Re: [Suit] Manifest-07 review

Henk Birkholz <henk.birkholz@sit.fraunhofer.de> Wed, 24 June 2020 13:48 UTC

Return-Path: <henk.birkholz@sit.fraunhofer.de>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D16043A0DD1 for <suit@ietfa.amsl.com>; Wed, 24 Jun 2020 06:48:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JpsuogAU9UpC for <suit@ietfa.amsl.com>; Wed, 24 Jun 2020 06:48:40 -0700 (PDT)
Received: from mail-edgeKA27.fraunhofer.de (mail-edgeka27.fraunhofer.de [153.96.1.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB2D13A0DE0 for <suit@ietf.org>; Wed, 24 Jun 2020 06:48:38 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2ERBgAwWfNe/xoHYZlcBwMcAQEBAQE?= =?us-ascii?q?BBwEBEgEBBAQBAUCBSgKBeYEegTMKhBqDSY0fJZoZgUIdCQsBAQEBAQEBAQE?= =?us-ascii?q?GAQEYDQgCBAEBAoFRF4JdAoIXASQ4EwIQAQEGAQEBAQEGBAIChkQMQhYBgnx?= =?us-ascii?q?9AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQUCCDsZHx0?= =?us-ascii?q?SAQEdAQEBAQIBAQEhDwEFNgIJBQcECQIRBAEBAQICJgICJyAICAYBDAEFAgE?= =?us-ascii?q?Bgx0EAQGCSwMOHwULmzKbBHaBMoQCgU+CXQNsgUCBDioBhiaFHoEeD4FMPyZ?= =?us-ascii?q?rJwwDglo+glwBAQIXgREBBwsBQgsbgk2CYASPACshA4JeohIoB4FYgQWBBwQ?= =?us-ascii?q?Lhy6LGoVFBQodgnE1iHCEcQaNdpE5gWScZwIEAgkCFYFqL1pwTSRPgmkJRxc?= =?us-ascii?q?CDY4nAxeBAgECgkmFFIVEcgIBAQEyAgYBBwEBAwl8i2CCOC2BBgGBEAEB?=
X-IPAS-Result: =?us-ascii?q?A2ERBgAwWfNe/xoHYZlcBwMcAQEBAQEBBwEBEgEBBAQBA?= =?us-ascii?q?UCBSgKBeYEegTMKhBqDSY0fJZoZgUIdCQsBAQEBAQEBAQEGAQEYDQgCBAEBA?= =?us-ascii?q?oFRF4JdAoIXASQ4EwIQAQEGAQEBAQEGBAIChkQMQhYBgnx9AQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQUCCDsZHx0SAQEdAQEBAQIBA?= =?us-ascii?q?QEhDwEFNgIJBQcECQIRBAEBAQICJgICJyAICAYBDAEFAgEBgx0EAQGCSwMOH?= =?us-ascii?q?wULmzKbBHaBMoQCgU+CXQNsgUCBDioBhiaFHoEeD4FMPyZrJwwDglo+glwBA?= =?us-ascii?q?QIXgREBBwsBQgsbgk2CYASPACshA4JeohIoB4FYgQWBBwQLhy6LGoVFBQodg?= =?us-ascii?q?nE1iHCEcQaNdpE5gWScZwIEAgkCFYFqL1pwTSRPgmkJRxcCDY4nAxeBAgECg?= =?us-ascii?q?kmFFIVEcgIBAQEyAgYBBwEBAwl8i2CCOC2BBgGBEAEB?=
X-IronPort-AV: E=Sophos;i="5.75,275,1589234400"; d="scan'208";a="22676144"
Received: from mail-mtas26.fraunhofer.de ([153.97.7.26]) by mail-edgeKA27.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Jun 2020 15:48:35 +0200
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0D5AACDWPNe/1lIDI1cBwMaAQEBAQE?= =?us-ascii?q?BAQEBAQMBAQEBEgEBAQECAgEBAQFAgUoCgXkvbwNUMCwKhBqQZyWaGYFoCwE?= =?us-ascii?q?DAQEBAQEGAQEYDQgCBAEBgVMXgl0CghUCJDgTAhABAQUBAQECAQYEbYVbDEI?= =?us-ascii?q?WAYUZAQEBAQIBAQEhDwEFNgIJBQcECQIRBAEBAQICJgICJyAICAYBDAEFAgE?= =?us-ascii?q?Bgx0EAQGCSwMOJAubMZsEdoEyhVGCXQNsgUCBDioBhiaFHoEeD4FMPyZrJww?= =?us-ascii?q?Dglo+glwBAQIXgREBBwsBQgsbgk2CYASPACshA4JeohIoB4FYgQWBBwQLhy6?= =?us-ascii?q?LGoVFBQodgnE1iHCEcQaNdpE5gWScZwIEAgkCFYFqIgxacE0kT4JpCUcXAg2?= =?us-ascii?q?OJwMXgQIBAoJJhRSFREExAgEBATICBgEHAQEDCXyLYII4LYEGAYEQAQE?=
X-IronPort-AV: E=Sophos;i="5.75,275,1589234400"; d="scan'208";a="116169953"
Received: from mailext.sit.fraunhofer.de ([141.12.72.89]) by mail-mtaS26.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Jun 2020 15:48:33 +0200
Received: from mail.sit.fraunhofer.de (mail.sit.fraunhofer.de [141.12.84.171]) by mailext.sit.fraunhofer.de (8.15.2/8.15.2/Debian-10) with ESMTPS id 05ODmXUI021882 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NOT); Wed, 24 Jun 2020 15:48:33 +0200
Received: from [192.168.16.50] (79.234.126.119) by mail.sit.fraunhofer.de (141.12.84.171) with Microsoft SMTP Server (TLS) id 14.3.487.0; Wed, 24 Jun 2020 15:48:28 +0200
To: Brendan Moran <Brendan.Moran@arm.com>, Dick Brooks <dick@reliableenergyanalytics.com>
CC: suit <suit@ietf.org>, "Waltermire, David A. (Fed)" <david.waltermire=40nist.gov@dmarc.ietf.org>
References: <AM0PR05MB4339D51F857444D08ECAC41888950@AM0PR05MB4339.eurprd05.prod.outlook.com> <CH2PR09MB425136BCE8E859DFBED017DCF0950@CH2PR09MB4251.namprd09.prod.outlook.com> <1cd0f01d64a2c$5e98ffb0$1bcaff10$@reliableenergyanalytics.com> <54E7F290-B43D-4D72-9E8C-DE1B7E74F03E@arm.com>
From: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Message-ID: <dc6daca5-50b3-2bee-5180-3af97030f877@sit.fraunhofer.de>
Date: Wed, 24 Jun 2020 15:48:26 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <54E7F290-B43D-4D72-9E8C-DE1B7E74F03E@arm.com>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Originating-IP: [79.234.126.119]
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/Vz_hCgGUGFqvXiMGObbw1kEPazo>
Subject: Re: [Suit] Manifest-07 review
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jun 2020 13:48:43 -0000

Are we talking about every "software object" that starts with a CBOR tag 
as defined in this document?

I assume that a manifest in the form of a file can be wrapped or not be 
wrapped in a SUIT envelope. Would that result in the same file extension 
".suit"?

Viele Grüße,

Henk

On 24.06.20 15:42, Brendan Moran wrote:
> The intent is to register a CBOR tag that identifies the manifest envelope. This allows detection of manifests by signature in the first 2-3 bytes. A typical filename extension would be fine. I think the most suitable suggestion would be “.suit” if that suits the working group. We’re past the days of 3 letter extensions now, right?
> 
> Best Regards,
> Brendan
> 
>> On 24 Jun 2020, at 14:35, Dick Brooks <dick@reliableenergyanalytics.com> wrote:
>>
>> Are there plans for a standard file naming nomenclature to identify software
>> objects that contain a suit manifest?
>>
>> Today, I use the filename extension to drive an introspection procedure to
>> generate an SBOM and having a defined filename extension to indicate that a
>> suit manifest is present would help, otherwise I have to parse each file to
>> determine which SBOM introspection procedure to invoke.
>>
>> Thanks,
>>
>> Dick Brooks
>>
>> Never trust software, always verify and report! T
>> http://www.reliableenergyanalytics.com
>> Email: dick@reliableenergyanalytics.com
>> Tel: +1 978-696-1788
>>
>> -----Original Message-----
>> From: Suit <suit-bounces@ietf.org> On Behalf Of Waltermire, David A. (Fed)
>> Sent: Wednesday, June 24, 2020 9:30 AM
>> To: Rønningstad, Øyvind <Oyvind.Ronningstad@nordicsemi.no>no>; suit
>> <suit@ietf.org>
>> Subject: Re: [Suit] Manifest-07 review
>>
>> Øyvind,
>>
>> Thanks for this review!
>>
>> Dave
>>
>> -----Original Message-----
>> From: Suit <suit-bounces@ietf.org> On Behalf Of Rønningstad, Øyvind
>> Sent: Wednesday, June 24, 2020 6:03 AM
>> To: suit <suit@ietf.org>
>> Subject: [Suit] Manifest-07 review
>>
>> Hi guys, here is a review of manifest-07. Mostly small stuff.
>>
>> Questions:
>> .... Section 6.4: What are the guidelines for extracting the vendor-id,
>> class-id, device-id, or version of a component?
>> .... Suit-condition-component-offset is used in an example, but marked as TBD
>> in its section. I see that it is described in 6.4 as
>> "assert(offsetof(component) == arg)". What are the semantics of "offsetof"?
>> .... Can suit-directive-process-dependency be done on a component, or just on
>> a dependency? Generally, there seems to be some mismatch between the
>> description in 6.4 (which implies that most directives and conditions only
>> apply to a component index) and textual descriptions e.g. in 9.8.4.1 and
>> 9.8.4.2 (which imply that directives and conditions apply to whichever is
>> available of component index and dependency index).
>> .... (It would be very beneficial to make 6.4 "Abstract Machine Description"
>> more prominent, e.g. by linking from the individual section for commands,
>> since 6.4 contains very useful info about how the commands work, and it's
>> hard to discover otherwise.) .. What (if any) are the rules regarding when
>> to perform dependency-resolution, payload-fetch, and install, and when to
>> perform only validate, load, and run?
>> .... suit-manifest-sequence-number: "Each Recipient MUST reject any manifest
>> that has a sequence number lower than its current sequence number." Are
>> there several "current sequence number"s or just one for each SUIT
>> processor. Exactly when is the "current sequence number" updated?
>> .... What should the processor do when waiting on a suit-directive-wait? Can
>> it be interpreted as "try again later", or "busy wait"?
>> .... There are important limitations to what sort of commands can be in
>> suit-common. Could the limitations be reflected in the CDDL? It seems like a
>> natural thing to do, to make the limitations more prominent.
>> .... When processing dependencies, how do we know when to a) expect a
>> signature and b) check the signature on a dependency manifest?
>> .... Did we mean for short payloads to be embeddable in the manifest (I can't
>> find this)? This would be very useful for setting configuration options via
>> SUIT manifests.
>> .... Is the device-identifier unique for each individual device, or for a
>> collection of devices?
>> .... Why are suit-directive-set-component-index and
>> suit-directive-set-dependency-index not implemented through set-parameters?
>> Are they subject to the same override mechanics? If not, it might be
>> confusing with suit-parameter-source-component, which seems to be analogous
>> to set-component-index, but might have subtly different behavior because of
>> override mechanics.
>>
>> Nits:
>> .... Suit-directive-fetch: "manifest-index" is not referred to elsewhere in
>> the document.
>> .... Section 7: Suggested edit in bold: "A digest should always be set using
>> Override Parameters, since this prevents a less-privileged dependent OR
>> dependency from replacing the digest."
>> .... suit-condition-update-authorized seems like it could use some metadata
>> to help determine what is being authorized, e.g. A human readable prompt if
>> user interaction is required, or an identifier if multiple instances of the
>> condition are used in a manifest.
>>
>>
>> Thanks for the good work,
>>
>> Øyvind
>>
>> _______________________________________________
>> Suit mailing list
>> Suit@ietf.org
>> https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.o
>> rg%2Fmailman%2Flistinfo%2Fsuit&amp;data=02%7C01%7Cdavid.waltermire%40nist..go
>> v%7C909e99a025494e915e6008d81825e30f%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%
>> 7C0%7C637285898291416907&amp;sdata=Hww6iMALkbaHZQLb1VeYGCDfb7yrQGbpUbUa%2FD5
>> u4Fo%3D&amp;reserved=0
>>
>> _______________________________________________
>> Suit mailing list
>> Suit@ietf.org
>> https://www.ietf.org/mailman/listinfo/suit
>>
>> _______________________________________________
>> Suit mailing list
>> Suit@ietf.org
>> https://www.ietf.org/mailman/listinfo/suit
> 
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
> _______________________________________________
> Suit mailing list
> Suit@ietf.org
> https://www.ietf.org/mailman/listinfo/suit
>