SUIT Working Group at IETF 116 # Draft Status Summary TEEP depends on: - [draft-ietf-suit-trust-domains-02](https://datatracker.ietf.org/doc/draft-ietf-suit-trust-domains/02/): WGLC due 4/14/2023 - [draft-ietf-suit-firmware-encryption-11](https://datatracker.ietf.org/doc/draft-ietf-suit-firmware-encryption/11/): informal dependency, update needed - [draft-ietf-suit-report-05](https://datatracker.ietf.org/doc/draft-ietf-suit-report/05/): update needed - [draft-ietf-suit-mti-00](https://datatracker.ietf.org/doc/draft-ietf-suit-mti/00/): update needed No TEEP dependency: - [draft-ietf-suit-update-management-01](https://datatracker.ietf.org/doc/draft-ietf-suit-update-management/01/): depends on trust domains, update needed - [draft-ietf-suit-mud-03](https://datatracker.ietf.org/doc/draft-ietf-suit-mud/03/): WGLC due 5/5/2023 # 1) Logistics - Agenda Bashing - Minute Taker: Hannes Tschofenig, David Waltermire, Akira Tsukamoto Note: The agenda items were reordered to accommodate remote presenters. # 6) Firmware Encryption with SUIT Manifests Presenter: Hannes Tschofenig Slides: [Encrypted Payloads in SUIT Manifests](https://datatracker.ietf.org/meeting/116/materials/slides-116-suit-suit-payload-encryption-00.pdf) Draft: [draft-ietf-suit-firmware-encryption-11](https://datatracker.ietf.org/doc/draft-ietf-suit-firmware-encryption/11/) Draft status: - Depends on COSE AES-CTR and AES-CBC document, which is with the IESG Presented changes: - Replaced HPKE with ECDH-ES, including changes to make the document more readable. This was done since COSE-HPKE has been slow to progress and there are still a significant number of open issues. ECDH-ES is already full specified in the COSE RFCs, and it meets all of the SUIT requirements. - The content encrypted (i.e., firmware, data, etc) with the CEK is called *Encrypted Content*. This mirrors the classic COSE_Sign1 diagram. The recipient structure using ECDH-ES is indicated in the orange box in the slides (slide 3). - Slide 4 presented the a fragment of the Recipient Structure, which uses the COSE structure as-is. The key id is at the end, indicating which public key is used for the recipient. The Ciphertext field is empty because the ECDH-derived symmetric key is input to the key derivation function (HKDF). Next steps: - Relatively minor changes need. - Need more implementation feedback. - Need to follow up on [a proposal from Laurence Lundblade](https://mailarchive.ietf.org/arch/msg/suit/v0z_iQJQ27wnvxz3OmXLb2sRghQ/), based on his implementation experience, related to the info structure. Hannes opened an [issue on GitHub](https://github.com/suit-wg/suit-firmware-encryption/issues/21). - David Brown offered to update his implementation to deal with the latest changes. - Happy to update the doc based on feedback. - Close resolved issues on GitHub. # 9) Mandatory-to-Implement Algorithms for SUIT Manifests Presenter: Akira Tsukamoto Slides: [draft-ietf-suit-mti-algorithms](https://datatracker.ietf.org/doc/slides-116-suit-draft-ietf-suit-mti/) Draft: [draft-ietf-suit-mti-00](https://datatracker.ietf.org/doc/draft-ietf-suit-mti/00/) Status: - Akira became a draft author recently and is talking about the update to the MTI draft. - Replaced HPKE with ECDH-ES and added the CDDL for each algorithm. - Current text is not in the draft but available on [GitHub](https://github.com/bremoran/suit-mti). Discussion: - David says he would like to start a WGLC as soon as the issue has been fixed. Brendan and Akira will work on a draft update so that WGLC can begin. # 8) Strong Assertions of IoT Network Access Requirements Presenter: Hannes Tschofenig Slides: [draft-ietf-suit-mud-03](https://datatracker.ietf.org/doc/slides-116-suit-draft-ietf-suit-mud-03/) Draft: [draft-ietf-suit-mud-03](https://datatracker.ietf.org/doc/draft-ietf-suit-mud/03/) Status: - Some updates in the current draft. Authors believe it is ready. - Russ indicated this is ready for WGLC. - Dave Thaler indicated that TEEP does not depend on this draft. # 7) Secure Reporting of Update Status Presenter: Brendan Moran Slides: [draft-ietf-suit-report-05](https://datatracker.ietf.org/doc/slides-116-suit-draft-ietf-suit-report-05/) Draft: [draft-ietf-suit-report-05](https://datatracker.ietf.org/doc/draft-ietf-suit-report/05/) Status: - Last draft added text about encryption in the security consideration section based on the discussions with TEEP. - The TEEP Protocol WGLC depends on this draft. - More work is needed on the IANA and security consideration sections. See discussion below. Open Issues: - How to coordinate with RATS? - It is possible to include the SUIT Report in an EAT as part of a software measurement claim? Brendan suggested this will require a CoAP content type for SUIT Report (as proposed in the draft). - Included a proposal for including an EAT description. Feedback is needed. Laurence indicated support for the approach. - Feedback needed on both changes. - IANA Considerations were added for CBOR Tag and CoAP Content-Type for SUIT-Report and SUIT-Reference. More work is needed to complete these registration requests. - Security Considerations - SUIT must be authenticated, without it only for debugging purpose. - May need to encrypt SUIT Report for confidentiality. - Brendan talks about a use case where the SUIT Report is encrypted and placed encrypted inside the EAT token. Discussion: - Russ asked as chair what effort is needed to get the document to WGLC? Brendan indicated that the IANA Considerations section still needs work. - Dave Thalar asked about which algorithms to use for encryption, can we use the same suit-MTI algorithms? Should the SUIT MTI draft title be changed to align with both directions? Brendan responded that HSS-LMS does not work in the reverse direction. Russ agreed with that assessment and suggested that ECDSA might be used for the reverse direction. Brendan suggested to use ECDH-ES for the reverse direction. Trying to strike a balence around sufficient specification vs. over specifying. The security considerations need work. Henk suggested reviewing the UCCS draft to check for overlap. Brendan will work to improve the security consideration, addressing the edge case around HSS-LMS. # 4) SUIT Manifest Extensions for Multiple Trust Domains Presenter: Brendan Moran (after deferring to Ken) Slides: [draft-ietf-suit-trust- domains-02](https://datatracker.ietf.org/doc/slides-116-suit-draft-ietf-suit-trust-domains-02/) Draft: [draft-ietf-suit-trust-domains-02](https://datatracker.ietf.org/doc/draft-ietf-suit-trust-domains/02/) Status: - Some changes made in latest draft - Draft is near done with some work on security considerations needed. Discussion: - Hannes asked what the implementation status is? Ken implemented device-side demo at the hackathon with self-reference component ID. It worked. - Ken suggested there is a need for another parameter. Ken will repost a suggestion to the list. Brendan believes that this functionality belongs in a different document, namely the update management document. More mailing list discussion is needed to resolve. # 5) Update Management Extensions for SUIT Manifests - draft-ietf-suit-update-management-01 - Discuss open issues; get ready for WG Last Call Presenter: Brendan Moran Slides: [draft-ietf-suit-update-management](https://datatracker.ietf.org/doc/slides-116-suit-draft-ietf-suit-update-management/) Draft: [draft-ietf-suit-update-management-01](https://datatracker.ietf.org/doc/draft-ietf-suit-update-management/01/) Status: - Management command registrations have been completed. - Depends on trust domains, which should be completed first. - New command can be registered later. # 2) Hackathon Summary - Share things that were learned Which documents are covered in the hackathon demos? According to Ken: - manifest - multiple trust domains - MTI indirectly (and partically because it supports multiple trust domains) Testing encryption has been done by David Brown. He will discuss his implementation with ECDH+key wrap. It can be easily made to do this. # 3) SUIT Manifest Format Draft: [draft-ietf-suit-manifest-22](https://datatracker.ietf.org/doc/draft-ietf-suit-manifest/22) Status: - Submitted to IESG for Publication # 10) Any Other Business (if time permits) None discussed