| draft-ietf-rats-tpm-based-network-device-attest-06.txt | draft-ietf-rats-tpm-based-network-device-attest-07.txt | |||
|---|---|---|---|---|
| RATS Working Group G. Fedorkow, Ed. | RATS Working Group G. Fedorkow, Ed. | |||
| Internet-Draft Juniper Networks, Inc. | Internet-Draft Juniper Networks, Inc. | |||
| Intended status: Informational E. Voit | Intended status: Informational E. Voit | |||
| Expires: June 10, 2021 Cisco Systems, Inc. | Expires: December 12, 2021 Cisco Systems, Inc. | |||
| J. Fitzgerald-McKay | J. Fitzgerald-McKay | |||
| National Security Agency | National Security Agency | |||
| December 07, 2020 | June 10, 2021 | |||
| TPM-based Network Device Remote Integrity Verification | TPM-based Network Device Remote Integrity Verification | |||
| draft-ietf-rats-tpm-based-network-device-attest-06 | draft-ietf-rats-tpm-based-network-device-attest-07 | |||
| Abstract | Abstract | |||
| This document describes a workflow for remote attestation of the | This document describes a workflow for remote attestation of the | |||
| integrity of firmware and software installed on network devices that | integrity of firmware and software installed on network devices that | |||
| contain Trusted Platform Modules [TPM1.2], [TPM2.0], as defined by | contain Trusted Platform Modules [TPM1.2], [TPM2.0], as defined by | |||
| the Trusted Computing Group (TCG). | the Trusted Computing Group (TCG). | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 36 ¶ | skipping to change at page 1, line 36 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on June 10, 2021. | This Internet-Draft will expire on December 12, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 20, line 26 ¶ | skipping to change at page 20, line 26 ¶ | |||
| the Attester according to [Platform-DevID-TPM-2.0], | the Attester according to [Platform-DevID-TPM-2.0], | |||
| [PC-Client-BIOS-TPM-1.2], or [Platform-ID-TPM-1.2]. | [PC-Client-BIOS-TPM-1.2], or [Platform-ID-TPM-1.2]. | |||
| The Attester's TPM Keys MUST be associated with the DevID on the | The Attester's TPM Keys MUST be associated with the DevID on the | |||
| Verifier (see [Platform-DevID-TPM-2.0] and Section 5 Security | Verifier (see [Platform-DevID-TPM-2.0] and Section 5 Security | |||
| Considerations, below). | Considerations, below). | |||
| 3.1.3. Appraisal Policy for Evidence | 3.1.3. Appraisal Policy for Evidence | |||
| The Verifier MUST obtain trustworthy Reference Values (encoded as | The Verifier MUST obtain trustworthy Reference Values (encoded as | |||
| SWID or CoSWID tags [I-D.birkholz-yang-swid]). These reference | SWID or CoSWID tags [I-D.ietf-sacm-coswid]. These reference | |||
| measurements will eventually be compared to signed PCR Evidence | measurements will eventually be compared to signed PCR Evidence | |||
| ('quotes') acquired from an Attester's TPM using Attestation Policies | ('quotes') acquired from an Attester's TPM using Attestation Policies | |||
| chosen by the administrator or owner of the device. | chosen by the administrator or owner of the device. | |||
| This document does not specify the format or contents for the | This document does not specify the format or contents for the | |||
| Appraisal Policy for Evidence, but Reference Values may be acquired | Appraisal Policy for Evidence, but Reference Values may be acquired | |||
| in one of two ways: | in one of two ways: | |||
| 1. a Verifier may obtain reference measurements directly from an | 1. a Verifier may obtain reference measurements directly from an | |||
| Reference Value Provider chosen by the Verifier administrator | Reference Value Provider chosen by the Verifier administrator | |||
| skipping to change at page 31, line 50 ¶ | skipping to change at page 31, line 50 ¶ | |||
| o Complex supply chains can be certified using TCG Platform | o Complex supply chains can be certified using TCG Platform | |||
| Certificates [Platform-Certificates]. | Certificates [Platform-Certificates]. | |||
| o The TCG TAP mechanism couple with [I-D.ietf-rats-yang-tpm-charra] | o The TCG TAP mechanism couple with [I-D.ietf-rats-yang-tpm-charra] | |||
| can be used to retrieve attestation evidence. | can be used to retrieve attestation evidence. | |||
| o Reference Values must be conveyed from the software authority | o Reference Values must be conveyed from the software authority | |||
| (e.g., the manufacturer) in Reference Integrity Manifests, to the | (e.g., the manufacturer) in Reference Integrity Manifests, to the | |||
| system in which verification will take place. IETF and TCG SWID | system in which verification will take place. IETF and TCG SWID | |||
| and CoSWID work ([I-D.birkholz-yang-swid], [RIM])) forms the basis | and CoSWID work [I-D.ietf-sacm-coswid], [RIM])) forms the basis | |||
| for this function. | for this function. | |||
| 7. IANA Considerations | 7. IANA Considerations | |||
| This memo includes no request to IANA. | This memo includes no request to IANA. | |||
| 8. Acknowledgements | 8. Acknowledgements | |||
| The authors wish to thank numerous reviewers for generous assistance, | The authors wish to thank numerous reviewers for generous assistance, | |||
| including William Bellingrath, Mark Baushke, Ned Smith, Henk | including William Bellingrath, Mark Baushke, Ned Smith, Henk | |||
| Birkholz, Tom Laffey, Dave Thaler, Wei Pan, Michael Eckel, Thomas | Birkholz, Tom Laffey, Dave Thaler, Wei Pan, Michael Eckel, Thomas | |||
| Hardjono, Bill Sulzen, Monty Wiseman, Kathleen Moriarty, Nancy Cam- | Hardjono, Bill Sulzen, Willard (Monty) Wiseman, Kathleen Moriarty, | |||
| Winget and Shwetha Bhandari | Nancy Cam-Winget and Shwetha Bhandari | |||
| 9. Appendix | 9. Appendix | |||
| 9.1. Using a TPM for Attestation | 9.1. Using a TPM for Attestation | |||
| The Trusted Platform Module and surrounding ecosystem provide three | The Trusted Platform Module and surrounding ecosystem provide three | |||
| interlocking capabilities to enable secure collection of evidence | interlocking capabilities to enable secure collection of evidence | |||
| from a remote device, Platform Configuration Registers (PCRs), a | from a remote device, Platform Configuration Registers (PCRs), a | |||
| Quote mechanism, and a standardized Event Log. | Quote mechanism, and a standardized Event Log. | |||
| skipping to change at page 35, line 30 ¶ | skipping to change at page 35, line 30 ¶ | |||
| ******************************************************************** | ******************************************************************** | |||
| ....................... ....................... | ....................... ....................... | |||
| . Reference Integrity . . TAP (PTS2.0) Info . | . Reference Integrity . . TAP (PTS2.0) Info . | |||
| . Manifest . . Model and Canonical . | . Manifest . . Model and Canonical . | |||
| . . . Log Format . | . . . Log Format . | |||
| ....................... ....................... | ....................... ....................... | |||
| ************************* .............. ********************** | ************************* .............. ********************** | |||
| * YANG SWID Module * . TCG . * YANG Attestation * | * YANG SWID Module * . TCG . * YANG Attestation * | |||
| * I-D.birkholz-yang-swid* . Attestation. * Module * | * I-D.ietf-sacm-coswid * . Attestation. * Module * | |||
| * * . MIB . * I-D.ietf-rats- * | * * . MIB . * I-D.ietf-rats- * | |||
| * * . . * yang-tpm-charra * | * * . . * yang-tpm-charra * | |||
| ************************* .............. ********************** | ************************* .............. ********************** | |||
| ************************* ************ ************************ | ************************* ************ ************************ | |||
| * XML, JSON, CBOR (etc) * * UDP * * XML, JSON, CBOR (etc)* | * XML, JSON, CBOR (etc) * * UDP * * XML, JSON, CBOR (etc)* | |||
| ************************* ************ ************************ | ************************* ************ ************************ | |||
| ************************* ************************ | ************************* ************************ | |||
| * RESTCONF/NETCONF * * RESTCONF/NETCONF * | * RESTCONF/NETCONF * * RESTCONF/NETCONF * | |||
| skipping to change at page 37, line 11 ¶ | skipping to change at page 37, line 11 ¶ | |||
| | Make CoSWID tags for BIOS/LoaderLKernel objects | IETF CoSWID | | | Make CoSWID tags for BIOS/LoaderLKernel objects | IETF CoSWID | | |||
| | o Add reference measurements into SWID tags | ISO/IEC 19770-2| | | o Add reference measurements into SWID tags | ISO/IEC 19770-2| | |||
| | o Manufacturer should sign the SWID tags | NIST IR 8060 | | | o Manufacturer should sign the SWID tags | NIST IR 8060 | | |||
| | o The TCG RIM-IM identifies further | | | | o The TCG RIM-IM identifies further | | | |||
| | procedures to create signed RIM | | | | procedures to create signed RIM | | | |||
| | documents that provide the necessary | | | | documents that provide the necessary | | | |||
| | reference information | | | | reference information | | | |||
| -------------------------------------------------------------------- | -------------------------------------------------------------------- | |||
| | Package the SWID tags with a vendor software | Retrieve tags | | | Package the SWID tags with a vendor software | Retrieve tags | | |||
| | release | with | | | release | with | | |||
| | o A tag-generator plugin such | draft-birkholz-yang-swid| | | o A tag-generator plugin such | I-D.ietf-sacm-coswid| | |||
| | as [SWID-Gen] can be used |----------------| | | as [SWID-Gen] can be used |----------------| | |||
| | | TCG PC Client | | | | TCG PC Client | | |||
| | | RIM | | | | RIM | | |||
| -------------------------------------------------------------------- | -------------------------------------------------------------------- | |||
| | Use PC Client measurement definitions | TCG PC Client | | | Use PC Client measurement definitions | TCG PC Client | | |||
| | to define the use of PCRs | BIOS | | | to define the use of PCRs | BIOS | | |||
| | (although Windows OS is rare on Networking | | | | (although Windows OS is rare on Networking | | | |||
| | Equipment, UEFI BIOS is not) | | | | Equipment, UEFI BIOS is not) | | | |||
| -------------------------------------------------------------------- | -------------------------------------------------------------------- | |||
| | Use TAP to retrieve measurements | | | | Use TAP to retrieve measurements | | | |||
| skipping to change at page 38, line 5 ¶ | skipping to change at page 38, line 5 ¶ | |||
| Figure 8: Component Status | Figure 8: Component Status | |||
| 10. References | 10. References | |||
| 10.1. Normative References | 10.1. Normative References | |||
| [Canonical-Event-Log] | [Canonical-Event-Log] | |||
| Trusted Computing Group, "DRAFT Canonical Event Log Format | Trusted Computing Group, "DRAFT Canonical Event Log Format | |||
| Version: 1.0, Revision: .12", October 2018. | Version: 1.0, Revision: .12", October 2018. | |||
| [I-D.birkholz-yang-swid] | ||||
| Birkholz, H., "Software Inventory YANG module based on | ||||
| Software Identifiers", draft-birkholz-yang-swid-02 (work | ||||
| in progress), October 2018. | ||||
| [I-D.ietf-rats-yang-tpm-charra] | [I-D.ietf-rats-yang-tpm-charra] | |||
| Birkholz, H., Eckel, M., Voit, E., Bhandari, S., Sulzen, | Birkholz, H., Eckel, M., Bhandari, S., Voit, E., Sulzen, | |||
| B., Xia, L., Laffey, T., and G. Fedorkow, "A YANG Data | B., (Frank), L. X., Laffey, T., and G. C. Fedorkow, "A | |||
| Model for Challenge-Response-based Remote Attestation | YANG Data Model for Challenge-Response-based Remote | |||
| Procedures using TPMs", draft-ietf-rats-yang-tpm-charra-03 | Attestation Procedures using TPMs", draft-ietf-rats-yang- | |||
| (work in progress), September 2020. | tpm-charra-07 (work in progress), April 2021. | |||
| [I-D.ietf-sacm-coswid] | [I-D.ietf-sacm-coswid] | |||
| Birkholz, H., Fitzgerald-McKay, J., Schmidt, C., and D. | Birkholz, H., Fitzgerald-McKay, J., Schmidt, C., and D. | |||
| Waltermire, "Concise Software Identification Tags", draft- | Waltermire, "Concise Software Identification Tags", draft- | |||
| ietf-sacm-coswid-16 (work in progress), November 2020. | ietf-sacm-coswid-17 (work in progress), February 2021. | |||
| [IEEE-802-1AR] | [IEEE-802-1AR] | |||
| Seaman, M., "802.1AR-2018 - IEEE Standard for Local and | Seaman, M., "802.1AR-2018 - IEEE Standard for Local and | |||
| Metropolitan Area Networks - Secure Device Identity, IEEE | Metropolitan Area Networks - Secure Device Identity, IEEE | |||
| Computer Society", August 2018. | Computer Society", August 2018. | |||
| [PC-Client-BIOS-TPM-1.2] | [PC-Client-BIOS-TPM-1.2] | |||
| Trusted Computing Group, "TCG PC Client Specific | Trusted Computing Group, "TCG PC Client Specific | |||
| Implementation Specification for Conventional BIOS, | Implementation Specification for Conventional BIOS, | |||
| Specification Version 1.21 Errata, Revision 1.00", | Specification Version 1.21 Errata, Revision 1.00", | |||
| skipping to change at page 40, line 43 ¶ | skipping to change at page 40, line 37 ¶ | |||
| [EFI-TPM] Trusted Computing Group, "TCG EFI Platform Specification | [EFI-TPM] Trusted Computing Group, "TCG EFI Platform Specification | |||
| for TPM Family 1.1 or 1.2, Specification Version 1.22, | for TPM Family 1.1 or 1.2, Specification Version 1.22, | |||
| Revision 15", January 2014, | Revision 15", January 2014, | |||
| <https://trustedcomputinggroup.org/resource/tcg-efi- | <https://trustedcomputinggroup.org/resource/tcg-efi- | |||
| platform-specification/>. | platform-specification/>. | |||
| [I-D.birkholz-rats-network-device-subscription] | [I-D.birkholz-rats-network-device-subscription] | |||
| Birkholz, H., Voit, E., and W. Pan, "Attestation Event | Birkholz, H., Voit, E., and W. Pan, "Attestation Event | |||
| Stream Subscription", draft-birkholz-rats-network-device- | Stream Subscription", draft-birkholz-rats-network-device- | |||
| subscription-01 (work in progress), October 2020. | subscription-02 (work in progress), March 2021. | |||
| [I-D.birkholz-rats-reference-interaction-model] | [I-D.birkholz-rats-reference-interaction-model] | |||
| Birkholz, H., Eckel, M., Newton, C., and L. Chen, | Birkholz, H., Eckel, M., Newton, C., and L. Chen, | |||
| "Reference Interaction Models for Remote Attestation | "Reference Interaction Models for Remote Attestation | |||
| Procedures", draft-birkholz-rats-reference-interaction- | Procedures", draft-birkholz-rats-reference-interaction- | |||
| model-03 (work in progress), July 2020. | model-03 (work in progress), July 2020. | |||
| [I-D.birkholz-rats-tuda] | [I-D.birkholz-rats-tuda] | |||
| Fuchs, A., Birkholz, H., McDonald, I., and C. Bormann, | Fuchs, A., Birkholz, H., McDonald, I. E., and C. Bormann, | |||
| "Time-Based Uni-Directional Attestation", draft-birkholz- | "Time-Based Uni-Directional Attestation", draft-birkholz- | |||
| rats-tuda-03 (work in progress), July 2020. | rats-tuda-04 (work in progress), January 2021. | |||
| [I-D.ietf-rats-architecture] | [I-D.ietf-rats-architecture] | |||
| Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | |||
| W. Pan, "Remote Attestation Procedures Architecture", | W. Pan, "Remote Attestation Procedures Architecture", | |||
| draft-ietf-rats-architecture-07 (work in progress), | draft-ietf-rats-architecture-12 (work in progress), April | |||
| October 2020. | 2021. | |||
| [I-D.ietf-rats-eat] | [I-D.ietf-rats-eat] | |||
| Mandyam, G., Lundblade, L., Ballesteros, M., and J. | Mandyam, G., Lundblade, L., Ballesteros, M., and J. | |||
| O'Donoghue, "The Entity Attestation Token (EAT)", draft- | O'Donoghue, "The Entity Attestation Token (EAT)", draft- | |||
| ietf-rats-eat-06 (work in progress), December 2020. | ietf-rats-eat-09 (work in progress), March 2021. | |||
| [I-D.richardson-rats-usecases] | [I-D.richardson-rats-usecases] | |||
| Richardson, M., Wallace, C., and W. Pan, "Use cases for | Richardson, M., Wallace, C., and W. Pan, "Use cases for | |||
| Remote Attestation common encodings", draft-richardson- | Remote Attestation common encodings", draft-richardson- | |||
| rats-usecases-08 (work in progress), November 2020. | rats-usecases-08 (work in progress), November 2020. | |||
| [I-D.voit-rats-trusted-path-routing] | [I-D.voit-rats-trusted-path-routing] | |||
| Voit, E., "Trusted Path Routing", draft-voit-rats-trusted- | Voit, E., "Trusted Path Routing", draft-voit-rats-trusted- | |||
| path-routing-02 (work in progress), June 2020. | path-routing-02 (work in progress), June 2020. | |||
| End of changes. 18 change blocks. | ||||
| 28 lines changed or deleted | 23 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||