Re: [Suit] SUIT Architecture document review

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 16 October 2019 15:07 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E78DB120981 for <suit@ietfa.amsl.com>; Wed, 16 Oct 2019 08:07:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lJc3EiHtTmhW for <suit@ietfa.amsl.com>; Wed, 16 Oct 2019 08:07:47 -0700 (PDT)
Received: from mail-oi1-x233.google.com (mail-oi1-x233.google.com [IPv6:2607:f8b0:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 818E212095B for <suit@ietf.org>; Wed, 16 Oct 2019 08:07:46 -0700 (PDT)
Received: by mail-oi1-x233.google.com with SMTP id g81so2137641oib.8 for <suit@ietf.org>; Wed, 16 Oct 2019 08:07:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wclwgMZYPazG/+5yHMYsUVLUZ/ILkTqaKXwWM8vxHG4=; b=t7W6Ou0W/7L6jTc6R6/Jjh3KFWs8zlAum8xADcbGJE/LUASdXcv7XCK7I/s1jLgwfB r0zTosjkEV1CIpcacB/dYhiCYuxPoeqQs4j4U7qd6uXow+K3JNxaG0M91+Or42+C+UAP fJmI/2fIXzhTQrsTnJDhZ8YSE0LojqgGkHDTOKmF6mPpYXAImO5LuhyShA2fVjC3hzQW fLJroQzMaeJLcUsYDGbeTC0mEKhbYHuXpj0z4uBzFcmL3Ddn8znPnB0tHdXRQ+WtcFAU V1WELV9FVjRw4YIUpIuJjuAb7jD1G+VXIK6vI5bkumLxcYo0bFfMkpcP7TlN9wmYfaeQ mUdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wclwgMZYPazG/+5yHMYsUVLUZ/ILkTqaKXwWM8vxHG4=; b=Euq7iPYszcMhA8lpNVt2AdwIArgFR3SSbkVeAlsOcMjaMPLe26PNoeaqS8nza6s8Sa so4qrSzvh9CqHPKQhQMj7IP4EPXwSkkaEEncX4ruCWhk4oiDSCdfvt9Z+iH3z4lna2GW N1qS/vfoT38UKkke5dK6DvM256ARIzHg3UEl7uN+cXtXfBH4x0j5mdCgv9e+6qDrAWGk 9zWtsGCKdnnMTXE4/0Q+o/AEqk5aBlJbYTt4k2UYPr4H/5RFDoEcta5gZT9P9ugl6Ww0 HG0BsDTnf4hNUnJVHlH7b+j8ApdGtl9mwkLzWwMLTzthrknjuQnmw9Y4vIjBA/YGRLA/ /kxw==
X-Gm-Message-State: APjAAAU+CTAKfy3g+DrHi7+pR+mmKqExzwczCq8cW9B/HkJTJThQqOyB PUX4SciAuuhqenn1/rmGceZHVpg8CduWgVQTvAk=
X-Google-Smtp-Source: APXvYqygbGzoPR5afq/TLDyjv0ArsSvWS8p+wSi5fxmJ4N1UJ33+Qife9zEdKv6xuXILGrnzlce+ZUUD7lTHXkrWwb0=
X-Received: by 2002:a54:4483:: with SMTP id v3mr3650368oiv.111.1571238465832; Wed, 16 Oct 2019 08:07:45 -0700 (PDT)
MIME-Version: 1.0
References: <CAHbuEH6h7Ojc1RDLqGDOvKCqcB6UWu4sg-cozsLFnDsZPm+xCg@mail.gmail.com> <VI1PR08MB53604B1D9121DC24D28D4B4AFA920@VI1PR08MB5360.eurprd08.prod.outlook.com> <10986.1571234661@dooku.sandelman.ca> <7be6c218-37c5-f915-e4dd-5777ec3c903e@sit.fraunhofer.de>
In-Reply-To: <7be6c218-37c5-f915-e4dd-5777ec3c903e@sit.fraunhofer.de>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 16 Oct 2019 11:07:09 -0400
Message-ID: <CAHbuEH5m1sxuwVM2hX2wv0=vcLmOb74YS1thJmWxLhoJDz1zmQ@mail.gmail.com>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "suit@ietf.org" <suit@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009d0eef0595087600"
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/cbgM69LNYwEZPqKfJ633YNOVDrY>
Subject: Re: [Suit] SUIT Architecture document review
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 15:07:58 -0000

On Wed, Oct 16, 2019 at 10:41 AM Henk Birkholz <
henk.birkholz@sit.fraunhofer.de> wrote:

> Hi Micheal,
> hi thread,
>
> at Kathleen's keynote address in TCG, the "not new" notion that SUIT
> refers to (S)oftware was raised, which - to the audience - seemed to be
> in contradiction with the content being produced.
>

Yes, but just to be clear, I did say the group was focused on firmware, but
FUIT didn't sound good.

>
> That said, in theory the SUIT manifest could be used to update basically
> things of any size - not only constrained nodes. But I agree with your
> point that this is just a "title" problem. There are solutions, such as
> package systems,  in place that would require a quite more complex and
> elaborate attestation infrastructure and that is not the scope SUIT is
> targeting, I think.
>

Agreed, I am not asking for all types of updates.  Having consistency for
firmware and maybe bios updates for larger systems would be helpful to the
customer.  The same principles for secure updates are applied similarly
anyway across solutions.  The architecture document is a framing one, which
is why I made the comment.

Best regards,
Kathleen


> m2c: wrt to number of secrets and endorsements that would have to be
> maintained per device we also want to be as minimalist as we can be
> while remaining feasible, I think.
>
> Viele Grüße,
>
> Henk
>
> On 16.10.19 16:04, Michael Richardson wrote:
> >
> > Hannes Tschofenig <Hannes.Tschofenig@arm.com> wrote:
> >      > [Hannes] When you say “larger systems” what do you mean? There are
> >      > Windows, Linux and mobile devices out there that already have a
> >      > perfectly fine software update mechanism and we are not trying to
> >      > replace it with this work. For those devices that run regular
> operating
> >      > systems the lightweight design of the software update mechanism is
> >      > apparently less of a concern compared to the design of a firmware
> >      > update mechanism for low end IoT devices, as you have witnessed
> in the
> >      > discussions on this list. When you say “large system” are you then
> >      > referring to a system that runs Windows, Linux or something
> similar or
> >      > do you have some other system in mind?
> >
> > I believe that it would be applicable to Things based upon things that
> look
> > the RPI, running Android IoT or OpenWRT.  While there are package
> systems, a
> > random assortment of packages is undesireable, and can not easily be
> attested
> > to.
> >
> > This is what I think that Kathleen is talking about.
> >
> >
> > --
> > Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works
> >   -= IPv6 IoT consulting =-
> >
> >
> >
> >
> > _______________________________________________
> > Suit mailing list
> > Suit@ietf.org
> > https://www.ietf.org/mailman/listinfo/suit
> >
>


-- 

Best regards,
Kathleen