Re: [Teep] [EXT] OTrP Proposal - Removing Redundant Message Layer
Mingliang Pei <Mingliang_Pei@symantec.com> Sat, 01 July 2017 01:57 UTC
Return-Path: <Mingliang_Pei@symantec.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA117129B35 for <teep@ietfa.amsl.com>; Fri, 30 Jun 2017 18:57:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_yEthzzJdy2 for <teep@ietfa.amsl.com>; Fri, 30 Jun 2017 18:57:28 -0700 (PDT)
Received: from tussmtoutape01.symantec.com (Tussmtoutape01.symantec.com [155.64.38.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CB871200F3 for <teep@ietf.org>; Fri, 30 Jun 2017 18:57:28 -0700 (PDT)
Received: from tussmtmtaapi02.symc.symantec.com (tus3-f5-symc-ext-prd-snat1.net.symantec.com [10.44.130.1]) by tussmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id FA.80.40682.78107595; Sat, 1 Jul 2017 01:57:27 +0000 (GMT)
X-AuditID: 0a2c7e31-dc6d39a000009eea-c6-595701872cc0
Received: from tus3xchcaspin01.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat10.net.symantec.com [10.44.130.10]) by tussmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 55.C5.58529.58107595; Sat, 1 Jul 2017 01:57:27 +0000 (GMT)
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Fri, 30 Jun 2017 18:57:25 -0700
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (10.44.128.10) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Frontend Transport; Fri, 30 Jun 2017 18:57:24 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symc.onmicrosoft.com; s=selector1-symantec-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=qGshVsLNeB1du0WKt5o6VKPqBC8bYNFxoj8fZeIT6tU=; b=boAZTFnpaIN/fIdaEcn/jvkTWdb9BJxwIUbf/vt/0pJNip3aWFpOHqUd4GH/8yzj7wBFUUINPXhtomIReKo8TjbAR2+ReeHS9I5H15Ojqg9/uW9XX0wX0nEvXyNFCnpDPENxYvWztET9KWfVzK0NXJw2CLBPV7Fnsxz2wKe9Uto=
Received: from BN6PR1601MB1122.namprd16.prod.outlook.com (10.172.107.8) by BN6PR1601MB1123.namprd16.prod.outlook.com (10.172.107.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1220.11; Sat, 1 Jul 2017 01:57:23 +0000
Received: from BN6PR1601MB1122.namprd16.prod.outlook.com ([10.172.107.8]) by BN6PR1601MB1122.namprd16.prod.outlook.com ([10.172.107.8]) with mapi id 15.01.1220.015; Sat, 1 Jul 2017 01:57:23 +0000
From: Mingliang Pei <Mingliang_Pei@symantec.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>, "teep@ietf.org" <teep@ietf.org>
Thread-Topic: [EXT] [Teep] OTrP Proposal - Removing Redundant Message Layer
Thread-Index: AQHS1FGdWJ/aQzvN2ESjFYk6SMbtJKI9+rYA
Date: Sat, 01 Jul 2017 01:57:23 +0000
Message-ID: <D57C4AE6.39E72%mingliang_pei@symantec.com>
References: <9ce8a049-496b-489e-177c-754f4b3dd70e@gmail.com>
In-Reply-To: <9ce8a049-496b-489e-177c-754f4b3dd70e@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.7.4.170508
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=symantec.com;
x-originating-ip: [155.64.38.20]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR1601MB1123; 7:Nm6+3x6C09QbdtqegSYiLWlWmtS6PnkjOF/MRuqrNNfcY1G3VWUtPOyB91+uLKEFP2OBWTibmWp2tpouZd6WU2T1HZO4oQ2ZdjQTVIaUfvviggiIc+yCYbW62vha0CK47SP0jGCuFMGGiNvNGylw4OW6uiQnqdXNKTFFHCp6an1vQl3g9kbTaWGC2EXM8yFRRoSJYYTP7NiRoqLBTJATsyNUGOvssucneIXkpZ+n7DKc7HqJdQ+7Vl/vXf2p90a5HKOFvWrtJ/wfi61LeIDdQP8xbnEQc82g6CalzUOkxY2bBEijRMyB+uBe1zrf49wRb1umeLC33wa2t28Ru8nVkZCA5z1TWg/1jphD21hkbzCuaW3j9k3izPOKxmwaVLX9HaaVz+5ELDnTfBHdo2qVoO+bWTH6SVXl8DmjLrFUvKXqsUg2S+WO5GwWk+a7uohYahLL2uf1WkoWMgM9o5Cs04RPynDsNaDViVH/xg6Dsg0liJcK9pCvCggufB4+RqwWmg2t3v+t7Bs5ULTJMbGEnMPMprlFFuJUicz/u7NbwKpTegzLyuP0FSLcXYLoqQphuhNSlgvoswCpdGl6ucobPQv67lgyb0WHxSyLAL0bxXkEy/NuYzbesi0anEdIBWfWWrrevMeO1o0boT++1OzQaQhrMx92kVSXuB+twGbC6TQuC24iDYC8Pdf+cluT0uNCJDRzAv7Z/lNPMmSwXJTjiBmiVpUvQ/WQ1emnQ28gRY2vC1Tc+6/VdKb2W1HlWdRP+fqa4yRCRzAhVIJ+kMTx6Rtrnx+oU7C5EnAwuzandVM=
x-ms-office365-filtering-correlation-id: 6c1a3124-9b7d-42ed-bcc4-08d4c0248436
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:BN6PR1601MB1123;
x-ms-traffictypediagnostic: BN6PR1601MB1123:
x-microsoft-antispam-prvs: <BN6PR1601MB112342B208834A6F9307CF7BECD00@BN6PR1601MB1123.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(133145235818549)(236129657087228)(192374486261705)(48057245064654)(209349559609743);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(6041248)(20161123558100)(20161123562025)(20161123560025)(20161123555025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BN6PR1601MB1123; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BN6PR1601MB1123;
x-forefront-prvs: 0355F3A3AE
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39400400002)(39410400002)(39840400002)(39450400003)(377454003)(24454002)(43784003)(66066001)(229853002)(6116002)(39060400002)(99286003)(53936002)(6512007)(478600001)(189998001)(4001350100001)(5890100001)(38730400002)(305945005)(6306002)(2501003)(5660300001)(7736002)(14454004)(6486002)(83506001)(6246003)(53546010)(3280700002)(36756003)(3660700001)(77096006)(2906002)(6436002)(6506006)(81166006)(15650500001)(86362001)(575784001)(8936002)(8676002)(2950100002)(76176999)(2900100001)(54356999)(80792005)(50986999)(25786009)(3846002)(561944003)(10290500003)(72206003)(102836003)(345774005); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR1601MB1123; H:BN6PR1601MB1122.namprd16.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <4E100BB1A646A846A833593546EB7017@namprd16.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jul 2017 01:57:23.2545 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR1601MB1123
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprLKsWRmVeSWpSXmKPExsXCpdPEqNvOGB5p0P3e0uLhqyWsFkv/fGN2 YPLYOesuu8eSJT+ZApiiuGxSUnMyy1KL9O0SuDKWLn7IUjDPoGLtzG8sDYz9ql2MnBwSAiYS Xz/NYupi5OIQEvjEKLFwzWMmmMT56ZOgEr8YJc6c28oK4RwFqtr1kx3CeckoMfXuNLAyFoFO Zome/zMZITIzmCR27V4C1XOcUaJh/n+gDAcHm4CBxIU7eSBLRATCJPp/NDCD2MICXhKb7p5h goh7Sxx8+YsFwjaSaLx3iA3EZhFQkbj8/wMriM0rYC6x8v49sF4hARuJxoOdYPWcArYSE+5/ BathFBCT+H5qDdhMZgFxiVtP5kM9JyCxZM95ZghbVOLl43+sIKeJCuhJvNvvCXIyo0Avo8SS qd9ZIWoUJCYfPsUOYctKXJrfDfakhMAjNolTHzezQSR8JZ7u/g/V8IRJYnFbPIStI7Fq1yeo eL7Ep3sdUEfUSSy/NZllAqPhLCT3Qdh6EjemTmGDsD0k/ny6CxXXlli28DXzLLD/BSVOznzC soCRdRWjQklpcXFuSX5pSWJBqoGhXnFlbjKISAQmmWS95PzcTYzgRFNnuIPx0QafQ4wCHIxK PLwSH8MihVgTy4AqDzFKcDArifA+ewsU4k1JrKxKLcqPLyrNSS0+xCjNwaIkzrv7l1mkkEB6 YklqdmpqQWoRTJaJg1OqgbG5tdX72Rq9kLdT5q4JlBTNuWMbuGrNLm8dv883HhcnP4lzCH5+ J0pW/OrG3HZ+64ud7fUP3VUFDflPxX3guv66dY2Ng+Q2Jpf+FXv1xVkaj0w8sf+ATHnqK26t rfs2ntr6c8J6R1e/qW8K7jvltzCetteu3jflZoFGfbUMa6PH0Xc/9Cb+clZiKc5INNRiLipO BACjwvXhMAMAAA==
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpileLIzCtJLcpLzFFi42Lh0mni0m1nDI80OL9J1uLhqyWsFkv/fGN2 YPLYOesuu8eSJT+ZApiiuGxSUnMyy1KL9O0SuDKWLn7IUjDPoGLtzG8sDYz9ql2MnBwSAiYS 56dPYupi5OIQEvjFKHHm3FZWCOcoo8TCXT/ZIZyXjBJT704DK2MR6GSW6Pk/kxEiM4NJYtfu JVA9xxklGub/B8pwcLAJGEhcuJMHskREIEyi/0cDM4gtLOAlsenuGSaIuLfEwZe/WCBsI4nG e4fYQGwWARWJy/8/sILYvALmEivv3wPrFRKwkWg82AlWzylgKzHh/lewGkYBMYnvp9aAzWQW EJe49WQ+E8RzAhJL9pxnhrBFJV4+/scKcpqogJ7Eu/2eICczCvQySiyZ+p0VokZBYvLhU+wQ tqzEpfndYE9KCDxikzj1cTMbRMJX4unu/1ANT5gkFrfFQ9g6Eqt2fYKK50t8utcBdUSdxPJb k1kgBh1jldh6fzVUkYzE2t0zWCYw6s5CcjiErSdxY+oUNgjbQ+LPp7tQcW2JZQtfM88CB4yg xMmZT1gWMLKuYlQoKS0uzi3JLUlMLMg0MNIrrsxNBhGJwCSTrJecn7uJEZxonCV3MB7643OI UYCDUYmHd0NIWKQQa2IZUOUhRmkOFiVxXpNVIpFCAumJJanZqakFqUXxRaU5qcWHGJk4OKUa GKXl3i6zOaWx4vD/jhc6q7YL9i98bL2U59VjS7N5ORyab5v69LIS9i7+05AkHubIPNFvpzPn 6XdLLr+pZF8zb4fh6kuOOTWPyq6lNIj8nGy9hlm9SFlAtvJeyrrmCb2ff1gePd29bMHrvpY9 LNuvNormNLE11xT9vNQZtWSyfdBlfUXOxXLXDymxFGckGmoxFxUnAgBRV3V8FQMAAA==
X-CFilter-Loop: TUS02
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/nWvdkpqF2r23sfZEvCqxT2KjmUc>
Subject: Re: [Teep] [EXT] OTrP Proposal - Removing Redundant Message Layer
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Jul 2017 01:57:35 -0000
Hi Anders, Thank you for your comments and suggestions. I was on vacation and travel, and just circle back on this. Please see my comments inline. Overall, I did hope that JOSE signature can be inline as JCS for easier readability without being in the encoded form but I do see much bigger benefit to leverage well discussed and approved standard JOSE for achieving implementation interoperability. If JCS can get further alignment within IETF as an alternative JSON signature standard, I am open to support it. We know the history of XML signature - enveloped and attached flavors. I didn¹t get into the JOSE discussion of the final choice but I knew that canonicalization was complex to handle. The overhead of Base64URL of payload looks to be tolerable if not ideal in this usage context here, I think. How do you see the traction that JCS becomes a commonly endorsed standard format? Thanks, Ming On 5/23/17, 10:49 PM, "TEEP on behalf of Anders Rundgren" <teep-bounces@ietf.org on behalf of anders.rundgren.net@gmail.com> wrote: >Hi TEEers, > >As an alternative (or maybe a complement) to the session-key proposal >https://mailarchive.ietf.org/arch/msg/teep/qs-4aXf2Fx9mrBOz6Kj8f1Mk7G8 >you may consider evaluating an alternative to JOSE for signatures. > >The JOSE standards stack is awesome but was designed for the needs of >OpenId and such rather than security protocols in general. Another corner >stone for the JOSE work was that there is no such thing as JSON >canonicalization which is why data is dressed in Base64URL. However, the >latter changed with the advent of EcmaScript version 6 which specifies an >exact method for serializing JavaScript/JSON objects which is already >implemented in most Browsers, Node.js, as well as in Android* and Java* >in general. In fact (modulo floating point), it works flawlessly in most >other platforms as well. > >Now to the actual issue. I have taken the liberty analyzing the >consequences of using JWS in OTrP: > >https://tools.ietf.org/html/draft-pei-opentrustprotocol-03#section-7.4 > > "The top element " <name>[Signed][Request | Response]" >cannot be > fully trusted to match the content because it doesn't >participate the > signature generation. However, a recipient can always >match it with > the value associated with the property "payload". It >purely serves to > provide a quick reference for reading and method >invocation." > >SIDE-EFFECT: JWS introduces additional signature verification steps Ming: right. The naming is a reference, and can be compared with the name in the payload that has integrity check. The overhead is pretty small or trivial in my consideration, leveraging JOSE while providing some quick reference benefit without decoding. It is a balance. > > >https://tools.ietf.org/html/draft-pei-opentrustprotocol-03#section-8.2.1.3 > >Top level message object: > { > "CreateSDResponse": { > "payload":"<CreateSDTBSResponse JSON>", > "protected": { > "<BASE64URL of signing algorithm>" > }, > "signature": "<signature contents signed by TEE >device private key (BASE64URL)>" > } > } > >Payload: > { > "CreateSDTBSResponse": { > "ver": "1.0", > "status": "<operation result>", > "rid": "<the request ID received>", > "tid": "<the transaction ID received>", > "content": ENCRYPTED { > "reason":"<failure reason detail>", // optional > "did": "<the device id received from the request>", > "sdname": "<SD name for the domain created>", > "teespaik": "<TEE SP AIK public key, BASE64 >encoded>", > "dsi": "<Updated TEE state, including all SD owned >by this TSM>" > } > } > } > >SIDE-EFFECT: JWS forces you adding artificial message layers in order to >get a reasonable message structure. Ming: the payload data itself can freely have any data content we need to construct for OTrP logic. It just goes back to the encoding to get payload and the JOSE signature. > >By combining ES6 Serialization, JSON Web Algorithms (JOSE/JWA) and JSON >Web Key (JOSE/JWK), you can stay pretty close to JOSE while getting away >from the current two-level messaging scheme in addition to having header >information in clear: >https://cyberphone.github.io/doc/security/jsonsignatures.html > >Although not on any IETF standard track, this is not a research project, >JCS (JSON Cleartext Signature) is fully documented and supported by an >extensive set of test vectors and working code. Ming: thanks for your work. I trust it is well written and tested. Just for standard reference, I am personally inclined to leverage what has been approved JSON after many considerable debates and compromise for interoperability. Happy to discuss further here and at Prague if you are going. Thanks again for your improvement suggestion. > >Cheers, >Anders >Co-inventor of signed JavaScript/JSON objects >https://clicktime.symantec.com/a/1/QTy_yBCUNYZo9tIyB1dIFw0oU5d_qTtMg1iQZNC >hLtQ=?d=H1RqBoAz6Y6IDyLUoGRp6kVw-Qep7vDUn0dbUlh75Rjsxyxc5WkwHTZm5rN7aT9qnG >pI-VF8jgfJSICAEGQjVGq0UVUkXypftYQeaNBTYhG73dVHczyC_w405LsuUV9elouoIWeZVz-v >56y-nOct4hnWBHZbsJ27bdVdshzT8N1OgpfTNF6skQp5qTIzGvYaGXkpWmi9FTqlFpYsMcM0la >g32Fv2kiYAHiJBWtlPlD-E4ebDPyTUoZKB1WLGphwu0jnVc0HVM5Y5iyTQtCG0UFP9JgdEVamw >B-WPU8l0518eiQ_sqIx71zVgggh9G2d9zyXz3aQq_pUBb4Ky3HzsTrpo1wkF7gRfutAsnCsJWo >uCkhN7ZkB33OSAesgr5A2r_RGsnpNn6YScZ7kBiJzG&u=https%3A%2F%2Fgithub.com%2Fcy >berphone%2Fopenkeystore%23openkeystore > >* Through third-party libraries > >_______________________________________________ >TEEP mailing list >TEEP@ietf.org >https://www.ietf.org/mailman/listinfo/teep
- [Teep] OTrP Proposal - Removing Redundant Message… Anders Rundgren
- Re: [Teep] [EXT] OTrP Proposal - Removing Redunda… Mingliang Pei
- Re: [Teep] [EXT] OTrP Proposal - Removing Redunda… Anders Rundgren