SUIT Virtual Interim at 1600 CEST on 6 June 2018 Scribes: Hannes Tschofenig, Koen Zandberg, and Michael Richardson Chairs: David Waltermire, Dave Thaler, and Russ Housley AGENDA - Agenda bashing, Logistics, Status, Milestones -- Chairs (5 mins) - Moving forward on draft-housley-suit-cose-hash-sig-00 -- Chairs (5 mins) https://datatracker.ietf.org/doc/draft-housley-suit-cose-hash-sig/ - Hackathon Report -- Emmanuel (15 mins) - Suit Architecture -- Authors (15 mins) https://datatracker.ietf.org/doc/draft-ietf-suit-architecture/ - Suit Information Model -- Authors (15 mins) https://datatracker.ietf.org/doc/draft-ietf-suit-information-model/ - Next Steps -- Chairs (5 mins) ATTENDEES - Emmanuel Baccelli (EB) - Henk Birkholz - Carsten Bormann (CB) - Said Gharout - Markus Gueller (MG) - Ralph Hamm - Russ Housley (RH) - Benjamin Kaduk - Paul Lambert - Brendan Moran (BM) - Steve Patrick (SP) - Michael Richardson (MR) - Milen Stoychev - Dave Thaler (DT) - Hannes Tschofenig - Fabio Utzig - Dave Waltermire (DW) - Koen Zandberg - Jan-Frederik Rieckers MINUTES - Moving forward on draft-housley-suit-cose-hash-sig-00 -- DW: The draft provides a generalized approach, should this work be done in COSE or SUIT? -- RH: COSE has been closed. -- DT: Is there any other WG to do this work? Or, should it be AD-sponsored? -- RH: It is really not a complicated document; it just uses data structures from COSE and assigning numbers. -- DT: It is a generalized approach; it could be used by anyone. -- RH: Yes, anyone who needs a hash-based digital signature. -- CB: SUIT is the right WG, but others could di it too. The sweet spot is where there are few signatures over a long period of time. Other WGs need many signatures over a short period of time. -- MR: 6tisch zerotouch enrollment does few signatures over a long period of time (with a shelf-life of decades before use). -- DT and DW will discuss the appropriate WG to do the work with the Security Area Directors. -- CB and MR volunteered to review the draft. -- Jim Schaad also agreed to review the draft, but he cannot be here. - Hackathon report -- Hackathon hosted by Freie Universität Berlin -- See https://pad.inria.fr/p/cYawtv2ivnoOl60X_suit-hackathon -- EB: About 20 participants, with 6-7 of them offsite. SUIT compliant firmware updates were tested. -- EB: The RIOT group had a implementation compliant with the specification and a stand-alone cose implementation. Successful end-to-end tests. Tested on samr21 (cortex-m0+) and stm32 (cortex-m3) -- EB: MBed OS used the K64F, libcose, and Mbed TLS. Some key issues caused problems; raw key handling was not as was expected. -- MG: CDDL specification for a minimalistic COSE sign. Used CDDL tool to generate several instances. -- DT: Did you learn anything related to the specifications at the hackathon? -- BM: Noted that component identifiers may need to be added and firmware versions for dependencies. -- BM: There was a larger discussion on the information model in the room, which will require an update to the draft. - Suit Architecture -- HT: The terminology/operating models are described in a message: https://www.ietf.org/mail-archive/web/suit/current/msg00480.html -- HT: The Client-Initiated/Server-Initiated/Hybrid taxonomy does not cover the situation where the manifest and images are delivered on a USB key. -- EB: The number of actors involved in the architecture is not clear at the beginning of the document. -- HT: The document will be updated once the discussions related to the proposed terminology and operating models have been concluded. A new architecture diagram will added earlier in the document. - Suit Information Model -- BM: The information model draft was discussed during the Hackathon as part of the implementation work. Discussed items included: * changing the manifest fields to manifest elements * Adding a firmware version to the Precursor image digest condition (or instead of it) * class identifier * user stories require some examples and directives * clarified the directives, which apply to the whole manifest, as opposed to processing steps that only apply to specific payloads * OEM rights vs. operator rights in terms of the ability to override certain fields of the manifest (such as the URIs) * Wording changes to IP protection use case to talk about avoiding disclosure * Documenting OEM vs. manifacturer relationships -- SP: I will provide comments for the information model draft. I am wondering whether the specification aims to also support a more centralized model or only a distributed model. -- HT: A centralized model is also supported. -- SP: I will post a mail to the list about this topic, and we can discuss it in more detail on the list since we are running out of time. SUMMARY OF ACTION ITEMS - DM and DT to talk to the Security Area Directors about the best place for work to proceed on draft-housley-suit-cose-hash-sig. - HT to provide wording improvement for draft-ietf-suit-architecture, and then post an updated draft. - BM to update the Introduction of draft-ietf-suit-information-model, add fields found in hackathon (component ID, versions dependencies for the firmware), and clarifications about what fields are mandatory. - SP to send a review of draft-ietf-suit-information-model to the list. - MR to send a review of draft-housley-suit-cose-hash-sig to the list. - CB to send a review of draft-housley-suit-cose-hash-sig to the list. DESIGN TEAM MEETING ANNOUNCEMENT A design team meeting to continue the discussion on architecture and information model documents planned on Thursday, 15 June 2018 at 13:30 CEST on jitsi.tools.ietf.org/suit-dt. Details will be announced on the SUIT WG mail list.