IETF Logo Mail Archive

Re: [Teep] Security domain default 1-to-1 mapping to a TA proposal in TEEP

Benjamin Kaduk <kaduk@mit.edu> Sun, 10 March 2019 16:58 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90BF91277DE for <teep@ietfa.amsl.com>; Sun, 10 Mar 2019 09:58:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q5U8fsFY4Sj4 for <teep@ietfa.amsl.com>; Sun, 10 Mar 2019 09:58:03 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-eopbgr750124.outbound.protection.outlook.com [40.107.75.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B13171240D3 for <teep@ietf.org>; Sun, 10 Mar 2019 09:58:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+pNUgvvYJiSEfwHg0aVdXeNBxOJsUlxD4nmojiEWgzE=; b=lHdV0mQDrevmPzHDWHX/LfeKAz9SqA4xvi8/21N82xFSImQpm0wrH5m9zcvhdJYQXkIXa6Jm86qB2zMg9/9mJbCMl/xwql8mHBRDGSOKaW8bCaEi+FqqkVvEmpNHLeyscMkb8BW7/y8leGbwzZD0hj1nha8hdx/aqeyKsJR7TPY=
Received: from CY4PR01CA0020.prod.exchangelabs.com (2603:10b6:903:1f::30) by DM5PR0101MB3082.prod.exchangelabs.com (2603:10b6:4:31::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.16; Sun, 10 Mar 2019 16:58:00 +0000
Received: from DM3NAM03FT061.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e49::202) by CY4PR01CA0020.outlook.office365.com (2603:10b6:903:1f::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.17 via Frontend Transport; Sun, 10 Mar 2019 16:58:00 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by DM3NAM03FT061.mail.protection.outlook.com (10.152.83.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.19 via Frontend Transport; Sun, 10 Mar 2019 16:57:59 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x2AGvuCx008779 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 10 Mar 2019 12:57:58 -0400
Date: Sun, 10 Mar 2019 11:57:56 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Mingliang Pei <Mingliang_Pei@symantec.com>
CC: Andrew Atyeo <andrew.atyeo@intercede.com>, "teep@ietf.org" <teep@ietf.org>
Message-ID: <20190310165755.GA8182@kduck.mit.edu>
References: <F78A61D4-9B6B-4E83-8CF7-0C49E08718A9@symantec.com> <DB7PR10MB23489BA35BD7CDF8406DC6A9954D0@DB7PR10MB2348.EURPRD10.PROD.OUTLOOK.COM> <BY2PR16MB0854FBE72F059CDA5C0D45DDEC4D0@BY2PR16MB0854.namprd16.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <BY2PR16MB0854FBE72F059CDA5C0D45DDEC4D0@BY2PR16MB0854.namprd16.prod.outlook.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(136003)(39860400002)(376002)(346002)(396003)(2980300002)(199004)(189003)(76176011)(47776003)(54906003)(104016004)(1076003)(36906005)(786003)(5660300002)(229853002)(58126008)(316002)(8936002)(106466001)(2486003)(23676004)(7696005)(55016002)(6306002)(53416004)(6246003)(106002)(53546011)(88552002)(246002)(2906002)(26005)(305945005)(33656002)(15650500001)(2870700001)(50466002)(6916009)(186003)(356004)(8676002)(336012)(126002)(446003)(11346002)(15974865002)(966005)(476003)(486006)(75432002)(26826003)(426003)(956004)(14444005)(561944003)(86362001)(4326008)(478600001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR0101MB3082; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; A:1; MX:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b8de2bd4-82bf-494d-e654-08d6a5798d57
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600127)(711020)(4605104)(4608103)(4709054)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060); SRVR:DM5PR0101MB3082;
X-MS-TrafficTypeDiagnostic: DM5PR0101MB3082:
X-MS-Exchange-PUrlCount: 6
X-Microsoft-Exchange-Diagnostics: 1; DM5PR0101MB3082; 20:iribO6cI4g2Gicl0bXxgaPbq/rvnvrQlX4I+M2xjf9dsWePZc9qrjldfQGfD8XV02x3KKiex1dd/XZsk3QpNvGLTJEDWRRmyaC+725Q8VNjhl9+LVUPhPhzGBpDmgIsiS4wCo6/xLRm2fphjy80EYcuEUlGDjZvYYX+/6LLrvgS6xVucC2jh5r4ZD7qtsTNLqJneDEz6gW+X3TABaz+JskjIeEUiBgsBNqbgNuhnUka8cMe9yrl5F4fxc+vA/3dkINCsmro8p77B2Zbxovo9q+8hueW14jG2JUq5/w5ta8eTeBpY7s0x3KeFDBWGmkflPVRxED7Y6xWRM5VR2ilWePAa7dNQB8+L9U1OVYmTlaID5OeyK8crFCqR8bq5/8Q5yU/JJhjDiUkflfcofgbRscc3q+Zh6oVXW7SxoesRKVtOw+fbRhOdbqx3iGO9fUVvTOwqQvkEiogshfFzfQl4TABd8dCjCE+1K/sw1T6TiiJ/f9Bo3XDeUib5/AGgcqeoWzBEWanzt9uao5MzXuXyc0zQSdsnioBheo1LnqQeI+QwdHN0NhZEEBjDXl9+0/bH4uL7Ae0py74Ygr8Eb89RZ2cS2RVZdKGBnymszlwwFH4=
X-Microsoft-Antispam-PRVS: <DM5PR0101MB30821FA77712C9ADF743B5BBA04F0@DM5PR0101MB3082.prod.exchangelabs.com>
X-Forefront-PRVS: 0972DEC1D9
X-Microsoft-Exchange-Diagnostics: 1;DM5PR0101MB3082;23:w9/GWSwUnBWVlVjsVCWnBTED4Mf5M/Y5yKmJzMi6A4BDrYEOTO8q1gPruv4qC2RQVZgcp7/uIivi4GkMUxcF0NWvtY1e/gIBlAdKB1vW8AC7tEDDAXHCrnP4KHs2pReUGbwq9EzEF9eGY3zOZ3k0yEPRMDplKvjd/yzUqTSRGH4kAbSasfOIy2mPkcLvIOIePe0HgLSzGohY/EX3HMdZxNGWXY3Td6VltztSQzoor77u3/Tl7mM0D0Oe+CYVzQWawWhym9F7kaLiOAXIMTzRc2YY6yTKvmt9cxDEEgkJaOzoMSp10bKTEdL7YLuq4GAmlRPVIL2NT3P6fvgAXSiEQ7QFbYDet8sz4/6nkMDyLx+TQaSOAvQRu0rlh1R4XZwyz9mAVs5D21z60aa5ivpl77EmQi2DkZxIqvumoqF27JG+HcJziFL3R7tCgUxUnXDgNL/E/iY1qgRpdVIXuMkicr/Ty0Uxgl6Gx2D6YyXS821zVUR7Kud+mF2oth6qaIgULHeWGcTK0H+iHlgyDEUzVcsBA4SaQjKBQjsg5mglbHT7uK6K/UaO4HTMAKqEG1+nppYLAa2GjG0+8cqFu7+f9mu+9NGgC/WRatDJUfr1xlib4X5hb38RS2OV/sJtLID8El2c/tTVGrTfAU83MjEafd7ocYsQ0+2Am2hr/8JzfeXmGvYt9XSjLuXutUagxMxlRo1oc0dQgwi4Wo0rrrBDJoXKJ7nY1aJKerq9qmYXlY4NjWYTVAx/Bsg4xVNzdFbldMd0qC3oQR6oXj+eyVTQSisoyMEZ48V0gpiY6JNveag71zUsZqA8q0JR+Kwh47sOXg2A1+tLJSi/uJYqMH5bN0dWPHTgwARG4crLW5g2TaQBCPs17z4Z/kogLVM+pBYJivQjrxOdwsKQhWTlf34RBnFbMPbzLZ/OTYI+tPbFGU52i0qpEL4WoxJi8INp1vmVQoleF8xJWL+Fz9ctb8oDkN1WlRelPmip5HYliIG9S+3LvLBdEDeKyPPvH59i1FGjh2b1ErepsEJ69mE2AuB00l+QFvxsEdxRZ1VphUMxPEwiDjp7lpjhgmbpenVpmoQ49e3zYPFrOwJdhTPXrAh9LOtk+iySPnOXNBUkhilLvMZKqqVC5/SQ6Yyai+3UJskNo0Dp9xUQVfxfLIOXbco8/6mDE8oieyu4lOAtNg9A7hnQYSKfyQhM5b+gEa7BOXL552v3YE6cF0gOS/siXFAQ6ttBrtkAyMOJz/4oHCm8VUpk4HLzRAv1+mGdrcmzGSXGiFztUvBNn9A1e23oU/8UXeQzbkzNW9eM49H+07M012M=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: cOLT9D2Q/mSrNul7uG+oMV5Mouqad2qrG6TnphsaKAMW3kbhynZ5QNUoKmlZ6F1H3q/U8iWotaTxqtG2E97tOaPyZwD/7LWZj5oEYEzMGRbuFZFavZkL6/FTufUafgKfaEILX9VmdbRGU5MfAkTpPU5BW0MB09GysTqpx1msl3nAINhy/OrNmhQ4nX10BucjnfaIQGx3Fds8I2pjVZl1E32friaIYIoQ1WaJjIob4BCBjfh9xM3O5GkaCZ49+j7e/XcxNKFz0fyea4eydhrxXefkmqBs7/DkLNMmokU2fhlDeS7XrizxCjHc92Nl9ret7sPCJHmEhiXTKLyliGIDQ2NyGu06WXE5TBHuzpZODxIz41SHB1wRv8k/RcE70nz7X92YTgXf3e3nTWw+RmqlbVqnq2pU7WpGrP+CnGyNZ74=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Mar 2019 16:57:59.7345 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b8de2bd4-82bf-494d-e654-08d6a5798d57
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR0101MB3082
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/SF1f71hva8dxfE4YFoiuUzUo-0M>
Subject: Re: [Teep] Security domain default 1-to-1 mapping to a TA proposal in TEEP
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Mar 2019 16:58:08 -0000

It would probably be good to get a summary of the discussion posted on the
list once it's settled down, for archival purposes.

-Ben

On Fri, Mar 08, 2019 at 03:39:02PM +0000, Mingliang Pei wrote:
> Thanks Andy, will follow up updates on the github, Ming
> 
> Sent from iPhone
> 
> ________________________________
> From: Andrew Atyeo <andrew.atyeo@intercede.com>
> Sent: Friday, March 8, 2019 1:42 AM
> To: Mingliang Pei
> Cc: teep@ietf.org
> Subject: RE: Security domain default 1-to-1 mapping to a TA proposal in TEEP
> 
> Hi,
> I have updated the github issue with my comments
> https://github.com/ietf-teep/architecture/issues/7<https://clicktime.symantec.com/3DtasvM638D48u9sEW2edx47Vc?u=https%3A%2F%2Fgithub.com%2Fietf-teep%2Farchitecture%2Fissues%2F7>
> 
> basically I understand that there are some deployment types that might prefer a simpler approach, but I want to make sure that we know what would be ‘lost’ by not having a SD that is created separately. It might be that for some deployments the loss is no problem, or it might be that there could be alternative ways to give the same functionality but without need for a separate createSD that are worth exploring.
> The github issue (link above) hopefully explains this better.
> 
> Regards,
> 
> Andrew Atyeo
> Security Architect
> Intercede
> Digital trust    people ǀ devices ǀ apps
> Office: +44 (0) 1455 558 111
> www.intercede.com<https://clicktime.symantec.com/3Gqczp4aRiNtTy5rmhmPUeK7Vc?u=https%3A%2F%2Fwww.intercede.com%2F>
> Legal Disclaimer <https://clicktime.symantec.com/3NQrLHmW1wfB1dzjQvLeV5f7Vc?u=https%3A%2F%2Fwww.intercede.com%2Fprivacy-cookies>
> From: Mingliang Pei <Mingliang_Pei@symantec.com>
> Sent: 08 March 2019 02:00
> To: Andrew Atyeo <Andrew.Atyeo@intercede.com>
> Cc: teep@ietf.org
> Subject: Security domain default 1-to-1 mapping to a TA proposal in TEEP
> 
> Hi Andy,
> 
> We are working on to close this issue #7: clarifying meaning of Security Domain (SD)
> 
> https://github.com/ietf-teep/architecture/issues/7<https://clicktime.symantec.com/3DtasvM638D48u9sEW2edx47Vc?u=https%3A%2F%2Fgithub.com%2Fietf-teep%2Farchitecture%2Fissues%2F7>
> 
> We want to simplify it, and propose to create a SD per TA by default, without completely removing the SD for some existing use cases. It will be good to also have your input on the implications, considering you have more involved in this with a prior OTrP TAM POC implementation. Could you review the issue, and provide comments there?
> 
> Here is a quick recap on some discussion reasonings.
> 
> Historically we consider Security Domain as a first class entity in TEEP (OTrP). There have been some desires to simplify it, or not require it in the TEEP architecture as some use cases don’t use it as much as potential IoT use cases. On the other hand, we know that existing TEE implementations and other secure element related practices uses SD to isolate and associate protection boundary. There was some resource constraints on number of SDs that can be allocated in a TEE device.
> 
> To achieve broad support of both worlds, we consider to move to an “implicit” model as follows:
> 
> 
>   *   One SD is created per TA when a TA is going to installed. This allows creation of TA without going through explicit SD creation and so on.
>   *   The prior deletion of SD will delete all TAs within the same SD. Now each TA will be required to be explicitly deleted.
> 
> Thanks,
> 
> Ming
> 

> _______________________________________________
> TEEP mailing list
> TEEP@ietf.org
> https://www.ietf.org/mailman/listinfo/teep

v2.23.0 | Report a Bug | By Email