IETF Logo Mail Archive

Re: [Suit] next steps in clarifying scoping terminology for SUIT, CoSWID, MUD and SBOM

Brendan Moran <Brendan.Moran@arm.com> Thu, 11 June 2020 13:15 UTC

Return-Path: <Brendan.Moran@arm.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E42F93A0848; Thu, 11 Jun 2020 06:15:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=hW9uvNQI; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=hW9uvNQI
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j-Ar52rhDBTK; Thu, 11 Jun 2020 06:15:52 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30040.outbound.protection.outlook.com [40.107.3.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4D53A0846; Thu, 11 Jun 2020 06:15:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d1g0m/XYjHeLsyaceBylpHWA0QPKyrOO2MHoR9MreYI=; b=hW9uvNQIC3Y9F1Z4cdvzwz2F9WcWeD6gBPN6wKE0sjTPPNGYNqZfPZ+ODWiykK7oWfpdn0Tv2YO9STfvIsPkrOgCKAFcdcMhqyOGApmFWjz1nmVwyvRS/YLJ1ZgJoB5T018PLNnFHBr7HWa0Xh0uNGTZYTbgF6q/Y/7KuUTxn30=
Received: from DB6PR1001CA0038.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:4:55::24) by AM6PR08MB3687.eurprd08.prod.outlook.com (2603:10a6:20b:90::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.22; Thu, 11 Jun 2020 13:05:46 +0000
Received: from DB5EUR03FT029.eop-EUR03.prod.protection.outlook.com (2603:10a6:4:55:cafe::18) by DB6PR1001CA0038.outlook.office365.com (2603:10a6:4:55::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3088.19 via Frontend Transport; Thu, 11 Jun 2020 13:05:46 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT029.mail.protection.outlook.com (10.152.20.131) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3088.18 via Frontend Transport; Thu, 11 Jun 2020 13:05:46 +0000
Received: ("Tessian outbound d3ae83885012:v59"); Thu, 11 Jun 2020 13:05:46 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 6c162a60e6eef2b5
X-CR-MTA-TID: 64aa7808
Received: from 65b4090cd417.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 01DC19CD-C41E-4A73-9A79-819DE6B9AF54.1; Thu, 11 Jun 2020 13:05:40 +0000
Received: from EUR01-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 65b4090cd417.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 11 Jun 2020 13:05:40 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i7cP5zwz3eROqsAc1oZVM7ShyrPZscRI+JOeVyfV1oZ98WEBte253xwMPxFhqJWaDY3frebM4Flbez3ASAEzPL3lYszz3yJ7wPzhzyZH3nFBnH0LZiXvfesaQpqJp5XBCzb9O2lFgVjvisygBfoSBlvBwfykc9YlkwN2JCCWeBDdq9XDk59ln8BaILHVOijkJaYfxA9BOYlbWlolBkkvog8+M97CvKvAugIsj8Dxu5C5bB0uQo3bQEIq0x2RvdfM4jU8XJQcxnl0wat2wtGtk7Aa6Np4IwRDBwb2g0hFjiTNuyAYZ3ruUixqYveOcBz+eoC7e4fW+jJ1Be/0FsHAnQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d1g0m/XYjHeLsyaceBylpHWA0QPKyrOO2MHoR9MreYI=; b=ZbsLVvNXtfWq+dPX09srFx0CLKdknaYkPzp9VtMnlqSMiNhR0kaujhpE0HZpgBs8y+ZGCRpufnD/W2kAFBcNefFiKb5MCOq+myNaFK7R2sCXrNLNF+mLn3tAcL6hCMjnm6r+cAhtXD0CCw9oFqjfSICBOSEg8OjaxwmghSAl0eLUZNq54z/iRk2u6rlcOM77x6XhMR3icH8ht8fkXQFBh6InzoJ0RBFboOpPis6OSqKwutar8WgOYR855Hdog5d5of14f/KVqRKt3zbY2PK/3ZLeRblWzPaLW/s3TWA44qAaq+zVZucLyN4+9YT5Qp4A0tHrsWgHu5iqpIVvrQFx1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d1g0m/XYjHeLsyaceBylpHWA0QPKyrOO2MHoR9MreYI=; b=hW9uvNQIC3Y9F1Z4cdvzwz2F9WcWeD6gBPN6wKE0sjTPPNGYNqZfPZ+ODWiykK7oWfpdn0Tv2YO9STfvIsPkrOgCKAFcdcMhqyOGApmFWjz1nmVwyvRS/YLJ1ZgJoB5T018PLNnFHBr7HWa0Xh0uNGTZYTbgF6q/Y/7KuUTxn30=
Received: from AM6PR08MB4738.eurprd08.prod.outlook.com (2603:10a6:20b:cf::10) by AM6PR08MB4277.eurprd08.prod.outlook.com (2603:10a6:20b:bd::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3088.23; Thu, 11 Jun 2020 13:05:38 +0000
Received: from AM6PR08MB4738.eurprd08.prod.outlook.com ([fe80::208a:431d:b171:9615]) by AM6PR08MB4738.eurprd08.prod.outlook.com ([fe80::208a:431d:b171:9615%3]) with mapi id 15.20.3088.022; Thu, 11 Jun 2020 13:05:38 +0000
From: Brendan Moran <Brendan.Moran@arm.com>
To: "lwig@ietf.org" <lwig@ietf.org>
CC: suit <suit@ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>, sacm <sacm@ietf.org>
Thread-Topic: [Suit] next steps in clarifying scoping terminology for SUIT, CoSWID, MUD and SBOM
Thread-Index: AQHWPnkQm/aOMbyY1EGQQ+xNuyHWm6jTZQ2A
Date: Thu, 11 Jun 2020 13:05:38 +0000
Message-ID: <018B67EC-89A6-4880-99E2-1A3FAB5960E4@arm.com>
References: <22789.1591719213@localhost>
In-Reply-To: <22789.1591719213@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
Authentication-Results-Original: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
x-originating-ip: [82.20.19.206]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 112cf3d0-cd5c-4ebb-bcf7-08d80e0827c1
x-ms-traffictypediagnostic: AM6PR08MB4277:|AM6PR08MB3687:
X-Microsoft-Antispam-PRVS: <AM6PR08MB368735079D33BFFE60A11D06EA800@AM6PR08MB3687.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 0431F981D8
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: Qt6hJSNxrOwBYAJ1MoaeMieWsicuGhHsc3fkqVKv1Lg5hHvbK4KM1EH8pYDzMyLlFE08b0fZDzc9k1sz85Kv/kVQxwHoleAq9nsmMxallNRdGzhVS7zobn0D9ravHqHCwJ+RTi73ciaC6TDwxMowNbKRZwlDbshi0Ocr+4Rz2sN3SvnUxFiYc2c3DsDy7CSrPX2Lj/3koCrE+Rj9xnh7tU8mwMd1cpdhPg0qpecxY4L8J18uSDsyEnsX9sIwDfjdBWiUGlO/KDSm4O+nPGfmL0XzPBR/zp2Dzp0DkHiaR6HYor3JAFdjzTCC8ap6Ole7Nh+WlFI3Publ3rO7m46wEjc6uY2FzBeJ8RFJr5nhp74gAT0pmw3l5/iS24l1tWLB+jRUlgJKeak7ROatsPc/hA==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB4738.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(136003)(376002)(346002)(366004)(396003)(54906003)(316002)(71200400001)(6486002)(8936002)(8676002)(478600001)(966005)(66946007)(33656002)(53546011)(6506007)(64756008)(66476007)(83380400001)(66446008)(6916009)(66556008)(186003)(26005)(86362001)(76116006)(36756003)(450100002)(91956017)(5660300002)(4326008)(2616005)(2906002)(6512007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: GfruVRGD5fnDAVMHl2gieFCWMHJHyWmqgq6Te2YNeptaeUQ/FWv4oMqMZAJqt1I1PQBDKil8cYKymi9/Z6wbdFMEOTQJWO0ViixpLIx5TlwTwsWU6TkqvAjcxUYkwBx+xGCvwUv41203R9gMuHWo01qHPXaEwJjesuRaDdVeKVXtzhADuWVhpyFjvRL127gU2lqYuujHQWEIgYWWcTZc+iDuxp8zj5EA5s1rYQxRYOc+r4KaLbVN2YZ2exjYoiv4/7rgJosea27CbbuqQXZPYN5Lt541qcycd4qns1WJaCNdNXqprKQg2dtZ2n4pVL9xsiSjJ6IQTLQns4fs9CeF+acUvP/HbDYH2xmrLmyFd3F5R0DPkLGHzLhmjQ5Ttj2p9sZYjt2CmudqUJENFephXbw9uQrrExnHR8iZOswa5Lljo/5WMFDzB9CBmF+WOzG33Rb0Dm++GQt8goWjZ9LBNMMFD1to5mHfEO8qTA9MRaE=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-ID: <5DCC91CA94F17C4E83125D69E2032CD1@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4277
Original-Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT029.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(396003)(376002)(346002)(136003)(39860400002)(46966005)(54906003)(70586007)(2616005)(82740400003)(33656002)(47076004)(83380400001)(6512007)(82310400002)(316002)(186003)(8676002)(4326008)(336012)(450100002)(81166007)(70206006)(5660300002)(6506007)(53546011)(356005)(26005)(36756003)(6916009)(478600001)(966005)(8936002)(86362001)(6486002)(2906002); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 9badeaae-2cb2-4b80-4b4e-08d80e082338
X-Forefront-PRVS: 0431F981D8
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Ob80s9AZBpSGacwkh2mYL+RstS+2CAyFPaBKDC1DcEO2pEsZA6yf+e4rrshaTxBx5AHWMETf9n5hpjty6POKuGbZZsuDJ7veO792jprOagv7Yz7Ofl1jbvg5RoQLIlFpGlYHBq0XaBCsNkZo2j7wi67jfUpjTR26Hqv8Eg7b2GNY1mOt7YagHOvtAkfdkhyBzLS1hwTWA0znqPyiMEuxUgHsIdupGj9jGHLIBSIaeL1Iz1RmjRpfZtkHmiG4bQ40RJfPCPNyA8TF40YTIlAdyMlue04BCZPnjklE4qtObAcilvoRdZOK8+xe7AN9LdMQNfbKKcAjj+ngAZPv9RdAcMbvXR3/gWVM7bpX58rNbJwMirhSHcZ9+LGxU5UVexSg7uoHy7wqinK/5ox//Zjtzz1e9Ou7ydeItV+UAl8C5ntHXHCC0R0wdm0kdN94X7Q6KoltwIsy3T1eAgRdv/irxRKFl0q0uPNhqV1kQlBqH1U=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Jun 2020 13:05:46.2310 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 112cf3d0-cd5c-4ebb-bcf7-08d80e0827c1
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3687
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/UOrRdt20Ukd0EcpPLHhS-ax0RoQ>
Subject: Re: [Suit] next steps in clarifying scoping terminology for SUIT, CoSWID, MUD and SBOM
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2020 13:15:55 -0000

I think there may be some misconceptions about SUIT here.

The SUIT charter says:

> This group will focus on defining a firmware update solution (taking into
> account past learnings from RFC 4108 and other firmware update solutions) that
> will be usable on Class 1 (as defined in RFC 7228) devices, i.e., devices with
> ~10 KiB RAM and ~100 KiB flash. The solution may apply to more capable devices
> as well.

The suit manifest does, happily, apply to more capable devices. The suit manifest is, in principle, being adopted in TEEP, which targets more capable devices.

Certainly, the design of suit was explicitly intended to target Class 1 devices, however I am not aware of any missing feature or any missing functionality that would inherently restrict SUIT from being used for many component, high capability systems.

I see no inherent problem with using suit manifests to deploy smartphone apps, docker containers, VM images, linux packages, kernel images, recovery partitions or bootloaders.

Please could you explain what the problem you see is that would make suit inappropriate for smartphone apps or many-component systems.

Best Regards,
Brendan

> On 9 Jun 2020, at 17:13, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>
>
> {I've set the reply-to to lwig, which I think is appropriate}
>
> SUIT aims at devices where the firmware can be updated as one (or a counted
> on fingers few) blob.  This is a good constraint, and because it's a "few"
> blobs, the edge isn't overly sharp.
>
> For instance, we have a common understanding that while SUIT is inappropriate
> for Smartphone APPs, it is appropriate for the core "System", "Rescue" and
> "Radio/Broadband" images that are typical for phones.
> Such smartphones do not fit into RFC7228, and yet they are not "unconstrained"
>
> We constrast SUIT to devices where the is potentially many packages that
> can be updated, up to and including the Linux/Windows desktop/server
> environment where there are potentially thousands of packages.
>
> In RFC7228, we described a series of useful terms and classes, and we have
> repeatedly come back wishing to have some notions of "class 3+" to describe
> classes of more capable devices, up to and including "classic" desktop and
> server OS installations.
>
> I think that as we move towards dealing with SBOM concepts (whether via
> CoSWID, or in liason to IoTSF and/or NTIA) that it would be useful if we
> worked on an rfc7228bis (or a companion document: nothing wrong with 7228 really),
> that allowed us to speak more intelligently about different classes of
> devices.
>
> I believe that this should go to the point of having an IANA Registry
> for the class types, and that RFC8520(MUD) and maybe CoSWID would want to
> assert such a thing.  And probably into some other netmod protocol.
>
> Given device FOO on one's Enterprise network, which seems to have a
> vulnerability, how does one upgrade it?
>
> Forklift? JTAG cable? OTA via custom protocol? OTA with SUIT?
> "apt-get"? "windows-update"? Can device download while it is operational?
>
> For instance, my impression is that 90% of Industrial/Smart-City IoT devices
> in a space way above class 2 (a class 4 or 5!) which are essentially a
> RPI/Grapeboard/equivalent.  In the *best case* running a Yocto build with
> many many input packages, but only a single image on the output.  In a worst
> case, they are literally Raspberry PI running Raspbian, and dpkg, with
> the resulting SDcard getting cloned.
>
> These devices are hardwired/cabled manually, or experience two-touch
> onboarding to WiFI or Lora... and they talk back to some cloud provided
> system that itself may have an unknown set of packages.
>
> The SBOM situation could not be worse: it would not surprise me to find
> gnutls, openssl and gpg crypto on the target system, each with their
> own copy a RSA and ECDSA encrypt,  and should some new oracle/etc. kind
> of attack to come along, that devices in the field will be completely
> unevenly patched.
>
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
> -= IPv6 IoT consulting =-
>
>
>
> _______________________________________________
> Suit mailing list
> Suit@ietf.org
> https://www.ietf.org/mailman/listinfo/suit

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email