Re: [Teep] My BoF impression
Jeremy O'Donoghue <jodonogh@qti.qualcomm.com> Tue, 04 April 2017 14:12 UTC
Return-Path: <jodonogh@qti.qualcomm.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 882631288B8 for <teep@ietfa.amsl.com>; Tue, 4 Apr 2017 07:12:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.02
X-Spam-Level:
X-Spam-Status: No, score=-7.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g4d2nTak0vKh for <teep@ietfa.amsl.com>; Tue, 4 Apr 2017 07:12:44 -0700 (PDT)
Received: from wolverine02.qualcomm.com (wolverine02.qualcomm.com [199.106.114.251]) (using TLSv1.2 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6672F12762F for <teep@ietf.org>; Tue, 4 Apr 2017 07:12:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1491315164; x=1522851164; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=H8qoyrrPqjzKVY3pGqYSp3mrUuf7XsqchcOZV07eX/s=; b=opYV2Iytk65IVYWo0PrehHfVeVj2U2VvF7YGB9eKYnDSo63UhLFrXkmH CPxZqu9ChsuwYBwW8UnCaedlZp+vF9dOoqTP6xfkKHSRwtJYGY/p0BSH1 dtwzS9h7dS4erIVqcEg4XYRevJ2574Uq01YRiJvsxgZR7U9FRu1l22FH5 k=;
X-IronPort-AV: E=Sophos;i="5.36,275,1486454400"; d="scan'208,217";a="371308843"
Received: from unknown (HELO Ironmsg03-L.qualcomm.com) ([10.53.140.110]) by wolverine02.qualcomm.com with ESMTP; 04 Apr 2017 07:12:43 -0700
X-IronPort-AV: E=McAfee;i="5800,7501,8487"; a="1344919432"
X-MGA-submission: MDGMU670mf2dt/RDoRKyRkOTxsn+M5Kx5d9yVu+uDk6zszYkhXFrrCufNfPPBq+GA/96D9fx01U5ZLk1tfriAuiY5iu4SlAH8Vyljxoz1Zy1U3J2KaIoh183LC9XLHyAZenQFb62U63wIAKPsHSNAedq
Received: from nasanexm02h.na.qualcomm.com ([10.85.0.89]) by Ironmsg03-L.qualcomm.com with ESMTP/TLS/RC4-SHA; 04 Apr 2017 07:12:43 -0700
Received: from euamsexm01b.eu.qualcomm.com (10.251.127.41) by nasanexm02h.na.qualcomm.com (10.85.0.89) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 4 Apr 2017 07:12:42 -0700
Received: from euamsexm01a.eu.qualcomm.com (10.251.127.40) by euamsexm01b.eu.qualcomm.com (10.251.127.41) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 4 Apr 2017 16:12:39 +0200
Received: from euamsexm01a.eu.qualcomm.com ([10.251.127.40]) by euamsexm01a.eu.qualcomm.com ([10.251.127.40]) with mapi id 15.00.1178.000; Tue, 4 Apr 2017 16:12:39 +0200
From: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>
To: Tero Kivinen <kivinen@iki.fi>
CC: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, teep <teep@ietf.org>
Thread-Topic: [Teep] My BoF impression
Thread-Index: AdKsfR5pN/u1b+bUScqch7DKLecY3QAp6lqAAAX+EwA=
Date: Tue, 04 Apr 2017 14:12:39 +0000
Message-ID: <CB221FB1-18D2-4F7B-88D9-1E9F9828D468@qti.qualcomm.com>
References: <HE1PR0802MB2475515770704882F9CFBDBCFA080@HE1PR0802MB2475.eurprd08.prod.outlook.com> <22755.33183.740819.743679@fireball.acr.fi>
In-Reply-To: <22755.33183.740819.743679@fireball.acr.fi>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3273)
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [212.136.9.72]
Content-Type: multipart/alternative; boundary="_000_CB221FB118D24F7B88D91E9F9828D468qtiqualcommcom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/FvwtpzqjsoohRVA2-NgFtg2Gd_g>
Subject: Re: [Teep] My BoF impression
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Apr 2017 14:12:46 -0000
On 4 Apr 2017, at 12:21, Tero Kivinen <kivinen@iki.fi<mailto:kivinen@iki.fi>> wrote: My feeling that the main question what people did not understand was: What is the real difference between TEEP and just normal application download. I.e., why separate protocol is needed. How is this different from just having perhaps encrypted signed application blob from the marketplace and installing that. At least that was my main question when we discussed this before the BoF. Of course it does not help, that when you ask that question from different people you get different answer, as the idea of what TEEP is different for different people… I think there is a degree of talking at cross-purposes. There is one group - essentially those sponsoring the creation of this group - which has a very clear understanding of what it would like TEEP to be, which is essentially three things: 1. A mechanism for managing Trusted Applications and their associated secrets and key material in a GlobalPlatform TEE or something that is conceptually very similar. 2. A mechanism for establishing a chain of trust rooted in firmware and covering the TEE and possibly other system components up to and including the executing Task in a Security Domain. 3. A mechanism - targeted at phone and tablet type devices - which operates independently of the “App Store” mechanism, and is based on a PKI infrastructure allowing Service Providers to manage the Trusted Applications they control without the need for user intervention. The draft specification very clearly addresses such a system. Understanding it fully requires considerable familiarity with the GlobalPlatform TEE specifications, since much of the terminology and architectural assumptions are derived from these. There is a second group which is starting from a more abstract position of what a TEE should look like and what security services it might then provide to a system and how the control of these could be structured. This is a completely different problem, and likely a much broader one which is difficult to encapsulate in a small scope. Trying to make the architecture too generic also confuses things. It might be better to have more concrete example with more limited scope, that would explain things what TEEP should provide. For example: 1) TEEP provides a way to install software from the Secure trusted application marketplace to the TEE running inside device. 2) The Secure trusted appliation marketplace needs to be able to verify that the TEE wanting to install an application is actual TEE, and not some fake device, for example using signature from the key installed by the manufacturer which is used to sign the installation request. 3) The Secure trusted application marketplace can then encrypt the trusted application with TEE specific key, so that nobody else than TEE can decrypt and install it. This will prevent leaking out confidential material inside the application. Trusted application instlal package might also be personalized for the specific TEE. Secure trusted application marketplace will also sign the trusted application install package, so TEE can verify it is authentic. 4) TEE will verify the signature of the trusted application install package, and check that signer is trusted, and then it will decrypt the package, and install it. 5) The application running on the REE side might need to verify that the trusted application part of it has been properly installed to real TEE, so it can trust it doing its job. I am not sure if this will be part of the TEEP or not... Is my understanding of TEEP correct? I do not know, and I assume other people have different ideas what should or should not be part of it. I think this is a pretty good explanation of what the first group would like to see. Best regards Jeremy
- Re: [Teep] [EXT] Re: My BoF impression Nick Cook
- Re: [Teep] [EXT] Re: My BoF impression Jeremy O'Donoghue
- Re: [Teep] [EXT] Re: My BoF impression Nick Cook
- Re: [Teep] [EXT] Re: My BoF impression Erik Nordmark
- Re: [Teep] [EXT] Re: My BoF impression Nick Cook
- [Teep] My BoF impression Hannes Tschofenig
- Re: [Teep] My BoF impression Michael Richardson
- Re: [Teep] My BoF impression Kathleen Moriarty
- [Teep] My BoF impression Tero Kivinen
- Re: [Teep] My BoF impression Michael Richardson
- Re: [Teep] My BoF impression Jeremy O'Donoghue
- Re: [Teep] My BoF impression Tero Kivinen
- Re: [Teep] My BoF impression Michael Richardson
- Re: [Teep] My BoF impression Michael Richardson
- Re: [Teep] My BoF impression Wheeler, David M
- Re: [Teep] [EXT] Re: My BoF impression Brian Witten