Minutes interim-2020-teep-01: Mon 10:00
minutes-interim-2020-teep-01-202002101000-00
| Meeting Minutes | Trusted Execution Environment Provisioning (teep) WG | |
|---|---|---|
| Title | Minutes interim-2020-teep-01: Mon 10:00 | |
| State | Active | |
| Other versions | plain text | |
| Last updated | 2020-04-02 |
minutes-interim-2020-teep-01-202002101000-00
Virtual Interim Meeting
Info on joining:
JOIN WEBEX MEETING
https://ietf.webex.com/ietf/j.php?MTID=mc3c078297d4f133fcc5d9d56d1e17aa3
Meeting number (access code): 317 197 262
Meeting password: z5gi5vqe
Agenda/Minutes:
Present:
Michael Richardson
Nancy Cam-Winget ("TEEP WG")
Dave Thaler
Dave Wheeler
Henk Birkholz
Kathleen Moriarty
Kohei Isobe
Nicolae RISE
Russ Housley
Tirumaleswar Reddy
Mingliang Pei
1. note takers: Michael Richardson
2. Agenda bashing.
Dave thaler asked for TEEP over HTTP update
3. TEEP over HTTP update -- Dave Thaler.
@IETF106, the question was what direction should we go with the old
OTRv1 stuff.
We instructions to the editor about what to do, and... ?
Dave Thaler has just posted a new version.
4. Architecture -- Dave Thaler (50min)
* draft-ietf-teep-architecture
* issues: https://github.com/ietf-teep/architecture/issues
19 issues filed in github, 17 are addressed in draft-06
Q: does all personalization data require confidentiality? Or does some
of just need integrity? Q (KM): is the IEEE MAC address considered
personal data? Even when the MAC address is randomized, the per-vendor
randomization process resulted in the vendor being identifiable due to
the different ways that they did it. Newer IEEE specifies how to
randomize the MAC address, so this is no longer the case. DW: I don't
think that this is intended to cover the MAC address situation? So I
don't think that this falls into the bucket. HB: asks for an example.
KM: maybe the mac address is an example. DT: this is data sent to the
device, not from the device. DW: an example would be a list of
servers/providers which could be provided to the device to contact. DT:
but the list of servers would still provide a way to track devices. RH:
'implementations must support encryption to allow for loading of
sensitive personal data'
Three sentences that went by too fast.
Issue #128 - re: euicc.
Where does TEEP fit into this picture?
David Wheeler will make some comments on the list, and attempt to close
it on the list.
issue 139: keep going.
issue 113: draft is inconsistent. Is there one common broker, or 1 per TEE?
-- the issue will be closed unless there are objections
issue 118: attacks are mitigated, discussion in security consideration ,DoS
issue 119:
issue 120:
issue 123: ditto.
-
- Should file an issue in RATS architecture, about how long an
attestation result should be used. HB: there will always be a delay,
and the evidence may have changed during the evaluation.
issue 120:
- a type of DoS where the TEEP is asked to install/uninstall TA. TA is
not authorized.
- "I still want to install it", one would keep bothering the TAM
- this is implementer advice, and it might require state, and
an MCU might not want to do it.
issue 122:
-
-
5. Upcoming Hackathon Updates --- Hannes (5min) - no here yet move to the end.
Hannes We are planning to focus on the TEEP protocol implementation in
JSON/JOSE because this functionality is not yet covered in the draft. ~45
people have registered for the Hackathon. The participants will be split across
the three topics (RATS, SUIT, and TEEP).