[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <DM3PR84MB3714A4632C4C7B6B50D7A0F4AB562@DM3PR84MB3714.NAMPRD84.PROD.OUTLOOK.COM>
Date: Fri, 1 Nov 2024 19:31:06 +0000
From: "Elliott, Robert (Servers)" <elliott@....com>
To: Ross Philipson <ross.philipson@...cle.com>,
"linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>,
"x86@...nel.org" <x86@...nel.org>,
"linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"kexec@...ts.infradead.org" <kexec@...ts.infradead.org>,
"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
"iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>
CC: "dpsmith@...rtussolutions.com" <dpsmith@...rtussolutions.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com"
<mingo@...hat.com>, "bp@...en8.de" <bp@...en8.de>,
"hpa@...or.com"
<hpa@...or.com>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"ardb@...nel.org" <ardb@...nel.org>,
"mjg59@...f.ucam.org"
<mjg59@...f.ucam.org>,
"James.Bottomley@...senpartnership.com"
<James.Bottomley@...senpartnership.com>,
"peterhuewe@....de"
<peterhuewe@....de>,
"jarkko@...nel.org" <jarkko@...nel.org>,
"jgg@...pe.ca"
<jgg@...pe.ca>,
"luto@...capital.net" <luto@...capital.net>,
"nivedita@...m.mit.edu" <nivedita@...m.mit.edu>,
"herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>,
"davem@...emloft.net" <davem@...emloft.net>,
"corbet@....net"
<corbet@....net>,
"ebiederm@...ssion.com" <ebiederm@...ssion.com>,
"dwmw2@...radead.org" <dwmw2@...radead.org>,
"baolu.lu@...ux.intel.com"
<baolu.lu@...ux.intel.com>,
"kanth.ghatraju@...cle.com"
<kanth.ghatraju@...cle.com>,
"andrew.cooper3@...rix.com"
<andrew.cooper3@...rix.com>,
"trenchboot-devel@...glegroups.com"
<trenchboot-devel@...glegroups.com>
Subject: RE: [PATCH v11 01/20] Documentation/x86: Secure Launch kernel
documentation
> diff --git a/Documentation/security/launch-integrity/index.rst
> b/Documentation/security/launch-integrity/index.rst
> new file mode 100644
> +++ b/Documentation/security/launch-integrity/index.rst
...
> +This document serves to establish a common understanding of what a system
> +launch is, the integrity concern for system launch, and why using a Root of Trust
> +(RoT) from a Dynamic Launch may be desirable. Throughout this document,
> +terminology from the Trusted Computing Group (TCG) and National Institute for
> +Science and Technology (NIST) is used to ensure that vendor natural language is
> +used to describe and reference security-related concepts.
NIST = National Institute of Standards and Technology
> +Glossary
> +========
> + - NIST CNSSI No. 4009 -
> https://www.cnss.gov/CNSS/issuances/Instructions.cfm
That is not a NIST publication.
CNSS = Committee on National Security Systems.
I = Instruction.
NIST is just a non-voting observer of that committee.
That web site uses a root certificate that is not recognized by most
browsers.
The NIST glossary includes all the CNSSI 4009, NIST SP, and NIST IR
terms, and is more easily accessible (but the entries are subject
to change as the source material changes).
https://csrc.nist.gov/glossary
That currently covers all the terms except "transitive trust"
from TCG.
> + - NIST Special Publication 800-160 (VOLUME 1 ) -
> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160v1.pdf
That's been replaced by v1r1.
The NIST-recommended URL is
https://doi.org/10.6028/NIST.SP.800-160v1r1
> + - NIST SP 800-30 Rev. 1 -
> https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
The NIST-recommended URL is:
https://doi.org/10.6028/NIST.SP.800-30r1
> + - NIST SP 800-57 Part 1 Rev. 5 -
> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
The NIST-recommended URL is:
https://doi.org/10.6028/NIST.SP.800-57pt1r5
> + - NISTIR 8320A -
> https://nvlpubs.nist.gov/nistpubs/ir/2021/NIST.IR.8320A.pdf
The NIST-recommended URL is:
https://doi.org/10.6028/NIST.IR.8320A
Powered by blists - more mailing lists