]> RATS Message Types Linaro
thomas.fossati@linaro.org
Security Theory LLC
lgl@securitytheory.com
Security RATS cbor This establishes that RATs messages types should be identified by either CoAP Content-Format or Media Type (MIME type) or both. CBOR tags and other type mechanisms should not be used. This updates EAT, in a backwards-compatible way, so that the type of EAT nested tokens can be identified by CoAP Content-Format and Media Type.
Introduction When EAT and CMW were designed, some of the nesting requirements were not fully understood. What is understood now is that composite and layered attestation has to accommodate an open-ended range of formats for attestation evidence messages (a.k. a., attestation tokens). When composing attestation for a complex device like a car or airplane, there are likely to be hundreds of components from hundreds of suppliers. Individual suppliers are likely to have picked an attestation token format convenient for their environment. For example, traditional security-oriented components like HSMs are likely to choose ASN.1 based formats while higher level components may use JSON-based formats. In many cases, the components and the attestation implementation will be subject to expensive certification requirements. It is not possible for the manufacturer of the complex device to dictate that all suppliers use the same format. Encoding-specific message type indicators like CBOR tags (See ) are not recommended, because they work only in the particular protocol environments. Proprietary type indicators are also not recommended as there are perfectly usable standard type indicators. Standard type indicators have the benefit of working with established protocols like HTTP and CoAP . It is expected that attestation, and thus attestation messages, will be integrated into other protocols like TLS. Some uniform means of identifying RATS messages is desirable. This is akin to identify image format types in a general way that works for email, web pages and so on. A concern with multiple formats for RATS messages is incurring n-squared complexity where n is the number of formats for something like evidence. Orienting around a standard content types will mostly reduce from n-squared to simple order of n. It is advantageous to identify one point in RATS protocols where message-formats can change, say from CBOR to JSON or DER (ASN.1) to CBOR. Since RATS messages can be many formats, the logical place to do that is at the message level. This is how EAT does it. The only place a message format boundary is crossed is for nested tokens. (EAT also allows a message format boundary crossing for manifests and measurements, but technically they are not attestation messages. Never the less, in EAT this boundary makes use of CoAP Content-Format).
Type Identifiers and Receptacles A type system needs identifiers for each message that plugs-in and a receptacle structure for the place the message plugs-in.
Type Identifiers A CoAP Content-Format and Media Type SHOULD be registered for each RATS protocol message definition. A CBOR tag SHOULD NOT be registered for RATS protocol messages. If a CBOR tag is needed, one can be derived by the TN() mechanism described in .
Receptacle Definition A receptacle is a place in a protocol where a RATS message can occur. For example, a nested-token in EAT or a cbor-record in CMW. In a sense, HTTP is largely a receptacle. A receptacle is a content type and a body. cbor-record and json-record in CMW are receptacles. The content type header and message body in HTTP are a receptacle. All RATS protocols SHOULD use a receptacle that is based on CoAP Content-Format or Media Type or both. CBOR-based protocols SHOULD use the cbor-record defined in CMW as a receptacle. JSON-based protocols should use the json-record defined in CMW as a receptacle. This does not deprecate previously registered CBOR tags or CBOR tag-using receptacles.
Receptacle Commentary The actual definition and encoding for a receptacle should match the format and encoding of the surround protocol. For example, in a CBOR-format CMW token, a cbor-record is used for the receptacle. In an ASN.1-based protocol the receptacle will be defined in ASN.1. It is perhaps an INTEGER and an OCTET-STREAM or an OID that maps to a CoAP Content-Format and an OCTET-STREAM. A receptacle is a place where encoding formats can change. A JSON-format message can be put into a CBOR-format message. It is recommended that in RATS protocols a receptacle be the only place where the encoding format can change. Stated conversely, any place in a RATS protocol were the encoding format can change, a receptacle should be used. A typical receptacle implementation will decode the message type, and then switch or dispatch to a handler for that type. This may be by a look up table or such. The important part is the implementation of the receptacle doesn’t have to be changed for each new type. Only a configuration has to be adjusted. Some protocols, like TLS, don’t have receptacles and need one to transport RATS messages. Note that in EAT, both the manifests and measurements claims are defined are receptacles as described here.
EAT Updates The definition of a nested-token in EAT doesn’t meet the above criterion, so it needs to be adjusted. This doesn’t deprecate anything in EAT, just refines some definitions. In CBOR-format EAT tokens, the type of a nested token is identified by a CBOR tag. This document updates EAT to say the CBOR tag SHOULD use CoAP Content-Formats and tn() described in to turn them into CBOR tags. In JSON-format EAT tokens, the JSON-Selector structure is used to identify the type of a nested token. The string identifier in JSON-Selector may be one of a small number of strings defined by the EAT standard and may be update only by a standards document. This document updates the JSON-Selector as follows. When the string in the JSON-selector is one of the top-level media types (e.g., “application”) the JSON-selector is a media type identifier.
References Normative References Key words for use in RFCs to Indicate Requirement Levels In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. The Entity Attestation Token (EAT) Security Theory LLC Mediatek USA Qualcomm Technologies Inc. Red Hound Software, Inc. An Entity Attestation Token (EAT) provides an attested claims set that describes state and characteristics of an entity, a device like a smartphone, IoT device, network equipment or such. This claims set is used by a relying party, server or service to determine the type and degree of trust placed in the entity. An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with attestation-oriented claims. The Constrained Application Protocol (CoAP) The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained (e.g., low-power, lossy) networks. The nodes often have 8-bit microcontrollers with small amounts of ROM and RAM, while constrained networks such as IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs) often have high packet error rates and a typical throughput of 10s of kbit/s. The protocol is designed for machine- to-machine (M2M) applications such as smart energy and building automation. CoAP provides a request/response interaction model between application endpoints, supports built-in discovery of services and resources, and includes key concepts of the Web such as URIs and Internet media types. CoAP is designed to easily interface with HTTP for integration with the Web while meeting specialized requirements such as multicast support, very low overhead, and simplicity for constrained environments. On Stable Storage for Items in Concise Binary Object Representation (CBOR) This document defines a stored ("file") format for Concise Binary Object Representation (CBOR) data items that is friendly to common systems that recognize file types, such as the Unix file(1) command. Media Type Specifications and Registration Procedures This document defines procedures for the specification and registration of media types for use in HTTP, MIME, and other Internet protocols. This memo documents an Internet Best Current Practice. RATS Conceptual Messages Wrapper (CMW) Fraunhofer SIT Intel Linaro University of Applied Sciences Bonn-Rhein-Sieg Google LLC This document defines the RATS conceptual message wrapper (CMW) format, a type of encapsulation format that can be used for any RATS messages, such as Evidence, Attestation Results, Endorsements, and Reference Values. Additionally, the document describes a collection type that enables the aggregation of one or more CMWs into a single message. This document also defines corresponding CBOR tag, JSON Web Tokens (JWT) and CBOR Web Tokens (CWT) claims, as well as an X.509 extension. These allow embedding the wrapped conceptual messages into CBOR-based protocols, web APIs, and PKIX protocols. In addition, a Media Type and a CoAP Content-Format are defined for transporting CMWs in HTTP, MIME, CoAP and other Internet protocols. Informative References Concise Binary Object Representation (CBOR) The Concise Binary Object Representation (CBOR) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation. These design goals make it different from earlier binary serializations such as ASN.1 and MessagePack. This document obsoletes RFC 7049, providing editorial improvements, new details, and errata fixes while keeping full compatibility with the interchange format of RFC 7049. It does not create a new version of the format.