IETF Logo Mail Archive

Re: [Teep] Security domain default 1-to-1 mapping to a TA proposal in TEEP

Andrew Atyeo <Andrew.Atyeo@intercede.com> Fri, 08 March 2019 09:42 UTC

Return-Path: <Andrew.Atyeo@intercede.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E03613135C for <teep@ietfa.amsl.com>; Fri, 8 Mar 2019 01:42:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=intercedeltd.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iK3KsAGmvZOE for <teep@ietfa.amsl.com>; Fri, 8 Mar 2019 01:42:48 -0800 (PST)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00065.outbound.protection.outlook.com [40.107.0.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45E9B1313EA for <teep@ietf.org>; Fri, 8 Mar 2019 01:42:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=IntercedeLtd.onmicrosoft.com; s=selector1-intercede-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Y122ayvVuKcZSuYiWWLC6r1BJW7T8mQZRUQxgMTJtHY=; b=l2606qXRx0lyfgiQgs5D/tvcs1w9MQyqqzbhV9jQJbogywwdCWLxIfvRxopIL3WtpDZCpTA8Cdskvk+jHM4mqBiFlquZQmWE3+LhlPhJV1k2uZ7AN7wLVqRPdklHuGdSdrE2q1N0dlHNu77VyuknqqXaGn7jpG4kWB+X6EDGpYU=
Received: from DB7PR10MB2348.EURPRD10.PROD.OUTLOOK.COM (20.177.121.154) by DB7PR10MB2153.EURPRD10.PROD.OUTLOOK.COM (20.176.239.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.18; Fri, 8 Mar 2019 09:42:44 +0000
Received: from DB7PR10MB2348.EURPRD10.PROD.OUTLOOK.COM ([fe80::f8d2:d5b6:cca:1bcf]) by DB7PR10MB2348.EURPRD10.PROD.OUTLOOK.COM ([fe80::f8d2:d5b6:cca:1bcf%5]) with mapi id 15.20.1686.018; Fri, 8 Mar 2019 09:42:44 +0000
From: Andrew Atyeo <Andrew.Atyeo@intercede.com>
To: Mingliang Pei <Mingliang_Pei@symantec.com>
CC: "teep@ietf.org" <teep@ietf.org>
Thread-Topic: Security domain default 1-to-1 mapping to a TA proposal in TEEP
Thread-Index: AQHU1VKRZgbX2HkEAk2k301Fswqim6YBZXtw
Date: Fri, 08 Mar 2019 09:42:44 +0000
Message-ID: <DB7PR10MB23489BA35BD7CDF8406DC6A9954D0@DB7PR10MB2348.EURPRD10.PROD.OUTLOOK.COM>
References: <F78A61D4-9B6B-4E83-8CF7-0C49E08718A9@symantec.com>
In-Reply-To: <F78A61D4-9B6B-4E83-8CF7-0C49E08718A9@symantec.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrew.Atyeo@intercede.com;
x-originating-ip: [80.2.227.94]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7282489a-76ba-419f-a286-08d6a3aa6a68
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:DB7PR10MB2153;
x-ms-traffictypediagnostic: DB7PR10MB2153:
x-ms-exchange-purlcount: 3
x-microsoft-exchange-diagnostics: 1;DB7PR10MB2153;23:+JviP+3147Z7Weosu1j3hR6k7akTzk1ENbagE2RVgKRx8/Kt3atUf/WIo8o6vvCaXNJD0Fo6F8lpvO578VfEhJAo9UZV0IvnSBglO53f7enB/D29yVS0YTcFP4K944woB9YLTsPDqhOHIp3sNwsgcVs5RX6e/7C0PWQIposFrjvwxkPZ0Ggqd1qHULQJ7XZXp6KiHocCxU0ALJR3vPj7fMVnFhHqHNHIzDnTqAfszXr+v2BWoItbj8thofsinaja/zSVSUrv7j3sdaYk5o4FFp24yIAb9uQbxlxQ7IQHEwXKejUQ5oibTQaektEg6odIlT9NA4E7ywFbFZVbKYOnoIYYXu5ZI16H7vMlrElhQjR25taCWkT7zJn9+v86k1849/4nHILh5n9JzMBoUZi2wZc1JrRiSx+D2ZP7aG5qCWlDvCuQ06lNWiKW2Ta2j8S3CTCQ9DMlDi28vQTSDYHEyTYGo3lJ2+g6Ad2HLSWSZX9KsdIbOTv0xPvUT6yzNbMIxArpk3jnm5gh8TFXvY1sOZNyQtIz97RZ646VD/gAeUNKghWLHohBX7FmJLdMSFqbO3gSDCl38yrwtaTtt0q/+MALGseonyOXf867q2JCV3huJR4ZYlBIYwuKm1GoIQ/jOLsTbg0JgZS7uVkg7LWyABJgUB1xcTo/WN3mEjRyv6dYueRlmBP242LNOTbqCUNe3p8ew+06yX0LQZ648uNUCIDkeePDZLix+Vwt7btT4niRk3p54aPJUFv/aX4RxsP91/47ZheXqnGE2t3LlH8iPeWx49aaU3ujgI9cml+CL/Hg3dcXkPjMuwh4z1lZQ0ozXuN+0wEVS9rL7R/ZyqFIlYEipY1/AXnOY+FUk5vbIv52qSxLIh3nssaqPBw3s7RNueF1vP6X+i7R8gwXL8qtCWTwI0TZXfuvVF3oO0sX1fJfLehka2NKMLETWlO3vpEbU/ns67++oi6V0X/WvWnemA36B/KNJEIMRXSILXiOgRmgcUG1vZsnPguhS18pTJzIPQ0ORSwytbiOs0sQ4VotHGZ2wXybQTStjYU03uv0ZZsXRa56bUxYC6/JGDg/dhMLQ1UFIqYV6UlhwhgB21YyHElEPV5+IMPVneF3yvkp1YqfLKTDw4f6M+mWnpaFU3Xjlky9Rd55TnAmk/IqJ0EgmhoRrer+9yJIYynPXaC7rF5ulRI9fbJXLPQ7Gg60QYz1583ttYtSzSCtH1DKrMUUsN5KDBSmmjgVU+ADmJaszGEyu2fRFnWoBn+BEMra1+eH5GWaGLDUtSZf5GM4BA7qugA76PPQv09F3QmQ4QaHAM25o1QaliaJnHUV9YSYZKLr6rOrRscFVsA7qr3jNVAy0iEjGHhlbDdfs5toKflHfy7lcRC1rhN87heesvLHzStRMFQHrUGq4g/EBh+u8E827LWWRVoWV4xXam5K24bXuXkS1VLHe5CZgBaYW5MqrY8dsdiR0jKbr7/3LU6nEUrdQA==
x-microsoft-antispam-prvs: <DB7PR10MB215376A77438CA7E6ECAF3CE954D0@DB7PR10MB2153.EURPRD10.PROD.OUTLOOK.COM>
x-forefront-prvs: 0970508454
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(136003)(396003)(39840400004)(346002)(376002)(189003)(199004)(2420400007)(446003)(6506007)(476003)(15650500001)(11346002)(606006)(53546011)(55236004)(256004)(7736002)(72206003)(486006)(68736007)(7696005)(76176011)(25786009)(5660300002)(7110500001)(71190400001)(97736004)(14444005)(86362001)(71200400001)(102836004)(26005)(6916009)(105586002)(66066001)(33656002)(478600001)(561944003)(6246003)(55016002)(14454004)(9326002)(99286004)(106356001)(2906002)(316002)(10710500007)(74316002)(4326008)(9686003)(8676002)(81156014)(81166006)(54896002)(229853002)(3846002)(236005)(6306002)(966005)(186003)(53936002)(790700001)(6116002)(8936002)(6436002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB7PR10MB2153; H:DB7PR10MB2348.EURPRD10.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: intercede.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: CJJvoLAeO9HFzEL2tdn71TuE53LpcxziNbjolnk2qdBYHtVuVhX0N+0elUr/MaZaAcMuWAmCsM4fM7tMc869jEQjpOf3F2F3OmRth5y1K88/pT6ehNXO/klp8+24yf3gZ0AWD6BDQBRdnnpZ+m98YX7DuP3DlSbpRUMX8Ka/n2Tl+3M9weaJL+i3fUUX9BO9MoF0HunTqpYyRgyoOmOaaGz9CivrryD2GYfCpFp9FKDmLr02ZgzEJYs4eY1Jsu1AZUf+TZrZQebHZeabFCoWftbQU++VozC1lLChAcnUDUUkIr9/lqG9a+zYB+5IybouYb1fONXTf1OiVfj4f8UXzTDkajpdz0a8TuA9pZR8Q+l7ZFC5acHf+EFVUlmMtHHvmZc3u5QmPOSz4p8+Uxgdx5lR/yzfhsfpcjMtJwGpUds=
Content-Type: multipart/alternative; boundary="_000_DB7PR10MB23489BA35BD7CDF8406DC6A9954D0DB7PR10MB2348EURP_"
MIME-Version: 1.0
X-OriginatorOrg: intercede.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7282489a-76ba-419f-a286-08d6a3aa6a68
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Mar 2019 09:42:44.2372 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 1075719f-f133-43d2-8156-800f80fef316
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR10MB2153
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/yrfWDZyG8kebet-7KteprrxRD4g>
Subject: Re: [Teep] Security domain default 1-to-1 mapping to a TA proposal in TEEP
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2019 09:42:59 -0000

Hi,
I have updated the github issue with my comments
https://github.com/ietf-teep/architecture/issues/7

basically I understand that there are some deployment types that might prefer a simpler approach, but I want to make sure that we know what would be ‘lost’ by not having a SD that is created separately. It might be that for some deployments the loss is no problem, or it might be that there could be alternative ways to give the same functionality but without need for a separate createSD that are worth exploring.
The github issue (link above) hopefully explains this better.

Regards,

Andrew Atyeo
Security Architect
Intercede
Digital trust    people ǀ devices ǀ apps
Office: +44 (0) 1455 558 111
www.intercede.com<https://www.intercede.com/>
Legal Disclaimer <https://www.intercede.com/privacy-cookies>
From: Mingliang Pei <Mingliang_Pei@symantec.com>
Sent: 08 March 2019 02:00
To: Andrew Atyeo <Andrew.Atyeo@intercede.com>
Cc: teep@ietf.org
Subject: Security domain default 1-to-1 mapping to a TA proposal in TEEP

Hi Andy,

We are working on to close this issue #7: clarifying meaning of Security Domain (SD)

https://github.com/ietf-teep/architecture/issues/7

We want to simplify it, and propose to create a SD per TA by default, without completely removing the SD for some existing use cases. It will be good to also have your input on the implications, considering you have more involved in this with a prior OTrP TAM POC implementation. Could you review the issue, and provide comments there?

Here is a quick recap on some discussion reasonings.

Historically we consider Security Domain as a first class entity in TEEP (OTrP). There have been some desires to simplify it, or not require it in the TEEP architecture as some use cases don’t use it as much as potential IoT use cases. On the other hand, we know that existing TEE implementations and other secure element related practices uses SD to isolate and associate protection boundary. There was some resource constraints on number of SDs that can be allocated in a TEE device.

To achieve broad support of both worlds, we consider to move to an “implicit” model as follows:


  *   One SD is created per TA when a TA is going to installed. This allows creation of TA without going through explicit SD creation and so on.
  *   The prior deletion of SD will delete all TAs within the same SD. Now each TA will be required to be explicitly deleted.

Thanks,

Ming

v2.23.0 | Report a Bug | By Email