lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20201208174906.GA58572@kernel.org>
Date:   Tue, 8 Dec 2020 19:49:06 +0200
From:   Jarkko Sakkinen <jarkko@...nel.org>
To:     Mimi Zohar <zohar@...ux.ibm.com>, sumit.garg@...aro.org
Cc:     Elaine Palmer <erpalmerny@...il.com>,
        jarkko.sakkinen@...ux.intel.com, jejb@...ux.ibm.com,
        dhowells@...hat.com, jens.wiklander@...aro.org, corbet@....net,
        jmorris@...ei.org, serge@...lyn.com, casey@...aufler-ca.com,
        janne.karhunen@...il.com, daniel.thompson@...aro.org,
        Markus.Wamser@...ed-mode.de, lhinds@...hat.com,
        keyrings@...r.kernel.org, linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        op-tee@...ts.trustedfirmware.org,
        Kenneth Goldman <kgoldman@...ibm.com>, gcwilson@...ux.ibm.com,
        zgu@...ibm.com, stefanb@...ibm.com, NAYNA JAIN1 <naynjain@....com>
Subject: Re: [PATCH v8 3/4] doc: trusted-encrypted: updates with TEE as a new
 trust source

On Tue, Dec 08, 2020 at 10:02:57AM -0500, Mimi Zohar wrote:
> Hi Jarkko,
> 
> On Fri, 2020-12-04 at 17:30 +0200, Jarkko Sakkinen wrote:
> > On Wed, Dec 02, 2020 at 02:34:07PM -0500, gmail Elaine Palmer wrote:
> > > Hi Sumit,  
> > > 
> > > Thank you for the detailed descriptions and examples of trust sources
> > > for Trusted Keys.   A group of us in IBM (Stefan Berger, Ken Goldman,
> > > Zhongshu Gu, Nayna Jain, Elaine Palmer, George Wilson, Mimi Zohar)
> > > have been doing related work for quite some time, and we have one
> > > primary concern and some suggested changes to the document. 
> > > 
> > > Our primary concern is that describing a TEE as a Trust Source needs
> > > to be more specific.   For example, "ARM TrustZone" is not sufficient,
> > > but "wolfSSL embedded SSL/TLS library with ARM TrustZone
> > > CryptoCell-310" is.  Just because a key is protected by software
> > > running in a TEE is not enough to establish trust.  Just like
> > > cryptographic modules, a Trust Source should be defined as a specific
> > > implementation on specific hardware with well-documented environmental
> > > assumptions, dependencies, and threats.
> > > 
> > > In addition to the above concern, our suggested changes are inline
> > > below.
> > 
> > In order to give a decent review comment it should have two ingredients:
> > 
> > - Where the existing line of code / text / whatever goes wrong.
> > - How it should modified and why that makes sense. And use as plain
> >   English and non-academic terms as possible, if it is documentation.
> >   Further, scope is only the kernel implementation, no more or no
> >   less.
> > 
> > "do this" is not unfortunately an argument. Feedback is welcome when
> > it is supported by something common sensse.
> 
> Even after the code is fully debugged, reviewed and tested, our concern
> is that people will assume the security guarantees of TEE based trusted
> keys to be equivalent to that of a discrete TPM.
> 
> > 
> > Some meta suggestion of related to email:
> > 
> > Please also use a proper email client and split your paragraphs into
> > at most 80 character lines with new line characters when writing email.
> > I prefer to use 72 character line length so that there's some space
> > for longer email threads.
> 
> Sure, we'll re-post the suggested documentation changes/additions.
> 
> Mimi

So. Wouldn't it be a better idea to post a patch that Sumit could
squash to his (and add co-developed-by tag)?

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ