[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: discussion of attested Get in today's TC call
For the discussion of attested Get, I’d like to begin with the proposal that Kelley submitted in July (also attached). The issue that the proposal is addressing is:
In some scenarios the KMIP server may want assurance of the integrity of the client’s system before returning the requested Managed Object (e.g. TCG integrity reports). Additionally, the server may want a guarantee of the freshness of the integrity measurement
In summary, the doc proposes the following 4-pass model with 2 new operations, one of which has 2 new attributes:
1. The client sends a Get Challenge request to the server (with optional unique id and attribute name).
2. The server returns a Get Challenge response to the client with required Challenge managed object (random nonce).
3. The client sends a Get with Measurement request for a managed object (with optional Measurement Credential byte string or Assertion byte string to the server)
4. The server returns a Get Challenge response to the client with the Managed Object
Kelley and I have discussed at least several alternatives that the TC could consider:
- Instead of new Get Challenge operation, use the Get Random being developed for the crypto proposal
- Instead of the Measurement Credential / Assertion byte strings, use existing Secret Data object.
- Instead of new Get with Measurement request, include optional Attestation attribute on Get (with either Secret Data or Measurement Credential / Assertion)
Looking forward to discussing this topic today!
I was looking at using the RNG Retrieve request from Tim’s Crypto Profile proposal. We would need to have a way of tying the request for random to the subsequent Get request, like an additional field in the RNG Retrieve request where the client could identify which key he will be issuing a Get request for later.
Hi kelley -
I don’t mind at all if you want to discuss the proposal this week – sorry I’ll miss it. Are you thinking to add some new objects and operations to the spec? I’ve been trying to figure out how to do attestation without changing the spec – seems hard.
Hi Kelley –
I finally got back to the proposal you wrote up in July – it looks great for the initial discussion with the TC. So if it’s ok with you, I’ll go ahead and walk through it with folks tomorrow night, review a couple of alternatives for the objects and operations, and see where to go from there. I can follow up with you afterwards – I’ll send you an email on Friday, and we can decide how to carry it forward.
Sound good? Or would you rather push out the discussion a week, until you’re available?
Hi Kelley –
I should be able to send you a first write-up tomorrow evening on the attestation on get, for our KMIP call this week – sorry not to have gotten to this over the weekend!