Re: [Suit] SUIT rechartering: proposed text
Russ Housley <housley@vigilsec.com> Tue, 20 July 2021 15:13 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2579D3A265D for <suit@ietfa.amsl.com>; Tue, 20 Jul 2021 08:13:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CpM14vwztCbn for <suit@ietfa.amsl.com>; Tue, 20 Jul 2021 08:13:27 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 769243A2658 for <suit@ietf.org>; Tue, 20 Jul 2021 08:13:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 7B27B300BE5 for <suit@ietf.org>; Tue, 20 Jul 2021 11:13:26 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id OthpFkWZImY7 for <suit@ietf.org>; Tue, 20 Jul 2021 11:13:15 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 50C96300AEB for <suit@ietf.org>; Tue, 20 Jul 2021 11:13:10 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Tue, 20 Jul 2021 11:13:09 -0400
References: <66D84CE5-22E6-44F0-8239-8A5832326219@arm.com> <3E7D5E5B-03EE-4EDD-A951-FB119F72DDE8@arm.com> <16339.1613515194@localhost> <E4B87013-1498-463F-98C0-5FF13344C3EA@arm.com> <6FC3F38A-B067-4180-ACD9-A121162EA459@vigilsec.com> <26718.1626138395@localhost> <MN2PR09MB4841BA0A0CC978E70A09A509F0119@MN2PR09MB4841.namprd09.prod.outlook.com>
To: suit <suit@ietf.org>
In-Reply-To: <MN2PR09MB4841BA0A0CC978E70A09A509F0119@MN2PR09MB4841.namprd09.prod.outlook.com>
Message-Id: <67F117E7-28F2-45F3-BC4C-AC8116BCB69F@vigilsec.com>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/bMJKmocntQIYHOofe1an-8ckS5s>
Subject: Re: [Suit] SUIT rechartering: proposed text
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jul 2021 15:13:30 -0000
I have tried to address the comments from Michael, Dave T., and Dave W. The biggest change is int inclusion to an additional document for set of claims related for attesting to firmware update status. This covers the SUIT-related claims that ware currently being considered in the RATS WG. Please review and comment. Russ = = = = = = = Vulnerabilities in Internet of Things (IoT) devices have raised the need for a secure firmware update mechanism that is also suitable for constrained devices. Security experts, researchers, and regulators recommend that all IoT devices be equipped with such a mechanism. While there are many proprietary firmware update mechanisms in use today, there is no modern interoperable approach allowing secure updates to firmware in IoT devices. In June 2016, the Internet Architecture Board organized a workshop on 'Internet of Things (IoT) Software Update (IOTSU)', and RFC 8240 documents various requirements and challenges that are specific to IoT devices. A firmware update solution consists of several components, including: * A mechanism to transport firmware images to compatible devices. * A manifest that provides meta-data about the firmware image (such as a firmware package identifier, the hardware the package needs to run, and dependencies on other firmware packages), as well as cryptographic information for protecting the firmware image in an end-to-end fashion. * The firmware image itself. The SUIT WG is defining a firmware update solution (taking into account past learnings from RFC 4108 and other proprietary firmware update solutions) that are usable on Class 1 (as defined in RFC 7228) devices, i.e., devices with ~10 KiB RAM and ~100 KiB flash. The solution may apply to more capable devices as well. The SUIT WG is not defining any new transport or discovery mechanisms, but may describe how to use existing mechanisms within the architecture. The SUIT WG has already completed work on two documents: * An IoT firmware update architecture that includes a description of the involved entities, security threats, and assumptions. * An information model for the SUIT manifest. Now that the information model is complete, the SUIT WG has selected the CBOR serialization format and the associated COSE cryptographic mechanisms to encode the SUIT manifest. The SUIT WG may consider a small number of additional formats in the future; however, to reduce the complexity of a firmware management solution, a very small number of formats is preferred to enable SUIT maifest integration and interoperability with other IoT technologies and ecosystems. To support a wide range of deployment scenarios, the formats are expected to be expressive enough to allow the use of different firmware sources and permission models. The SUIT WG does not aim to create a standard for a generic application software update mechanism, but instead the SUIT WG is focusing on firmware development practices in the embedded industry. Software update solutions that target updating software other than the firmware binaries (e.g., applications) are also out of scope. To support the SUIT manifest format, the SUIT WG is also defining formats and protocols that enable a SUIT Status Tracker to determine if a particular manifest could be successfully deployed to a device and determine if an operation was successful. In addition, the SUIT WG will specify claims related to the SUIT Status Tracker that can be used to provide evidence in support of the architecture defined by the RATS WG. The SUIT WG will continue to work with silicon vendors and OEMs that develop IoT operating systems to produce implementations based on SUIT WG specifications. In particular, the SUIT WG plans to continue to participate in IETF Hackathons. The SUIT WG document deliverables are: * A SUIT manifest format specification using CBOR. * A firmware encryption specification for use with SUIT manifests. * A secure for IoT device to reporting on firmware update status. * A set of claims related for attesting to firmware update status. * A SUIT manifest extension to include a MUD file as defined in RFC 8520.
- [Suit] SUIT rechartering: proposed text Brendan Moran
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Brendan Moran
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Waltermire, David A. (Fed)
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Waltermire, David A. (Fed)
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Brendan Moran
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Ira McDonald
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Dave Thaler
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Roman Danyliw
- Re: [Suit] SUIT rechartering: proposed text Roman Danyliw
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Michael Richardson
- Re: [Suit] SUIT rechartering: proposed text Roman Danyliw
- Re: [Suit] SUIT rechartering: proposed text Roman Danyliw
- Re: [Suit] SUIT rechartering: proposed text Russ Housley
- Re: [Suit] SUIT rechartering: proposed text Roman Danyliw