IETF Logo Mail Archive

Re: [Suit] self-describing format vs fixed/binary manifest structure - pull parser

Martin Pagel <Martin.Pagel@microsoft.com> Fri, 21 December 2018 20:20 UTC

Return-Path: <Martin.Pagel@microsoft.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CDEB130E9C for <suit@ietfa.amsl.com>; Fri, 21 Dec 2018 12:20:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.866
X-Spam-Level:
X-Spam-Status: No, score=-1.866 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_CSS=0.1, URIBL_CSS_A=0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FpGESm5DxjlS for <suit@ietfa.amsl.com>; Fri, 21 Dec 2018 12:20:30 -0800 (PST)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-eopbgr820112.outbound.protection.outlook.com [40.107.82.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4E90130E94 for <suit@ietf.org>; Fri, 21 Dec 2018 12:20:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nKvfV73C66a6OqraMhvDOUp3VAar2Lypg1vy0qGfA6U=; b=cYVKD/bf1MOfd5Rq1NIN1VQ9GC5aQZDmeXksrny4xHAiU4a0NCyXVdV20LaQ8sGyNeI+fCu1WpUDtFnJy+XgOy6Eqg6Mp83tWe5D+Q6qQbf4Y8dMMIITiy3WYoilC72acEqL39d4y3Pkp+AIhlc5iU6gbo3xPNFz+hvjND6E+CY=
Received: from MWHPR21MB0703.namprd21.prod.outlook.com (10.175.142.13) by MWHPR21MB0189.namprd21.prod.outlook.com (10.173.52.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1471.4; Fri, 21 Dec 2018 20:20:28 +0000
Received: from MWHPR21MB0703.namprd21.prod.outlook.com ([fe80::b563:bb7e:aa34:9142]) by MWHPR21MB0703.namprd21.prod.outlook.com ([fe80::b563:bb7e:aa34:9142%7]) with mapi id 15.20.1471.012; Fri, 21 Dec 2018 20:20:28 +0000
From: Martin Pagel <Martin.Pagel@microsoft.com>
To: Derek Atkins <derek@ihtfp.com>
CC: "suit@ietf.org" <suit@ietf.org>, "dev-mcuboot@lists.runtime.co" <dev-mcuboot@lists.runtime.co>
Thread-Topic: [Suit] self-describing format vs fixed/binary manifest structure - pull parser
Thread-Index: AdSYCHGNvZso6Id+TN2TeD47dEfJkQBT2m/TAAKCtRA=
Date: Fri, 21 Dec 2018 20:20:27 +0000
Message-ID: <MWHPR21MB07032C2795147F46B7E854D79DB80@MWHPR21MB0703.namprd21.prod.outlook.com>
References: <DM5PR21MB06984CC3CF3075F362FB410A9DBF0@DM5PR21MB0698.namprd21.prod.outlook.com> <sjmtvj6u55c.fsf@securerf.ihtfp.org>
In-Reply-To: <sjmtvj6u55c.fsf@securerf.ihtfp.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=mapagel@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2018-12-21T20:20:26.1970572Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General
x-originating-ip: [2601:602:8500:8389:930:cb65:837d:e71b]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR21MB0189; 6:d9CXhapvc1C7wlEYArKNstRUkGFttNkAGPXfgv3E5qvIGXW175Pxo8KTn5msed70tiD/+gooZ9ZhieT0v3FzHmcjKrsqnEpE4ctR7/8XUC4nXHcH3mnUZMXqIYBAzX8zX8WiEKL6fF0390qjlFB18CgYcP9myNz4Ka79JvCtrkGv5NRikKuDDYjcoiv9XBH/TgFFXu8uXfdrD1xxX+vXeOnJ2KiE9/heDx0pHIpxBIB6BO0vWlYfBBI1bClc8Y69GpPDh8M1Yq1U6xIaVURuUQcZuyLpmdBCMN53NO0uFy0aKq4OvWNjNTQoffFpiEE50mZECpB5XnfC3NVOqWUc74sN/eMirwlBqvmx5BP9O8jG4Vi8bWB6DC2R3LakIfcvCWCqEs8ZW4+49Nw7p18GFeq/6k7BwMuvZsg4nNFY3/Sh0D3TV3pIp08IXxFpXkYFTo9wSMX2xvF2hynX1+LAQg==; 5:2ZTJdzPbi8WlS3p0i+kOLJCpsHCX/LPpL5BSyCtqVlX7EO230OZayCjnQz4q5TUCJrB+JYhb7ceQ65o8Otl22u8w+IemjXFt7Eozm0SZ9yizGoLvFwCfvXl/UKb1zmlKPhiJKA3o7xQx4WghmexAmMAC55LuyvSHXuUyGXnFOEc=; 7:2hZKPOTzvVHEvsuxIB1iuBszBPgWHM1uVsdeb47WAA391blybPhYEKBCGkUMWfZT9LTCz+LBnKAzhVIdKBmCCw/H7ttooW+1Ug0fHGTxdNiVM/+IFobwpdzd7Czp1rgF7w4Gi+pa6CwNyoedTfloAQ==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 212a98b5-d804-499b-94c2-08d66781bf83
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(5600098)(711020)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(2017052603328)(7193020); SRVR:MWHPR21MB0189;
x-ms-traffictypediagnostic: MWHPR21MB0189:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <MWHPR21MB01899AE70C45C2F6CC66EDCB9DB80@MWHPR21MB0189.namprd21.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(999002)(5005026)(6040522)(8220043)(2401047)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231475)(944501520)(2018427008)(6055026)(149066)(150057)(6041310)(20161123564045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(201708071742011)(7699051)(76991095); SRVR:MWHPR21MB0189; BCL:0; PCL:0; RULEID:; SRVR:MWHPR21MB0189;
x-forefront-prvs: 0893636978
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(366004)(136003)(376002)(39860400002)(346002)(189003)(199004)(13464003)(7736002)(8936002)(105586002)(25786009)(8676002)(81166006)(229853002)(97736004)(10090500001)(99286004)(6916009)(486006)(6436002)(476003)(11346002)(446003)(33656002)(14444005)(6306002)(68736007)(71200400001)(9686003)(6246003)(46003)(55016002)(71190400001)(53936002)(102836004)(6506007)(6346003)(53546011)(186003)(7696005)(76176011)(54906003)(316002)(5660300001)(4326008)(22452003)(966005)(72206003)(10290500003)(478600001)(256004)(6116002)(86362001)(66574012)(74316002)(14454004)(2906002)(106356001)(8990500004)(86612001)(305945005)(81156014); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0189; H:MWHPR21MB0703.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Martin.Pagel@microsoft.com;
x-microsoft-antispam-message-info: eCT2PQDWG70SL/AG7sHjRTPbCQ91FiFnGDhMsdT+By2jM35mrkcYZodAs+yRWXs6FOKuS4X6LILubvOm+ldRxSzV6Njws+UMWIVU21X3SSAeqLAutQHBl6sRhUJDDgf8hOXIpcXrOv4lSDKXgsAIXPMAsIPxbp3lWJFkfNg3O8qT7ZaiYlkLUP2XUH/ailUdNRQG55MIlzY4dvRqyKvEPFR1nVjFuQsvvtHC1iibbmYzc6bpP11bRRNoxn5ISVRYzdsOcrndK1H/D8/7sfZaxvNhayObX6sDZ5f2LuOOVVafoOOMqnLA/PJi29TD2402
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 212a98b5-d804-499b-94c2-08d66781bf83
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Dec 2018 20:20:27.9496 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0189
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/ZLtVQZ0dcEwucdmKIz1-WccbhTc>
Subject: Re: [Suit] self-describing format vs fixed/binary manifest structure - pull parser
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2018 20:20:33 -0000

Yes, Derek, 
CBOR may make it a bit easier to encode the manifest for various MCUs, but I believe the data encoding is only a small part of the server's responsibility. The server still needs to understand what file types, crypto algorithms, keys, image formats etc a particular MCU supports as the current manifest draft allows for a lot of options. If you use a pull parser on the MCU, then the server  also needs to understand the particular CBOR schema that a particular MCU expects as otherwise the pull parser will reject it. For that to happen, the server will need to maintain some type of capabilities/schema database for each MCU it can update. Once you define the SUIT fields (as defined in https://datatracker.ietf.org/doc/draft-ietf-suit-information-model/ and https://tools.ietf.org/html/draft-pagel-suit-manifest-00 ), I would argue that it would be fairly simple for such capabilities database to also keep track of where/how these fields go into a packed binary structure. 
Best
Martin

-----Original Message-----
From: Derek Atkins <derek@ihtfp.com> 
Sent: Friday, December 21, 2018 10:06 AM
To: Martin Pagel <Martin.Pagel@microsoft.com>
Cc: David Brown <david.brown@linaro.org>; Michael Richardson <mcr+ietf@sandelman.ca>; suit@ietf.org; dev-mcuboot@lists.runtime.co
Subject: Re: [Suit] self-describing format vs fixed/binary manifest structure - pull parser

Martin Pagel <Martin.Pagel=40microsoft.com@dmarc.ietf.org> writes:

> Thanks, David,
> Yes, I am familiar with pull parsers, thanks to Brendan's example, but 
> I'm not sure what the advantage of CBOR encoding provides if you build 
> a custom parser for a particular fixed CBOR encoding/schema. Seems

The benefit is that you can create standardized server software that can read the manifest to any particular MCU client without requiring special per-MCU software.

The cost to the MCU to process a CBOR-pull is relatively low.  But the cost to a server to deal with dozens (or more!) of uniquely-defined MCU static manifest structures would be extremely high.

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             https://nam06.safelinks.protection.outlook.com/?url=www.ihtfp.com&amp;data=02%7C01%7CMartin.Pagel%40microsoft.com%7C966abe35aed74cd400fe08d6676efc22%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C1%7C636810123718776125&amp;sdata=5EyurzEMysogbmeae1gDT1hbD4A%2FARs%2Bxv%2B%2B5w%2Fu9XI%3D&amp;reserved=0
       Computer and Internet Security Consultant

v2.23.0 | Report a Bug | By Email