[Teep] draft-yang-teep-usecase-for-cc-in-network-00
Dave Thaler <dthaler@microsoft.com> Mon, 18 July 2022 21:49 UTC
Return-Path: <dthaler@microsoft.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01331C157B50 for <teep@ietfa.amsl.com>; Mon, 18 Jul 2022 14:49:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.691
X-Spam-Level:
X-Spam-Status: No, score=-2.691 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RA62ev4O81wR for <teep@ietfa.amsl.com>; Mon, 18 Jul 2022 14:49:42 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-cusazon11020014.outbound.protection.outlook.com [52.101.61.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2C9AC157B40 for <teep@ietf.org>; Mon, 18 Jul 2022 14:49:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZV/P1bki1cLwSdWGvCDZCGJtQ6DpHj3dg3B9R2TLLDBiIRYa1469l9zI3MVhXoCUinv5FQ/MA1MlPHst6D9z7Irax2989qxe2jde6VdHCUXOJlUPc4XtrUPR84fSdrS6pBSqNtuyvX/L5tPVuh6ik14EzTwU5prolXJJErUOupG0SXzZiWW13Y6V49jrDoPRLAzWA5ko8WXytVKdYR5c4jGkNhRNMIYtKJL9WmV/C2b/tw/CcKZUynbaZ7MYloLcnSYtERLmK77uNibd1A/QMN8iqrr3Eec0EfBAJNMFCGCK/V7WPYB6jbmenO9TrBUly2bozgT3z3RfCt+mldCNkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+eKgqeXaclK1pEYWsjmUaVqzPHNu5yY8MRUOyFJIw0I=; b=jDrK6LI/yp16V2tdgdMQBOWNWFKkTjscecH3fnPzTD6KZzmMrmZ26fH84ac7qA5wqst/P8vvZWPOGRcu5xtTBGOQd0TtPXd7FckcEtr/6mWfItkXUMs97YjoSssLNr4DoYVOsylc4SClkUuZg044w2N5sqM8Or0PbR0w9SmSMpyPZWtw3z/1iSB0XjA1kvt8kxv/Iku/WSkUtOdkRRz+/9+tfjFbDjY+1Y+17qVCRG3flDCbDoXhOWB0GZJdAlfLgW5FF6dCDUADA5dnD5+8cu6z7FYMrcTliaihqoa2XvbGpyEoeS14fN57Sb23BfjwgPidxqHruYf9dZfzVMwANw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+eKgqeXaclK1pEYWsjmUaVqzPHNu5yY8MRUOyFJIw0I=; b=ECka8BEfkq0B/0w4LaIuxvIhrJYkhYFrNDkKHoRgW4wvvKEzxlTPueaUctDY/GgHOrCg9E+Cm6WydvoV76k+xKhVencWM8vlI0amoF7Hww/VXXgF+5xif3ycDafqr0G4h/1QtVWVlLpeOvtSFOSORP6XNerMAvM9nXCibpuksVE=
Received: from CH2PR21MB1464.namprd21.prod.outlook.com (2603:10b6:610:89::16) by PH0PR21MB1959.namprd21.prod.outlook.com (2603:10b6:510:1a::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5482.1; Mon, 18 Jul 2022 21:49:16 +0000
Received: from CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::8514:302e:6ed4:8002]) by CH2PR21MB1464.namprd21.prod.outlook.com ([fe80::8514:302e:6ed4:8002%7]) with mapi id 15.20.5482.001; Mon, 18 Jul 2022 21:49:15 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: "yangpenglin@chinamobile.com" <yangpenglin@chinamobile.com>, teep <teep@ietf.org>
CC: 粟栗 <suli@chinamobile.com>, chenmeiling <chenmeiling@chinamobile.com>
Thread-Topic: draft-yang-teep-usecase-for-cc-in-network-00
Thread-Index: AQHYmvA52JjtirhdY0yJtwsoaHJ+Pw==
Date: Mon, 18 Jul 2022 21:49:15 +0000
Message-ID: <CH2PR21MB1464FEACC4D2502400139DFAA38C9@CH2PR21MB1464.namprd21.prod.outlook.com>
References: <2022031310510900679634@chinamobile.com> <DBBPR08MB591538AD9450589B8AC0CDEAFA0F9@DBBPR08MB5915.eurprd08.prod.outlook.com>
In-Reply-To: <DBBPR08MB591538AD9450589B8AC0CDEAFA0F9@DBBPR08MB5915.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=1d610b7c-ee9f-471b-b96d-271aa5eab180; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-07-18T21:28:27Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2c5e0355-5b7e-466f-6823-08da69075c2e
x-ms-traffictypediagnostic: PH0PR21MB1959:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8omPiDxKNJMOZw69KqPd9XFl02XS9u06LYguNuAYxuTNOEQuBKdysP5mVsFp+cxgBhZwodvnHkONXqaeRsnRpmN4ZMk0/vl7rjAfrtI8efDoJC3VbE8uQMg5aSYEz22o8uqDhcIqj/N3GXURcwPr2z/P+Gq0ZRJYiAAkB8Gx2TlafJ1zrAxOno5sC9OR2fO90oF56wflMQ9OKi7diXydG1Jl0PT/rVUVNusbvNI5dAvxpkzgFq6LCsOSwcF+S0621R9+wjXdJ2QUeWXRbFrvakXk1cyem7a1xhR/pZtrkZ0E0hXJ+6nP1y2QVwulEWubwWXkmYhBQBijWBAiov5aA7DvkwMFBG6Q+NDlsaHKFy7/ykL4XLSmB4JDp7gUnbZeNqS5rVx9DFivqHZVeHsXks/qrJlW+ufRf7vQuU0wC+3SPYgls+gZYlhQLTjy5BsuPittr8Iwq2PD+LVYCo6Fz6ssT+t22JsaQRe2TH2lP3Kvv5wY8NamaKkcomCiz+4WJE/+UVUkQTG6BfyfuQuEb8ZPfpbIX+B+zBsQwvPsOMVnqS4Ezfo068jrq7WZTiymBOoPAlZaV0QzqxucqgxjkkpWqt2BUl1NAffCKPAKv612MxDvKT08XzG7WjaKtgeJ7hLxlH9mklMJVRb3j/nDIdWDFcEQi64WACsCynBrt17PkfJaZ+ACIvYsNTOG/w9XaY9YKr2/fnGkWTEwUuZU2ouP7h+DEleD8D7YtVrk0zdjPL/poXDWXCPbh2rpw+5laZ2PDIw4eUmXv3faLPkxWGPLDMX80btO/URv0LZ5Z4m3Y4YmdRyXwzRY7i1SNUvsrrx7znFxa61HXxvfHY0E8c9Cp0jKN5zYR5pG2/J0Et0=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR21MB1464.namprd21.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(376002)(39860400002)(366004)(346002)(136003)(396003)(451199009)(86362001)(2906002)(8990500004)(4326008)(71200400001)(478600001)(83380400001)(8936002)(5660300002)(55016003)(52536014)(33656002)(64756008)(54906003)(76116006)(122000001)(82960400001)(110136005)(316002)(66946007)(8676002)(66476007)(38070700005)(66556008)(82950400001)(66446008)(53546011)(38100700002)(6506007)(7696005)(186003)(10290500003)(41300700001)(26005)(9686003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 3PZc1NSctXlxmBG/PpUGhxkoP/tx6oZRJlg6FztqeB+s+78VPVJ8Qy5SZFaB11vv6o64Ov7ew+qY1+GeMCg/tAvjNcardUqUBrf2YiwtPQEA8a7fYwbYeEC6V08IHSu5Ye2UoIoMwIak9P4eBsxvwQLLpWOWbtKdiFTtqcvfXcn5pXrVKWzR5ijqezm8Rt2MFPcAX3F1dQdllvE8wVrSyjm2KTkTPeets3opJhxhjQqQ5TEQNhdzN48YkdfipSiCA5RXWP9I0TcQDNlgfwYEAFV+gxPIHrSqGPLbxG3SNEiZAlDsGsSQpn1eRSzsncgSL6ZoiSrAmF3AU6LWtAEbFale6yplgMAsrZhY0ou8KXsZswJQa+78d9ShXQoTSG2L3ktF/kMKa/pLP+Y8y5uri+WJG6gspxD8LHxHPX2AFPIXl4PBC7wcsB+1Z2m/8Hy9QS1pCUNMpy9yY+wyTYH1J/cpaKsWRq3JcXr/kdQc+sw2xP5gVTWqnT1Mf6BSmhAfTNUqt3bf57UAvHyr+Nn0VRM4KVS53/CqKLAJuoSgMxQCdV8/KlkaIps5gxyiQzcaOOfbz+sa0RuaEB34AdaJKYLY4SgOLOlP1DoETe08OOv4uUk5Hqa9ChO+zPKierKdYm/0mQYY7MLu4rXAJy3VHbvv3Z8wHpbg3OU0uMYrsg2vAMurAXNfPZRH75zoib9Yay16ZYhfpnzc2z/8hSl84BIkIgBNpLiAC6qO45npbDnQYMbY5bkuXCTP5ITaSCkhDtiBZ721O8i1y33e1nNgaDg5Cb/eZkYkxbCldfLmWWSCVCh+B1NHc+0rhHU4PkoIlSHU6xbyHMYME4SrS6fsH5nQreHI6IPKRm7vIi/oSai/E36s0eTahoLP0HXGNAeXF+qte7WjADNkCun+v+LYCI9vx9IuM9Gt1PGoHac2khBKGdE4KUZ4jIz9IVYyU9YHBxu/BIJTd8ocX+cBzgjDSNR26ktWjSB44PiEvMOvh0GtIhBCd3p3fzQItpGpct2BMCqZ+wcnuq7l/xXqGvHbYI3dA8guDYWaBHlRiFQvvNLtPTQA+EKsWrF0ci/ZSAZQ3dS9BTzFTHFSrFuypryfhRaothrEZkLXr3LQQ8ADra7YvvY+yYA70aG6mcE3HVeiU4GZHUtKWvxpYzQgMBJQW+Fn3hM4zY1ZvjXb2ADKfG+LaSAFrA6IxQr27V8pfwwdoTp4DNDs+qwlz4EGClryxqqQLLnZkb6UbpCn+JqLPAS2MhTeJVjwOtGwP2sijHS/2IEKbHwpWR5XtJzS9HdipZUPrR5hdbUyfqIYk/2pzabZieivUl95eh0e91eEsIaNQwgVwyTyfK0SRnA/W7kIzDW2aKYioUNqlsJXQlheyWAnNtNLZKi10Wjupl+6QRPt2JTQSopwYXFI9yR96NVCUFDIjnu+019aU+tQ+u0PT2J7Rph9Q9ak5anRKENlk1LUA1LN8tidbOh5kmgpDx12c3G5KGB4Pvqi6acT3z8VV5YfJw+3nEGgpLfwlOBdpm6KlM+kzMQTRN4WCEEjl4YWZ9HENzLf4KqRpy/iir2NaVvmJzZu3mCsOh3NsFP0fL9u+RIcyUO9zX/HAc4iwHQ1og==
Content-Type: multipart/alternative; boundary="_000_CH2PR21MB1464FEACC4D2502400139DFAA38C9CH2PR21MB1464namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR21MB1464.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2c5e0355-5b7e-466f-6823-08da69075c2e
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2022 21:49:15.8423 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: g+dGU1fxS6Vv3e78LRG16TOXK2yUb+b2G526jlNwaBW9xqnloS5jS38YyuBmkuxxm7M6btJjkmR6BAb6sPjexTBU6w/c19V3nl6i+YnEijY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR21MB1959
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/S0w9tOIyCRe91jeNurd93Dvfng4>
Subject: [Teep] draft-yang-teep-usecase-for-cc-in-network-00
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jul 2022 21:49:45 -0000
I have reviewed this document, and I think it is an interesting use case. (I sent Penglin email containing some editorial things separately, so will confine this message to technical comments.) Also FYI to others in TEEP: Penglin also presented this draft in the Confidential Computing Consortium’s Technical Advisory Council meeting recently. I understand that the use case is very similar to a cloud scenario for confidential computing, except that the TEEs are running in devices close to the edge, say operated by a network operator. Like the cloud case, the intent is to allow customers to run confidential workloads without having to trust the operator with the data. I think that’s a useful addition to the WG’s list of scenarios we talk about. I also found the discussion of cases of TA+PD with no UA a useful addition. Classic TEEP scenarios talked about a UA when the TEE is in a user-device such as a phone or laptop or PC or IoT gadget. This draft adds the notion (which also occurs in the cloud) that there may be no need for a UA per se, as long as the TA hosting environment itself is capable of networking. This wasn’t very typical back when TEEP was chartered but I think is becoming more and more viable now. Some technical feedback on the content of this draft are: 1. It talks about the TAM (which is the relying party in attestation) forwarding the attestation result to the user (data provider). I agree the data provider needs to get it if it wants to communicate with the TEEP agent to provide a decryption key or whatever else. However, I don’t think it has to get it from the TAM, but could get it directly from the TEEP Agent For example, if the data provider has its own TAM just for handing out the key, then the TEEP Agent would reach out to the data provider and provide the attestation payload directly. So I think the language should be loosened here rather than overly constrained. 1. Section 4.1 step 5 talks about the data provider (“network user”) establishing a channel with the TEEP Agent “via TAM” but I don’t think the TAM needs to be an intermediary in such a channel. Maybe this comment is the same as my point 1 above. The notion of hosting a separate TAM for PD is discussed in the architecture draft already, and the description key is just an example of such PD. 1. On 4.2 talks about SGX in an example saying “UA must be deployed first, then let the UA to deploy TA in SGX”. But in SGX where enclave code is just stored in the regular filesystem, “deploy” (as in copy to local storage) and “load” are different steps that happen at different times. So you can deploy an enclave to the local disk, and only “load” it into the TEE when needed which I wouldn’t refer to as “deploy”. I think just changing “deploy” to “load” is probably what you mean here. But this gets to why section 1 of draft-ietf-teep-architecture says: > For TEEs that simply verify and load signed TA's from an untrusted > filesystem, classic application distribution protocols can be used > without modification. The problems in the bullets above, on the > other hand, require a new protocol, i.e., the TEEP protocol. That is, if you’re just using classic SGX enclaves (as opposed to a libOS style solution with SGX), you don’t need the TEEP protocol, it’s more overkill. 1. Section 4.3 talks about transferring the UA to the TAM, in a case where the UA isn’t bundled with the TA or PD. I would assert that the TAM need not (and arguably should not) be in the path for UA-only distribution. The TAM can just be used to distribute the UA URI (as part of the TA manifest for example), and let the REE installer on the agent device install it directly. Hope this feedback is helpful, Dave From: TEEP <teep-bounces@ietf.org> On Behalf Of Hannes Tschofenig Sent: Monday, March 14, 2022 4:30 AM To: yangpenglin@chinamobile.com; teep-chairs@ietf.org; teep <teep@ietf.org> Cc: 粟栗 <suli@chinamobile.com>; chenmeiling <chenmeiling@chinamobile.com> Subject: Re: [Teep] apply for presentation Hi Penglin, Thanks for submitting your daft <draft-yang-teep-ccican-00> to the working group. As you know, the TEEP protocol is used to provision trusted applications (along with personalization data) to TEEs. As the technology for TEEs advances (for example into the area of confidential computing), you obtain additional benefits. I agree with you that TEEP can be used also for these new types of TEEs that offer confidential computing. Ciao Hannes From: TEEP <teep-bounces@ietf.org<mailto:teep-bounces@ietf.org>> On Behalf Of yangpenglin@chinamobile.com<mailto:yangpenglin@chinamobile.com> Sent: Sunday, March 13, 2022 3:51 AM To: teep-chairs@ietf.org<mailto:teep-chairs@ietf.org>; teep <teep@ietf.org<mailto:teep@ietf.org>> Cc: 粟栗 <suli@chinamobile.com<mailto:suli@chinamobile.com>>; chenmeiling <chenmeiling@chinamobile.com<mailto:chenmeiling@chinamobile.com>> Subject: [Teep] apply for presentation Dear chairs and all, This is the author of draft "architecture of confidential computing in computing aware network". This draft describes the usage of TEEP and RATs in the concept of Computing-aware Networking (CAN) to generate a confidential computing environment for network users. CAN, which is computing and network resource joint optimization based on the awareness, control and management over network and computing resources, to determine the appropriate service node,dispatch the service request and provide a better user experience. And based on the definition of confidential computing consortium, confidential computing is the protection of data in use by performing computation in a hardware-based Trusted Execution Environment. When Confidential computing joins with CAN, network user's application and data will be protected with confidentiality and integrity. Both CAN and confidential computing are new technology with big potential. It is very interesting and meaningful to combines these two techs together to provide a more convenient and secure network and computing infrastructure. This draft is the premier edition of this idea, if possible I would like to apply for a time slot like 10 minutes to make a presentation and discussion about this draft. BR. Penglin IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Teep] apply for presentation yangpenglin@chinamobile.com
- Re: [Teep] apply for presentation Nancy Cam-Winget (ncamwing)
- Re: [Teep] apply for presentation Hannes Tschofenig
- [Teep] draft-yang-teep-usecase-for-cc-in-network-… Dave Thaler
- Re: [Teep] draft-yang-teep-usecase-for-cc-in-netw… yangpenglin@chinamobile.com