IETF Logo Mail Archive

Re: [Teep] Artart last call review of draft-ietf-teep-architecture-16

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Tue, 29 March 2022 06:06 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 563A03A1283; Mon, 28 Mar 2022 23:06:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=AtnzpcFE; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=AtnzpcFE
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A7dfDSx-bsNj; Mon, 28 Mar 2022 23:06:51 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50082.outbound.protection.outlook.com [40.107.5.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89BFD3A127F; Mon, 28 Mar 2022 23:06:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/0DVxmweYtx8SvZUrudJVs3qZ1pneAi+NxQxeKkCSqk=; b=AtnzpcFEcvv4ibfb4pQK6FtO6rUcJGdY5ybN7DsIVLTuBK1sHPLUGLNuS5sC8zcoUqR31A+WC9Tqzr5aeCUhWuPJfhHnzL+6R7JGm4pgCgx6HQzNKNlK0I89YqkIiFoNNCAOfnRzXMe91sCnrGIHDACMXNAA24R26Pxb1WUeTPs=
Received: from AM6PR10CA0082.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:209:8c::23) by AM6PR08MB4883.eurprd08.prod.outlook.com (2603:10a6:20b:c3::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.18; Tue, 29 Mar 2022 06:06:43 +0000
Received: from AM5EUR03FT042.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:8c:cafe::39) by AM6PR10CA0082.outlook.office365.com (2603:10a6:209:8c::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.16 via Frontend Transport; Tue, 29 Mar 2022 06:06:43 +0000
X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=temperror action=none header.from=arm.com;
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of arm.com: DNS Timeout)
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT042.mail.protection.outlook.com (10.152.17.168) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.18 via Frontend Transport; Tue, 29 Mar 2022 06:06:41 +0000
Received: ("Tessian outbound 341d209a0e52:v113"); Tue, 29 Mar 2022 06:06:41 +0000
X-CR-MTA-TID: 64aa7808
Received: from 0a485467b1c7.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 0E913333-D765-4C66-8311-17FFA2F1C7E4.1; Tue, 29 Mar 2022 06:06:35 +0000
Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 0a485467b1c7.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 29 Mar 2022 06:06:35 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UJSQpZjoOqIG4TBFGxt3CJ5EVKEtCzPf/0gclgdddQlxlFfZyGHdAgb7Q35vLsjCKoeyOSJRLqfi+H9EVZDHYq42Oqz6YUkmwswVLkkw60gURTwVn24WfP4Th/YQfaiUURzD1nYtaGm09g9gIbN7v5zLyT8qEjwGfM1dKTTmzdr7uqJcYbCZEvRudVcVcZ2YyYFSREZvyd+t7AP9tcILIeHtDk7gNM7GaEGevqLnGHvRtTanAWRQvzDK2By6ytq9yffNuKy+Xt3MrMN12AYaIlFZfOU53IvJe224/iq1rMJ+s2lgo0JVIYFakfxGXnxlJX5x0IG0frDFHELur3ddpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/0DVxmweYtx8SvZUrudJVs3qZ1pneAi+NxQxeKkCSqk=; b=QBG2QTF2CE5esSNLdgugJhQpjvev0gngb3TcTu2T+AGUUjcNAmMrIlotDzuBRA0xHBei32G6SGJYG3fx4/HDlEMRJHdvG2VPftVzvEAo39J2G2MpVKPtXZvazrUiEJ/dja3MfRJcaUNZB2ny+SbLifm5Hfw/FkB9bsIrZZgjBErzfl+MHmCeIlfEdxVdJqbKIgyKt/Ty5+LLJeFIkxETX3AinrFxe/zMeSjCMoDHMmkspU9+xSir9Oy71+hTjNf6cS6oAhnyj7k8n4RkOSlb04WzNO2rfNZ/DJor6h/3q8+Ej80wkGTuzx43xeAn83OcZHlyrx/vYvtN4ldavZNypw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/0DVxmweYtx8SvZUrudJVs3qZ1pneAi+NxQxeKkCSqk=; b=AtnzpcFEcvv4ibfb4pQK6FtO6rUcJGdY5ybN7DsIVLTuBK1sHPLUGLNuS5sC8zcoUqR31A+WC9Tqzr5aeCUhWuPJfhHnzL+6R7JGm4pgCgx6HQzNKNlK0I89YqkIiFoNNCAOfnRzXMe91sCnrGIHDACMXNAA24R26Pxb1WUeTPs=
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com (2603:10a6:10:20d::17) by AM6PR08MB3016.eurprd08.prod.outlook.com (2603:10a6:209:44::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.16; Tue, 29 Mar 2022 06:06:32 +0000
Received: from DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::81b6:d8ba:8c23:7aa4]) by DBBPR08MB5915.eurprd08.prod.outlook.com ([fe80::81b6:d8ba:8c23:7aa4%6]) with mapi id 15.20.5102.022; Tue, 29 Mar 2022 06:06:32 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Russ Housley <housley@vigilsec.com>, "art@ietf.org" <art@ietf.org>
CC: "draft-ietf-teep-architecture.all@ietf.org" <draft-ietf-teep-architecture.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "teep@ietf.org" <teep@ietf.org>
Thread-Topic: Artart last call review of draft-ietf-teep-architecture-16
Thread-Index: AQHYQvBOWa2HhLLa/Uq8DS/hvYhxPKzV30zA
Date: Tue, 29 Mar 2022 06:06:32 +0000
Message-ID: <DBBPR08MB5915B3398715EE22DF06BEBFFA1E9@DBBPR08MB5915.eurprd08.prod.outlook.com>
References: <164850526406.21554.6982960206540476351@ietfa.amsl.com>
In-Reply-To: <164850526406.21554.6982960206540476351@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 7F3269F366DECE41A803822CA060277A.0
x-checkrecipientchecked: true
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-MS-Office365-Filtering-Correlation-Id: 1d4c6176-6222-4072-be7e-08da114a4b78
x-ms-traffictypediagnostic: AM6PR08MB3016:EE_|AM5EUR03FT042:EE_|AM6PR08MB4883:EE_
X-Microsoft-Antispam-PRVS: <AM6PR08MB48834AEA935C10F32C7D1EDEFA1E9@AM6PR08MB4883.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: ULhw+fctlcNxVg65gTJeUrQz2k7nBwlCGFIMNenMXCVLHFQ/O7pWdXR6DM5R7b75Rt/fBySA4vMFEa41fh5xHa0jKb2BUVA2MGtQx9UPeD7QGsCqQ7Ul6eDKtUOQ+zgbELa36cdMjElJvmmvg7dncaK1AOUGhIS709fri9ZFswBqetPjKAav7+5Cwd/eg3e6LViIuRr9vtoLoIMku1EcKPqzUZHAeg1TAjkHK7Il/Rggxw7fqDTSShtpDCLWfjb5GdSZ4+oJ/x8kfG0+vHVclpAqoW7Hgqeik6mamiBjKLVnIithDo2uyAqxuQ6p34LHq9mjVQhxUmT8z+69xfV10XclyhOmQZEEw2baltyT27WSjrpgiEqVgQ9yr/j123VzC9tRtPY9uhTxI1IfN70y4fHfxSRhrLHC3+cLDzW9AudXs290Hk+20s+iie+s6C1dk3r8tzQckxFMpnMySNwyeIX5hjQE40BRpb2Cc9DRLUWrDdS5R5tUGbu30+Y3P4ksa9z0jgxMSn/0zyHB8klAQOdTiRX5JQ9UnGh4r6rFgzxtPjNXRZJv540RK/gnSZ1zuKE41N1ToiC3jnZ58kMJrzObfd5SyjbQREZqobpx9hUISoshcg/0ZNEXarCO8B5E405H5sgQGnTU5sfWValkSAIdcdsLPXsk13vzCN+OIe63Zh6I/9djgstuBesTDJjoU69gu0qk9QOjhjyI6JXillMgYifknLOKzD9RXYl774oR1QNBObXcSL7j1a2NMEfJ/2rfhlu+QFkGq2gONfFJtWZMjZjQMOmN06rAQ3fjfC4=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DBBPR08MB5915.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(38070700005)(508600001)(71200400001)(38100700002)(52536014)(7696005)(6506007)(122000001)(8936002)(53546011)(966005)(186003)(66574015)(83380400001)(26005)(9686003)(2906002)(86362001)(55016003)(8676002)(66946007)(33656002)(4326008)(66446008)(76116006)(66476007)(316002)(66556008)(5660300002)(110136005)(54906003)(64756008); DIR:OUT; SFP:1101;
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB3016
Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT042.eop-EUR03.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: bb58eddc-254e-4942-ee99-08da114a4621
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: wmbDrWEeciLb/aUBL5DMCeem3g/NVm7oloQxuiI2LSkhu0QsXuaRU4ZdQ9gP8wXjVFf/4nD+dbnu5T50oDQ0ZSdTQRS+BBrwERYnOyYGvzlsrWFBfRvPbIjsKMm8UIjQSpna1Rgl/TKsE+KTRDLl5HRoFnWk71jMn23CUapv+dIIlb0vMlyPLKlBDx/Rx5sHQK+NTDZG1mrl4AwzxmC1yw5YvSKyc1woX3Hyrr3rda1P/0Q1iVQzX1gAd+BnE8iNlTFCVEH31ztm0LI4WcHFw5PFCFc0EPmed09nl3j8p2xtTibQRzQ9PnqgoDFR2RX12dRwJc12U6ZWMAm+9Ki+IByowWuArPPwpgGal/Kvs1nl2k1ygCToNv2Exg5zE+AqtPKjIcovayaU8WBABHzFyFe7G6o11Fv/nfJ/uIFfKwH9hWyI1Zp4eebdDPWV7HgzYlrwib5t788DT9z43ZX3gyC5VWYZ9y/PdsloHD7aZu2zuxYr4Ige/efgTBGax2qGqxHpckFxS5dNRrOIZ8aoUcwOpak5/FHTNwv0giLGnrn2yfLsUSBB4abOZnhtcYERcVwON2EOkpyjgETS/WAjBZmawKhoHtymt0yqJwQY3TumXWAJbB5UJum8c+pVwH/xl2UkHRKrFkTB3UCsG8a/LVGTfsKGIotW7T8O01BYER/MOEsGEmAOrG25DR22CFAfJ1zJ0vZd5TnZJ4p8N/7p5qLDIQOU71SreE6g//mNAbIYRw+hyGhXDTcE0dqKf7+6
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(83380400001)(81166007)(55016003)(47076005)(40460700003)(63350400001)(63370400001)(82310400004)(450100002)(508600001)(966005)(110136005)(356005)(54906003)(7696005)(8676002)(36860700001)(316002)(33656002)(26005)(186003)(336012)(4326008)(6506007)(8936002)(9686003)(2906002)(66574015)(53546011)(70206006)(86362001)(5660300002)(70586007)(52536014); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2022 06:06:41.6390 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 1d4c6176-6222-4072-be7e-08da114a4b78
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT042.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4883
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/ZkLx-ql_BtEsGd9HFzXh31ErNVY>
Subject: Re: [Teep] Artart last call review of draft-ietf-teep-architecture-16
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Mar 2022 06:06:57 -0000

Hi Russ,

Thanks for the review.

I have created a few PR based on your comments:
https://github.com/ietf-teep/architecture/pull/234

I have added a few remarks below (mainly agreeing with your observations).

Ciao
Hannes


-----Original Message-----
From: Russ Housley via Datatracker <noreply@ietf.org>
Sent: Tuesday, March 29, 2022 12:08 AM
To: art@ietf.org
Cc: draft-ietf-teep-architecture.all@ietf.org; last-call@ietf.org; teep@ietf.org
Subject: Artart last call review of draft-ietf-teep-architecture-16

Reviewer: Russ Housley
Review result: Almost Ready

I am the assigned ARTART reviewer for this Internet-Draft.

Document: draft-ietf-teep-architecture-16
Reviewer: Russ Housley
Review Date: 2022-03-28
IETF LC End Date: 2022-04-07
IESG Telechat date: unknown

Summary: Almost Ready

Major Concerns: None.


Minor Concerns:

Section 3.3 says:

   Weak security in Internet of Things (IoT) devices has been posing
   threats to critical infrastructure that relies upon such devices.

I'm a bit confused by this opening sentence.  IoT devices usually depend upon an infrastructure.  This seems to be talking about an infrastructure that depends upon a collection of IoT devices.  I suggest a minor edits to help the reader understand that this sentence is not talking about network infrastructure.

[Hannes] I have changed the sentence to improve the wording.

Section 9.3 says that a compromised REE "might drop or delay messages".
This discussion should be expanded to include the replay of messages.

[Hannes] Agree.

Section 9.4 says:

   A root CA for TAM certificates might get compromised or its
   certificate might expire, or a Trust Anchor other than a root CA
   certificate may also expire or be compromised.

I do not understand the difference between a Root CA and a Trust Anchor.
These are usually used a synonyms.  Please explain the difference that in intended here.

[Hannes] Good point. I removed part of the sentence.

Nits:

Section 1 says:

   ... The problems in the bullets above, on the
   other hand, require a new protocol, i.e., the TEEP protocol, for TEEs
   that can install and enumerate TAs in a TEE-secured location and
   where another domain-specific protocol standard (e.g., [GSMA],
   [OTRP]) that meets the needs is not already in use.

Recommend breaking this long sentence up into at least two sentences.
There are two points.  First, the need for a protocol to address the items listed earlier.  Second, where an existing domain-specific protocol does not already exist, a new more general protocol is needed.

[Hannes] Splitting the sentence improves readability.

Section 4.4 says:

   ... Implementations must support encryption of
   such Personalization Data to preserve the confidentiality of
   potentially sensitive data contained within it, and must support
   integrity protection of the Personalization Data.

Why not say that implementation must support mechanisms for the confidentiality and integrity protection of such Personalization Data?
Also, it seems like draft-ietf-suit-firmware-encryption offers one mechanism for such protection.  Should it be referenced here?

[Hannes] Agree that the sentence should be simplified. You are also right by saying that a solution is available. I am not sure we should reference the solution in this document or in the protocol spec.

Section 4: Is an "App Store" a place where apps are stored, or is it a place where apps a purchased?  The term seems to be used both ways, and in one place, the document is very general by saying, "an app store or other app repository".  Elsewhere, the term "Trust Anchor Store" is clearly a place for storage of trust anchors.

[Hannes] I am not entirely sure what do about this one. I hope for input from my co-authors.

Section 9.7: Please consider changing the section title to be something
like: "TEE Certificate Expiry and Renewal".  There is an earlier section that talks about expiration of Root CA certificates.

[Hannes] Makes sense.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email