From ec1ba6a146c21516b9bfcc68f64f649fb2d93ca9 Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Wed, 6 Dec 2023 06:52:51 +0000 Subject: [PATCH 01/37] Describe case where env-map has class & instance --- draft-ietf-rats-corim.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 89b7b43d..2688f396 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1656,14 +1656,17 @@ A Reference Value consists of an `environment-map` plus a `measurement-map`. In Reference Values are represented more compactly by letting one `environment-map` apply to multiple `measurement-map`s. -The Verifier first looks for entries in the Accepted Claims Set with the same -`environment-map` as the Reference Value. These are the candidate claims. If there are +The Verifier first looks for entries in the Accepted Claims Set with an +`environment-map` which is compatible with the Reference Value. +These are the candidate claims. If there are no candidate claims then the Reference Value does not match. -A Verifier SHALL compare two `environment-map`s using a binary comparison of the CBOR -encoded objects. +An ACS entry has a compatible `environment-map` if each field which is present +in the Reference Value environment-map (for example `class`, `instance` etc.) +is also present in the ACS entry, and the CBOR encoded field values in the Reference Value and ACS entry are binary identical. +If a field is not present in the Reference value then the presence of, and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are compatible. -A Verifier SHOULD convert `environment-map` into a form which meets CBOR Core +A Verifier SHOULD convert `environment-map` fields into a form which meets CBOR Core Deterministic Encoding Requirements {{-cbor}} before performing the binary comparison. If the Reference Value contains an `authorized-by` field then the Verifier From 7d58e37f4b104da6206b6295a187221591fe530e Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Wed, 20 Dec 2023 15:01:06 +0000 Subject: [PATCH 02/37] Respond to comments --- draft-ietf-rats-corim.md | 96 ++++++++++++++++++++++------------------ 1 file changed, 53 insertions(+), 43 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 2688f396..49a97924 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1645,77 +1645,87 @@ all Endorsements in the group are silently ignored. Each group is processed independently of other groups. If a group fails to match the Accepted Claims Set then this does not affect the processing of other groups. -#### Matching a Reference Value against the Accepted Claims Set {#sec-match-one-ref-val} - -This section describes how a Reference Value is matched against Evidence in the Accepted -Claims Set. -If any part of the processing indicates that the Reference Value does not match then the remaining steps in this section are skipped for that group. - -A Reference Value consists of an `environment-map` plus a `measurement-map`. In the -`reference-triple-record` these are encoded together. In other triples multiple -Reference Values are represented more compactly by letting one `environment-map` -apply to multiple `measurement-map`s. - -The Verifier first looks for entries in the Accepted Claims Set with an -`environment-map` which is compatible with the Reference Value. -These are the candidate claims. If there are -no candidate claims then the Reference Value does not match. - -An ACS entry has a compatible `environment-map` if each field which is present -in the Reference Value environment-map (for example `class`, `instance` etc.) -is also present in the ACS entry, and the CBOR encoded field values in the Reference Value and ACS entry are binary identical. -If a field is not present in the Reference value then the presence of, and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are compatible. - -A Verifier SHOULD convert `environment-map` fields into a form which meets CBOR Core -Deterministic Encoding Requirements {{-cbor}} before performing the binary comparison. - -If the Reference Value contains an `authorized-by` field then the Verifier -SHALL modify the candidate claims set to remove Claims whose `authorized-by` -field does not contain one of the keys listed in the Reference Value +#### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-ref-val} + +[^issue]: There were two interpretations of the meaning of `Reference Value` and the adopted +meaning does not match the version in the current text. I will submit a further PR to replace +most uses of "Reference Value" in section 5 with "stateful environment". +Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/178 + +This section describes how a stateful environment is matched against Evidence in the +Accepted Claims Set. +If any part of the processing indicates that the stateful environment does not match +then the remaining steps in this section are skipped for that conditional endorsement. + +A stateful environment consists of an `environment-map` plus a `measurement-map`. +In `conditional-endorsement-triple-record` and `mec-endorsement-triple-record` these are encoded together. +In other triples multiple stateful environments are represented more compactly by +letting one `environment-map` apply to multiple `measurement-map`s. + +The Verifier initialises its temporary `candidate entries` variable with all entries in the +Accepted Claims Set (ACS) where the stateful enviromnment `environment-map` is a subset +of the ACS `environment-map`. + +If there are no candidate entries then the triple containing the stateful environment does not match. + +A stateful environment `environment-map` is a subset of an ACS entry `environment-map` +if each field which is present in the stateful environment `environment-map` +(for example `class`, `instance` etc.) +is also present in the ACS entry, and the CBOR encoded field values in the stateful environment and +ACS entry are binary identical. +If a field is not present in the stateful environment `environment-map` then the presence of, +and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are subsets. + +Before performing the binary comparison, a Verifier SHOULD convert `environment-map` fields into +a form which meets CBOR Core Deterministic Encoding Requirements {{-cbor}}. + +If the stateful environment contains an `authorized-by` field then the Verifier +SHALL modify the candidate entries to remove entries whose `authorized-by` +field does not contain one of the keys listed in the stateful environment `authorized-by` field (see {{sec-authorized-by}} for more details). -If all candidate claim entries are discarded by this step then the -Reference Value does not match. +If all candidate entries are discarded by this step then the +stateful environment does not match. The Verifier SHALL iterate over the codepoints which are present in the -`measurement-values-map` field within the Reference Value `measurement-values-map`. -The Reference Value entry is compared against each of the candidate claims. -If none of the candidate claims matches -the Reference Value entry then the Reference Value does not match. +`measurement-values-map` field within the stateful environment `measurement-values-map`. +The stateful environment entry is compared against each of the candidate entries. +If none of the candidate entries matches +the stateful environment entry then the stateful environment does not match. The algorithm used to match the `measurement-values-map` entries is described below. The comparison performed depends on the type of field being compared. -If the Reference Value `measurement-values-map` value is tagged with a CBOR +If the stateful environment `measurement-values-map` value is tagged with a CBOR tag {{-cbor}} then the Verifier MUST use the comparison algorithm associated with that tag. -If the Reference Value is not tagged then the Verifier MUST use the comparison +If the stateful environment is not tagged then the Verifier MUST use the comparison algorithm associated with the `measurement-values-map` codepoint for the entry. -This specification defines the matching algorithm for some CBOR tagged reference -values, which is described in sub-sections below. +This specification defines the matching algorithm for some CBOR tagged stateful environments, +which is described in sub-sections below. A CoRIM profile may define additional tags and their matching algorithms. -If the Verifier does not recognize the Reference Value CBOR tag value then -the Reference Value does not match. +If the Verifier does not recognize the stateful environment CBOR tag value then +the stateful environment does not match. -If the Reference Value is not tagged and the measurement-value-map key is a +If the stateful environment is not tagged and the measurement-value-map key is a value with handling described in the sub-sections below, then the algorithm appropriate to that key is used to match the entries. -If the Reference Value is not tagged, and the `measurement-values-map` key +If the stateful environment is not tagged, and the `measurement-values-map` key is not a value described below, then the entries are compared using binary comparison of their CBOR encoded values. If the values -are not binary identical then the Reference Value does not match. +are not binary identical then the stateful environment does not match. Note that while specifications may extend the matching semantics using CBOR tags, there is no way to extend the matching semantics of keys. Any new keys requiring non-default comparison must add a CBOR tag to the Reference Value describing the desired behaviour. -If all checks above have been performed successfully then the Reference Value +If all checks above have been performed successfully then the stateful environment matches. ##### Comparison for svn entries From 3e08bc556d1b2a126f403d14ad6325402bcdbf43 Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Wed, 20 Dec 2023 15:23:19 +0000 Subject: [PATCH 03/37] Textual changes --- draft-ietf-rats-corim.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 49a97924..9aca13c3 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1669,9 +1669,9 @@ of the ACS `environment-map`. If there are no candidate entries then the triple containing the stateful environment does not match. A stateful environment `environment-map` is a subset of an ACS entry `environment-map` -if each field which is present in the stateful environment `environment-map` -(for example `class`, `instance` etc.) -is also present in the ACS entry, and the CBOR encoded field values in the stateful environment and +if each field (for example `class`, `instance` etc.) which is present in the +stateful environment `environment-map` is also present in the ACS entry, +and the CBOR encoded field values in the stateful environment and ACS entry are binary identical. If a field is not present in the stateful environment `environment-map` then the presence of, and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are subsets. From a03572b00cf60d42cf469b1af173948e0569e611 Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Mon, 8 Jan 2024 21:55:45 +0000 Subject: [PATCH 04/37] Rewrite description of triple processing to match recent discussions --- draft-ietf-rats-corim.md | 171 ++++++++++++++++----------------------- 1 file changed, 71 insertions(+), 100 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 9aca13c3..f389939a 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1591,142 +1591,113 @@ The Verifier SHOULD set the `authorized-by` field in Accepted Claims Set entries to a format which contains only a key, for example the `tagged-cose-key-type` format. Using a common format makes it easier to compare the field. -## Accepted Claims Set extension using CoMID tags or triples +## Accepted Claims Set extension using CoMID triples -In the Accepted Claims Set extension phase, a CoRIM Appraisal Context and -an Evidence Appraisal Policy are used by the Verifier to find CoMID tags or triples which -match the Attester. Tags/triples which match are accepted, and the Accepted Claims Set -is extended using Endorsements etc. from the accepted tags. +In the Accepted Claims Set extension phase, a CoRIM Appraisal Context and an Evidence Appraisal Policy are used by the Verifier to find CoMID tags or triples which match the ACS. +Tags/triples which match are accepted, and the Accepted Claims Set is extended using Endorsements etc. from the accepted tags. -[^issue]: Content missing. Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/136 +Each triple is processed independently of other triples. +If any triple within the CoRIM Appraisal Context does not match the Accepted Claims Set then ACS extensions in that triple are not processed. +If a triple does not match the ACS then this does not affect whether the Verifier tries to match other triples against the ACS. -### Comparing and processing CoMID tags or triples +Note that the order of triples processing is important. Processing a triple may result in modifications to the ACS which allow other triples to match the modified ACS. +The Verifier SHOULD ensure that it processes triples in the correct order (for example by processing all triples which match against a particular ACS entry or environment after that ACS entry has been modified). -[^issue]: Content missing. Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/136 +### Processing Reference Values Triple -### Matching Evidence against Reference Values +A Reference Value Provider (RVP) may publish Reference Values, which are reviewed to determine if they are contained in the Accepted Claims Set (ACS). +The authority of the RVP is added to all ACS entries which match the Reference Values triple. -An Endorser may use CoMID tags to publish Conditional Endorsements, which -are added to the Accepted Claims Set only if specified conditions apply. -This section describes the process performed by the Verifier to determine -which Conditional Endorsements from the candidate CoMIDs should be added -to the Accepted Claims Set. +For each Reference Value triple, the verifier compares each `reference-triple-record` against ACS entries as described in {{sec-match-one-se}}, using a `stateful-environment-record` created from the fields in `reference-triple-record`. +If all `reference-triple-record`s match the ACS then the authority which signed the triple shall be added to the `authorized-by` field of each ACS entry which matched. -The verifier checks whether Conditional Endorsements are applicable by -comparing Evidence in the Accepted Claims Set against Reference Values -from the CoMID. These Reference Values may be provided as Reference Value -Triples or may be combined with the Endorsements, for example as the -Conditional Endorsement Series Triple. +TODO: Is this really what we want? I think this description might not work as expected if there are partial matches. +Might it be better to add a new ACS entry built from the contents of the reference triple record. -The following subsections describe how the CoRIM tells the verifier which -Reference Values and Endorsed Values are grouped together ({{sec-grouping-ref-vals}}) -and how the verifier matches a Reference Value against the Accepted Claims Set -({{sec-match-all-ref-vals}}). +If any `reference-triple-record` in the Reference Value triple does not match the ACS then the entire triple is ignored. -#### Grouping Reference Values and Endorsements {#sec-grouping-ref-vals} +### Processing Endorsed Value Triple -> This paragraph will be replaced by a description of how the CoRIM tells the -verifier which Reference Values and Endorsed Values are grouped together. +[^issue]: Content missing. Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/179 -[^issue]: Need to get agreement on how group membership is encoded. Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/136 +### Processing triples representing Conditional Endorsements -[^issue]: Need to describe how to match conditional endorsements. Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/80 +An Endorser may use CoMID tags to publish Conditional Endorsements, which are added to the Accepted Claims Set only if specified conditions apply. +This section describes the process performed by the Verifier to determine which Conditional Endorsements from the candidate CoMIDs should be added to the ACS. -#### Matching all Reference Values in a group against the Accepted Claims Set {#sec-match-all-ref-vals} +The verifier checks whether Conditional Endorsements are applicable by comparing Evidence in the Accepted Claims Set against expected values provided in `stateful-environment-record` object which are part of the triple. -If all Reference Values in a group match entries in the Accepted Claims Set -then all Endorsements in the group are added to the Accepted Claims Set -(see {{sec-add-to-acs}}). {{sec-match-one-ref-val}} describes how one -Reference Value is matched against the Accepted Claims Set. +#### Processing Conditional Endorsement Triple -If any Reference Value in a group does not match the Accepted Claims Set then -all Endorsements in the group are silently ignored. +For each Conditional Endorsement Triple the Verifier compares the `stateful-environment-record` field in the triple against the ACS (see {{sec-match-one-se}}). -Each group is processed independently of other groups. If a group fails to match -the Accepted Claims Set then this does not affect the processing of other groups. +If the stateful environment matches then the Verifier adds an Endorsement entry to the ACS (see {{sec-add-to-acs}}). +The endorsement is created from the `environment-map` and the `measurement-values-map` field in the triple, and the authority which signed the tag containing the Conditional Endorsement Triple. -#### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-ref-val} +#### Processing Multi-Environment Conditional (MEC) Endorsement Triple + +For each MEC Endorsement Triple the Verifier compares each of the `stateful-environment-record` fields from the `cond` field in the triple against the ACS (see {{sec-match-one-se}}). + +If every stateful environment matches then the Verifier adds an Endorsement entry to the ACS (see {{sec-add-to-acs}}) for each `endorsed-triple-record` in the `endorsements` field. +Each endorsement is created from the `endorsed-triple-record` and the authority which signed the tag containing the MEC Endorsement Triple. + +#### Processing Conditional Endorsement Series Triple -[^issue]: There were two interpretations of the meaning of `Reference Value` and the adopted -meaning does not match the version in the current text. I will submit a further PR to replace -most uses of "Reference Value" in section 5 with "stateful environment". -Tracked at https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/178 +For each Conditional Endorsement Series Triple the Verifier matches the triple in two steps. +The first step compares the `stateful-environment-record` field in the triple against the ACS (see {{sec-match-one-se}}). If this matches then the Verifier performs the second step. -This section describes how a stateful environment is matched against Evidence in the -Accepted Claims Set. -If any part of the processing indicates that the stateful environment does not match -then the remaining steps in this section are skipped for that conditional endorsement. +The second step steps through the `conditional-series-record`s in order, comparing each of them against the ACS, using a temporary stateful environment created from the `environment-map` in step one and the `refv` field. +The second step stops if a match is detected. + +If the second step matches then the Verifier adds an Endorsement entry to the ACS. +This endorsement is created from the `environment-map` field in `stateful-environment-record`, the `endv` field from the match detected in the second step and the authority which signed the tag containing the Conditional Endorsement Series Triple. + +#### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-ref-val} -A stateful environment consists of an `environment-map` plus a `measurement-map`. -In `conditional-endorsement-triple-record` and `mec-endorsement-triple-record` these are encoded together. -In other triples multiple stateful environments are represented more compactly by -letting one `environment-map` apply to multiple `measurement-map`s. +This section describes how a stateful environment is matched against Evidence in the Accepted Claims Set. +If any part of the processing indicates that the stateful environment does not match then the remaining steps in this section are skipped for that stateful environment. -The Verifier initialises its temporary `candidate entries` variable with all entries in the -Accepted Claims Set (ACS) where the stateful enviromnment `environment-map` is a subset -of the ACS `environment-map`. +A stateful environment consists of an `environment-map` plus a `measurement-map` which are processed separately. + +The Verifier initializes its temporary "candidate entries" variable with all entries in the Accepted Claims Set (ACS) where the stateful enviromnment `environment-map` is a subset of the ACS `environment-map`. If there are no candidate entries then the triple containing the stateful environment does not match. -A stateful environment `environment-map` is a subset of an ACS entry `environment-map` -if each field (for example `class`, `instance` etc.) which is present in the -stateful environment `environment-map` is also present in the ACS entry, -and the CBOR encoded field values in the stateful environment and -ACS entry are binary identical. -If a field is not present in the stateful environment `environment-map` then the presence of, -and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are subsets. - -Before performing the binary comparison, a Verifier SHOULD convert `environment-map` fields into -a form which meets CBOR Core Deterministic Encoding Requirements {{-cbor}}. - -If the stateful environment contains an `authorized-by` field then the Verifier -SHALL modify the candidate entries to remove entries whose `authorized-by` -field does not contain one of the keys listed in the stateful environment -`authorized-by` field (see {{sec-authorized-by}} for more details). -If all candidate entries are discarded by this step then the -stateful environment does not match. - -The Verifier SHALL iterate over the codepoints which are present in the -`measurement-values-map` field within the stateful environment `measurement-values-map`. +A stateful environment `environment-map` is a subset of an ACS entry `environment-map` if each field (for example `class`, `instance` etc.) which is present in the stateful environment `environment-map` is also present in the ACS entry, and the CBOR encoded field values in the stateful environment and ACS entry are binary identical. +If a field is not present in the stateful environment `environment-map` then the presence of, and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are subsets. + +Before performing the binary comparison, a Verifier SHOULD convert `environment-map` fields into a form which meets CBOR Core Deterministic Encoding Requirements {{-cbor}}. + +If the stateful environment contains an `authorized-by` field then the Verifier SHALL modify the candidate entries to remove entries whose `authorized-by` field does not contain one of the keys listed in the stateful environment `authorized-by` field (see {{sec-authorized-by}} for more details). +If all candidate entries are discarded by this step then the stateful environment does not match. + The stateful environment entry is compared against each of the candidate entries. -If none of the candidate entries matches -the stateful environment entry then the stateful environment does not match. +If none of the candidate entries matches the stateful environment entry then the stateful environment does not match. + +For each of the candidate entries, the Verifier SHALL iterate over the codepoints which are present in the `measurement-values-map` field (referred to as the "MVM codepoints" below) within the stateful environment `measurement-map`. -The algorithm used to match the `measurement-values-map` entries -is described below. The comparison performed depends on the type of -field being compared. +The algorithm used to match the MVM codepoints is described below. +The comparison performed depends on the value of the codepoint being compared and whether the `measurement-values-map` value associated with that codepoint is tagged. -If the stateful environment `measurement-values-map` value is tagged with a CBOR -tag {{-cbor}} then the Verifier MUST use the comparison algorithm associated -with that tag. +If the stateful environment `measurement-values-map` value is tagged with a CBOR tag {{-cbor}} then the Verifier MUST use the comparison algorithm associated with that tag. -If the stateful environment is not tagged then the Verifier MUST use the comparison -algorithm associated with the `measurement-values-map` codepoint for the entry. +If the value is not tagged then the Verifier MUST use the comparison algorithm associated with the `measurement-values-map` codepoint for the entry. -This specification defines the matching algorithm for some CBOR tagged stateful environments, -which is described in sub-sections below. +This specification defines the matching algorithm for some codepoints and CBOR tagged values, which are described in sub-sections below. A CoRIM profile may define additional tags and their matching algorithms. -If the Verifier does not recognize the stateful environment CBOR tag value then -the stateful environment does not match. +If the Verifier does not recognize the stateful environment CBOR tag value then the stateful environment does not match. -If the stateful environment is not tagged and the measurement-value-map key is a -value with handling described in the sub-sections below, -then the algorithm appropriate to that key is used to match the entries. +If the stateful environment is not tagged and the measurement-value-map key is a value with handling described in the sub-sections below, then the algorithm appropriate to that key is used to match the entries. -If the stateful environment is not tagged, and the `measurement-values-map` key -is not a value described below, then the entries are compared -using binary comparison of their CBOR encoded values. If the values -are not binary identical then the stateful environment does not match. +If the stateful environment is not tagged, and the `measurement-values-map` key is not a value described below, then the entries are compared using binary comparison of their CBOR encoded values. +If the values are not binary identical then the stateful environment does not match. -Note that while specifications may extend the matching semantics using CBOR tags, -there is no way to extend the matching semantics of keys. -Any new keys requiring non-default comparison must add a CBOR tag to the -Reference Value describing the desired behaviour. +Note that while specifications may extend the matching semantics using CBOR tags, there is no way to extend the matching semantics of codepoints. +Any new codepoints requiring non-default comparison must add a CBOR tag to the Reference Value describing the desired behaviour. -If all checks above have been performed successfully then the stateful environment -matches. +If all checks above have been performed successfully then the stateful environment matches. ##### Comparison for svn entries From e6ce2f7315bb23e86418cbd2783a1204f4850927 Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Tue, 9 Jan 2024 10:01:05 +0000 Subject: [PATCH 05/37] Fix build failure and some typos --- draft-ietf-rats-corim.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index f389939a..de5289ff 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1625,7 +1625,7 @@ If any `reference-triple-record` in the Reference Value triple does not match th An Endorser may use CoMID tags to publish Conditional Endorsements, which are added to the Accepted Claims Set only if specified conditions apply. This section describes the process performed by the Verifier to determine which Conditional Endorsements from the candidate CoMIDs should be added to the ACS. -The verifier checks whether Conditional Endorsements are applicable by comparing Evidence in the Accepted Claims Set against expected values provided in `stateful-environment-record` object which are part of the triple. +The verifier checks whether Conditional Endorsements are applicable by comparing Accepted Claims Set entries against expected values provided in `stateful-environment-record` object which are part of the triple. #### Processing Conditional Endorsement Triple @@ -1652,9 +1652,9 @@ The second step stops if a match is detected. If the second step matches then the Verifier adds an Endorsement entry to the ACS. This endorsement is created from the `environment-map` field in `stateful-environment-record`, the `endv` field from the match detected in the second step and the authority which signed the tag containing the Conditional Endorsement Series Triple. -#### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-ref-val} +#### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-se} -This section describes how a stateful environment is matched against Evidence in the Accepted Claims Set. +This section describes how a stateful environment is matched against an Accepted Claims Set entry. If any part of the processing indicates that the stateful environment does not match then the remaining steps in this section are skipped for that stateful environment. A stateful environment consists of an `environment-map` plus a `measurement-map` which are processed separately. @@ -1675,8 +1675,15 @@ The stateful environment entry is compared against each of the candidate entries If none of the candidate entries matches the stateful environment entry then the stateful environment does not match. For each of the candidate entries, the Verifier SHALL iterate over the codepoints which are present in the `measurement-values-map` field (referred to as the "MVM codepoints" below) within the stateful environment `measurement-map`. +Each of the codepoints present in the stateful environment is compared againt the candidate entry. -The algorithm used to match the MVM codepoints is described below. +If any codepoint present in the stateful environment `measurement-values-map` doesn't match the same codepoint within the candidate entry then the stateful environment does not match. + +If all checks above have been performed successfully then the stateful environment matches. + +#### Matching a single codepoint in two measurement-value-maps {#sec-match-one-codepoint} + +The algorithm used to match the MVM codepoints is described in this section. The comparison performed depends on the value of the codepoint being compared and whether the `measurement-values-map` value associated with that codepoint is tagged. If the stateful environment `measurement-values-map` value is tagged with a CBOR tag {{-cbor}} then the Verifier MUST use the comparison algorithm associated with that tag. @@ -1697,8 +1704,6 @@ If the values are not binary identical then the stateful environment does not ma Note that while specifications may extend the matching semantics using CBOR tags, there is no way to extend the matching semantics of codepoints. Any new codepoints requiring non-default comparison must add a CBOR tag to the Reference Value describing the desired behaviour. -If all checks above have been performed successfully then the stateful environment matches. - ##### Comparison for svn entries The value stored under `measurement-values-map` key 1 is an SVN, which must From 69501b881a3d07669376d71b3e4d0eed7959d546 Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Thu, 11 Jan 2024 11:31:21 +0000 Subject: [PATCH 06/37] Update based on review comments --- draft-ietf-rats-corim.md | 81 ++++++++++++++++++++-------------------- 1 file changed, 40 insertions(+), 41 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index de5289ff..f79ae9bf 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1213,11 +1213,11 @@ matched. The series object is an array of `conditional-series-record` that has both Reference and Endorsed Values. Each `conditional-series-record` record is evaluated in the order it appears in the series array. -The Endorsed Values are accepted if the Reference Values in a `conditional-series-record` matches Evidence. -The first `conditional-series-record` that successfully matches Evidence terminates the series and -the matching Reference Values as well as the Endorsed Values are accepted. -If none of the Reference Values in the series match Evidence, the triple is not matched, -and no Claims are accepted. +The Endorsed Values are accepted if the series condition in a `conditional-series-record` matches the ACS. +The first `conditional-series-record` that successfully matches an ACS Entry terminates +the matching and the corresponding Endorsed Values are accepted. +If none of the series conditions match an ACS Entry, the triple is not matched, +and no Endorsed values are accepted. The `authorized-by` value in `measurement-map` in the stateful environment, if present, applies to all measurements in the triple, including `conditional-series-record` records. @@ -1331,7 +1331,7 @@ The verification procedure is divided into three separate phases: * Appraisal Context initialisation * Evidence collection -* Evidence appraisal +* Accepted Claims Set Augmentation At a few well-defined points in the procedure, the Verifier behaviour will depend on the specific CoRIM profile. @@ -1591,28 +1591,32 @@ The Verifier SHOULD set the `authorized-by` field in Accepted Claims Set entries to a format which contains only a key, for example the `tagged-cose-key-type` format. Using a common format makes it easier to compare the field. -## Accepted Claims Set extension using CoMID triples +## Accepted Claims Set augmentation using CoMID triples -In the Accepted Claims Set extension phase, a CoRIM Appraisal Context and an Evidence Appraisal Policy are used by the Verifier to find CoMID tags or triples which match the ACS. -Tags/triples which match are accepted, and the Accepted Claims Set is extended using Endorsements etc. from the accepted tags. +In the Accepted Claims Set augmentation phase, a CoRIM Appraisal Context and an Evidence Appraisal Policy are used by the Verifier to find CoMID triples which match the Accepted Claims Set (ACS). +Triples which match are accepted, and the Accepted Claims Set is extended with Endorsements from these triples. Each triple is processed independently of other triples. -If any triple within the CoRIM Appraisal Context does not match the Accepted Claims Set then ACS extensions in that triple are not processed. If a triple does not match the ACS then this does not affect whether the Verifier tries to match other triples against the ACS. -Note that the order of triples processing is important. Processing a triple may result in modifications to the ACS which allow other triples to match the modified ACS. -The Verifier SHOULD ensure that it processes triples in the correct order (for example by processing all triples which match against a particular ACS entry or environment after that ACS entry has been modified). +### Ordering of triple processing + +Triples interace with the ACS by either matching against ACS entries or by modifying or adding AES entries. +The `environment-map` field is used to select the AES entries to match or modify. + +The order of triples processing is important. Processing a triple may result in ACS modifications which allow other triples to match the modified ACS. + +The Verifier MUST ensure that all triples which include a particular `environment-map` in their matching specification are processed after triples which modify or add an ACS entry with that `environment-map`. + +This can be acheived by sorting the triples before processing, by repeating processing of some triples after ACS modifications or by other algorithms. ### Processing Reference Values Triple -A Reference Value Provider (RVP) may publish Reference Values, which are reviewed to determine if they are contained in the Accepted Claims Set (ACS). +A Reference Value Provider publishes Reference Values, which are matched against the Accepted Claims Set (ACS). The authority of the RVP is added to all ACS entries which match the Reference Values triple. -For each Reference Value triple, the verifier compares each `reference-triple-record` against ACS entries as described in {{sec-match-one-se}}, using a `stateful-environment-record` created from the fields in `reference-triple-record`. -If all `reference-triple-record`s match the ACS then the authority which signed the triple shall be added to the `authorized-by` field of each ACS entry which matched. - -TODO: Is this really what we want? I think this description might not work as expected if there are partial matches. -Might it be better to add a new ACS entry built from the contents of the reference triple record. +The Verifier compares each `reference-triple-record` against ACS entries as described in {{sec-match-one-se}}, using a `stateful-environment-record` created from the fields in `reference-triple-record`. +If all `reference-triple-record`s match the ACS then the Verifier MUST add the authority which signed the CoRIM file containing the triple to the `authorized-by` field of each `measurement-values-map` codepoint which matched. If any `reference-triple-record` in the Reference Value triple does not match the ACS then the entire triple is ignored. @@ -1631,59 +1635,54 @@ The verifier checks whether Conditional Endorsements are applicable by comparing For each Conditional Endorsement Triple the Verifier compares the `stateful-environment-record` field in the triple against the ACS (see {{sec-match-one-se}}). -If the stateful environment matches then the Verifier adds an Endorsement entry to the ACS (see {{sec-add-to-acs}}). -The endorsement is created from the `environment-map` and the `measurement-values-map` field in the triple, and the authority which signed the tag containing the Conditional Endorsement Triple. +If the stateful environment matches then the Verifier MUST add an Endorsement entry to the ACS (see {{sec-add-to-acs}}). +The endorsement is created from the `environment-map` and the `measurement-values-map` field in the triple, plus the authority which signed the CoRIM file containing the Conditional Endorsement Triple. #### Processing Multi-Environment Conditional (MEC) Endorsement Triple For each MEC Endorsement Triple the Verifier compares each of the `stateful-environment-record` fields from the `cond` field in the triple against the ACS (see {{sec-match-one-se}}). -If every stateful environment matches then the Verifier adds an Endorsement entry to the ACS (see {{sec-add-to-acs}}) for each `endorsed-triple-record` in the `endorsements` field. -Each endorsement is created from the `endorsed-triple-record` and the authority which signed the tag containing the MEC Endorsement Triple. +If every stateful environment matches then the Verifier MUST add an Endorsement entry to the ACS (see {{sec-add-to-acs}}) for each `endorsed-triple-record` in the `endorsements` field. +Each endorsement is created from the `endorsed-triple-record` and the authority which signed the CoRIM file containing the MEC Endorsement Triple. #### Processing Conditional Endorsement Series Triple -For each Conditional Endorsement Series Triple the Verifier matches the triple in two steps. -The first step compares the `stateful-environment-record` field in the triple against the ACS (see {{sec-match-one-se}}). If this matches then the Verifier performs the second step. +For each Conditional Endorsement Series Triple the Verifier iterates over the `conditional-series-record`s within the triple, stopping if it finds a match. -The second step steps through the `conditional-series-record`s in order, comparing each of them against the ACS, using a temporary stateful environment created from the `environment-map` in step one and the `refv` field. -The second step stops if a match is detected. +For each iteration, the Verifier creates a temporary `stateful-environment-record` by merging the `stateful-environment-record` in the triple with the `refv` field in the `conditional-series-record`. It compares this temporary record against the ACS (see {{sec-match-one-se}}). -If the second step matches then the Verifier adds an Endorsement entry to the ACS. -This endorsement is created from the `environment-map` field in `stateful-environment-record`, the `endv` field from the match detected in the second step and the authority which signed the tag containing the Conditional Endorsement Series Triple. +If one of the temporary records matches then the Verifier MUST add an Endorsement entry to the ACS. +This Endorsement is created from the `environment-map` field in `stateful-environment-record`, the `endv` field from the `conditional-series-record` which matched and the authority which signed the CoRIM file containing the Conditional Endorsement Series Triple. #### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-se} This section describes how a stateful environment is matched against an Accepted Claims Set entry. If any part of the processing indicates that the stateful environment does not match then the remaining steps in this section are skipped for that stateful environment. -A stateful environment consists of an `environment-map` plus a `measurement-map` which are processed separately. - -The Verifier initializes its temporary "candidate entries" variable with all entries in the Accepted Claims Set (ACS) where the stateful enviromnment `environment-map` is a subset of the ACS `environment-map`. - -If there are no candidate entries then the triple containing the stateful environment does not match. +The Verifier initializes a temporary "candidate entries" variable with all entries in the Accepted Claims Set (ACS) where the stateful enviromnment `environment-map` is a subset of the ACS `environment-map`. A stateful environment `environment-map` is a subset of an ACS entry `environment-map` if each field (for example `class`, `instance` etc.) which is present in the stateful environment `environment-map` is also present in the ACS entry, and the CBOR encoded field values in the stateful environment and ACS entry are binary identical. If a field is not present in the stateful environment `environment-map` then the presence of, and value of, the corresponding ACS entry field does not affect whether the `environment-map`s are subsets. Before performing the binary comparison, a Verifier SHOULD convert `environment-map` fields into a form which meets CBOR Core Deterministic Encoding Requirements {{-cbor}}. -If the stateful environment contains an `authorized-by` field then the Verifier SHALL modify the candidate entries to remove entries whose `authorized-by` field does not contain one of the keys listed in the stateful environment `authorized-by` field (see {{sec-authorized-by}} for more details). -If all candidate entries are discarded by this step then the stateful environment does not match. +If the stateful environment contains an `authorized-by` field then the Verifier SHALL remove all candidate entries whose `authorized-by` field does not contain one of the keys listed in the stateful environment `authorized-by` field (see {{sec-authorized-by}} for more details). + +If there are no candidate entries then the triple containing the stateful environment does not match. The stateful environment entry is compared against each of the candidate entries. -If none of the candidate entries matches the stateful environment entry then the stateful environment does not match. -For each of the candidate entries, the Verifier SHALL iterate over the codepoints which are present in the `measurement-values-map` field (referred to as the "MVM codepoints" below) within the stateful environment `measurement-map`. -Each of the codepoints present in the stateful environment is compared againt the candidate entry. +For each of the candidate entries, the Verifier SHALL iterate over the codepoints which are present in the `measurement-values-map` field within the stateful environment `measurement-map`. +Each of the codepoints present in the stateful environment is compared against the candidate entry. -If any codepoint present in the stateful environment `measurement-values-map` doesn't match the same codepoint within the candidate entry then the stateful environment does not match. +If any codepoint present in the stateful environment `measurement-values-map` does not match the same codepoint within the candidate entry `measurement-values-map` then the stateful environment does not match. If all checks above have been performed successfully then the stateful environment matches. +If none of the candidate entries match the stateful environment entry then the stateful environment does not match. -#### Matching a single codepoint in two measurement-value-maps {#sec-match-one-codepoint} +#### Matching a single `measurement-values-map` codepoint {#sec-match-one-codepoint} -The algorithm used to match the MVM codepoints is described in this section. +The algorithm used to match the `measurement-values-map` codepoints is described in this section. The comparison performed depends on the value of the codepoint being compared and whether the `measurement-values-map` value associated with that codepoint is tagged. If the stateful environment `measurement-values-map` value is tagged with a CBOR tag {{-cbor}} then the Verifier MUST use the comparison algorithm associated with that tag. From 89f865a268b1c23a02e09a2015d14f136107bd9c Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Thu, 11 Jan 2024 11:36:25 +0000 Subject: [PATCH 07/37] Fix lint --- draft-ietf-rats-corim.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index f79ae9bf..047ce200 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1214,8 +1214,7 @@ matched. The series object is an array of `conditional-series-record` that has both Reference and Endorsed Values. Each `conditional-series-record` record is evaluated in the order it appears in the series array. The Endorsed Values are accepted if the series condition in a `conditional-series-record` matches the ACS. -The first `conditional-series-record` that successfully matches an ACS Entry terminates -the matching and the corresponding Endorsed Values are accepted. +The first `conditional-series-record` that successfully matches an ACS Entry terminates the matching and the corresponding Endorsed Values are accepted. If none of the series conditions match an ACS Entry, the triple is not matched, and no Endorsed values are accepted. From 6c759f584f0280403b910053b8f7bf46dcff795b Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Tue, 16 Jan 2024 10:30:24 +0000 Subject: [PATCH 08/37] Fold in review comments --- draft-ietf-rats-corim.md | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 047ce200..088c5bfb 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1593,29 +1593,30 @@ format. Using a common format makes it easier to compare the field. ## Accepted Claims Set augmentation using CoMID triples In the Accepted Claims Set augmentation phase, a CoRIM Appraisal Context and an Evidence Appraisal Policy are used by the Verifier to find CoMID triples which match the Accepted Claims Set (ACS). -Triples which match are accepted, and the Accepted Claims Set is extended with Endorsements from these triples. +Triples that specify an ACS matching condition will augment the ACS with Endorsements if the condition is met. -Each triple is processed independently of other triples. -If a triple does not match the ACS then this does not affect whether the Verifier tries to match other triples against the ACS. +Each triple is processed independently of other triples. However, the ACS state may change as a result of processing a triple. +If a triple condition does not match, then the Verifier continues to process other triples. ### Ordering of triple processing -Triples interace with the ACS by either matching against ACS entries or by modifying or adding AES entries. -The `environment-map` field is used to select the AES entries to match or modify. +Triples interface with the ACS by either adding new ACS entries or by matching existing ACS entries before updating the ACS. +Most triples use an `environment-map` field to select the AES entries to match or modify. This field may be contained in an explicit matching condition, such as `stateful-environment-record`. -The order of triples processing is important. Processing a triple may result in ACS modifications which allow other triples to match the modified ACS. +The order of triples processing is important. Processing a triple may result in ACS modifications that affect matching behavior of other triples. -The Verifier MUST ensure that all triples which include a particular `environment-map` in their matching specification are processed after triples which modify or add an ACS entry with that `environment-map`. +The Verifier MUST ensure that a triple including a matching condition is processed after any other triple that modifies or adds an ACS entry with an `environment-map` that is in the matching condition. This can be acheived by sorting the triples before processing, by repeating processing of some triples after ACS modifications or by other algorithms. ### Processing Reference Values Triple -A Reference Value Provider publishes Reference Values, which are matched against the Accepted Claims Set (ACS). -The authority of the RVP is added to all ACS entries which match the Reference Values triple. +Reference Value Providers (RVP) publish Reference Values triples that are matched against ACS entries. +Reference Values may describe multiple acceptable states for Attesters; hence "matching" determines that Evidence (contained in the ACS) satisfies an appropriate subset of the available Reference Values. +If the appropriate subset matches, the authority of the RVP is added to the appropriate ACS entries. -The Verifier compares each `reference-triple-record` against ACS entries as described in {{sec-match-one-se}}, using a `stateful-environment-record` created from the fields in `reference-triple-record`. -If all `reference-triple-record`s match the ACS then the Verifier MUST add the authority which signed the CoRIM file containing the triple to the `authorized-by` field of each `measurement-values-map` codepoint which matched. +The Verifier compares each `reference-triple-record` against ACS entries as described in {{sec-match-one-se}}, where the `reference-triple-record` takes the place of a `stateful-environment-record`. +If all fields of the `reference-triple-record` match the ACS, then the Verifier MUST add the RVP authority to each matching ACS field. If any `reference-triple-record` in the Reference Value triple does not match the ACS then the entire triple is ignored. @@ -1625,7 +1626,7 @@ If any `reference-triple-record` in the Reference Value triple does not match th ### Processing triples representing Conditional Endorsements -An Endorser may use CoMID tags to publish Conditional Endorsements, which are added to the Accepted Claims Set only if specified conditions apply. +An Endorser may use CoMID tags to publish Conditional Endorsements, which are added to the Accepted Claims Set only if specified conditions are satisfied. This section describes the process performed by the Verifier to determine which Conditional Endorsements from the candidate CoMIDs should be added to the ACS. The verifier checks whether Conditional Endorsements are applicable by comparing Accepted Claims Set entries against expected values provided in `stateful-environment-record` object which are part of the triple. @@ -1634,15 +1635,15 @@ The verifier checks whether Conditional Endorsements are applicable by comparing For each Conditional Endorsement Triple the Verifier compares the `stateful-environment-record` field in the triple against the ACS (see {{sec-match-one-se}}). -If the stateful environment matches then the Verifier MUST add an Endorsement entry to the ACS (see {{sec-add-to-acs}}). -The endorsement is created from the `environment-map` and the `measurement-values-map` field in the triple, plus the authority which signed the CoRIM file containing the Conditional Endorsement Triple. +If the stateful environment matches, then the Verifier MUST add an Endorsement entry to the ACS (see {{sec-add-to-acs}}). +The Endorsement consists of the `measurement-values-map` field in the triple, plus the authority of the entity that signed the Conditional Endorsement Triple. #### Processing Multi-Environment Conditional (MEC) Endorsement Triple For each MEC Endorsement Triple the Verifier compares each of the `stateful-environment-record` fields from the `cond` field in the triple against the ACS (see {{sec-match-one-se}}). -If every stateful environment matches then the Verifier MUST add an Endorsement entry to the ACS (see {{sec-add-to-acs}}) for each `endorsed-triple-record` in the `endorsements` field. -Each endorsement is created from the `endorsed-triple-record` and the authority which signed the CoRIM file containing the MEC Endorsement Triple. +If every stateful environment matches a corresponding ACS entry, then the Verifier MUST add an Endorsement entry to the ACS (see {{sec-add-to-acs}}) for each `endorsed-triple-record` in the `endorsements` field. +Each Endorsement from the `endorsed-triple-record` includes the authority which signed the MEC Endorsement Triple. #### Processing Conditional Endorsement Series Triple @@ -1650,8 +1651,8 @@ For each Conditional Endorsement Series Triple the Verifier iterates over the `c For each iteration, the Verifier creates a temporary `stateful-environment-record` by merging the `stateful-environment-record` in the triple with the `refv` field in the `conditional-series-record`. It compares this temporary record against the ACS (see {{sec-match-one-se}}). -If one of the temporary records matches then the Verifier MUST add an Endorsement entry to the ACS. -This Endorsement is created from the `environment-map` field in `stateful-environment-record`, the `endv` field from the `conditional-series-record` which matched and the authority which signed the CoRIM file containing the Conditional Endorsement Series Triple. +If one of the temporary records matches then the Verifier MUST add the `endv` Endorsement entry to the ACS. +This Endorsement includes the authority which signed the Conditional Endorsement Series Triple. #### Matching a stateful environment against the Accepted Claims Set {#sec-match-one-se} From f1824f71f033216a07d79d183b9edb59f7b62cc1 Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Tue, 16 Jan 2024 11:01:59 +0000 Subject: [PATCH 09/37] Break apart multi-sentance lines --- draft-ietf-rats-corim.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 088c5bfb..cded25fb 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1595,15 +1595,18 @@ format. Using a common format makes it easier to compare the field. In the Accepted Claims Set augmentation phase, a CoRIM Appraisal Context and an Evidence Appraisal Policy are used by the Verifier to find CoMID triples which match the Accepted Claims Set (ACS). Triples that specify an ACS matching condition will augment the ACS with Endorsements if the condition is met. -Each triple is processed independently of other triples. However, the ACS state may change as a result of processing a triple. +Each triple is processed independently of other triples. +However, the ACS state may change as a result of processing a triple. If a triple condition does not match, then the Verifier continues to process other triples. ### Ordering of triple processing Triples interface with the ACS by either adding new ACS entries or by matching existing ACS entries before updating the ACS. -Most triples use an `environment-map` field to select the AES entries to match or modify. This field may be contained in an explicit matching condition, such as `stateful-environment-record`. +Most triples use an `environment-map` field to select the AES entries to match or modify. +This field may be contained in an explicit matching condition, such as `stateful-environment-record`. -The order of triples processing is important. Processing a triple may result in ACS modifications that affect matching behavior of other triples. +The order of triples processing is important. +Processing a triple may result in ACS modifications that affect matching behavior of other triples. The Verifier MUST ensure that a triple including a matching condition is processed after any other triple that modifies or adds an ACS entry with an `environment-map` that is in the matching condition. From a280a2a110a900abab27af272a44434c6ee1249f Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Fri, 1 Dec 2023 13:57:45 +0100 Subject: [PATCH 10/37] the MEC part of --- cddl/corim-frags.mk | 1 + cddl/mec-endorsement-triple-record.cddl | 4 +++ cddl/triples-map.cddl | 2 ++ draft-ietf-rats-corim.md | 41 +++++++++++++++++++++++++ 4 files changed, 48 insertions(+) create mode 100644 cddl/mec-endorsement-triple-record.cddl diff --git a/cddl/corim-frags.mk b/cddl/corim-frags.mk index a912975f..e4815339 100644 --- a/cddl/corim-frags.mk +++ b/cddl/corim-frags.mk @@ -14,6 +14,7 @@ COMID_FRAGS += coswid-triple-record.cddl COMID_FRAGS += crypto-key-type-choice.cddl COMID_FRAGS += domain-dependency-triple-record.cddl COMID_FRAGS += domain-membership-triple-record.cddl +COMID_FRAGS += mec-endorsement-triple-record.cddl COMID_FRAGS += domain-type-choice.cddl COMID_FRAGS += endorsed-triple-record.cddl COMID_FRAGS += entity-map.cddl diff --git a/cddl/mec-endorsement-triple-record.cddl b/cddl/mec-endorsement-triple-record.cddl new file mode 100644 index 00000000..b8f590ae --- /dev/null +++ b/cddl/mec-endorsement-triple-record.cddl @@ -0,0 +1,4 @@ +multi-env-conditional-endorsement-triple-record = [ + conds: [ + stateful-environment-record ] + actions: [ + stateful-environment-record ] +] diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl index b3d919dc..5dc8dfca 100644 --- a/cddl/triples-map.cddl +++ b/cddl/triples-map.cddl @@ -17,5 +17,7 @@ triples-map = non-empty<{ [ + conditional-endorsement-series-triple-record ] ? &(conditional-endorsement-triples: 9) => [ + conditional-endorsement-triple-record ] + ? &(mec-endorsement-triples: 10) => + [ + multi-env-conditional-endorsement-triple-record ] * $$triples-map-extension }> diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index cded25fb..5f9d1073 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1137,6 +1137,14 @@ the object relates to the subject. {::include cddl/endorsed-triple-record.cddl} ~~~ +#### Condition Values Triple + +A Condition Values Triple defines a set of operational state of an environment. If the corresponding values defined in its `measurement-map` are found in an Accepted Claims Set, corresponding endorsed values defined in a `multi-env-conditional-endorsement-triple-record` can be added to that Accepted Claims Set. + +~~~ cddl +{::include cddl/condition-triple-record.cddl} +~~~ + #### Device Identity Triple {#sec-comid-triple-identity} A Device Identity triple relates one or more cryptographic keys to a device. @@ -1186,6 +1194,39 @@ Evidence. {::include cddl/domain-membership-triple-record.cddl} ~~~ + + +#### Multi-Environment Conditional (MEC) Endorsements Triple {#sec-comid-triple-mec-endorsements} + +The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows: + +> "IF accepted state matches the `cond` value, THEN `env` is associated with the endorsed value(s) `ends`." + +~~~ cddl +{::include cddl/mec-endorsement-triple-record.cddl} +~~~ + +A `multi-env-conditional-endorsement-triple-record` has the following parameters: + +* `conds`: all target environments, along with a specific state, that need to match in order for the endorsement(s) to apply +* `actions`: TODO +* `env`: the environment to which the endorsed value (conditionally) applies +* `ends`: the endorsed value(s) associated with `env` + +All the entries in `cond` MUST match. + +The order in which MEC Endorsement triples are evaluated is important: different sorting may produce different end-results in the computed ACS. + +Therefore, the set of applicable MEC Endorsement triple MUST be topologically sorted based on the criterion that a MEC Endorsement triple is evaluated before another if its Target Environment and Endorsement pair is found in any of the stateful environments of the second triple. + +Notes: + +* In order to give the expected result, the condition must describe the expected context completely. +* The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester. + + + + #### CoMID-CoSWID Linking Triple {#sec-comid-triple-coswid} A CoSWID triple relates reference measurements contained in one or more CoSWIDs From 993dfa0a728e7c07d111ffd7746d8cc6eefef44a Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Fri, 1 Dec 2023 14:03:43 +0100 Subject: [PATCH 11/37] q --- cddl/mec-endorsement-triple-record.cddl | 2 +- cddl/triples-map.cddl | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/cddl/mec-endorsement-triple-record.cddl b/cddl/mec-endorsement-triple-record.cddl index b8f590ae..353580cc 100644 --- a/cddl/mec-endorsement-triple-record.cddl +++ b/cddl/mec-endorsement-triple-record.cddl @@ -1,4 +1,4 @@ multi-env-conditional-endorsement-triple-record = [ - conds: [ + stateful-environment-record ] + conds: [ + condition-triple-record ] actions: [ + stateful-environment-record ] ] diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl index 5dc8dfca..08555155 100644 --- a/cddl/triples-map.cddl +++ b/cddl/triples-map.cddl @@ -19,5 +19,7 @@ triples-map = non-empty<{ [ + conditional-endorsement-triple-record ] ? &(mec-endorsement-triples: 10) => [ + multi-env-conditional-endorsement-triple-record ] + ? &(condition-triples: 11) = + [ + condition-triple-record ] * $$triples-map-extension }> From fb8dec4cd82176dfd55813bfe3e53dfdda6288eb Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Fri, 1 Dec 2023 14:04:24 +0100 Subject: [PATCH 12/37] added condition-triple-record.cddl --- cddl/condition-triple-record.cddl | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 cddl/condition-triple-record.cddl diff --git a/cddl/condition-triple-record.cddl b/cddl/condition-triple-record.cddl new file mode 100644 index 00000000..3bd7a5b7 --- /dev/null +++ b/cddl/condition-triple-record.cddl @@ -0,0 +1,4 @@ +condition-triple-record = [ + environment-map + measurement-map +] From cc76d6f6605e58e0803879adc940bac9488c37b7 Mon Sep 17 00:00:00 2001 From: Ned Smith Date: Tue, 5 Dec 2023 12:58:21 -0800 Subject: [PATCH 13/37] Update cddl/triples-map.cddl Co-authored-by: Thomas Fossati --- cddl/triples-map.cddl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl index 08555155..c0fb9b52 100644 --- a/cddl/triples-map.cddl +++ b/cddl/triples-map.cddl @@ -19,7 +19,7 @@ triples-map = non-empty<{ [ + conditional-endorsement-triple-record ] ? &(mec-endorsement-triples: 10) => [ + multi-env-conditional-endorsement-triple-record ] - ? &(condition-triples: 11) = + ? &(condition-triples: 11) => [ + condition-triple-record ] * $$triples-map-extension }> From 109759f4928badab9ab05603f73730390aa5d74f Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Wed, 6 Dec 2023 10:39:18 +0100 Subject: [PATCH 14/37] fixed some lint --- draft-ietf-rats-corim.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 5f9d1073..4b92611e 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1137,7 +1137,7 @@ the object relates to the subject. {::include cddl/endorsed-triple-record.cddl} ~~~ -#### Condition Values Triple +#### Condition Values Triple A Condition Values Triple defines a set of operational state of an environment. If the corresponding values defined in its `measurement-map` are found in an Accepted Claims Set, corresponding endorsed values defined in a `multi-env-conditional-endorsement-triple-record` can be added to that Accepted Claims Set. @@ -1209,7 +1209,7 @@ The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is A `multi-env-conditional-endorsement-triple-record` has the following parameters: * `conds`: all target environments, along with a specific state, that need to match in order for the endorsement(s) to apply -* `actions`: TODO +* `actions`: TODO * `env`: the environment to which the endorsed value (conditionally) applies * `ends`: the endorsed value(s) associated with `env` From 47c9560b647d02dcc71a94958dd39fc0a1ec4f4b Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Wed, 6 Dec 2023 10:43:33 +0100 Subject: [PATCH 15/37] addressing https://github.com/ietf-rats-wg/draft-ietf-rats-corim/pull/174#discussion_r1412263298 --- draft-ietf-rats-corim.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 4b92611e..d4e462a1 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1209,9 +1209,7 @@ The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is A `multi-env-conditional-endorsement-triple-record` has the following parameters: * `conds`: all target environments, along with a specific state, that need to match in order for the endorsement(s) to apply -* `actions`: TODO -* `env`: the environment to which the endorsed value (conditionally) applies -* `ends`: the endorsed value(s) associated with `env` +* `actions`: additional Endorsements are added to a current ACS maintained by a Verifier and that matches `conds` is augmented with another set of Endorsements All the entries in `cond` MUST match. From b20e44f05da43da0abd5179ea4e7a6afa86c91cf Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Wed, 6 Dec 2023 10:52:25 +0100 Subject: [PATCH 16/37] added condition-triple-record.cddl to frags --- cddl/corim-frags.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/cddl/corim-frags.mk b/cddl/corim-frags.mk index e4815339..c482ace6 100644 --- a/cddl/corim-frags.mk +++ b/cddl/corim-frags.mk @@ -15,6 +15,7 @@ COMID_FRAGS += crypto-key-type-choice.cddl COMID_FRAGS += domain-dependency-triple-record.cddl COMID_FRAGS += domain-membership-triple-record.cddl COMID_FRAGS += mec-endorsement-triple-record.cddl +COMID_FRAGS += condition-triple-record.cddl COMID_FRAGS += domain-type-choice.cddl COMID_FRAGS += endorsed-triple-record.cddl COMID_FRAGS += entity-map.cddl From 69ade4ea8cc257bc1c297df5137d8fcdb6a6b961 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 6 Dec 2023 12:11:30 +0100 Subject: [PATCH 17/37] tweaks Signed-off-by: Thomas Fossati Co-authored-by: Thomas Fossati Co-authored-by: Henk Birkholz --- cddl/condition-triple-record.cddl | 4 ---- cddl/corim-frags.mk | 1 - cddl/mec-endorsement-triple-record.cddl | 4 ++-- cddl/triples-map.cddl | 2 -- draft-ietf-rats-corim.md | 19 +++---------------- 5 files changed, 5 insertions(+), 25 deletions(-) delete mode 100644 cddl/condition-triple-record.cddl diff --git a/cddl/condition-triple-record.cddl b/cddl/condition-triple-record.cddl deleted file mode 100644 index 3bd7a5b7..00000000 --- a/cddl/condition-triple-record.cddl +++ /dev/null @@ -1,4 +0,0 @@ -condition-triple-record = [ - environment-map - measurement-map -] diff --git a/cddl/corim-frags.mk b/cddl/corim-frags.mk index c482ace6..e4815339 100644 --- a/cddl/corim-frags.mk +++ b/cddl/corim-frags.mk @@ -15,7 +15,6 @@ COMID_FRAGS += crypto-key-type-choice.cddl COMID_FRAGS += domain-dependency-triple-record.cddl COMID_FRAGS += domain-membership-triple-record.cddl COMID_FRAGS += mec-endorsement-triple-record.cddl -COMID_FRAGS += condition-triple-record.cddl COMID_FRAGS += domain-type-choice.cddl COMID_FRAGS += endorsed-triple-record.cddl COMID_FRAGS += entity-map.cddl diff --git a/cddl/mec-endorsement-triple-record.cddl b/cddl/mec-endorsement-triple-record.cddl index 353580cc..eeb8890d 100644 --- a/cddl/mec-endorsement-triple-record.cddl +++ b/cddl/mec-endorsement-triple-record.cddl @@ -1,4 +1,4 @@ multi-env-conditional-endorsement-triple-record = [ - conds: [ + condition-triple-record ] - actions: [ + stateful-environment-record ] + conds: [ + stateful-environment-record ] + endorsements: [ + endorsed-triple-record ] ] diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl index c0fb9b52..5dc8dfca 100644 --- a/cddl/triples-map.cddl +++ b/cddl/triples-map.cddl @@ -19,7 +19,5 @@ triples-map = non-empty<{ [ + conditional-endorsement-triple-record ] ? &(mec-endorsement-triples: 10) => [ + multi-env-conditional-endorsement-triple-record ] - ? &(condition-triples: 11) => - [ + condition-triple-record ] * $$triples-map-extension }> diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index d4e462a1..b0aee998 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -99,7 +99,7 @@ informative: seriesinfo: Version 1.0, Revision 0.19 date: July 2020 target: https://trustedcomputinggroup.org/wp-content/uploads/DICE-Layering-Architecture-r19_pub.pdf - IANA.concise-software-identifier: coswid-reg + IANA.coswid: coswid-reg SPDM: title: Security Protocol and Data Model (SPDM) author: @@ -1137,14 +1137,6 @@ the object relates to the subject. {::include cddl/endorsed-triple-record.cddl} ~~~ -#### Condition Values Triple - -A Condition Values Triple defines a set of operational state of an environment. If the corresponding values defined in its `measurement-map` are found in an Accepted Claims Set, corresponding endorsed values defined in a `multi-env-conditional-endorsement-triple-record` can be added to that Accepted Claims Set. - -~~~ cddl -{::include cddl/condition-triple-record.cddl} -~~~ - #### Device Identity Triple {#sec-comid-triple-identity} A Device Identity triple relates one or more cryptographic keys to a device. @@ -1208,10 +1200,8 @@ The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is A `multi-env-conditional-endorsement-triple-record` has the following parameters: -* `conds`: all target environments, along with a specific state, that need to match in order for the endorsement(s) to apply -* `actions`: additional Endorsements are added to a current ACS maintained by a Verifier and that matches `conds` is augmented with another set of Endorsements - -All the entries in `cond` MUST match. +* `conds`: all target environments, along with a specific state, that need to match `state-triples` entries in the ACS for the endorsement(s) to apply +* `endorsements`: endorsements that are added to the ACS `state-triples` if all `conds` match. The order in which MEC Endorsement triples are evaluated is important: different sorting may produce different end-results in the computed ACS. @@ -1222,9 +1212,6 @@ Notes: * In order to give the expected result, the condition must describe the expected context completely. * The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester. - - - #### CoMID-CoSWID Linking Triple {#sec-comid-triple-coswid} A CoSWID triple relates reference measurements contained in one or more CoSWIDs From e82f289c7847da78709f5bcfd2cef1759728f003 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 6 Dec 2023 15:39:06 +0100 Subject: [PATCH 18/37] transplant Signed-off-by: Thomas Fossati Co-authored-by: Thomas Fossati Co-authored-by: Henk Birkholz --- draft-ietf-rats-corim.md | 50 +++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 26 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index b0aee998..3886ddd6 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1186,32 +1186,6 @@ Evidence. {::include cddl/domain-membership-triple-record.cddl} ~~~ - - -#### Multi-Environment Conditional (MEC) Endorsements Triple {#sec-comid-triple-mec-endorsements} - -The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows: - -> "IF accepted state matches the `cond` value, THEN `env` is associated with the endorsed value(s) `ends`." - -~~~ cddl -{::include cddl/mec-endorsement-triple-record.cddl} -~~~ - -A `multi-env-conditional-endorsement-triple-record` has the following parameters: - -* `conds`: all target environments, along with a specific state, that need to match `state-triples` entries in the ACS for the endorsement(s) to apply -* `endorsements`: endorsements that are added to the ACS `state-triples` if all `conds` match. - -The order in which MEC Endorsement triples are evaluated is important: different sorting may produce different end-results in the computed ACS. - -Therefore, the set of applicable MEC Endorsement triple MUST be topologically sorted based on the criterion that a MEC Endorsement triple is evaluated before another if its Target Environment and Endorsement pair is found in any of the stateful environments of the second triple. - -Notes: - -* In order to give the expected result, the condition must describe the expected context completely. -* The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester. - #### CoMID-CoSWID Linking Triple {#sec-comid-triple-coswid} A CoSWID triple relates reference measurements contained in one or more CoSWIDs @@ -1274,6 +1248,30 @@ applies to all measurements in the triple, including those in `measurement-value {::include cddl/conditional-endorsement-triple-record.cddl} ~~~ +#### Multi-Environment Conditional (MEC) Endorsements Triple {#sec-comid-triple-mec-endorsements} + +The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows: + +> "IF accepted state matches the `cond` value, THEN `env` is associated with the endorsed value(s) `ends`." + +~~~ cddl +{::include cddl/mec-endorsement-triple-record.cddl} +~~~ + +A `multi-env-conditional-endorsement-triple-record` has the following parameters: + +* `conds`: all target environments, along with a specific state, that need to match `state-triples` entries in the ACS for the endorsement(s) to apply +* `endorsements`: endorsements that are added to the ACS `state-triples` if all `conds` match. + +The order in which MEC Endorsement triples are evaluated is important: different sorting may produce different end-results in the computed ACS. + +Therefore, the set of applicable MEC Endorsement triple MUST be topologically sorted based on the criterion that a MEC Endorsement triple is evaluated before another if its Target Environment and Endorsement pair is found in any of the stateful environments of the second triple. + +Notes: + +* In order to give the expected result, the condition must describe the expected context completely. +* The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester. + ## Extensibility {#sec-extensibility} The base CORIM schema is described using CDDL {{-cddl}} that can be extended From d378a0addd78e1c2baf8171194c185d4012b153c Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 6 Dec 2023 15:41:44 +0100 Subject: [PATCH 19/37] Andy's fix Signed-off-by: Thomas Fossati --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 3886ddd6..4fefcc17 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1252,7 +1252,7 @@ applies to all measurements in the triple, including those in `measurement-value The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows: -> "IF accepted state matches the `cond` value, THEN `env` is associated with the endorsed value(s) `ends`." +> "IF accepted state matches all `conds` values, THEN every `endorsements` value is added to the accepted state" ~~~ cddl {::include cddl/mec-endorsement-triple-record.cddl} From 7ee6a11093a8346c034b626c3e0008c21da242ad Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Wed, 6 Dec 2023 09:44:22 -0500 Subject: [PATCH 20/37] Add naming consistency Signed-off-by: Yogesh Deshpande --- draft-ietf-rats-corim.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 4fefcc17..0b99f4a8 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1248,9 +1248,9 @@ applies to all measurements in the triple, including those in `measurement-value {::include cddl/conditional-endorsement-triple-record.cddl} ~~~ -#### Multi-Environment Conditional (MEC) Endorsements Triple {#sec-comid-triple-mec-endorsements} +#### Multi-Environment Conditional (MEC) Endorsement Triple {#sec-comid-triple-mec-endorsement} -The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows: +The semantics of the Multi-Environment Conditional (MEC) Endorsement Triple is as follows: > "IF accepted state matches all `conds` values, THEN every `endorsements` value is added to the accepted state" From e256b437f7470e64a39fa6588279dc4fc9419325 Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Wed, 6 Dec 2023 09:51:48 -0500 Subject: [PATCH 21/37] Add reference to the MEC triple Signed-off-by: Yogesh Deshpande --- draft-ietf-rats-corim.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 0b99f4a8..960e546d 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -749,6 +749,10 @@ The following describes each member of the `triples-map`: Endorsement based on the acceptance of a stateful environment. Described in {{sec-comid-triple-cond-end}}. +* `multi-env-conditional-endorsement-triple-record` (index 10) Triples describing a series of Endorsement +that are applicable based on the acceptance of a series of stateful environment records. Described +in {{sec-comid-triple-mec-endorsement}}. + #### Common Types ##### Environment From 7ef0cac493516870e8360fa50f12e497f062d328 Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Wed, 6 Dec 2023 16:19:15 +0100 Subject: [PATCH 22/37] Update cddl/triples-map.cddl Co-authored-by: Yogesh Deshpande --- cddl/triples-map.cddl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl index 5dc8dfca..0eef0a61 100644 --- a/cddl/triples-map.cddl +++ b/cddl/triples-map.cddl @@ -18,6 +18,6 @@ triples-map = non-empty<{ ? &(conditional-endorsement-triples: 9) => [ + conditional-endorsement-triple-record ] ? &(mec-endorsement-triples: 10) => - [ + multi-env-conditional-endorsement-triple-record ] + [ + mec-endorsement-triple-record ] * $$triples-map-extension }> From dadd587d67dadd631805acf831455bcd4d01b7b3 Mon Sep 17 00:00:00 2001 From: Henk Birkholz Date: Wed, 6 Dec 2023 16:19:44 +0100 Subject: [PATCH 23/37] Update cddl/mec-endorsement-triple-record.cddl Co-authored-by: Yogesh Deshpande --- cddl/mec-endorsement-triple-record.cddl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cddl/mec-endorsement-triple-record.cddl b/cddl/mec-endorsement-triple-record.cddl index eeb8890d..dd64666c 100644 --- a/cddl/mec-endorsement-triple-record.cddl +++ b/cddl/mec-endorsement-triple-record.cddl @@ -1,4 +1,4 @@ -multi-env-conditional-endorsement-triple-record = [ +mec-endorsement-triple-record = [ conds: [ + stateful-environment-record ] endorsements: [ + endorsed-triple-record ] ] From 4a82296d9358573412f3524c51b3f55360f47007 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 6 Dec 2023 16:24:17 +0100 Subject: [PATCH 24/37] align naming Signed-off-by: Thomas Fossati --- draft-ietf-rats-corim.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 960e546d..a74f5fc0 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -749,9 +749,10 @@ The following describes each member of the `triples-map`: Endorsement based on the acceptance of a stateful environment. Described in {{sec-comid-triple-cond-end}}. -* `multi-env-conditional-endorsement-triple-record` (index 10) Triples describing a series of Endorsement -that are applicable based on the acceptance of a series of stateful environment records. Described -in {{sec-comid-triple-mec-endorsement}}. +* `mec-endorsement-triple-record` (index 10) Triples describing a series of + Endorsement that are applicable based on the acceptance of a series of + stateful environment records. Described in + {{sec-comid-triple-mec-endorsement}}. #### Common Types @@ -1262,7 +1263,7 @@ The semantics of the Multi-Environment Conditional (MEC) Endorsement Triple is a {::include cddl/mec-endorsement-triple-record.cddl} ~~~ -A `multi-env-conditional-endorsement-triple-record` has the following parameters: +A `mec-endorsement-triple-record` has the following parameters: * `conds`: all target environments, along with a specific state, that need to match `state-triples` entries in the ACS for the endorsement(s) to apply * `endorsements`: endorsements that are added to the ACS `state-triples` if all `conds` match. From cf968f69201caa80b05565e8d58fd3d818029c4d Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Wed, 6 Dec 2023 15:43:24 +0000 Subject: [PATCH 25/37] Update draft-ietf-rats-corim.md --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index a74f5fc0..7e81c998 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1257,7 +1257,7 @@ applies to all measurements in the triple, including those in `measurement-value The semantics of the Multi-Environment Conditional (MEC) Endorsement Triple is as follows: -> "IF accepted state matches all `conds` values, THEN every `endorsements` value is added to the accepted state" +> "IF accepted state matches all `conds` values, THEN every entry in the `endorsements` is added to the accepted state" ~~~ cddl {::include cddl/mec-endorsement-triple-record.cddl} From f29bb93eb77489834f434931acbb8bbf15c694f8 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 6 Dec 2023 16:55:32 +0100 Subject: [PATCH 26/37] issue tracking Signed-off-by: Thomas Fossati --- draft-ietf-rats-corim.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 7e81c998..fbdc6f60 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -1277,6 +1277,8 @@ Notes: * In order to give the expected result, the condition must describe the expected context completely. * The scope of a single MEC triple encompasses an arbitrary amount of environments across all layers in an Attester. +There are scope-related questions that need to be answered. ([^tracked-at] https://github.com/ietf-rats-wg/draft-ietf-rats-corim/issues/176) + ## Extensibility {#sec-extensibility} The base CORIM schema is described using CDDL {{-cddl}} that can be extended From c1e9fb0e6c5be7eff49e35fb99bf768d3589bff8 Mon Sep 17 00:00:00 2001 From: nedmsmith Date: Mon, 18 Dec 2023 11:04:56 -0800 Subject: [PATCH 27/37] changed cryptokeys code point to 13 code point 12 is already used by concise-evidence spec for spdm indirect. --- cddl/examples/comid-4.diag | 2 +- cddl/measurement-values-map.cddl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cddl/examples/comid-4.diag b/cddl/examples/comid-4.diag index a4c37e16..e00866a5 100644 --- a/cddl/examples/comid-4.diag +++ b/cddl/examples/comid-4.diag @@ -18,7 +18,7 @@ }, / measurement-map / { / mval / 1 : { - / cryptokeys / 12 : [ + / cryptokeys / 13 : [ / tagged-pkix-base64-key-type / 554("base64_key_ACME_MAX"), / tagged-pkix-base64-cert-type / 555("base64_cert_ACME_MAX"), / tagged-pkix-base64-cert-path-type / 556("base64_cert_path_ACME_MAX") diff --git a/cddl/measurement-values-map.cddl b/cddl/measurement-values-map.cddl index b57ffa06..fbcdc0da 100644 --- a/cddl/measurement-values-map.cddl +++ b/cddl/measurement-values-map.cddl @@ -13,6 +13,6 @@ measurement-values-map = non-empty<{ ? &(ueid: 9) => ueid-type ? &(uuid: 10) => uuid-type ? &(name: 11) => text - ? &(cryptokeys: 12) => [ + $crypto-key-type-choice ] + ? &(cryptokeys: 13) => [ + $crypto-key-type-choice ] * $$measurement-values-map-extension }> From 11e887c8c33f64ca219a11f7d864427775d00d4a Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 20 Dec 2023 15:33:35 +0100 Subject: [PATCH 28/37] extend the use of tagged-bytes to identifiers Fix #184 Signed-off-by: Thomas Fossati --- cddl/class-id-type-choice.cddl | 1 + cddl/corim-frags.mk | 1 + cddl/group-id-type-choice.cddl | 1 + cddl/instance-id-type-choice.cddl | 1 + cddl/raw-value.cddl | 1 - cddl/tagged-bytes.cddl | 1 + draft-ietf-rats-corim.md | 20 +++++++++++++++----- 7 files changed, 20 insertions(+), 6 deletions(-) create mode 100644 cddl/tagged-bytes.cddl diff --git a/cddl/class-id-type-choice.cddl b/cddl/class-id-type-choice.cddl index 3ea3e84a..dbb89710 100644 --- a/cddl/class-id-type-choice.cddl +++ b/cddl/class-id-type-choice.cddl @@ -1,3 +1,4 @@ $class-id-type-choice /= tagged-oid-type $class-id-type-choice /= tagged-uuid-type $class-id-type-choice /= tagged-int-type +$class-id-type-choice /= tagged-bytes diff --git a/cddl/corim-frags.mk b/cddl/corim-frags.mk index e4815339..813d3a2e 100644 --- a/cddl/corim-frags.mk +++ b/cddl/corim-frags.mk @@ -41,6 +41,7 @@ COMID_FRAGS += tag-identity-map.cddl COMID_FRAGS += tag-rel-type-choice.cddl COMID_FRAGS += tag-version-type.cddl COMID_FRAGS += tagged-int.cddl +COMID_FRAGS += tagged-bytes.cddl COMID_FRAGS += triples-map.cddl COMID_FRAGS += ueid.cddl COMID_FRAGS += uuid.cddl diff --git a/cddl/group-id-type-choice.cddl b/cddl/group-id-type-choice.cddl index d411e5f1..e24b6584 100644 --- a/cddl/group-id-type-choice.cddl +++ b/cddl/group-id-type-choice.cddl @@ -1 +1,2 @@ $group-id-type-choice /= tagged-uuid-type +$group-id-type-choice /= tagged-bytes diff --git a/cddl/instance-id-type-choice.cddl b/cddl/instance-id-type-choice.cddl index e8fb1649..4cff9614 100644 --- a/cddl/instance-id-type-choice.cddl +++ b/cddl/instance-id-type-choice.cddl @@ -1,3 +1,4 @@ $instance-id-type-choice /= tagged-ueid-type $instance-id-type-choice /= tagged-uuid-type $instance-id-type-choice /= $crypto-key-type-choice +$instance-id-type-choice /= tagged-bytes diff --git a/cddl/raw-value.cddl b/cddl/raw-value.cddl index a75bc21f..1b9332e2 100644 --- a/cddl/raw-value.cddl +++ b/cddl/raw-value.cddl @@ -1,4 +1,3 @@ -tagged-bytes = #6.560(bytes) $raw-value-type-choice /= tagged-bytes raw-value-mask-type = bytes diff --git a/cddl/tagged-bytes.cddl b/cddl/tagged-bytes.cddl new file mode 100644 index 00000000..f8920b18 --- /dev/null +++ b/cddl/tagged-bytes.cddl @@ -0,0 +1 @@ +tagged-bytes = #6.560(bytes) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index fbdc6f60..594efbd2 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -303,6 +303,16 @@ convention - e.g., {{Section 4.4.1.5 of -psa-token}}). {::include cddl/digest.cddl} ~~~ +### Tagged Bytes Type {#sec-common-tagged-bytes} + +An opaque, variable-length byte string. +It can be used in different contexts: as an instance, class or group identifier in an `environment-map`; as a raw value measurement in a `measurement-values-map`. +Its semantics is defined by the context in which it is found, and by the overarching CoRIM profile. + +~~~ cddl +{::include cddl/tagged-bytes.cddl} +~~~ + # Concise Reference Integrity Manifest (CoRIM) {#sec-corim} A CoRIM is a collection of tags and related metadata as described below. @@ -821,7 +831,7 @@ An instance carries a unique identifier that is reliably bound to a Target Envir that is an instance of the Attester. The types defined for an instance identifier are CBOR tagged expressions of -UEID, UUID, or cryptographic key identifier. +UEID, UUID, variable-length opaque byte string, or cryptographic key identifier. ~~~ cddl {::include cddl/instance-id-type-choice.cddl} @@ -833,7 +843,7 @@ A group carries a unique identifier that is reliably bound to a group of Attesters, for example when a number of Attester are hidden in the same anonymity set. -The type defined for a group identified is UUID. +The types defined for a group identified are UUID and variable-length opaque byte string. ~~~ cddl {::include cddl/group-id-type-choice.cddl} @@ -1045,7 +1055,7 @@ Raw value measurements are typically vendor defined values that are checked by V for consistency only, since the security relevance is opaque to Verifiers. There are two parts to a `raw-value-group`, a measurement and an optional mask. -The default raw value measurement is a CBOR tagged `bstr`. +The default raw value measurement is of type `tagged-bytes` ({{sec-common-tagged-bytes}}). Additional raw value types can be defined, but must be CBOR tagged so that parsers can distinguish between the various semantics of type values. @@ -1953,9 +1963,9 @@ IANA is requested to allocate the following tags in the "CBOR Tags" registry {{! | 555 | `text` | tagged-pkix-base64-cert-type, see {{sec-crypto-keys}} | {{&SELF}} | | 556 | `text` | tagged-pkix-base64-cert-path-type, see {{sec-crypto-keys}} | {{&SELF}} | | 557 | `[int/text, bytes]` | tagged-thumbprint-type, see {{sec-common-hash-entry}} | {{&SELF}} | -| 558 | `COSE_Key/ COSE_KeySet` | tagged-cose-key-type, see {{sec-crypto-keys}} | {{&SELF}} | +| 558 | `COSE_Key/ COSE_KeySet` | tagged-cose-key-type, see {{sec-crypto-keys}} | {{&SELF}} | | 559 | `digest` | tagged-cert-thumbprint-type, see {{sec-crypto-keys}} | {{&SELF}} | -| 560 | `bytes` | tagged-bytes, see {{sec-comid-raw-value-types}} | {{&SELF}} | +| 560 | `bytes` | tagged-bytes, see {{sec-common-tagged-bytes}} | {{&SELF}} | | 561 | `digest` | tagged-cert-path-thumbprint-type, see {{sec-crypto-keys}} | {{&SELF}} | | 562-599 | `any` | Earmarked for CoRIM | {{&SELF}} | From 97438e152b40ef1db3ffa00e051a816115883db1 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 20 Dec 2023 16:15:43 +0100 Subject: [PATCH 29/37] add test vector Signed-off-by: Thomas Fossati --- cddl/examples/comid-opaque-instance-id.cddl | 26 +++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 cddl/examples/comid-opaque-instance-id.cddl diff --git a/cddl/examples/comid-opaque-instance-id.cddl b/cddl/examples/comid-opaque-instance-id.cddl new file mode 100644 index 00000000..85235580 --- /dev/null +++ b/cddl/examples/comid-opaque-instance-id.cddl @@ -0,0 +1,26 @@ +/ concise-mid-tag / { + / comid.tag-identity / 1 : { + / comid.tag-id / 0 : h'3f06af63a93c11e4979700505690773f' + }, + / comid.entity / 2 : [ { + / comid.entity-name / 0 : "ACME Inc.", + / comid.reg-id / 1 : 32("https://acme.example"), + / comid.role / 2 : [ 0 ] / tag-creator / + } ], + / comid.triples / 4 : { + / comid.reference-triples / 0 : [ [ + / environment-map / { + / comid.instance / 1 : / e.g., SEV-SNP CHIP_ID / 560( + h'9f71ec4d223f4f899d532ed6ff6ecbbb4a62cb386ba24c204c9371ce5e3b9291713fe96b9b413d8842968ebb1fa4cf1920d0c5e9f872776a1e826f2851ecdb47') + }, + / measurement-map / { + / comid.mval / 1 : { + / comid.ver / 0 : { + / comid.version / 0 : "1.0.0", + / comid.version-scheme / 1 : 16384 / semver / + }, + } + } + ] ] + } +} From 9de10327afa03e1f0f1868a0756e002d8dd84464 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 20 Dec 2023 16:35:14 +0100 Subject: [PATCH 30/37] Andy's comment about uniqueness Signed-off-by: Thomas Fossati --- draft-ietf-rats-corim.md | 1 + 1 file changed, 1 insertion(+) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 594efbd2..cf25766b 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -308,6 +308,7 @@ convention - e.g., {{Section 4.4.1.5 of -psa-token}}). An opaque, variable-length byte string. It can be used in different contexts: as an instance, class or group identifier in an `environment-map`; as a raw value measurement in a `measurement-values-map`. Its semantics is defined by the context in which it is found, and by the overarching CoRIM profile. +When used as an identifier uniqueness SHOULD be guaranteed by the responsible allocator entity. ~~~ cddl {::include cddl/tagged-bytes.cddl} From 66c0dd69d537fb6a68ae6159ce348822ec4f9dec Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 20 Dec 2023 16:42:54 +0100 Subject: [PATCH 31/37] do not use the passive form Co-authored-by: Andrew Draper --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index cf25766b..c2a2f844 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -308,7 +308,7 @@ convention - e.g., {{Section 4.4.1.5 of -psa-token}}). An opaque, variable-length byte string. It can be used in different contexts: as an instance, class or group identifier in an `environment-map`; as a raw value measurement in a `measurement-values-map`. Its semantics is defined by the context in which it is found, and by the overarching CoRIM profile. -When used as an identifier uniqueness SHOULD be guaranteed by the responsible allocator entity. +When used as an identifier the responsible allocator entity SHOULD ensure uniqueness. ~~~ cddl {::include cddl/tagged-bytes.cddl} From 5a4d1fa1c8ee731314ba79bed8906989ae12b502 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 20 Dec 2023 20:33:30 +0100 Subject: [PATCH 32/37] plural Co-authored-by: Ned Smith --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index c2a2f844..d4e365c2 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -307,7 +307,7 @@ convention - e.g., {{Section 4.4.1.5 of -psa-token}}). An opaque, variable-length byte string. It can be used in different contexts: as an instance, class or group identifier in an `environment-map`; as a raw value measurement in a `measurement-values-map`. -Its semantics is defined by the context in which it is found, and by the overarching CoRIM profile. +Its semantics are defined by the context in which it is found, and by the overarching CoRIM profile. When used as an identifier the responsible allocator entity SHOULD ensure uniqueness. ~~~ cddl From c688011cf74926089dfaec15012b3259f44b4edb Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 20 Dec 2023 20:34:30 +0100 Subject: [PATCH 33/37] scoped uniqueness --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index d4e365c2..8d0ed773 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -308,7 +308,7 @@ convention - e.g., {{Section 4.4.1.5 of -psa-token}}). An opaque, variable-length byte string. It can be used in different contexts: as an instance, class or group identifier in an `environment-map`; as a raw value measurement in a `measurement-values-map`. Its semantics are defined by the context in which it is found, and by the overarching CoRIM profile. -When used as an identifier the responsible allocator entity SHOULD ensure uniqueness. +When used as an identifier the responsible allocator entity SHOULD ensure uniqueness within the usage scope. ~~~ cddl {::include cddl/tagged-bytes.cddl} From e88134bdb976a90c3446d1e62291239418acbe85 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 3 Jan 2024 18:04:45 +0100 Subject: [PATCH 34/37] Ned's editorial suggestion Co-authored-by: Ned Smith --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index 8d0ed773..a27ee121 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -308,7 +308,7 @@ convention - e.g., {{Section 4.4.1.5 of -psa-token}}). An opaque, variable-length byte string. It can be used in different contexts: as an instance, class or group identifier in an `environment-map`; as a raw value measurement in a `measurement-values-map`. Its semantics are defined by the context in which it is found, and by the overarching CoRIM profile. -When used as an identifier the responsible allocator entity SHOULD ensure uniqueness within the usage scope. +When used as an identifier the responsible allocator entity SHOULD ensure uniqueness within the context that it is used. ~~~ cddl {::include cddl/tagged-bytes.cddl} From c5456de64c149ab933713a47cbf1e3b199838fd0 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Mon, 8 Jan 2024 14:50:58 +0100 Subject: [PATCH 35/37] add references to the tagged-bytes section Signed-off-by: Thomas Fossati --- draft-ietf-rats-corim.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index a27ee121..d1628584 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -807,7 +807,7 @@ needed. The following describes each member of the `class-map`: * `class-id` (index 0): Identifies the environment via a well-known identifier. - Typically, `class-id` is an object identifier (OID) or universally unique + Typically, `class-id` is an object identifier (OID) variable-length opaque byte string ({{sec-common-tagged-bytes}}) or universally unique identifier (UUID). Use of this attribute is preferred. * `vendor` (index 1): Identifies the entity responsible for choosing values for @@ -832,7 +832,7 @@ An instance carries a unique identifier that is reliably bound to a Target Envir that is an instance of the Attester. The types defined for an instance identifier are CBOR tagged expressions of -UEID, UUID, variable-length opaque byte string, or cryptographic key identifier. +UEID, UUID, variable-length opaque byte string ({{sec-common-tagged-bytes}}), or cryptographic key identifier. ~~~ cddl {::include cddl/instance-id-type-choice.cddl} @@ -844,7 +844,7 @@ A group carries a unique identifier that is reliably bound to a group of Attesters, for example when a number of Attester are hidden in the same anonymity set. -The types defined for a group identified are UUID and variable-length opaque byte string. +The types defined for a group identified are UUID and variable-length opaque byte string ({{sec-common-tagged-bytes}}). ~~~ cddl {::include cddl/group-id-type-choice.cddl} From 17a1b11b1e86ebeb1a9c364e2f339f3cd13c82cf Mon Sep 17 00:00:00 2001 From: Andrew Draper Date: Tue, 9 Jan 2024 10:32:55 +0000 Subject: [PATCH 36/37] Fix text describing cryptokeys id to match CDDL --- draft-ietf-rats-corim.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index d1628584..277269f6 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -957,7 +957,7 @@ The following describes each member of the `measurement-values-map`. * `name` (index 11): a name associated with the measured environment. -* `cryptokeys` (index 12): identifies cryptographic keys that are protected by the Target Environment +* `cryptokeys` (index 13): identifies cryptographic keys that are protected by the Target Environment See {{sec-crypto-keys}} for the supported formats. An Attesting Environment determines that keys are protected as part of Claims collection. Appraisal verifies that, for each value in `cryptokeys`, there is a matching Reference Value entry. From 17c9723b5a0d2ab8fbf3fb642ed88405f179e03e Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Wed, 17 Jan 2024 16:13:06 +0100 Subject: [PATCH 37/37] disable cddl-latest as it breaks on the comid-flags example --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 9a51ffcb..db2498a9 100644 --- a/Gemfile +++ b/Gemfile @@ -1,5 +1,5 @@ source 'https://rubygems.org' gem 'json_pure' -gem 'cddl', '>=0.9.1' +gem 'cddl', ['>=0.9.1', '!=0.10.5' ] gem 'cbor-diag', '=0.8.1'