IETF Logo Mail Archive

Re: [Teep] [EXT] Re: [EXT] Re: Charter strawman proposal

Mingliang Pei <Mingliang_Pei@symantec.com> Wed, 26 April 2017 21:39 UTC

Return-Path: <Mingliang_Pei@symantec.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB7C51294FE for <teep@ietfa.amsl.com>; Wed, 26 Apr 2017 14:39:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.222
X-Spam-Level:
X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CBbvl3Y6VMMP for <teep@ietfa.amsl.com>; Wed, 26 Apr 2017 14:39:12 -0700 (PDT)
Received: from tussmtoutape01.symantec.com (Tussmtoutape01.symantec.com [155.64.38.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4ED9C128B91 for <teep@ietf.org>; Wed, 26 Apr 2017 14:39:12 -0700 (PDT)
Received: from tussmtmtaapi02.symc.symantec.com (tus3-f5-symc-ext-prd-snat3.net.symantec.com [10.44.130.3]) by tussmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id 57.FA.40682.F7311095; Wed, 26 Apr 2017 21:39:11 +0000 (GMT)
X-AuditID: 0a2c7e31-dc6d39a000009eea-30-5901137fa21b
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat2.net.symantec.com [10.44.130.2]) by tussmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id B7.8D.58529.A7311095; Wed, 26 Apr 2017 21:39:07 +0000 (GMT)
Received: from tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Wed, 26 Apr 2017 14:39:06 -0700
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (10.44.128.8) by tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Frontend Transport; Wed, 26 Apr 2017 14:39:05 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symc.onmicrosoft.com; s=selector1-symantec-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xUPMjFr9VwfdTS4/iznVIegy+R+3C5o07rqKTCAoJns=; b=2iIZrCayzOic7aDS20BTPYV67jjfRZp0OMmGDIdOhxqAybXasvQzRM/DzpdJsAntf4VTUgASxo//XPvQpsnbdE8/YwT32NInr/rXU/1Y5LRyfhS2TZo8e7oqf8J5QArcgv9zcHhiKz2loBrtH7dIO3Y3LdrMbW+zRRNdW9xlEiA=
Received: from CY4PR1601MB1126.namprd16.prod.outlook.com (10.172.117.12) by BN6PR16MB1475.namprd16.prod.outlook.com (10.172.207.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1047.13; Wed, 26 Apr 2017 21:39:03 +0000
Received: from CY4PR1601MB1126.namprd16.prod.outlook.com ([10.172.117.12]) by CY4PR1601MB1126.namprd16.prod.outlook.com ([10.172.117.12]) with mapi id 15.01.1047.019; Wed, 26 Apr 2017 21:39:02 +0000
From: Mingliang Pei <Mingliang_Pei@symantec.com>
To: Brian Witten <brian_witten@symantec.com>, Nick Cook <Nick.Cook@intercede.com>
CC: "teep@ietf.org" <teep@ietf.org>
Thread-Topic: [EXT] Re: [Teep] [EXT] Re: Charter strawman proposal
Thread-Index: AQHSvo9AaOWfOMpOUkGYiXWum7NGkKHXuJaA
Date: Wed, 26 Apr 2017 21:39:02 +0000
Message-ID: <D5266162.33B19%mingliang_pei@symantec.com>
References: <HE1PR0802MB2475D750A62DFFAB28F1768CFA320@HE1PR0802MB2475.eurprd08.prod.outlook.com> <0627F5240443D2498FAA65332EE46C84366EA50D@CRSMSX102.amr.corp.intel.com> <HE1PR0802MB24757875E98E453BAFD35C40FA320@HE1PR0802MB2475.eurprd08.prod.outlook.com> <VI1PR06MB321539A06179D62B7C0001F0FF110@VI1PR06MB3215.eurprd06.prod.outlook.com> <57999A96-6EB4-45FF-A646-86353849B8DC@symantec.com>
In-Reply-To: <57999A96-6EB4-45FF-A646-86353849B8DC@symantec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.7.0.161029
authentication-results: symantec.com; dkim=none (message not signed) header.d=none;symantec.com; dmarc=none action=none header.from=symantec.com;
x-originating-ip: [155.64.23.3]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR16MB1475; 7:yh1g/2JdNP02B41YiPobTwbx0eNlcI91I6OU466zAAMk8ZUJxkxahAacEqjPQrz8uuGzGqVa0x5gFhQ2Qxhqsa8VPdCwP/FVWaK1oq4EUKiPq5HA5seEb0Nhg7kiP/T2lw6zP4BzYVXMpztVjADNe3CkfnfeVWeqkb2AQi6EsitCebStcR8qhd81DwgCgt5uf5dt03ZTNSMvS2FeghVtc60ebLKRb4nAIn9SORcKN6HBw39RpUZQ6WZtI7/zw66MVPZMwd1CnHlxycwO+XEBn0mHMQFnC8LSLgQVoJtSLy7WpRTcwY0fImxV++nMKTMyXiqQA/TaMdg7E8i4sFf4mg==
x-forefront-antispam-report: SFV:SKI; SCL:-1SFV:NSPM; SFS:(10009020)(6009001)(39840400002)(39450400003)(39410400002)(39400400002)(39850400002)(24454002)(51414003)(13464003)(377454003)(122556002)(66066001)(305945005)(189998001)(80792005)(7736002)(83506001)(81166006)(2906002)(10290500003)(6246003)(38730400002)(4001350100001)(3660700001)(25786009)(2900100001)(53546009)(3280700002)(6512007)(6486002)(4326008)(99286003)(6116002)(102836003)(3846002)(86362001)(77096006)(5660300001)(2950100002)(93886004)(561944003)(54356999)(76176999)(50986999)(8936002)(36756003)(6306002)(53936002)(6506006)(6436002)(5890100001)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR16MB1475; H:CY4PR1601MB1126.namprd16.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
x-ms-office365-filtering-correlation-id: 39ccd0a3-8495-4b5b-ef16-08d48ceca7ec
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:BN6PR16MB1475;
x-microsoft-antispam-prvs: <BN6PR16MB1475136F873EDE6E384F7C7CEC110@BN6PR16MB1475.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(180628864354917)(278428928389397)(192374486261705)(228905959029699);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(6041248)(201703131423075)(201702281528075)(201703061421075)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(6072148); SRVR:BN6PR16MB1475; BCL:0; PCL:0; RULEID:; SRVR:BN6PR16MB1475;
x-forefront-prvs: 0289B6431E
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1C3EC0292D37CB48AC1CB7DEFDC9FBAE@namprd16.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Apr 2017 21:39:02.1434 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR16MB1475
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sa0iTURjHO+/7bnsdjU5T88EybSJUMy/ZRUPELpJBRmGBJpEv8yXvs21K Fiz1SzYTLC9418qZitkKNG99aKilKd5CchqG+WUYTiwSm1m+OwZ9Ofz+z//h+Z9zeFhaXity Z5PSdbwmnUtViKWM1DePPnTXGcUGNFn8g7+Nt4qCjes/6XAqsqFhjYo01X+hLlJXpaEJfGpS Fq/xD4uXJpa1TaAMW/itrvkuSQ4aO2pALAv4CNT2xhuQlJXjFQTFNS+QATk56qbSJoYYqwg+ mdtoIvoRPP0+KSLCiqD0zS8kCAbfp8G+NiUmTiUF5bZ1ioghBPbhWYmQKMYBMDabLoS44Gho NxkcgTT2htHuPrHAzvgUjD9sF5Ge09BnH6YIH4bCqntIGMNgH7AVhQhlGT4OE035iEQZaJiY +UgLhhMOh4GmHscchHfB6lArRbLcwLJQR5GHYmjoHaUJu4L164aj3xX7QVVJjkQYinAxgj8/ qrZ+xhNGZnIZwh4wUVfgSAb8gIbfBR1iIuZEYDQ+24qIgoLZZhFhPXR0bGzVU2BmugUVocDK /25F2Bfqe1bEhCPhffU0TVgJjY8XHSzDO2GwYoGpR6IW5KXL1GrTdOpMHZfBBwT6abPTVMLB be6Myk+lTnuFHFujD+xE86bzZoRZpNgu65ShWLmIy9rsNCNgaYWLbL91W6xclsBl3+Y16uua zFRea0a7WUbhJrPUWmLk+Aan41N4PoPX/HMp1sk9B8VciX80vM+nD9sve7kumW39ESF3wp6U lxYZkufiB8d3BJ2zbeR5KjNf69++G6i+eUaZvDyQtGdamRsRF+c90ux+ojFqKtQJrbycD3Ib qEs88NlwDBc+ZzqbZfqTlyo8ls/Ody8Fx4Wq81VuZQkfjDUlllXJ3ujQC0pu0npNpV5UMNpE LvAgrdFyfwHXEVtxMQMAAA==
X-Brightmail-Tracker: H4sIAAAAAAAAA02SfUhTURjGPffebXdL4TQz36w0FlHkZ1JpZiWJIWgRWqAV1FpDzc3GNkUL SisoZ4ErtXIDrTSnqZmkTE2qpWFiqDPCj1ViQkiClZXNTc27sz/65/B73vfhec6Bw9LiKzw/ NiNLK1dnSRUSvogRBV2mgi94o9Qw88SKyOnBel5ktfMPHUPFV1XZqfimynHqMHVMFH1GrsjI katD954SpZc1WpFqJia3baJNkI8GduiQkAW8HZpKTYwOiVgxnkMwbGmkiehG8HB2iEfEFILS znnECQYX0uCwf+CTTTkFd2ecFBG9CBx9NoEOsSwfh8GALYsrWYWToaVJhzim8Ubob+/ic+yN 98OgvoVHPLHQ5eijCIfDTcM1xMUweBPMFO/ixl44Aqym64hU6Wiwjr2nuYUQx8AbU4crB+HV MNdbT5EuXxidrKDIQzFUPe+nCfvA1JdFl98Hh4ChJF/AhSJ8G8HSLwMipgB4N1bAEF4P1ooi VzPgGzQsFLXyifjMg+rqGnfFQSiy1fIIX4TW1kX3PBPGRurcqZfg62izO3WQgsUCWTEKLv/v toSDoLLjJ59wPPQYR2jCgfDo/jcXe+GV8PbeJFOJeHVogzZbo1FqlVqpVJURFh6iyVPKuEO6 /GdkIbJzymbk+jWxa8zI4ky0IMwiiaeXud8jVcyT5iw7LWgty0h8vWrsoylinCbVyjPlcpVc fVKdrZBrLIhihX75KC037cp8zvHCidmw4dl1ttJAxVWHYt9u+sG4UP+6tuPVzpGyhIWzS0c+ JmtC4/Z4ztpiD6WUdJ5PiFIk2nokL7v5DXdqRXF61eZx4wu/aeOBoxH6+WnmxCdnkiRpyMOf evxD4YyqD/DZYjA/ifFvftrwTHDr96Q9Wvc3z3i6/btJwmjSpdu20mqN9B/+6vGzFgMAAA==
X-CFilter-Loop: TUS02
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/NVVTa3kRyIL1QxGtpyBlrnlc_DQ>
Subject: Re: [Teep] [EXT] Re: [EXT] Re: Charter strawman proposal
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2017 21:39:15 -0000

Agreed too. We implicitly assume it is TEE definition by GP in the spec,
and it is good to call this out explicitly, and also Security Domain
definitions. Thanks, Ming

On 4/26/17, 6:15 AM, "TEEP on behalf of Brian Witten"
<teep-bounces@ietf.org on behalf of brian_witten@symantec.com> wrote:

>+1
>
>> On Apr 26, 2017, at 6:06 AM, Nick Cook <Nick.Cook@intercede.com> wrote:
>> 
>> I agree that these modifications all make sense. Rather than making a
>>lightweight definition of TEE in the first paragraph I would prefer to
>>call out the GP definition and identify any amendments to that which we
>>are including in our usage of the acronym TEE in the TEEP/OTrP
>>specification. This would clearly be a footnote definition to the
>>charter.
>> 
>> 
>> For the security domain part we should expand this to define what we
>>mean by it specifically. I regard the use of security domain in OTrP as
>>a protocol level grouping of a service provider's applications for
>>management purposes and that there *must* be hardware isolation between
>>security domains so that one security domain cannot be influenced by
>>another, unless it exposes an API to allow it. The way that the trusted
>>applications are implemented will be technology specific - again the
>>protocol has requirements here (e.g. each TA to be manageable in its own
>>right and to be able to be personalized) that we need to state but the
>>protocol doesn't dictate the exact implementation.
>> 
>> We don't have the definitions in the draft spec and we will need to add
>>that as we evolve it in the WG.
>> 
>> 
>> 
>> 
>> 
>> Nick Cook
>> 
>> -----Original Message-----
>> From: Hannes Tschofenig [mailto:Hannes.Tschofenig@arm.com]
>> Sent: 28 March 2017 23:39
>> To: Wheeler, David M <david.m.wheeler@intel.com>; teep@ietf.org
>> Subject: Re: [Teep] Charter strawman proposal
>> 
>> Thanks, David. Those are indeed useful suggestions. Your presentation
>>today at the BOF also clarified some of these points and now make much
>>more sense to me.
>> 
>> Let me try to incorporate your suggestions to see how well the text
>>reads and whether it makes sense to others.
>> 
>> Ciao
>> Hannes
>> 
>> -----Original Message-----
>> From: Wheeler, David M [mailto:david.m.wheeler@intel.com]
>> Sent: 28 March 2017 14:18
>> To: Hannes Tschofenig; teep@ietf.org
>> Subject: RE: Charter strawman proposal
>> 
>> Hannes,
>> Thanks for drafting this. I look forward to great discussions around
>>this topic. I have made some modifications below.
>> 
>> I have made the following types of modifications:
>> * a protocol is not required in every case, therefore, a protocol may
>>be advantageous to the marketplace (but not a requirement) a standard
>>protocol will ease portability, create a level playing field/access for
>>different TEEs, and increase adoption for more secure devices
>> * a relay application on the rich OS side is not required - what is
>>required is some service access onto the network stack for
>>communications It is possible for some TEEs to provide trusted stacks -
>>a service access point must be accessible to protocol entities outside
>>the device
>> * the server side architecture interacts with the application, but
>>maintenance of the app is optional
>> * discovery of actual TEE capabilities is important as well
>> 
>> I think security domains is an area for discussion, so I leave that
>>alone. But hope to have more discussions and a better understanding of
>>the requirements around SDs in the future.
>> 
>> It might be useful to discuss other potential standards groups that we
>>should be aligned with, especially in the IoT space.
>> 
>> Thanks,
>> Dave Wheeler
>> 
>> --------
>> 
>> TEEP -- A Protocol for Dynamic Trusted Execution Environment Enablement
>>Charter
>> 
>> The Trusted Execution Environment (TEE) is a secure area of the main
>>processor. The TEE, as an isolated execution environment, provides
>>security features, such as isolated execution, integrity of Trusted
>>Applications along with confidentiality of their assets. In general
>>terms, the TEE offers an execution space that provides a higher level of
>>security than a "rich" operating system and more functionality than a
>>secure element. Implementations of the TEE concept have been developed
>>by ARM, and Intel using the TrustZone and the SGX technology,
>>respectively.
>> 
>> [It may be advantageous to build the marketplace to have a protocol
>>that supports] programmatically install, update, and delete applications
>>running in the TEE. [ This ] protocol runs between a [trusted service]
>>running [within] the TEE, a relay application [or service access point
>>on the device's network stack ] and a server-side infrastructure [ that
>>interacts with and optionally maintains ] the applications. Since [ some
>>tasks ( such as management tasks) ] are security sensitive where the
>>server side requires information about the device capabilities (in form
>>of attestation), the client-side demands server-side authentication, and
>>privacy considerations have to be taken into account.
>> 
>> This working group aims to develop an application layer protocol
>>providing TEEs with the following functionality,
>> * discovery of TEE capabilities
>> * management of trusted applications,
>> * attestation, and
>> * security domain management (which provides a logical space that
>>contains the service provider's applications).
>> 
>> The solution approach must take a wide range of TEE technologies into
>>account and will focus on the use of public key cryptography.
>> 
>> The group will produce the following deliverables. First, an
>>architecture document describing the involved entities, their
>>relationships, assumptions, the keying framework and relevant use cases.
>>Second, a solution document that describes the above-described
>>functionality. The use of the best possible encoding format will be
>>decided in the working group. The group may document several attestation
>>technologies considering the different hardware capabilities,
>>performance, privacy and operational properties.
>> 
>> The group will maintain a close relationship with the GlobalPlatform to
>>ensure proper use of existing TEE-relevant application layer interfaces
>>and other abstractions used by GlobalPlatform-compliant TEE devices.
>> 
>> Milestones
>> 
>> Aug 2017     Submit "TEEP Architecture" document as WG item.
>> 
>> Oct 2017     Submit "TEEP Protocol" document as WG item.
>> 
>> Nov 2017     Participation in the IETF #100 Hackathon to work on the
>>TEEP Protocol.
>> 
>> Dec 2017     Submit "TEEP Architecture" to the IESG for publication as
>>an Informational RFC.
>> 
>> Mar 2017     Organization of an interoperability event at IETF #101.
>> 
>> Apr 2017     Submit "TEEP Protocol" to the IESG for publication as a
>>Proposed Standard.
>> 
>> [1] Wikipedia, 'Trusted execution environment', URL:
>>https://en.wikipedia.org/wiki/Trusted_execution_environment (March 2017).
>> IMPORTANT NOTICE: The contents of this email and any attachments are
>>confidential and may also be privileged. If you are not the intended
>>recipient, please notify the sender immediately and do not disclose the
>>contents to any other person, use it for any purpose, or store or copy
>>the information in any medium. Thank you.
>> 
>> _______________________________________________
>> TEEP mailing list
>> TEEP@ietf.org
>> https://www.ietf.org/mailman/listinfo/teep
>> IMPORTANT NOTICE: The contents of this email and any attachments are
>>confidential and may also be privileged. If you are not the intended
>>recipient, please notify the sender immediately and do not disclose the
>>contents to any other person, use it for any purpose, or store or copy
>>the information in any medium. Thank you.
>> 
>> 
>> _______________________________________________
>> TEEP mailing list
>> TEEP@ietf.org
>> https://www.ietf.org/mailman/listinfo/teep
>
>_______________________________________________
>TEEP mailing list
>TEEP@ietf.org
>https://www.ietf.org/mailman/listinfo/teep

v2.23.0 | Report a Bug | By Email