IETF Logo Mail Archive

Re: [Teep] [Rats] Class ID claim (and other HW identification)

Laurence Lundblade <lgl@island-resort.com> Wed, 12 January 2022 18:41 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0481D3A1866 for <teep@ietfa.amsl.com>; Wed, 12 Jan 2022 10:41:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.896
X-Spam-Level:
X-Spam-Status: No, score=-6.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8NA5xkPXOa_M for <teep@ietfa.amsl.com>; Wed, 12 Jan 2022 10:41:08 -0800 (PST)
Received: from p3plsmtpa09-09.prod.phx3.secureserver.net (p3plsmtpa09-09.prod.phx3.secureserver.net [173.201.193.238]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADA713A1867 for <teep@ietf.org>; Wed, 12 Jan 2022 10:41:07 -0800 (PST)
Received: from [192.168.1.7] ([75.80.148.243]) by :SMTPAUTH: with ESMTPA id 7iYTnEXm3ONYO7iYTn9no7; Wed, 12 Jan 2022 11:41:05 -0700
X-CMAE-Analysis: v=2.4 cv=OpSKdwzt c=1 sm=1 tr=0 ts=61df20c2 a=VPU1mRQhDhA4uSX60JRRww==:117 a=VPU1mRQhDhA4uSX60JRRww==:17 a=7CQSdrXTAAAA:8 a=K6EGIJCdAAAA:8 a=48vgC7mUAAAA:8 a=SIKdgms2ATSLiGHBBWQA:9 a=QEXdDO2ut3YA:10 a=ezOrDc_Y3cq2Y5Z9pX4A:9 a=VKuW4HIFzdLg1z7B:21 a=_W_S_7VecoQA:10 a=a-qgeE7W1pNrGK8U0ZQC:22 a=L6pVIi0Kn1GYQfi8-iRI:22 a=w1C3t2QeGrPiZgrLijVG:22
X-SECURESERVER-ACCT: lgl@island-resort.com
From: Laurence Lundblade <lgl@island-resort.com>
Message-Id: <9063E62C-4A3B-4C24-ABCF-BDDA64068AA1@island-resort.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_9F342500-62B2-431A-B54A-5A91C53A3533"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
Date: Wed, 12 Jan 2022 10:41:05 -0800
In-Reply-To: <E127B6FB-D326-4A1E-B233-7604596A3C3E@arm.com>
Cc: Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org>, rats <rats@ietf.org>, teep <teep@ietf.org>
To: Brendan Moran <Brendan.Moran@arm.com>
References: <392AEEF5-C182-490A-92CA-F7D9B365C217@island-resort.com> <CH2PR21MB14646CC2BE8E496F0F3859DDA3499@CH2PR21MB1464.namprd21.prod.outlook.com> <8466B6E2-C335-4173-A2A2-3CCA555D28CA@arm.com> <62743D24-49F4-4480-9561-F00DA513C9FF@island-resort.com> <17B0A124-1BDF-41A1-8680-B44C2A540941@arm.com> <2440B689-1943-4227-B96F-F9ABD046D252@island-resort.com> <E127B6FB-D326-4A1E-B233-7604596A3C3E@arm.com>
X-Mailer: Apple Mail (2.3445.104.17)
X-CMAE-Envelope: MS4xfCkRr1QmqUjjm0rFr5THm+Za4CY5gwSd7T4EZ7Cr7vAOJpT4O0hJaVw/kgkMdZ0FTFFIfOpdXuK2cfZiT7BGNtjX0/xVk2Erztb8kGISufqlNL4d/bo2 2AuA06h95h4W6Lvldt+76p/8hF8EfomSczIOpym/Ls+SHOdAEj/kEGKU/ty+wq1LsgIUCo4qT6vNCHTmURCiSlBMfYahToM48ualdKnQTlYd0+to2QP/QCq7 wXfZZI3nGMNP0Y04yeuAzqRwSQtZcT9TD1lh62jnRe4QBbRZ6EF+sV1fU/8AzcCP
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/DaNX4kYMz1iA2rcq6rdOwOWnjds>
Subject: Re: [Teep] [Rats] Class ID claim (and other HW identification)
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jan 2022 18:41:12 -0000

I can’t seem to be able to understand what is to be classified or typed or how and why this claim would be used by the RP or Verifier, so I’m not the one to write the definition of this claim. I’ve made several attempts that didn’t work out. Maybe if I understood TEEP better, but at this point I need to spend time on getting EAT through last call.

You can put a claim in the TEEP document and have it be used by lots of others. Doesn’t have to be in the EAT document to be of general use.

LL




> On Jan 11, 2022, at 1:12 AM, Brendan Moran <Brendan.Moran@arm.com> wrote:
> 
> Hi Lawrence,
> 
> I don’t think I was clear. I was saying that class IDs are important, but that there’s no need to differentiate between /types of classes/. When class IDs are opaque blobs, a lookup of some sort is implied. Since a lookup is being done, the /type of class/ should be extracted in the lookup. There’s no need to differentiate between types of classes in EAT itself since it’s for transporting information that will later have a lookup done.
> 
> Best Regards,
> Brendan
> 
>> On 11 Jan 2022, at 04:33, Laurence Lundblade <lgl@island-resort.com <mailto:lgl@island-resort.com>> wrote:
>> 
>> Hey Brendan,
>> 
>> I made the HW-IP PR as an educated guess, from talking to Dave, and from a some text in section 7 of TEEP Architecture. I don’t have any agenda here but to make EAT work well for SUIT and TEEP.
>> 
>> Obviously, I’m missing the mark, so I’m graciously bowing out. So no class ID in the EAT draft.
>> 
>> LL
>> 
>> 
>> P.S. I do appreciate the discussion as is resulted in adding the HW Model ID claim to EAT, something that was missing.
>> 
>> 
>>> On Jan 10, 2022, at 1:12 PM, Brendan Moran <Brendan.Moran@arm.com <mailto:Brendan.Moran@arm.com>> wrote:
>>> 
>>> IMO, adding a new claim like this is counterproductive. It presupposes that we can predict all classes that a device may belong to. Sure, we can make a registry of different kinds of classes that a device can belong to, but why? Frankly, the naive approach is better than this: you have a database that maps OEM + model + revision into an application-specific taxonomy. Of course, now someone has to actually maintain that database. Have fun.
>>> 
>>> Why not take the easy route? It’s far simpler for a device to be the intersection of ANY properties that make it distinct. The entity consuming an EAT needs those anyway. And as to why I don’t want a taxonomy? Because it’s unnecessary. To use any of these identifiers, you have to use a database to convert the identifier into whatever it is that you actually care about. That database can just as easily contain any taxonomy you like.
>>> 
>>> We’re talking about adding more complexity to a specification in order to distinguish between:
>>> 
>>> SELECT * FROM hw_ip_identifiers WHERE id=${ID}
>>> Vs
>>> SELECT * FROM hw_identifiers WHERE id=${ID} AND taxonomy=“hwip"
>>> 
>>> Why would we complicate the spec to add taxonomies in order to simplify a database in such a trivial way?
>>> 
>>> In my opinion, we should look at a single physical device as the intersection of several sets: 
>>> * the OEM’s model identifier (incl. HW revision)
>>> * the SoC identifier (incl. SoC revision)
>>> * the processor’s type/version/revision
>>> * the trusted OS’s version/revision
>>> * the boot loader (especially if it’s in ROM) version/revision.
>>> 
>>> All of these matter (I think) to TEEP. We need to report them all. But is the list exhaustive? Probably not. While a registry for the different taxonomies may be relevant, I doubt it matters in EAT itself. That only matters when looking up an identifier.
>>> 
>>> What is the concrete value of specifying the taxonomy of an opaque blob in an interchange document?
>>> 
>>> Thanks,
>>> Brendan
>>> 
>>> 
>>> 
>>> 
>>> 
>>>> On 7 Jan 2022, at 23:56, Laurence Lundblade <lgl@island-resort.com <mailto:lgl@island-resort.com>> wrote:
>>>> 
>>>> So rather than a HW Class, how about a HW IP claim? It would reuse the same triple for identifying HW, OEM, Model, Version. It could occur along side the HW OEM, model and version. This seems better than my current PR and lines up better with Brendan’s examples and with the reality that HW IP comes from a vendor, has models and versions. I’ll write up a PR for it if I receive some positive feedback here.
>>>> 
>>>> 
>>>> The distinction between chip and device is intended to be handled by submodules in EAT. Submodules can express arbitrarily complex architectures and device compositions.
>>>> 
>>>> I think it’s cleaner to keep the HW-identifying claims separate from the SW-identify claims. Would really like the identification of the Trusted OS Vendor be handled by CoSWID and friends. Trying to make some claim suitable for identifying both SW and HW for all of attestation seems over-ambitious.
>>>> 
>>>> I also think it’s fine to define some claims better suited to the TEE world in TEEP if we can’t find enough common ground between TEEP and the very broadly applicable stuff that goes into EAT.
>>>> 
>>>> LL
>>>> 
>>>> 
>>>> Note: I find the use of the word “class” here confusing. If I were putting TV’s into classes I’d uses classes like smart/dumb, display type (LCD, CRT, OLED) and such that identify characteristics of TVs independent of vendor and model. "Sony Bravia" is not a class IMO. Nor is “Microsoft Windows” (an OS the runs on lots of HW platforms). I’d like to move away from the word.
>>>> 
>>>> 
>>>> 
>>>>> On Jan 4, 2022, at 3:06 AM, Brendan Moran <Brendan.Moran@arm.com <mailto:Brendan.Moran@arm.com>> wrote:
>>>>> 
>>>>> I think devices will need to report multiple vendor/class pairs.
>>>>> 
>>>>> For example, A mobile device could potentially contain:
>>>>> 1. A Mobile Device OEM Vendor ID
>>>>> 2. A Silicon vendor’s Vendor ID
>>>>> 3. An IP vendor’s Vendor ID
>>>>> 
>>>>> This is not an exhaustive list.
>>>>> 
>>>>> For Arm Trust Zone TEEs, I would expect to see:
>>>>> 1. The Arm Vendor ID + the processor core’s Class ID
>>>>> 2. The Trusted OS Vendor ID + the Trusted OS Class ID
>>>>> 3. The Silicon vendor’s Vendor ID + the processor Class ID
>>>>> 4. The Device OEM’s Vendor ID + the device Class ID
>>>>> 
>>>>> Cheers,
>>>>> Brendan
>>>>> 
>>>>>> On 3 Jan 2022, at 21:00, Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org <mailto:dthaler=40microsoft.com@dmarc.ietf.org>> wrote:
>>>>>> 
>>>>>> Laurence Lundblade wrote:
>>>>>>> I talked to Dave which resulted in reorientation of my understanding of Class ID in TEEP.
>>>>>>> 
>>>>>>> Class ID basically identifies HW IP from a HW designer like Arm or Synopsis that is integrated into chips made by various HW OEMs like Qualcomm, Samsung and Apple. The term used frequently for this is "IP" (I know this well from my days working on HW at Qualcomm).
>>>>>>> 
>>>>>>> I've created a PR for HW Class.
>>>>>>> 
>>>>>>> Since what is identified spans OEMs, this must be a globally unique identifier. We need to be explicit about that. 
>>>>>>> 
>>>>>>> I know of four ways to have a global identifier:
>>>>>>> - Use OIDs
>>>>>>> - Use DNS / URI
>>>>>>> - Probabilistically using a big enough byte string
>>>>>>> - A new registry, perhaps IANA (but we probably don't want this)
>>>>>>> 
>>>>>>> The PR allows all but the last, but this could be reduced to just one or two of the above.
>>>>>> 
>>>>>> PR looks great to me, except that would I agree with reducing it to one or two.
>>>>>> Since the ability to take a value and resolve it to something meaningful is useful in many cases (logging, wireshark analysis, etc.), I would remove the third option.
>>>>>> 
>>>>>> OIDs, encoded as int arrays, probably compress the best so if only one, then I'd pick that one.  URIs are convenient though also so if two, then that's my second pick. 
>>>>>> 
>>>>>>> I don't see this claim as essential for EAT, but I committed to working through this with TEEP. I'm fine with this PR going into a TEEP document rather than EAT.
>>>>>> 
>>>>>> The notion of HW class ID is not specific to TEEs, hence the request to put it in EAT rather than in anything that would imply use is limited to TEEs (hence not in a TEEP document).
>>>>>> 
>>>>>> -Dave
>>>>>> 
>>>>>> _______________________________________________
>>>>>> TEEP mailing list
>>>>>> TEEP@ietf.org <mailto:TEEP@ietf.org>
>>>>>> https://www.ietf.org/mailman/listinfo/teep <https://www.ietf.org/mailman/listinfo/teep>
>>>>> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. 
>>>> 
>>> 
>>> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. 
>> 
> 
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email