Re: [saag] Open Trust Protocol
Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 26 July 2016 16:37 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98D5612D7D2 for <saag@ietfa.amsl.com>; Tue, 26 Jul 2016 09:37:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.888
X-Spam-Level:
X-Spam-Status: No, score=-2.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GKwxxZtDny88 for <saag@ietfa.amsl.com>; Tue, 26 Jul 2016 09:37:34 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C23212D7DA for <saag@ietf.org>; Tue, 26 Jul 2016 09:37:31 -0700 (PDT)
Received: from [192.168.10.131] ([188.23.250.80]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MNO33-1bPbKB29Gb-006skN; Tue, 26 Jul 2016 18:37:26 +0200
To: Ira McDonald <blueroofmusic@gmail.com>
References: <CAN40gSshKiJ+2hANFhMi-nf9KCh59OWyfY4+fZZs8TZF-kUhpQ@mail.gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
Message-ID: <579791C5.20109@gmx.net>
Date: Tue, 26 Jul 2016 18:37:25 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <CAN40gSshKiJ+2hANFhMi-nf9KCh59OWyfY4+fZZs8TZF-kUhpQ@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="irGF1Da5wjDuTOTjGUcLjPdwU7K9UmsA9"
X-Provags-ID: V03:K0:j6Nrt89rhNC+kgcYiTsQ/1nCeCyv/LOL8teyP/Z6T9ibebaHkzL xHrs5lFUuQVoOQuS5F4hvTH9tWcktuGTKbjzIDFeJFOhDUGBLV0v4r4y/PbiIRmfF8UyQMa 7hPKkl9npX8MaScDHnxIjZ67XMotFxDxZRJGwXqsojkX6EiCsqf+PGwOAsJAsLihPsLTbwE PRII//6cZXGutPK/DUA2A==
X-UI-Out-Filterresults: notjunk:1;V01:K0:xa9hQLmbkq8=:2VQUMrLSPxyue7Vlk/bcCu orLAGSGtmX1sjkdq7FVMXdWWtN8lk256zdmrfvt2jrz1Znqqh+6q/oQEQMjY/EMiVxISbgjNf oChKUv1GWy74WG22bM1tztGNFPhdw/gkLQGY5FGVos/qZpgCpfKHJ9ohlkE43zeUKXd1/8ePG 5fDIM10fdDKSZyRMhrCch0o/powwebFFlVdXtkexoMSSFteyeRKVi5jHKmoq1MFZUHXS0nmuQ VkKtFKr91y741aRplr/rpt0RGF0rew1a77Ar8216ypGtCKxPLvaPYrihvL8X+IMeMY96DftjX Z6d8VscpCcilc9RVLH4jOj9Nd4WWrsO7wsZZ+yju9zyROqRZ1M5YGQlUT5UAndLmvEwE5mmU0 F1Le0LWMl60A75AlsHPO96vBFEdtLjn11FZKJxOLbxh4QsFjlXZRFJkTPJJ4JxNw+F0jqn8vk M7YD7nPsUsCm6fV1vZD2W0049nftfEcaMCnNZOdwN8LSmaDma41pIGPrL1IREuWlGs2f1rg19 KUTH6GyVVRhG5+xvyaKtx0Kv7KVExOqScjWHXN69e6swBfs/kCYBWM9eVFPEogdhLRlRxPQvF ycETdXt+td0mEQQy+jWguI67+3dlNwfOD0Qh4n0pBob7DxvtzwmUixIz9nKQ2LP2hVWpyieKa iZmuYdWKf2GKCol7h7ib8YKdhwGTa0q6Y7UbhKjA4bdnUqNFBjA3xl1IsPG8QPmEWD4gKOtc6 H9IDps1ZjOczC4cmLtCsCTuzHiTKNjD2n0NY41Mt906U9MwpqQ5Ah7RTjyA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/1j_kWlrKlWrWD4XCaBdZYxOD5t4>
Cc: Rob.Coombs@arm.com, saag <saag@ietf.org>
Subject: Re: [saag] Open Trust Protocol
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2016 16:37:36 -0000
Hi Ira, they were developed independently with OTrP being a combination of PKI based architecture and a simplified design using state-of-the-art IETF protocols (based on work done in the JOSE working group). OTrP may be attractive to IoT use cases that want to use hardware security technology and leans on deployed architectures with a focus on low protocol complexity. OTrP was designed to be compatible with TEE but could be used for other technologies as well. I put my co-worker Rob on CC since he is participates in Global Platform while I don't. Ciao Hannes On 07/25/2016 07:58 PM, Ira McDonald wrote: > Hi Hannes, > > Could you comment on the relationship between this Open > Trust Protocol (OTrP) and the Global Platform TEE Management > Framework spec (meant to do similar things, I think) that just > finished a public review phase on 20 June 2016? > > I was aware of the GP TMF because the Trusted Computing > Group mobile work groups (MPWG and TMS) were asked to > write comments. > > Cheers, > - Ira > > > Ira McDonald (Musician / Software Architect) > Co-Chair - TCG Trusted Mobility Solutions WG > Chair - Linux Foundation Open Printing WG > Secretary - IEEE-ISTO Printer Working Group > Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG > IETF Designated Expert - IPP & Printer MIB > Blue Roof Music / High North Inc > http://sites.google.com/site/blueroofmusic > http://sites.google.com/site/highnorthinc > mailto: blueroofmusic@gmail.com <mailto:blueroofmusic@gmail.com> > Winter 579 Park Place Saline, MI 48176 734-944-0094 > Summer PO Box 221 Grand Marais, MI 49839 906-494-2434 > > > On Mon, Jul 25, 2016 at 12:55 PM, Hannes Tschofenig > <hannes.tschofenig@gmx.net <mailto:hannes.tschofenig@gmx.net>> wrote: > > Hi all, > > FYI: I had planned to talk about the 'Open Trust Protocol' in the T2TRG > meeting but unfortunately due to the lack of time this was not possible. > Hence, I am sending an email around instead. > > The Open Trust Protocol (OTrP) allows to install, update, and delete > applications and to manage security configuration in a Trusted > Execution Environment (TEE). > > TEEs are used in environments where security functionality should be > isolated from a regular operating system (often called rich OS). > This form of compartmentalization grants a smaller codebase access to > security sensitive services and restricts communication from the rich > OS to those security services via mediated access. > > Here is the draft: > https://tools.ietf.org/html/draft-pei-opentrustprotocol-01 > > Here are my slides: > https://github.com/t2trg/2016-ietf96/blob/master/slides/70_OTrP-IETF93.pdf > > Please let me know if you find this work interesting and have further > questions. > > Ciao > Hannes > > > > > > > _______________________________________________ > saag mailing list > saag@ietf.org <mailto:saag@ietf.org> > https://www.ietf.org/mailman/listinfo/saag > >
- Re: [saag] Open Trust Protocol Ira McDonald
- [saag] Open Trust Protocol Hannes Tschofenig
- Re: [saag] Open Trust Protocol Watson Ladd
- Re: [saag] Open Trust Protocol Hannes Tschofenig