TPM-based Network Device Remote Integrity Verification
draft-ietf-rats-tpm-based-network-device-attest-14
Yes
No Objection
Note: This ballot was opened for revision 10 and is now closed.
Roman Danyliw Yes
Alvaro Retana No Objection
Erik Kline No Objection
Francesca Palombini No Objection
Lars Eggert No Objection
Agree with Ben's DISCUSS. This Informational document seems to want to normatively talk about and reference quite a few other documents. However, that's not really something an Informational document can really (normatively) do. Found terminology that should be reviewed for inclusivity; see https://www.rfc-editor.org/part2/#inclusive_language for background and more guidance: * Term "native"; alternatives might be "built-in", "fundamental", "ingrained", "intrinsic", "original" (matched "native" rule, pattern ((\bnative\w*\b)\w*)). Thanks to Linda Dunbar for their General Area Review Team (Gen-ART) review (https://mailarchive.ietf.org/arch/msg/gen-art/uJfSJiH2jjpTrxAlux60VNEDF-0). ------------------------------------------------------------------------------- All comments below are about very minor potential issues that you may choose to address in some way - or ignore - as you see fit. Some were flagged by automated tools (via https://github.com/larseggert/ietf-reviewtool), so there will likely be some false positives. There is no need to let me know what you did with these suggestions. Section 1.5. , paragraph 7, nit: > station Result, used to inform decision making. In practice, this means comp > ^^^^^^^^^^^^^^^ The noun "decision-making" (= the process of deciding something) is spelled with a hyphen. Section 1.5. , paragraph 8, nit: > ation expected by the Verifier. Subsequently the Appraisal Policy for Evidenc > ^^^^^^^^^^^^ A comma may be missing after the conjunctive/linking adverb "Subsequently". Section 1.6. , paragraph 3, nit: > attestation of Linux or other multi-threaded operating system processes aft > ^^^^^^^^^^^^^^ This word is normally spelled as one. Section 2.1.1. , paragraph 8, nit: > ader | 8 | 9 | | (e.g GRUB2 for Linux) | > ^^^ The abbreviation "e.g." (= for example) requires two periods. Section 2.3. , paragraph 16, nit: > arly system startup (e.g., BIOS, boot loader, OS kernel) are essentially sing > ^^^^^^^^^^^ This word is normally spelled as one. Section 2.4.1. , paragraph 5, nit: > d in [I-D.ietf-rats-architecture]. However additional prerequisites have been > ^^^^^^^ A comma may be missing after the conjunctive/linking adverb "However". Section 4. , paragraph 10, nit: > redundant information, or add an additional layer of signing using external > ^^^^^^^^^^^^^^^^^^^^^^^ This phrase might be redundant. Consider either removing or replacing the adjective "additional". Document references draft-ietf-rats-yang-tpm-charra-12, but -13 is the latest available revision. Document references draft-birkholz-rats-reference-interaction-model-03, but -05 is the latest available revision. These URLs in the document can probably be converted to HTTPS: * http://www.uefi.org
Murray Kucherawy No Objection
Zaheduzzaman Sarker No Objection
Thanks for working on this specification. This was good read. (I was dishearten to find ,my interest, "virtualization and containerization" was out of scope :-() Supporting Benjamin Kaduk's discuss.
(Benjamin Kaduk; former steering group member) (was Discuss) No Objection
Thanks for addressing my previous Discuss point and the preponderance of
my previous Comments! I retain a couple here, as I think they still
apply to some extent.
Section 1.5
3. Conveyance of Evidence reliably transports the collected Evidence
from Attester to a Verifier to allow a management station to
perform a meaningful appraisal in Step 4. The transport is
typically carried out via a management network. The channel must
provide integrity and authenticity, and, in some use cases, may
also require confidentiality.
It seems like there is some subtlety here if we insist that the
communications channel to a potentially untrustworthy endpoint will
provide integrity and authenticity (let alone confidentiality). I suggest
giving more clarity on what threats these technical measures are
protecting against in relation to the potentially untrusted endpoint.
[ed. I do see the added text to indicate that the TPM signing key
does provide a separate signature over the critical evidence, but
that does not explain why we still say we want integrity and authentication
(and in some cases confidentiality) of the channel that conveys such evidence.]
Section 3.3
In this application, each device may need to be equipped with signed
RIMs to act as an Attester, and also an Appraisal Policy for Evidence
and a selection of trusted X.509 root certificates, to allow the
device to act as a Verifier. An existing link layer protocol such as
802.1X [IEEE-802.1X] or 802.1AE [IEEE-802.1AE], with Evidence being
enclosed over a variant of EAP [RFC3748] or LLDP [LLDP] are suitable
methods for such an exchange.
Should we say that the details of those "variant"s being out of scope for
this document? (What we do say is pretty far from a complete solution.)