Re: [T2TRG] T2TRG interim meeting follow-ups - draft-irtf-t2trg-taxonomy-manufacturer-anchors-00
Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 15 June 2023 09:57 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACDE8C15106F for <t2trg@ietfa.amsl.com>; Thu, 15 Jun 2023 02:57:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UhSk9-C7vVWG for <t2trg@ietfa.amsl.com>; Thu, 15 Jun 2023 02:57:50 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63CD8C14CE47 for <t2trg@irtf.org>; Thu, 15 Jun 2023 02:57:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1686823060; x=1687427860; i=hannes.tschofenig@gmx.net; bh=kC0XBbiPQREO+FE8kZ+EMDfYJzjWXxb7b4cvWwXpvPE=; h=X-UI-Sender-Class:Date:Subject:To:References:From:In-Reply-To; b=DodsIRzMDqZ9uQ+r8nlrJ1jC4DzvDkN7Yn7lrMfcDma2V481Uz3zwgcDQ1wDEff/Vv5OMHf x0x8jzoZkC7zlxQRRul5X4e71gl1nbYfyNfWrrqxWPQLVW5NiGUDCFXVlgEKFsrVewjpvWxVI voT+0k3QO6Lc59QfHGIndDrnuWUxjgkUU2M4iq193uozkbh3Q8jr29JNk06TezE5s7cBUd/Qt HyFL797FbVc138+t+1UyYb23lZsQlA2/sWrZXaomSRdlSQIxC/xrK44GHwKMU+q+Ou/OiUd6K fZZ0sKyWifUytYyFUtec2AHNhiW1uV/YfFjaEEPr2v/8TbFxb/1g==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [172.16.254.181] ([195.149.218.225]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1M6lpG-1qCWDa0i5u-008FVy; Thu, 15 Jun 2023 11:57:40 +0200
Message-ID: <2039f4ba-4ffb-821e-a4c9-23257fa8e88c@gmx.net>
Date: Thu, 15 Jun 2023 11:57:40 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0
To: Mohit Sethi <mohit@iki.fi>, t2trg@irtf.org
References: <f5044374-4c61-a14e-619b-e2284b79d3d9@iki.fi>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <f5044374-4c61-a14e-619b-e2284b79d3d9@iki.fi>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:QXKoC1mcPNMw+8mSxjz0W8zoG9zSz687N4P2iw3v7xomohjJO8T kPDBxqefE4FRm7xKAflfsTNYFVicHEW8eVAUjc2v2Csd5ZHML4L7vxDHKIqBMw5i6S/XtdP dSspZxgU+W/f+flsM54gTxcKcLGseT/K94hU+0lD8d8MwwjowEa0Yr5qg/U1qdj4RnGMtSX 9knMXUqd6ERLQR0eZVGTw==
UI-OutboundReport: notjunk:1;M01:P0:Frwjf2mECGM=;UeQ//I2Qtr4cJUj27sNNr10IkoF tFIqdcDwSVUJVdMR069qlEsrHvM0ZBv0d/ixo8XG7JbtjTVBa7vjompjYKYf0qNJf769p9T5E K3l66GOdNvbWFPBbxe/MTIQQV0UhyVAAGuS1TEUyWFPvnlFcnm1YW1+gz3M+bdgUTeT1PEKFG SlOrfdP6UiB8wKoapjFXS9bwG3pxJUTGbKX4H2H0zmrDD4m4pUsEBiY2+JkB0k4G5JKZqIvZY C1t/2zrZbFJmtPqKxebNqpXDVLlxAl/UCT+thOHz9g7cMbPNV7CFH+wWJbHisizS6mWpsQt83 GjowU0MAHdZmpazCMjQ6LiEoiZJNYeeZnvIfdu+LBKAPP7WmR8/txmUuPR6/22HAW4yFpGSFu A1XAB5C/kLnHH1xqoYUfcx4NnXm3iVdP6lB6rJPxzvIzZlBF+wvHF0ceOeneoM8bJ6GsWoxIR hVuHH449eYVVyM6iIHu0cjNiVyV/4A3L2PwCiUxChiT5mGO1QDKv4k2nmD8xnNKlVh/2vhW1F NFtmWYOv/jX7vLtvjVn/aGwHUTvogtjG+4FieBA1iyOjEnDhka8hfLduL690upiO9pk68l1IH FeDMnE2h1XIs5ovUZ+GU6mNgOnY6s4bi4F+g/iGUW8b9pUbM1qAgYxRo9alqPBMjDGrmxaUhO ved/2oxSJqSkd2DI98YENGjP4tOVuxirCYRserkucUB6crx+/oszEgrReMWaUWttYDk/vdXBg 89WTtvpTwD/wMOkU3MVWQ8s0qxw3za/vXT/ggWq6wN+Qqmt8VVWdopKH+cgkeAM2SArKKVqxI x+f6bWIef7XNlurTUmy0yUE+9wp+/FOV8iGP06QPlSpYUYBM2kc/OuJyrCj97ryGG3VREd8AY vK5dUsfr+tg2aMxLFVo5yj3AQ8eLCZ9BXdFLo1e4KXqBirmZWwey824OiyHbjO7fCzxyAovrc U5DsaLF5yi/E/fiKQVo9PdPDiEM=
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/lq0CiZlGOYlTD_TzjVv8UAXC4L4>
Subject: Re: [T2TRG] T2TRG interim meeting follow-ups - draft-irtf-t2trg-taxonomy-manufacturer-anchors-00
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jun 2023 09:57:54 -0000
Hi Mohit, Am 15.06.2023 um 11:34 schrieb Mohit Sethi: > > * Generally, reading and writing to TPM requires some minimal OS? How > is that signed/verified/booted? > A typical implementation of a TPM chip is some form of Cortex M processor (with crypto hardware) running a firmware to support the TPM specification functionality. The code calling the TPM features is run on a separate processor. You could call it the "application processor" since it will run the actual application code. Typically, TPM chips are used with higher-end processors (like Cortex A-class processors or similar) and they often run embedded Linux or similar. I have not seen TPM chips being used alongside low-end microcontrollers. Secure boot is also a simple concept: At every layer of the boot chain you verify the next layer (before you hand over control to that next layer). Since there are multiple layers in the boot process, the hand-over happens several times. With secure boot the idea is that you stop the boot process when you fail to successfully verify software/firmware. With measured boot, you continue but report what you "measured". Measured typically means computing a hash over the software/firmware plus some meta data. See also https://media.fidoalliance.org/wp-content/uploads/2022/12/FIDO-Device-Onboard-The-Device-Key-White-Paper.pdf for more discussion about measured and secure boot. > * When manufacturing my IoT device, how is the primary stage > bootloader signed and verified? The concept is simple: there is a root of trust, which is used to get started. The root of trust includes a "minimum" amount of software, hardware, keys and configuration which everything else relies on. For the first stage bootloader you have to assume an immutable bootloader code (typically stored in ROM) and immutable public keys (serving as trust anchors). From a terminology point of view you have to decide whether you call the first stage the immutable part or the bootloader that is started by the immutable part. When you read the data sheets of manufacturers then you will realize that they mix the terminology (and even invent their own terms). Hence, you have to read carefully. Ciao Hannes
- [T2TRG] T2TRG interim meeting follow-ups - draft-… Mohit Sethi
- Re: [T2TRG] T2TRG interim meeting follow-ups - dr… Hannes Tschofenig
- Re: [T2TRG] T2TRG interim meeting follow-ups - dr… Mohit Sethi
- Re: [T2TRG] T2TRG interim meeting follow-ups - dr… Hannes Tschofenig
- Re: [T2TRG] T2TRG interim meeting follow-ups - dr… Carsten Bormann
- Re: [T2TRG] T2TRG interim meeting follow-ups - dr… Behcet Sarikaya
- Re: [T2TRG] T2TRG interim meeting follow-ups - dr… Mohit Sethi