Re: [Suit] Suit manifest with variable recipients
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 22 July 2021 20:36 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 37E973A09EB
for <suit@ietfa.amsl.com>; Thu, 22 Jul 2021 13:36:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001,
SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 0AfbJALRf_fY for <suit@ietfa.amsl.com>;
Thu, 22 Jul 2021 13:36:14 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209])
(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id D7A593A09EA
for <suit@ietf.org>; Thu, 22 Jul 2021 13:36:13 -0700 (PDT)
Received: from dooku.sandelman.ca
(cpe788a207f397a-cmbc4dfb96bb50.sdns.net.rogers.com [174.116.121.43])
by relay.sandelman.ca (Postfix) with ESMTPS id CADB51F451;
Thu, 22 Jul 2021 20:36:05 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179)
id 8F7A01A0201; Thu, 22 Jul 2021 16:36:04 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Brendan Moran <Brendan.Moran@arm.com>, suit <suit@ietf.org>
In-reply-to: <6BAA5E0E-7100-4418-8AAC-7A9420491D52@arm.com>
References: <F51C5D05-043E-4F07-9A4C-7044646192E3@arm.com>
<27551.1626138598@localhost> <4B4235A6-3965-4FBD-AEA8-E16C900C4A0C@arm.com>
<6855.1626898972@localhost> <6BAA5E0E-7100-4418-8AAC-7A9420491D52@arm.com>
Comments: In-reply-to Brendan Moran <Brendan.Moran@arm.com>
message dated "Thu, 22 Jul 2021 15:25:42 -0000."
X-Mailer: MH-E 8.6+git; nmh 1.7.1; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
micalg=pgp-sha512; protocol="application/pgp-signature"
Date: Thu, 22 Jul 2021 16:36:04 -0400
Message-ID: <570912.1626986164@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/xLAe-WCKgt-djeMqPyPjDs4VDaw>
Subject: Re: [Suit] Suit manifest with variable recipients
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>,
<mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>,
<mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jul 2021 20:36:21 -0000
Brendan Moran <Brendan.Moran@arm.com> wrote: > 1: The threat described above: An on-path attacker upstream of the > status tracker suppresses a device. This is different from existing > SUIT DoS threats because of the targeting of single devices from > outside a network. To be clear, this is not simply a DoS; it is an > Elevation of Privilege (unprivileged actor decides which devices are > updated) AND a Repudiation threat (Not possible to know who chose which > devices received updates). The status tracker CAN inform the device of > the new update, but the device appears not to have been authorised by > the owner of the firmware (via the Content Encryption Key) Let's say that it's not malicious. Let's say that upstream provider noticed that you didn't renew support on that device, so they removed the access. Shouldn't the Status-Tracker still notice that the device hasn't got the right firmware? Again, I think you are trying to solve an operational problem in the manifest, and I think that it just can't work. I think you are trying to do this, because we don't have any specifications on real status-trackers. -- Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [Suit] Suit manifest with variable recipients Brendan Moran
- Re: [Suit] Suit manifest with variable recipients Michael Richardson
- Re: [Suit] Suit manifest with variable recipients Brendan Moran
- Re: [Suit] Suit manifest with variable recipients Russ Housley
- Re: [Suit] Suit manifest with variable recipients Dick Brooks
- Re: [Suit] Suit manifest with variable recipients Brendan Moran
- Re: [Suit] Suit manifest with variable recipients Michael Richardson
- Re: [Suit] Suit manifest with variable recipients Michael Richardson
- Re: [Suit] Suit manifest with variable recipients Michael Richardson
- Re: [Suit] Suit manifest with variable recipients Brendan Moran
- Re: [Suit] Suit manifest with variable recipients Michael Richardson
- Re: [Suit] Suit manifest with variable recipients Brendan Moran