Re: [Teep] Status of TEEP protocol draft, and its dependency on SUIT
Hannes Tschofenig <hannes.tschofenig@gmail.com> Wed, 18 October 2023 04:13 UTC
Return-Path: <hannes.tschofenig@gmail.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F037C1519BD; Tue, 17 Oct 2023 21:13:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X5aYbfxIIumU; Tue, 17 Oct 2023 21:12:57 -0700 (PDT)
Received: from mail-qv1-xf2d.google.com (mail-qv1-xf2d.google.com [IPv6:2607:f8b0:4864:20::f2d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C08AEC151096; Tue, 17 Oct 2023 21:12:57 -0700 (PDT)
Received: by mail-qv1-xf2d.google.com with SMTP id 6a1803df08f44-66d36b2a247so25750146d6.1; Tue, 17 Oct 2023 21:12:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697602377; x=1698207177; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=yDxCV2W8r2i7ImkxlHcEQi0Zy7PqXuglCf+FV0Hx4zU=; b=FrPl49kz/JJ5s2i4zX8T0d9XWkHPJfiuQBR4JmL02LcR488WLK+N39UodmYbOQBzn0 YVDnqaPusuMeR8w47IQxP3fKV7gglUAkwoDYVoPXqU/pqwsB2kOm5dzZs6tihLgKudJY t0bJg1Y2ZcMOwtvTQG+h/xxhLmETZv7PkEdIxXOJoxgtF1Bt5ExVY5seiae62cl/29me 0uSxbG6P5d+igeVJYbR5AE9ADS3+KwNO6O5iJqno9wVgHVkNDLVkhn66osTg15i6A0Ph iC4Z7K9Qq+JmioM3fn5WV5sbDhNnBgUV+K/KhWpCMqh3/O1HmUVGqf542cIBvsNh9hk1 wLYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697602377; x=1698207177; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=yDxCV2W8r2i7ImkxlHcEQi0Zy7PqXuglCf+FV0Hx4zU=; b=hYs93k791Bnc7LTRwJN+SCtJV8SH9M3aVg6TqxrwwrMtds9QIVqosIu/ADlYSag0ZM mBEygGZ+k+I2zeXpx+2aj2opEvvxEwI0OmV4T0jyzWd+xZm2wTx9ep/6DedHE7Gcpzzn UHM3fEU87WelRpO7aV/+G5UvFAWw07CaouuY++4RyfnjpOO3SIZXAnxPFmk8QDev5wgy 8Z/gRz5g7Ryv6t7LWYd143z5zhFSktXio48wq54y1ZIal9xni8KpmRGroBuT/KGobz05 RHZ5o9t7zPP22flzlXf3QjqVvMaHybYgUM62ldsoWocGnVngton70/Rn85iz9NlfnPz3 2Dqg==
X-Gm-Message-State: AOJu0Ywe67Kz6vbNHAVk+fEWVgScxaTiqx8exakSOJUnU/9Zplg+0Y7I zyEk3NTBFLYQbTJyRGQdR15sDxYMsbpecBPiI+Q=
X-Google-Smtp-Source: AGHT+IHG+qB39nIwkEhniwKyCYid7shR34psW4gPrQGhRCAGQrphO9YI5O/gUtDhvQn3Vf7f898h31HguOaOCSqX3pM=
X-Received: by 2002:ad4:4ea4:0:b0:66d:6194:77a6 with SMTP id ed4-20020ad44ea4000000b0066d619477a6mr5896404qvb.29.1697602376656; Tue, 17 Oct 2023 21:12:56 -0700 (PDT)
MIME-Version: 1.0
References: <CAOQt4iD8vW5NvgOUePwkfwEHaDd9+5kKGn0QTiht1B9cDqHJog@mail.gmail.com> <PH7PR21MB387882305E6EBA84F563CD77A30DA@PH7PR21MB3878.namprd21.prod.outlook.com> <PH7PR21MB38787B02DC50FFECBA3A184AA312A@PH7PR21MB3878.namprd21.prod.outlook.com> <CABDGos6Q6mt=B=oSZaGSx3TKYQf_4D_eTG27OQK60FT5azbd8w@mail.gmail.com> <PH7PR21MB38782B73B868CCDA54577F0BA3D6A@PH7PR21MB3878.namprd21.prod.outlook.com>
In-Reply-To: <PH7PR21MB38782B73B868CCDA54577F0BA3D6A@PH7PR21MB3878.namprd21.prod.outlook.com>
From: Hannes Tschofenig <hannes.tschofenig@gmail.com>
Date: Wed, 18 Oct 2023 06:12:45 +0200
Message-ID: <CAOQt4iB+zOhBoPCHKzLFnPesH9MoNdd3qJ_1JVqMUwB1SyBiqQ@mail.gmail.com>
To: Dave Thaler <dthaler@microsoft.com>
Cc: Mingliang Pei <mingliang.pei@broadcom.com>, Akira Tsukamoto <akira.tsukamoto@gmail.com>, "TEEP@ietf.org" <teep@ietf.org>, "suit-chairs@ietf.org" <suit-chairs@ietf.org>, Brendan Moran <brendan.moran.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000a16bf30607f5da65"
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/w9QwZmG3Ye7sU4AySTmlHHqMVx4>
Subject: Re: [Teep] Status of TEEP protocol draft, and its dependency on SUIT
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Oct 2023 04:13:01 -0000
Hi Dave, thanks for your email. - I closed PR #359 ("s/bit is clear/bit is cleared") since you guys didn't agree with it. - I changed PR#366 ("Encryption-related editorial improvements") and reversed the change regarding the normative reference. - I added a comment regarding PR# 358 ("Removing statement about Token Usage") - I approved PR# 364 ("*.suit Filename") Regarding PR #356 ("No reference to each suit-cose-profiles") I need your feedback to tell me whether I am on the wrong track with my view about AES-CTR. I shared my views on the mailing list about it. Ciao Hannes On Tue, Oct 17, 2023 at 11:05 PM Dave Thaler <dthaler@microsoft.com> wrote: > Hi TEEP folks, I'd really like to get done with the teep-protocol > specification. > It's gone through WGLC and has a shepherd write-up associated with the > document already, last changed in July: > https://datatracker.ietf.org/doc/draft-ietf-teep-protocol/shepherdwriteup/ > And we discussed the draft at the joint SUIT/TEEP interim meeting. > > That said, there are several github pull requests waiting for review or > chairs to confirm consensus. > > * https://github.com/ietf-teep/teep-protocol/issues/356 ("No reference to > each suit-cose-profiles") > In this issue Ken pointed out that we reference profiles that no > longer exist in draft-ietf-suit-mti-02, > And proposed changing from GCM to CTR. I filed > https://github.com/ietf-teep/teep-protocol/pull/373 > to do that, which we discussed in the interim meeting. > Since then, Hannes argued that draft-ietf-suit-mti should be > changed to put GCM back in, but I haven't > seen any of the suit-mti authors respond to that, which is holding > up the teep protocol spec. > > https://mailarchive.ietf.org/arch/msg/suit/qJayE5LG6mmYaSfaEHUGxT0OSDQ/ > Hence cc'ing Brendan and the SUIT chairs on this email. > Earlier Ken had filed > https://github.com/ietf-teep/teep-protocol/pull/351 which is an > alternative > that uses GCM rather than CTR and so we're in limbo not knowing > whether PR 351 or 356 can be done > in referencing suit-mti or diverging from it. > > All the other issues below are, I believe, purely editorial cleanup... > > * https://github.com/ietf-teep/teep-protocol/issues/364 ("*.suit > Filename") > In this issue Hannes didn't like the examples having a manifest > filename ending in .suit but didn't propose > how to address. Last week I filed > https://github.com/ietf-teep/teep-protocol/pull/376 that just removes > the .suit from the end of the example filenames, and it is still > waiting for approval from other authors. > > * https://github.com/ietf-teep/teep-protocol/pull/358 ("Removing > statement about Token Usage") > Hannes filed this claiming there is no relationship between the > token and the attestation bit. > But as I mentioned in the PR comments 2 weeks ago there is a > relationship that was discussed at > IETF 109 and 110, with pointers in the comments, so I believe it > reflects consensus as is. I'm happy to > reopen discussion if a technical reason is given to remove the > relationship but so far no rationale has > been provided, so this PR has not been approved so far. > > * https://github.com/ietf-teep/teep-protocol/pull/366 > ("Encryption-related editorial improvements") > This PR has not been approved since it proposes changing firmware > encryption to be a normative > reference while not changing the citing language, which is at > least in my reading, informative. > > * https://github.com/ietf-teep/teep-protocol/pull/359 ("s/bit is > clear/bit is cleared") > This one is a trivial grammatical debate that should not hold up > the doc. Grammarly says the doc > is more correct as written, so this PR has not been approved so > far. > > The I-D deadline is next Monday but I am traveling starting this Friday so > want to see it > submitted by Friday. If others have views, please weigh in asap. > > Thanks, > Dave > > >
- [Teep] Status of TEEP protocol draft, and its dep… Dave Thaler
- Re: [Teep] Status of TEEP protocol draft, and its… Hannes Tschofenig
- Re: [Teep] Status of TEEP protocol draft, and its… dthaler1968