IETF Logo Mail Archive

Re: [Suit] Propose to add suit-uninstall in Multiple Trust Domains draft

Dave Thaler <dthaler@microsoft.com> Wed, 27 July 2022 19:04 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA289C14CF17; Wed, 27 Jul 2022 12:04:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.693
X-Spam-Level:
X-Spam-Status: No, score=-2.693 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ryJVTve9IOa; Wed, 27 Jul 2022 12:04:47 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-eastus2azlp170110002.outbound.protection.outlook.com [IPv6:2a01:111:f403:c110::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3421C159529; Wed, 27 Jul 2022 12:01:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=awc93VSxvIKihPxrhB+8mEhBnzDvow8wc+sC36Vi93Gi0KE1B7s+ynLonfBXzQVUWVaChDciYeHA+32LFAC3td1ZCroi6RTfxGE3xTG8pHmSlmdf4jU34lAPhjqSZnMfejx9v+TMtxWjuaOzW8xCzPV68sBb3nEfsIRNDYjKgt53FARk9sg9Dwg9D53ugkNL9R+szNusx7ZnNrAy5Bk66Kuaj/hJNGT4jbiNq2PXusvemjRlkk20QztHDzN1vpH+H/d7jGoxZvq+rP10dLXfqHwOhgc6yFb70akQvx6Yil/QSP/+u7R/g2iyeET5dyHhp1/kCUgNYLFdTb5KShiHFg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DrhmPABPsEWoAdm+6Tjm10uX1LL1aohF45S2RFADt0E=; b=bpL6Nww2vSb9dUwif18De+FnJT0WLHy9aXCQuW+wWz3TWNSQMUcvvvDv2o8Tm5A8MxFPvbOkCeujJoAD4R5KY+7tNMnJHjU6jfAumh8jbOsu1kTKBM6HpgKQA4Rqju0sCWcA63RRTwPf8YBpII2fCb3qJNZys9Zd9FxF75jnwLYRJ3gmOnXclG0x4bcErLHOz5IMuwVH9aIJ3Wcog3nz4KGhFm9V6M+tA5ydYiBzTJBACbeeD6gTOOXR/uAMGYpzt2X2op5FLwcM5anZDax3gCwusIaH6wZUTnMazCW4WotWK9qcKSMvKXLtReyRDBtTAzdjqFxpEX5lpvwawwIRrA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DrhmPABPsEWoAdm+6Tjm10uX1LL1aohF45S2RFADt0E=; b=YEMueReTu7aJg2e6yVC4+2pEZM9NMIyx7iHgeP+R3AXW1HtOcSahGAKac/rHi8XoxO2Pf3ieqqsvbjY4q2KKXwolNKLWgfQvmkIsiXFAjZ8KJAr87tzaSqWZaPEbe+UdhOESTYdgRrkEEY0Cbox1NOcO5bowYzxrzoVY0m94fOc=
Received: from CH2PR21MB1464.namprd21.prod.outlook.com (2603:10b6:610:89::16) by CO1PR21MB1316.namprd21.prod.outlook.com (2603:10b6:303:153::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.2; Wed, 27 Jul 2022 19:01:37 +0000
Received: from CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::dc03:ddee:808f:5e48]) by CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::dc03:ddee:808f:5e48%6]) with mapi id 15.20.5504.005; Wed, 27 Jul 2022 19:01:35 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Ken Takayama <11kenterada@gmail.com>, "suit@ietf.org" <suit@ietf.org>
CC: "TEEP@ietf.org" <teep@ietf.org>
Thread-Topic: [Suit] Propose to add suit-uninstall in Multiple Trust Domains draft
Thread-Index: AQHYobyyjn5GjpghFkKQ5PXxfoxfjK2SkMQg
Date: Wed, 27 Jul 2022 19:01:35 +0000
Message-ID: <CH2PR21MB1464B76B597D7B052A2BB9E9A3979@CH2PR21MB1464.namprd21.prod.outlook.com>
References: <CAMGQZH7PK_m71fV7E6bTS0ELqChx_G3GVJ2GZYLWWuv3MjbZjQ@mail.gmail.com>
In-Reply-To: <CAMGQZH7PK_m71fV7E6bTS0ELqChx_G3GVJ2GZYLWWuv3MjbZjQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=28b4844c-94ec-4f90-8004-67a48d4b17d2; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-07-27T18:53:12Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a8a6ebc0-25f8-4a65-4230-08da70026d6a
x-ms-traffictypediagnostic: CO1PR21MB1316:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kwaFmnvwYzW6lN8ihjEitySNT7ehRL4GNrnf4jGVdmLgVgD8XY8auLhIdM22AH5F/mEEvyaH/hfH1r8JVn50+sbkjf6Lq6TKvqk/tJ6Pm5IrAjnGRtouAPg18bj0uAw5cjM47xI9KhaWyB0df8UFTRJ/zZiRaOyAxskKF5oy5aUxM/nXyvCgaYs8DGbo7WDCZx2hbtq/NIuRzKxb7mClIeDDa8l/T2pAohCSk5FcgKIoZeLlrkmfKIR1HSySBQmpy1HVX6VdD05gop3exoF1yrH07EaJZ7cwjK79YA0a1mrE/B/Nvy7Ej1zEOpd+xT/rAQSV+9wEdFNkMGRsdnAVxss4oimd+xesdpwpHUzxiSgd7YaR6xFpqV9XQhAgQXIAvG4z4oNxxJaAkUNg7Sz9kTqLhsiCIEk+2QksEtRaAbKarDxBwovZ21+4aNnsM6p4/uqyfaM5dpZHrvrODmBAOF8peRTzQbWS9/ti4yLPzuNpmc+lAtbha/RPQKBCMvRJm7ABPPsYBeO3okoog3I08KSmKZ9+/g4LR2NfBd8gh3cy8HRLZUzmetZ6RC6sz7akLrCnpO1u9Q3yDy/g3jEMkhapu8R+LtTP/EeRXaGn5ctM5NkdmeHES2l4Ma7J3y1ToCcgnOL5UeyAKiZdwIW41Zn0oEi2vZHNL/mvx7yT5xTNrlp16bdaV4kuChSSEhM9jKRL8MYfQ4PMVqsNYWY4VCkWdFU/JlM1H/ADHa++cmsw7GLn8oMBexGuT3Ln9pe4rL1e1SoXnpQGdv18mLXj0OkTjcMDguOP9gB+ULNK1sXVV4Hkx7oZhGATg8IssIWA2HP09uIdK3iWv9BMcTmNuS5/hn5IREC+R/03PWj/MPU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR21MB1464.namprd21.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(39860400002)(346002)(396003)(136003)(366004)(451199009)(66556008)(5660300002)(8990500004)(316002)(41300700001)(6506007)(82960400001)(110136005)(7696005)(2906002)(10290500003)(76116006)(8676002)(478600001)(66946007)(66476007)(64756008)(4326008)(66446008)(8936002)(55016003)(9686003)(122000001)(33656002)(71200400001)(86362001)(186003)(83380400001)(82950400001)(52536014)(38070700005)(38100700002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 1PxconShE0AnzGE/O4NmxBmiRLwsT7mrov4ODraGkgp2nRbj0Ijzp6e776S/4abVczys9lcC01oUE+SIQ7N9yiZm9zKDgrJjBZisd2haTsYwLQpADFVUvoR+UPBmkZGJJl8nW/HaRS7YxA9mRYHOWyZHKTMbA58Opus1bLumqp19STa4NTJI2g//ugjFNiP9PEWux/QxcbJe5NoRZytiNeFLxYtcq8mFx5Pge2+JSmI4MuXhltbimq/6GbEkzM4tpAAcTXm1KxsLnfJgy/yu/EumsFZZMI8hXeJru9qNpvZJDS6Uqo+jXG8EtS2auSgm4tRV2hUh1/qk/ZsaSQoRuBcbaZMwEWqeedN3+uXE3tt4IKAdBTPUWSY/BgQ6CddOfrteq6N11Se8yHDdoALBQh0GtSCRMeFmaPDuckIj78guqmFjbkRm4e44kxdhY9pYr2F6yIa8vh7LZDTASOXvnlgTR09M+landY/WHNRUgbhFmWTOrKCT3cLpHoumgqGhDgRugGwA8hDpa9vGGpZjMpxggJXA0rpkxPmaDzDMQMAw4NsSUvmzx6Pbl0ZVxrt9i3W9RIECw43O+cOyHK0TuXAyaPffgDunFY/yhrmAt6GFe/5XyCQh2tl4/47ZEzQbCdBal/hh73mD7PvA9nAiAx0bagQQbfzXFyjqHK+kqEqRqo+JDhmt2Il3um/YZbY5cB6WgOHC0SWgn9v4WgfBmpOvmxj3Z6JY0zgjF0YHeI8enT/7684W1J1gjJLrWZGsGm0IZ4kuTkTWvHmaJ1BU9QUy1DgQOhv3zO0zXM89LhG7X2Nbr3iaRiahf9SINOSn7l0x56tW1TEGkvhFMFN/0OBLJSdpGkHvPAN1qAlIfMLizVLWARuBkJnX0OSkwXLnD4CNxJK33np2WcORAKUmByNkfOwgUclU/aB5cIrBnP7ue5oaaEr/Qlb3ljo8RDVHoicdM4lIARPAS2iZIMg+Zlpc2jdijbvzDFvwUcxYCoyoSQVSHV4rVQWj5+qlrgeEUYFrgrGXDQLUlij0ZkvxomRXvGNxRMxoLPZZTcLEz4YeP5rJOuqBFrxM7pZVw3Jnehc9RrtISbB1v+tDHx12Jze3vugte+0oL7bl+k4BzBHHvUiggbZRersD7T1mUyCshEDI+n5rPE+5LYrU1ab8Bh5z3X8l+qbZ2gNDmY0uZpZupD8XWqvyp1LGK9ndnGogyZe2FVdHyzNPwBOabwec3TRDridFVKG1LVvLDRMGmp/Wvkk6PI9Uua4wMRN1zUQRIlGZkQ/sY+6UDDWzIpwfiO50ZmZRICAwoIK+uDvz5Tca+hn9/8WYs2a4/ZOZTQ7snLm7sT1mKLTj4/fXn5BsJhA0Bv+vSvikdukwqGDCZAHE0LE6D6ltApf5AbrePbBsMgnKWr1PKtO53sL6kLG9QcuDmRP7A0Mxozz36e5UIT0l7bscPC8KZN17pcuJvoG9kh/Jzr+PIGskelnIr+3Pi8LARZhcmy9OdDdQMgZj87E9xZdmPwP4++9r6X6edyxdEpuuDHz+rSn6fCPyob/QGAH568roOsFQE0gw/VlU2jYqUZgSmWa3UeBQ07ro6uh5g3Y323iZty2RchmnGXkppNu67uqB5onGZXVZot6EFxwMEHBhsAuv/jIxvZAM+4gk
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR21MB1464.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a8a6ebc0-25f8-4a65-4230-08da70026d6a
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2022 19:01:35.3959 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: U3WOTL4NS1FPivNtg2BQdvoATlu0UW7TFnzJuNHMFMTsS4pbIVw3eSmpCr2TXiBVUe1ctoQ+sFf2jLoqi0vqBzy/VYovp9jsfqqiGReD+6E=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR21MB1316
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/z4kh1FPKaoifG73zrl4KMXJjTVI>
Subject: Re: [Suit] Propose to add suit-uninstall in Multiple Trust Domains draft
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jul 2022 19:04:52 -0000

Ken Takayama writes:
> # Proposal
> Add suit-uninstall to the Multiple Trust Domains document
> because it is useful functionality when updating depending components in some situations.
...
> ## Issue
> The library-a is no more required and should be uninstalled,
> but how to uninstall it when updating the application?

>From a TEEP perspective, I think this is important to say how to do.  I run into this issue in my TEEP implementation too.

The TEEP protocol used to have a field in the Update message (in addition to any SUIT manifests) that identified which components to remove.  Recently the TEEP protocol was updated to just list manifests, under an assumption that the manifest would contain deletion instructions. 

The TAM (an update server) sends manifests or references to them, to a TEEP Agent (a device on which to install/update/uninstall components with SUIT manifests).
So to do a deletion, the TAM needs a way to indicate that without it being the component author.   It could do that by the TAM creating the SUIT manifests themselves, and incrementing the sequence number to do a deletion but that would require generating manifests on the fly rather than having one manifest for all TEEP Agents, some of which might have the component installed and some not.

It could also do it by not using a newer SUIT manifest but having the uninstall directives included in the installation manifest as Ken proposed, in which case the original TEEP mechanism might make sense to put back in.

Dave

v2.23.0 | Report a Bug | By Email