From 69a494b8cfb9752b33a0582594ff68460df00863 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Fri, 24 Nov 2023 11:06:46 +0100 Subject: [PATCH] Address comments from last meeting * rename "group membership" to "environment bundle" * allow multiple endorsed values in the MEC triple Signed-off-by: Thomas Fossati Co-authored-by: Thomas Fossati Co-authored-by: Henk Birkholz --- cddl/group-membership-triple-record.cddl | 2 +- cddl/mec-endorsement-triple-record.cddl | 2 +- cddl/triples-map.cddl | 2 +- draft-ietf-rats-corim.md | 28 ++++++++++++------------ 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/cddl/group-membership-triple-record.cddl b/cddl/group-membership-triple-record.cddl index c147fbd7..acea29ea 100644 --- a/cddl/group-membership-triple-record.cddl +++ b/cddl/group-membership-triple-record.cddl @@ -1,4 +1,4 @@ -group-membership-triple-record = [ +environment-bundle-triple-record = [ lead: environment-map subs: [ + environment-map ] ] diff --git a/cddl/mec-endorsement-triple-record.cddl b/cddl/mec-endorsement-triple-record.cddl index 313c0669..e55c74de 100644 --- a/cddl/mec-endorsement-triple-record.cddl +++ b/cddl/mec-endorsement-triple-record.cddl @@ -1,5 +1,5 @@ multi-env-conditional-endorsement-triple-record = [ env: environment-map - val: measurement-values-map + ends: [ + measurement-values-map ] cond: [ + stateful-environment-record ] ] diff --git a/cddl/triples-map.cddl b/cddl/triples-map.cddl index 180d5809..4d96d9b9 100644 --- a/cddl/triples-map.cddl +++ b/cddl/triples-map.cddl @@ -10,7 +10,7 @@ triples-map = non-empty<{ ? &(dependency-triples: 4) => [ + domain-dependency-triple-record ] ? &(membership-triples: 5) => - [ + group-membership-triple-record ] + [ + environment-bundle-triple-record ] ? &(coswid-triples: 6) => [ + coswid-triple-record ] ? &(conditional-endorsement-series-triples: 8) => diff --git a/draft-ietf-rats-corim.md b/draft-ietf-rats-corim.md index f9ac235d..1b8e8734 100644 --- a/draft-ietf-rats-corim.md +++ b/draft-ietf-rats-corim.md @@ -569,7 +569,7 @@ The following triples are currently defined: * Device Identity triples: containing cryptographic credentials - for example, an IDevID - uniquely identifying a device ({{sec-comid-triple-identity}}). * Attestation Key triples: containing cryptographic keys that are used to verify the integrity protection on the Evidence received from the Attester ({{sec-comid-triple-attest-key}}). * Domain dependency triples: describing trust relationships between domains, i.e., collection of related environments and their measurements ({{sec-comid-triple-domain-dependency}}). -* Group membership triples: describing topological relationships between (sub-)modules. For example, in a composite Attester comprising multiple sub-Attesters (sub-modules), this triple can be used to define the topological relationship between lead- and sub- Attester environments ({{sec-comid-triple-group-membership}}). +* Environment bundle triples: describing topological relationships between (sub-)modules. For example, in a composite Attester comprising multiple sub-Attesters (sub-modules), this triple can be used to define the topological relationship between lead- and sub- Attester environments ({{sec-comid-triple-environment-bundle}}). * CoMID-CoSWID linking triples: associating a Target Environment with existing CoSWID tags ({{sec-comid-triple-coswid}}). ## Structure @@ -736,7 +736,7 @@ The following describes each member of the `triples-map`: between domains. Described in {{sec-comid-triple-domain-dependency}}. * `membership-triples` (index 5): Triples describing topological relationships - between (sub-)modules. Described in {{sec-comid-triple-group-membership}}. + between (sub-)modules. Described in {{sec-comid-triple-environment-bundle}}. * `coswid-triples` (index 6): Triples associating modules with existing CoSWID tags. Described in {{sec-comid-triple-coswid}}. @@ -1173,18 +1173,18 @@ trustworthiness properties of the subject domain exists. {::include cddl/domain-dependency-triple-record.cddl} ~~~ -#### Group Membership Triple {#sec-comid-triple-group-membership} +#### Environmnent Bundle Triple {#sec-comid-triple-environment-bundle} In order to model hierarchical device composition, CoRIM authors need to identify all components in the composite device (see {{Section 3.3 of -rats-arch}}). -A group describes all target environments that a certain attesting environment is generating evidence about. -The parent-child relationship between the attesting environment and all target environments in question is expressed via the group-membership-triple: +An environment bundle describes all target environments that a certain attesting environment is generating evidence about. +The parent-child relationship between the attesting environment and all target environments in question is expressed via the environment bundle triple: ~~~ cddl {::include cddl/group-membership-triple-record.cddl} ~~~ In the example composite device in {{composite}}, `env-1` is the Attesting Environment for `env-2` and `env-3`, while `env-2` is the Attesting Environment for `env-4`. -Appraisal starts from the top of the device hierarchy (`env-1`) and descends through all the subtrees until all Target Environments have been visited. +Appraisal starts from the top of the device hierarchy (`env-1`) and descends through all the sub-trees until all Target Environments have been visited. ~~~ aasvg .-------. @@ -1207,7 +1207,7 @@ The two following group triples model the device hierarchy: * The top-level with `env-1` as lead attester: ~~~ -group-membership-triple-record = [ +environment-bundle-triple-record = [ lead: env-1 subs: [ env-2, env-3 ] ] @@ -1216,22 +1216,22 @@ group-membership-triple-record = [ * The sub-attester rooted at `env-2`: ~~~ -group-membership-triple-record = [ +environment-bundle-triple-record = [ lead: env-2 subs: [ env-4 ] ] ~~~ -The `lead` environment is the group name. -Since it is expressed as an `environment-map`, it can itself appear as one of the `subs` elements of other `group-membership-triple-record`, thus allowing recursive composition. +The `lead` environment is the environment bundle name. +Since it is expressed as an `environment-map`, it can itself appear as one of the `subs` elements of other `environment-bundle-triple-record`, thus allowing recursive composition. -The scope of a single `group-membership-triple-record` encompasses exactly two adjacent layers in a layered Attester. +The scope of a single `environment-bundle-triple-record` encompasses exactly two adjacent layers in a layered Attester. #### Multi-Environment Conditional (MEC) Endorsements Triple {#sec-comid-triple-mec-endorsements} The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is as follows: -> "IF accepted state matches the `cond` value, THEN the `env` is associated with the endorsed value `val`." +> "IF accepted state matches the `cond` value, THEN `env` is associated with the endorsed value(s) `ends`." ~~~ cddl {::include cddl/mec-endorsement-triple-record.cddl} @@ -1240,8 +1240,8 @@ The semantics of the Multi-Environment Conditional (MEC) Endorsements Triple is A `multi-env-conditional-endorsement-triple-record` has the following parameters: * `env`: the environment to which the endorsed value (conditionally) applies -* `val`: the endorsed value -* `cond`: all target environments, along with a specific state, that need to match in order for the endorsement to apply +* `ends`: the endorsed value(s) associated with `env` +* `cond`: all target environments, along with a specific state, that need to match in order for the endorsement(s) to apply All the entries in `cond` MUST match.