Minutes IETF116: teep: Mon 06:30
minutes-116-teep-202303270630-00
Meeting Minutes | Trusted Execution Environment Provisioning (teep) WG | |
---|---|---|
Date and time | 2023-03-27 06:30 | |
Title | Minutes IETF116: teep: Mon 06:30 | |
State | Active | |
Other versions | markdown | |
Last updated | 2023-04-07 |
minutes-116-teep-202303270630-00
TEEP Monday March 27 15:30-17:00 JST, Session III
Chairs: Nancy Cam-Winget, Tiru Reddy
Notetakers:
Kohei Isobe, Haiguang Wang
Agenda Bash & Logistics - Chairs (5min)
Hackathon Report – Akira Tsukamoto (15 min)
- Clarification of the CNF only containing hash value of TEEP agent
- Compromised TEEP agent: TEEP Broker running on SGX should be
protected by SGX. No action fom the TEEP Agent as that is not the
one compromised which is the consideration in the main draft. - Clarification of token and challenge TEEP message. No changes
required in the draft. - CDDL and decision to use CBOR required updates to the Makefile in
the implementation - No new issues from this hackathon.
TEEP HTTP Transport – Dave Thaler (10 min)
•
Draft: https://datatracker.ietf.org/doc/html/draft-ietf-teep-otrp-over-http
- Expect to have draft version 15 to cover comments to address IESG
comments - Comments from INT AD (Erik Kline) to address errors around timeout
considerations. - All responses have been posted to the ADs all who have approved
- Stean Santesson (Secdir review) on normative vs. use of "strongly"
now reviewed - Sec AD: missing "message buffer" usage now clarified. Also URI
guidance and now references RFC 3986 - Transport AD (Zaheduzzaman Sarker) commnts addressed from
introduction (using normative language) - TSV AD: POST messages without freshness are unreached. Adding
Cache-Control header MUST NOT be used. - ART AD (Francesca Palombini): requiring clarifications and
referencnes to BCP195 and RFC9205 - ART AD: re-echos similar comments from other AD
- RTG AD (John Scudder) claificaion on client initiation
- Will publish v15 unless there's any other comments
TEEP Protocol and transport drafts – Dave Thaler (40 minutes)
• Draft: https://datatracker.ietf.org/doc/draft-ietf-teep-protocol/ •
Issues: https://github.com/ietf-teep/teep-protocol/issues
- Issue 297: Error return for QueryResponse, added update message for
symmerty with QueryResponse. - Issue 310: threat of compromised agent trying to use Attestation
results from a healthy agent. Mitigation is to require a "cnf" claim
as defined in S3.1 of rFC 8747 - Updated security consideration to ensure mitigation on the attack.
- Issue 281: EAT profile didnd't have any mandatory claims. Update now
includes required claims - Issue 289: relationship of TEEP to AR4si; informative reference with
inclusion of 3 cases that are applicable (line between the TAM and
verifier). Category 1: asks verifier to give both ar4si and teep
profile; category 2: can only give 1 without nonce, send evidence in
2 formats, category 3: can only ask one per evidence have TEEP agent
talk directly to verifier to get ar4si - Issue 285: update TEEP EAT profile : adding sw-name claim and
manifests cialm to convey software information - Issue 286: summary of crypto algorithm use cases. Clarifications on
how to deal with sensitive information in EAT and SUIT reports. To
ensure AEAD algorithms were used - Add EAT/SUIT cipher negotiation supported-eat-suit-ciphersuites in
QueryRequest : as like supported-teep-cipher-suites. Added new field
covers both EAT and SUIT encryption. Should we split? - Current draft may need a change as MTI document to be consistant
with SUIT draft. - WGLC on next step? Dependency of HPKE, EAT, SUIT.
Firmware Encryption - Hannes Tschofenig and Russ Housley (20 min)
- Major change made on the HPKE key distribution.
- Hannes: not sure if there's a way to remove the normative dependency
but will have to review - Dave Thaler: believes the TEEP document can make it an informative
reference (but SUIT manifest and others do need to stay normative) - Hannes: prefers that as the trust domains may fall into the same
categorization - Based on SUIT meeting outcome, can make the chanage to make FW
encryption informative, but not sure can shift the others as they
are required (e.g. normative)
AOB
cnf Implementation
- Hannes asked the details of cnf implementation in this hackathon.
- Kohei shared Ken's and his implementation. He couldn't find the
concreate caluculate way of public key's hash in COSE compared with
JWK. He'll post more details in TEEP mailing list. - Akira Tsukamoto: the hash of public key in CNF is already on Github
- Dave: There is some concern on the KID value and Dave trying to
anser the question. - An issue need to be raised to address the cddl file updates.