hannestschofenig
commented
7 months ago This is now Figure 12 in https://datatracker.ietf.org/doc/draft-fossati-tls-attestation/04/ and Section 8.1. Cloud Confidential Computing
Closed muhammad-usama-sardar closed 4 months ago
hannestschofenig
commented
7 months ago This is now Figure 12 in https://datatracker.ietf.org/doc/draft-fossati-tls-attestation/04/ and Section 8.1. Cloud Confidential Computing
The protocol flow is significantly missing the design rationale and description, for example, the following important symbols are not defined in the text:
TIK,CAB,hsandsig. Fig. 8 and its notations are very confusing. Who ownsTIK? The following questions assume it is withAttestation Service.Does
Attestation Servicein Fig. 8 correspond to TEE-hosted confidential workload (e.g., Realm)?Which entity in the CCA model does
Servercorrespond to?Is
sigrepresenting the signature? Clarify in text.Is
hsthe handshake transcript? Clarify in text.Are
CAB,KATandPATas defined in I-D.bft-rats-kat? If yes, then specify in the text.The notation
sign(TIK,hs)is very confusing. Specifically, it is not clear what exactly is sent on the wire. Onlyhsmay be sent in this case to be signed by TIK from Attestation Service.What exactly is
TIK? Is it the Realm ephemeral key? It is unspecified what doesTIKcorrespond to in standard TLS? Is it the DH key-pair or something derived from that? The following statement does not matchsign(TIK,hs)in Fig. 8 where apparently a signing request is sent from Server to the Attestation Service.The precise meaning of
attest_key(nonce,TIK)needs to be clarified. Apparently, only a nonce needs to be forwarded by the Server to the Attestation Service andTIKremains with the Attestation Service only.Some editorial/general comments: