Re: [Teep] Secure Channel definition for TEEP Use Case for Confidential Computing

yangpenglin@chinamobile.com Fri, 11 November 2022 02:43 UTC

Return-Path: <yangpenglin@chinamobile.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46245C14CF02 for <teep@ietfa.amsl.com>; Thu, 10 Nov 2022 18:43:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nmTwK1-p1KEj for <teep@ietfa.amsl.com>; Thu, 10 Nov 2022 18:43:22 -0800 (PST)
Received: from cmccmta3.chinamobile.com (cmccmta3.chinamobile.com [221.176.66.81]) by ietfa.amsl.com (Postfix) with ESMTP id 724ACC1522A2 for <teep@ietf.org>; Thu, 10 Nov 2022 18:43:21 -0800 (PST)
X-RM-TagInfo: emlType=0
X-RM-SPAM-FLAG: 00000000
Received: from spf.mail.chinamobile.com (unknown[172.16.121.85]) by rmmx-syy-dmz-app09-12009 (RichMail) with SMTP id 2ee9636db6c7a9e-66d48; Fri, 11 Nov 2022 10:43:20 +0800 (CST)
X-RM-TRANSID: 2ee9636db6c7a9e-66d48
X-RM-TagInfo: emlType=0
X-RM-SPAM-FLAG: 00000000
Received: from [192.168.1.6] (unknown[223.72.70.64]) by rmsmtp-syy-appsvrnew03-12028 (RichMail) with SMTP id 2efc636db6c6f46-0b178; Fri, 11 Nov 2022 10:43:20 +0800 (CST)
X-RM-TRANSID: 2efc636db6c6f46-0b178
Content-Type: multipart/alternative; boundary="------------Iai7KINJPkhbfvJZvhX60mLs"
Message-ID: <39d411ea-b95e-8b2a-ba98-50ad128640b3@chinamobile.com>
Date: Fri, 11 Nov 2022 10:43:20 +0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2
To: teep@ietf.org
References: <CAN40gSs6m0RF2TrvUX+yrb91DMr5fWpD93XxnzfJz933+68tKQ@mail.gmail.com>
From: yangpenglin@chinamobile.com
In-Reply-To: <CAN40gSs6m0RF2TrvUX+yrb91DMr5fWpD93XxnzfJz933+68tKQ@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/RLfgwCXObzKeIM498WjGY6917mo>
Subject: Re: [Teep] Secure Channel definition for TEEP Use Case for Confidential Computing
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Nov 2022 02:43:26 -0000

Hi Ira,

Thanks for your suggestion, I think that definition is good for this draft.

BR.
Penglin

On 11/10/2022 12:34 AM, Ira McDonald wrote:
> Hi,
>
> From NIST Glossary https://csrc.nist.gov/glossary/term/secure_channel:
>
> "A path for transferring data between two entities or components that 
> ensures confidentiality, integrity and replay protection, as well as 
> mutual authentication between the entities or components. The secure 
> channel may be provided using approved cryptographic, physical or 
> procedural methods, or a combination thereof. Sometimes called a 
> trusted channel." from SP800-90A-Rev1
> https://doi.org/10.6028/NIST.SP.800-90Ar1
>
> I suggest using this definition.
>
> Cheers,
> - Ira
>
> /Ira McDonald (Musician / Software Architect)/
> /Chair - SAE Trust Anchors and Authentication TF
> /
> /Co-Chair - TCG Trusted Mobility Solutions WG/
> /Co-Chair - TCG Metadata Access Protocol SG
> /
> /Chair - Linux Foundation Open Printing WG
> Secretary - IEEE-ISTO Printer Working Group
> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
> IETF Designated Expert - IPP & Printer MIB
> Blue Roof Music / High North Inc
> http://sites.google.com/site/blueroofmusic
> http://sites.google.com/site/highnorthinc
> mailto: blueroofmusic@gmail.com
> (permanent) PO Box 221  Grand Marais, MI 49839 906-494-2434/