IETF Logo Mail Archive

Re: [Teep] Review of draft https://tools.ietf.org/html/draft-ietf-teep-otrp-over-http-06

Mingliang Pei <mingliang.pei@broadcom.com> Sat, 18 July 2020 01:21 UTC

Return-Path: <mingliang.pei@broadcom.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 978DF3A08B2 for <teep@ietfa.amsl.com>; Fri, 17 Jul 2020 18:21:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=broadcom.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M11mnpf1OUFw for <teep@ietfa.amsl.com>; Fri, 17 Jul 2020 18:21:15 -0700 (PDT)
Received: from mail-pf1-x42a.google.com (mail-pf1-x42a.google.com [IPv6:2607:f8b0:4864:20::42a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B4693A08AA for <teep@ietf.org>; Fri, 17 Jul 2020 18:21:15 -0700 (PDT)
Received: by mail-pf1-x42a.google.com with SMTP id 1so6186402pfn.9 for <teep@ietf.org>; Fri, 17 Jul 2020 18:21:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=from:mime-version:subject:date:message-id:references:cc:in-reply-to :to; bh=kXMl+4n66TVvdxPS0dSa5RPSvKzEIAAr2+yGmZn1RZw=; b=fQ9NsOqpUd+lBv6rNL2S3VgNCXU2twymjPpaxa3LM7sPRYJXklTDYTv6TarQTPLjx0 fNT3w6DZmSSB9bfz/JSnQlMBCKSHjwXUdqEm/3RMOC43L37OBRJwctFQiJ7E72+yN4E1 yDAlvS1S5xRHETD1ilUFOi2ltN/dzSAJKUjqg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=kXMl+4n66TVvdxPS0dSa5RPSvKzEIAAr2+yGmZn1RZw=; b=rdM60UUrnf/DkWVn57viLgxwcUB3UCkZ5z4ahp6AEqQNx7m2FBl1yP4Ajn+NUW7JAx /scHhSfONHTcFRkBfanwi7sCpONEyjmitOmpQGD8NbHcr7oV3xbLQguXn92JiX9OscHU 3ga7suO9eNf88t039Nm/RhCP+Z/njefCq2mxfnivCeZFPa1bXwcIdl+uZTX/M7X0TvJ5 j73SMmvn77SU4ViwoiHZDjzjD84vh53lrNL5OUMZnH/pgLmECMvPdAe+ddjWlTDWdOeT KUfpSYXUTyen4UTtC9q4SKz3S6qCLJ+mAMoK5j73SQnhWvs9Q11WQXzuBjNw9v9ERzy0 5NKg==
X-Gm-Message-State: AOAM532xE0sVFce1SK/wu+K8h6Gtj75+vPzBr2iQu5doS5ST/k6Jmfnq +MR4kRSIGuVGeYnbipPO55TizA==
X-Google-Smtp-Source: ABdhPJzoGh9ysYYk0G8fX2LQvLgQO9RPkZAg08bcBrJe6fax7ZEtttPbR1UBZuh3OroSELabae1flQ==
X-Received: by 2002:a63:df01:: with SMTP id u1mr9850133pgg.401.1595035274750; Fri, 17 Jul 2020 18:21:14 -0700 (PDT)
Received: from ?IPv6:2600:1010:b005:49b5:b954:1ce5:6891:2d31? ([2600:1010:b005:49b5:b954:1ce5:6891:2d31]) by smtp.gmail.com with ESMTPSA id d18sm3874333pjz.11.2020.07.17.18.21.12 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 17 Jul 2020 18:21:13 -0700 (PDT)
From: Mingliang Pei <mingliang.pei@broadcom.com>
Mime-Version: 1.0 (1.0)
Date: Fri, 17 Jul 2020 18:21:11 -0700
Message-Id: <C430ED29-5EB3-470F-92F5-CDD1C0DD0863@broadcom.com>
References: <BL0PR2101MB102705E9613F4764C3EB7155A37D0@BL0PR2101MB1027.namprd21.prod.outlook.com>
Cc: "teep@ietf.org" <teep@ietf.org>
In-Reply-To: <BL0PR2101MB102705E9613F4764C3EB7155A37D0@BL0PR2101MB1027.namprd21.prod.outlook.com>
To: Dave Thaler <dthaler@microsoft.com>
X-Mailer: iPhone Mail (17F80)
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000fb8cf605aaad1657"
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/kws3jcaveK60qmogOptLAQ8XVno>
Subject: Re: [Teep] Review of draft https://tools.ietf.org/html/draft-ietf-teep-otrp-over-http-06
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jul 2020 01:21:18 -0000

Hi Dave,

TEEP protocol itself defines what TEEP protocol does for TA. It doesn’t list what is not allowed; implementation still has freedom to add management for dependencies it needs.

My concern is whether additional protocol methods should be defined if TEEP is used to manage other non-TA code. We can choose to not mention it which doesn’t mean it disallows them.

If we choose to include non-TA, we could mention that TEEP extensions later may be added for those to move on.

Thanks,

Ming

Sent from iPhone

> On Jul 17, 2020, at 5:37 PM, Dave Thaler <dthaler@microsoft.com> wrote:
> 
> 
> My point is that saying you cannot update OP-TEE in a SUIT manifest would be like saying
> you are not allowed to create an SD in a SUIT manifest workflow.   I think trying to disallow such things
> would be counterproductive and would just result in people using a protocol other than TEEP.
>  
> Dave
>  
> From: Mingliang Pei <mingliang.pei@broadcom.com> 
> Sent: Friday, July 17, 2020 4:44 PM
> To: Dave Thaler <dthaler@microsoft.com>
> Cc: teep@ietf.org
> Subject: Re: Review of draft https://tools.ietf.org/html/draft-ietf-teep-otrp-over-http-06
>  
> Hi Dave,
>  
> Our architecture document starts with the following abstract:
>  
> "This architecture document
>    motivates the design and standardization of a protocol for managing
>    the lifecycle of trusted applications running inside such a TEE."
> >> TEEP is for provisioning TEEs
> To me, TEEP is to provision trusted applications to TEEs. This scope is consistent with what architecture doc says.
>  
> >> whether that is creating an SD or updating OP-TEE
> We have had good elaboration about SD, and decided to not include it in TEEP. These example artifacts (SD or TEE update) are internal implementation choices, which TEEP doesn't need to define. They are underlying dependencies but TEEP doesn't need to cover whether and how a TEE updates itself and whether a TEE will use SD to host a TA or not.
>  
> Agreed that this most probably needs WG consensus. This is one word simple change but important about getting on the same page. Hope to hear additional comments.
>  
> Thanks,
>  
> Ming
>  
>  
> On Fri, Jul 17, 2020 at 4:15 PM Dave Thaler <dthaler@microsoft.com> wrote:
> Mingliang Pei mingliang.pei@broadcom.com wrote:
> > 1) Abstract section says "is used to manage code and configuration data"
> >
> > Should it just say manage "Trusted Applications" as this can
> > assume the context defined in TEEP architecture and TEEP protocol
> > document.
>  
> No. TEEP can also be used to manage code that isn't a "TA" per se.
> For example, it could also be used to update OP-TEE (or any other TEE "OS").
>  
> MP: Non-TA code management is out of scope for TEEP. TEEP architecture doc only targets to support TA management per use cases and scope sections; it doesn't have design to update OP-TEE or any other TEE OS. TEEP protocol doesn't have methods for non-TA code. It defines only two methods:
> TrustedAppInstall
> TrustedAppDelete
> The transport is to support TEEP protocol doc. I suggest that we limit the scope of TA management across all three docs.
>  
> I disagree with the above.   TEEP is for provisioning TEEs, and TEE architectures vary.
> For example, CreateSD in OTrP manages a TEE but is not about a TA per se.
> And in the TEEP protocol we use a SUIT manifest which can express dependencies
> among TAs, and dependencies on system components, and install (or install updates to)
> such dependencies as part of SUIT manifest processing.  That means if you have
> TA1 that depends on TA2 that depends on having the latest version of trusted firmware
> or OP-TEE or whatever, the RATS attestation can include the current state, and the
> SUIT workflow can install/update it.   The fact that the TEEP protocol uses a TA
> as the leaf/trigger doesn’t mean it can’t also do things that it depends on,
> whether that is creating an SD or updating OP-TEE.   Trying to make some dependencies
> be out of scope and other dependencies not be out of scope would be arbitrary,
> complicate the protocol (by saying some SUIT manifests would be illegal, as opposed
> to just using a SUIT processor), and create discrepancies between TEE implementations
> (e.g., SGX vs OP-TEE/TrustZone) that in my opinion would not make sense and provide
> no value.
>  
> This sounds like something that needs WG consensus either way but I feel strongly about this one.
>  
> Dave
>

v2.23.0 | Report a Bug | By Email