Update security considerations - replay protection and netconf vulnerability

[shwethab]

Security considerations should mention that the nonce exchanged in the RPC for tpm*-challenge-response-attestation is intended for providing freshness, and to prevent replay attacks.

Security considerations also need to mention that this YANG module is intended
to be used over NETCONF (RFC 6241), which is a clear-text protocol. If quote
information modelled according to the BRAT YANG module is served over cleartext
NETCONF, then it is opened up to a Message Modification Attack on the quote
in-transit. Additionally, if NETCONF over SSH is used, quote information may
be spoofed if the SSH key of the device under attestation is compromised such
as in the Asokan Attack (RFC 6813).
It must be noted that this module does not solve these problems.

@Puru Kulkarni https://mailarchive.ietf.org/arch/msg/rats/bxEzxleXX69--KpDO8L_PBJZXtw

[shwethab]

1 . Why do you suggest restricting it to NETCONF? I believe this yang module could be used over RESTCONF or any other transport that is used for carrying yang modelled data.

2. For carrying this data over NETCONF per RFC6241 section 2.2 NETCONF transport MUST provide message integrity, confidentiality and replay protection. So the concern about clear-text hence message modification attack on the quote if NETCONF is used is not valid.

I would prefer to defer the security consideration to be same as whatever transport is used. But we can update the Security consideration section to select a transport of the yang modelled data over a transport that provides data integrity, confidentiality, and replay protection to avoid spoofing of quote information.