Minutes interim-2020-teep-01: Mon 10:00
|Meeting Minutes||Trusted Execution Environment Provisioning (teep) WG|
|Title||Minutes interim-2020-teep-01: Mon 10:00|
|Other versions||plain text|
Virtual Interim Meeting Info on joining: JOIN WEBEX MEETING https://ietf.webex.com/ietf/j.php?MTID=mc3c078297d4f133fcc5d9d56d1e17aa3 Meeting number (access code): 317 197 262 Meeting password: z5gi5vqe Agenda/Minutes: Present: Michael Richardson Nancy Cam-Winget ("TEEP WG") Dave Thaler Dave Wheeler Henk Birkholz Kathleen Moriarty Kohei Isobe Nicolae RISE Russ Housley Tirumaleswar Reddy Mingliang Pei 1. note takers: Michael Richardson 2. Agenda bashing. Dave thaler asked for TEEP over HTTP update 3. TEEP over HTTP update -- Dave Thaler. @IETF106, the question was what direction should we go with the old OTRv1 stuff. We instructions to the editor about what to do, and... ? Dave Thaler has just posted a new version. 4. Architecture -- Dave Thaler (50min) * draft-ietf-teep-architecture * issues: https://github.com/ietf-teep/architecture/issues 19 issues filed in github, 17 are addressed in draft-06 Q: does all personalization data require confidentiality? Or does some of just need integrity? Q (KM): is the IEEE MAC address considered personal data? Even when the MAC address is randomized, the per-vendor randomization process resulted in the vendor being identifiable due to the different ways that they did it. Newer IEEE specifies how to randomize the MAC address, so this is no longer the case. DW: I don't think that this is intended to cover the MAC address situation? So I don't think that this falls into the bucket. HB: asks for an example. KM: maybe the mac address is an example. DT: this is data sent to the device, not from the device. DW: an example would be a list of servers/providers which could be provided to the device to contact. DT: but the list of servers would still provide a way to track devices. RH: 'implementations must support encryption to allow for loading of sensitive personal data' Three sentences that went by too fast. Issue #128 - re: euicc. Where does TEEP fit into this picture? David Wheeler will make some comments on the list, and attempt to close it on the list. issue 139: keep going. issue 113: draft is inconsistent. Is there one common broker, or 1 per TEE? -- the issue will be closed unless there are objections issue 118: attacks are mitigated, discussion in security consideration ,DoS issue 119: issue 120: issue 123: ditto. - - Should file an issue in RATS architecture, about how long an attestation result should be used. HB: there will always be a delay, and the evidence may have changed during the evaluation. issue 120: - a type of DoS where the TEEP is asked to install/uninstall TA. TA is not authorized. - "I still want to install it", one would keep bothering the TAM - this is implementer advice, and it might require state, and an MCU might not want to do it. issue 122: - - 5. Upcoming Hackathon Updates --- Hannes (5min) - no here yet move to the end. Hannes We are planning to focus on the TEEP protocol implementation in JSON/JOSE because this functionality is not yet covered in the draft. ~45 people have registered for the Hackathon. The participants will be split across the three topics (RATS, SUIT, and TEEP).