Re: [Teep] Zaheduzzaman Sarker's No Objection on draft-ietf-teep-otrp-over-http-14: (with COMMENT)
Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com> Sun, 26 March 2023 04:19 UTC
Return-Path: <zaheduzzaman.sarker@ericsson.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A1D3C151B12; Sat, 25 Mar 2023 21:19:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XVA5nF6gomRb; Sat, 25 Mar 2023 21:19:55 -0700 (PDT)
Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on20631.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eaf::631]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 494D0C151542; Sat, 25 Mar 2023 21:19:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CGdxMTFwq/qMJv396Xcy9tm4zU8e9OlkazumbHfoYPfPCYIIiovZHDggWR42ba+KsCBdDAIyXqM9d+7HF5n0iBdpc+dB7LIOGV5vnrAvtY7034bTUjGuVqTXmKVKWOdtTjGHY4xpD66c7YkWoSSo0ClAkjP/gjRKd6lU2/9vVZAx8007tJIfnLTVZwUCT3pLKfQBhvAqpzei9bK9wIdWK16B1xQy0Eg1rA5MhPxlBy4VVOaJZ0DBG76cEB3G1MjlZREeFPnzY8pOnHn+edxzD6TxGXuu0Vh7a/o5fE+iPBFFqRQixMbyxeMhhV5+6sDatN/kpFt1j5AMzHjDcryE9g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ytDb65h5hAv43t4/UfROO1maQiPJIWWr5WsiYg2YpIA=; b=LYu2t2V1HaPQzeb8ULXeFwCU4gpP1WoYySPu56YYYttGINrJx/V1hxdwt3Oaj1zn9wD27JQNg58dBNgSzGD2Q6weMLHVzyQ/RdxL4g2dN3edqc/bFCWz2yDO9KdWs7iFaYh2jdNdELpfAj9N5zNzmk8kiEhCMxseheoRp0ZkRD2agqx+KMYAykpC9/LLfGcFQ3O1nDlAOJPuCuyilVRVBZLPGfvKJBVrTECsLP4liPNhWdS7XqT/ksWy6zUYlvi8VPEtsl3tFwO//TO/tOHFQKd9OayM62YNjMlZZN3ILb1phmVyNsl+WKvenwmRajueHl+kVUfeWCeeg+fXXB2SSQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ytDb65h5hAv43t4/UfROO1maQiPJIWWr5WsiYg2YpIA=; b=nreoW8kJ935C2ZWcbKJWhHwsHxiayDg6c4rvOOgZ5se0d3NrqKKK6b7w9zu+USPMPJypZP0hRza+dYqc9x3fhcOADb6sA3XfAU6uledGhKA/ABfy3wpMal6hASoLe2zurH/LrvOCi1rVhFMaLgJkhxyUebOM1lhJLEMWEnXJomM=
Received: from AM6PR07MB3992.eurprd07.prod.outlook.com (2603:10a6:209:32::29) by GV1PR07MB8334.eurprd07.prod.outlook.com (2603:10a6:150:1d::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.41; Sun, 26 Mar 2023 04:19:49 +0000
Received: from AM6PR07MB3992.eurprd07.prod.outlook.com ([fe80::8bdc:da6:f990:7b7a]) by AM6PR07MB3992.eurprd07.prod.outlook.com ([fe80::8bdc:da6:f990:7b7a%7]) with mapi id 15.20.6178.041; Sun, 26 Mar 2023 04:19:48 +0000
From: Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>
To: Dave Thaler <dthaler@microsoft.com>
CC: "draft-ietf-teep-otrp-over-http@ietf.org" <draft-ietf-teep-otrp-over-http@ietf.org>, "teep-chairs@ietf.org" <teep-chairs@ietf.org>, "teep@ietf.org" <teep@ietf.org>, "kondtir@gmail.com" <kondtir@gmail.com>, The IESG <iesg@ietf.org>
Thread-Topic: Zaheduzzaman Sarker's No Objection on draft-ietf-teep-otrp-over-http-14: (with COMMENT)
Thread-Index: AQHZV1raoE4yaSydg0uTB/jXRF7d4q8K4HIAgAGjfVU=
Date: Sun, 26 Mar 2023 04:19:47 +0000
Message-ID: <AM6PR07MB39925FC825E4B2BCF5653B019F8A9@AM6PR07MB3992.eurprd07.prod.outlook.com>
References: <167889755355.53650.11341336162328735683@ietfa.amsl.com> <PH7PR21MB38784EDFE7F463593332BD52A3859@PH7PR21MB3878.namprd21.prod.outlook.com>
In-Reply-To: <PH7PR21MB38784EDFE7F463593332BD52A3859@PH7PR21MB3878.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2023-03-25T03:09:51.0000000Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM6PR07MB3992:EE_|GV1PR07MB8334:EE_
x-ms-office365-filtering-correlation-id: ac9b93be-1160-442f-cd3b-08db2db155de
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: S7w00+HgYsFeyiRIAKbeGat3ouvzbO5jH2gH3XUG5gAtoomJ2BMWP84PMh7F2OKpjz/1UVLbpllseqOqJkGKKC6/p+LYZ5vfJ6e1FLWXOIOjIvd9dLoPCjg/oNh5geJdabL0iByRv6dVmtb/Z7q/BCJNwwu1dVF5MnFk+oLHLzXqR8KGzbKICPQVAE7tpd2PsU5KkgdGPBgQXS670NoBtWQLEPfDwYVgNYZy7Bw/RPZhtfwL/Dm2HLrs2VfTBQ1iLKoef7QtArUhogdpb1GXGdtgRdGMZdUdATDlBeU/bHxTue8PcwJUC1OxlK6B3vWpdJkIrPPpB9mOVRnhVjYgYYQla+RZMSWFsSQBh/s/iS6N2LCSweuEH9xYve0TKxDyBVSkBujhQbHbIRECzqMpXnWyVuHGeCLKtD7oJMQI+UwP6IbBS9j6jHHVuLBsG8+uLDyhwj9cnKsY9IDLrJq57Asl9w3/V/qpZWt+280MjJoErv19hH7WZzqcVtxbMsGiPEP9wtj8mJgSxs3G0qrXOHSwlxfELapquE8e+U2S/8f2Q/wkSzDoWl7n0OAjNlV2AKMNbaheIOiK3IDA4YxAkvFNe01Y2yM5TFkIZf3K0c56gstYGjIZzvOconoQ1lULBwEuxWc//6/Y91OIp0swd+HwMs5rzLkh8/EwnN/KxA8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB3992.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(376002)(366004)(346002)(136003)(396003)(39860400002)(451199021)(66574015)(7696005)(91956017)(316002)(83380400001)(45080400002)(478600001)(9686003)(71200400001)(186003)(54906003)(53546011)(44832011)(2906002)(6506007)(52536014)(5660300002)(86362001)(8936002)(33656002)(122000001)(82960400001)(41300700001)(38100700002)(66476007)(66946007)(76116006)(66556008)(38070700005)(55016003)(66446008)(64756008)(4326008)(6916009)(8676002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 5J+YgfQc81limiVDXcIPSvbHhTwPEgs55abFAdOUG+TEbmCAQmtzBRvbrq1VPbyzsA99YRyEMnuTVx+BSleGbT44bdZ7IJM5YRa8BXQzDqMRzWen/SJ243CPtR3eV2azOWISfkfyZDVZJFRnrsrRWFIzKvCt2YuZBw+xNNbWd13VDypB2xYCUz8n7Y1D/bNKKQfrXpGScRN0Vmoh9OWxtdxxb4kqKh2dBzHMcqEisp4NdRoBTBEpfV7ukqN4KqdZskA0RTBQw4ty1yMfIfobJxw14MLyvq3iraRqs6uespjOPvWLo45VEw0X+4HbqSqfGEqRV/tzvjagQ+6H+yVT7gSqSW/wY87Hn9vD6d5yTHmZoZ77WLmuVXBiZLuPLj5OZi4xWds1koWHWk5nMFe5zLIGtXkrGYeDX4XMFeSrnKFyxgMkTJ2CDsXX+AZhBrTUflzdbQEkL2cYOux7UrQH07ZAwj9c6XU8iP7Ibtnju4+w6e9gTzyPTT1/WTlqhLRyIebHezkY3xF+GVKMD9+o660q117C/PNl+2aYUblio6b7kNd4QxDKHsshYbeoy3aQtP72AmKxRaeXbe//cHwKnuNA9yX714sUcF+/XSQGSkUjuL83LoAEqguOavhKYlg7v8zlHCkil5w+oD5HQ/Du45SJxbgN29IgwaDPr92UAt9HKANYXymipA3tIGfy20fTMFkbk57EO/H+xsXMXbj22YhI9Fn1qIyNTS1lhbwdMHoF94faynvqfBT5/FubXQL53qRhjWGAf5kAwYB47Mt4cFmXnhqWiMGvHzCqam92dsCDXUxbGu+ywk97HIuUk2f09h1WMLcHQ9C94XaMfOYs3MQDRA7SSu6pekQfvSrK9nclyGjiBfltnal1aGLMkw8v35B/yfxyz33hWij/GYOr/fQ5zotZiiLPROQDZH+GqSrxcpP+RW/rvWexmKcVDiP9sX+pwRwpAcxu9FSAQex67p9U4V5jCAwstuewKl1FU99BuqejZ4pk9Le2f9Bap/6dSoSRSnkgChpA8ZXvtXv7FhAoYcF16/QzwUTtoIAYQ9YEfiS4dmY16meaKqP1Ql8kKSBmHzYDtIwucPMTDmOpOhWplekQNx+p5pE0/CquceV6Pwb5vaoddJO9PBmlXuceq+VKjy/hBJpF1RAVEJr7GdU8iQhKVcQfJxdqhYPhBxLl3ngPzjuknRHMqik5/HRXZjf/tsz3/gLpIUdrKbHpGeelsmS2LxS7dPy/JoWfphN6+JNCgrb8gcvKAlMz4pKwQGePtD76mH9bTzIyO2CJM0JsWlXmkdOjNksVB4TXx2yRnA8aJeqvEZeptG0dR4FbOC/VDCBFmoF7zhfpyVS4QX4CsM7co5ICQG1N2TN0efbNHlY4liIHJE9rntYeFdUXeoWkSightjFINFJKdRhjM/JNfO/2MG3SzKjwWa6t06FI/hDiCIhKihSx7aSH/5HWGADX8v0VL1fNX6WeiPSqLVAtUp4IZ1zy7cGsDx2fhxP5RCA4ERxpPesphuyrs9zoTViMJgAzGdysKbM7DeT3h2Tf+i4GOGNtDMcw/rMU656q6RHSmyalKdLAGQZS+mTWd8MOtu5Yzeiz27a/Uc+48trc+BCHoL3he+zsbkgpCfMs+cL5d9s20CudO4kEiCb9SmdgYmZqGE5UHP810pVxGeFVLdCazZNnYiqUIcH/AbY=
Content-Type: multipart/alternative; boundary="_000_AM6PR07MB39925FC825E4B2BCF5653B019F8A9AM6PR07MB3992eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM6PR07MB3992.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ac9b93be-1160-442f-cd3b-08db2db155de
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Mar 2023 04:19:47.6027 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: uiz+RZ3kwP3oVJqzeDesVCX/WM5r6EN6qL3enMdO66FSr5k3G+3lhDJS+ouTTpkg3uV+ZzzEbDNIuCFPmKAuRkwmpkfwXE5AR2tGNWFndOGY/3wyPf5Nc9/xQ8brM/Mz
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR07MB8334
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/4VR-o24iRLZ3otbLVY68kdPDirM>
Subject: Re: [Teep] Zaheduzzaman Sarker's No Objection on draft-ietf-teep-otrp-over-http-14: (with COMMENT)
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Mar 2023 04:19:59 -0000
On 2023-03-25, 12:12, "Dave Thaler" <dthaler@microsoft.com> wrote: > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for working on this specification. I haven't find any TSV related issues > in this specification in my review. > > I have comments/questions that I believe would improve the document if > addressed - > > # it says - > > and a "Trusted Application Manager (TAM)" on the server side) SHOULD > themselves run inside a TEE > > why is it necessary to use normative language here? is this something this > spec describing first for the TEEP architecture? It is however not the > intention of this specification to define TAM placement, or? Changed to "might or might not": To be secure against malware, a TEEP implementation (referred to as a TEEP "Agent" on the client side SHOULD run inside a TEE, and a "Trusted Application Manager (TAM)" on the server side) might or might not run inside a TEE. Hmm, this does not really address the question. This specification is not about giving recommendation on where the Agent should run, is it? I didn’t find any such assumption imposed or required for the rest of the specification to be realized, have I missed anything? If we think this is a nice thing to say, then I would suggest rewriting as To be secure against malware, a TEEP implementation (referred to as a TEEP "Agent" on the client side is expected to run inside a TEE, and a "Trusted Application Manager (TAM)" on the server side) might or might not run inside a TEE. > # it says - > > Since POST responses without explicit freshness information are > uncacheable (see Section 9.3.3 of [RFC9110]), no Cache-Control header is > needed. > > Should this not say - > > Since POST responses without explicit freshness information are > uncacheable (see Section 9.3.3 of [RFC9110]), hence Cache-Control > header > MUST NOT be used. > > I.e. use normative language to avoid the use of that particular header? also > explains if a Cache-Control header would generate error. Updated. Thanks. //Zahed
- [Teep] Zaheduzzaman Sarker's No Objection on draf… Zaheduzzaman Sarker via Datatracker
- Re: [Teep] Zaheduzzaman Sarker's No Objection on … Dave Thaler
- Re: [Teep] Zaheduzzaman Sarker's No Objection on … Zaheduzzaman Sarker