From: Jarkko Sakkinen <jarkko@kernel.org>
To: op-tee@lists.trustedfirmware.org
Subject: Re: [PATCH v8 3/4] doc: trusted-encrypted: updates with TEE as a new trust source
Date: Tue, 08 Dec 2020 19:49:06 +0200 [thread overview]
Message-ID: <20201208174906.GA58572@kernel.org> (raw)
In-Reply-To: <ba6cd934bf7460cf6e9fc101a759a63fdd4e6e9b.camel@linux.ibm.com>
[-- Attachment #1: Type: text/plain, Size: 2475 bytes --]
On Tue, Dec 08, 2020 at 10:02:57AM -0500, Mimi Zohar wrote:
> Hi Jarkko,
>
> On Fri, 2020-12-04 at 17:30 +0200, Jarkko Sakkinen wrote:
> > On Wed, Dec 02, 2020 at 02:34:07PM -0500, gmail Elaine Palmer wrote:
> > > Hi Sumit,
> > >
> > > Thank you for the detailed descriptions and examples of trust sources
> > > for Trusted Keys. A group of us in IBM (Stefan Berger, Ken Goldman,
> > > Zhongshu Gu, Nayna Jain, Elaine Palmer, George Wilson, Mimi Zohar)
> > > have been doing related work for quite some time, and we have one
> > > primary concern and some suggested changes to the document.
> > >
> > > Our primary concern is that describing a TEE as a Trust Source needs
> > > to be more specific. For example, "ARM TrustZone" is not sufficient,
> > > but "wolfSSL embedded SSL/TLS library with ARM TrustZone
> > > CryptoCell-310" is. Just because a key is protected by software
> > > running in a TEE is not enough to establish trust. Just like
> > > cryptographic modules, a Trust Source should be defined as a specific
> > > implementation on specific hardware with well-documented environmental
> > > assumptions, dependencies, and threats.
> > >
> > > In addition to the above concern, our suggested changes are inline
> > > below.
> >
> > In order to give a decent review comment it should have two ingredients:
> >
> > - Where the existing line of code / text / whatever goes wrong.
> > - How it should modified and why that makes sense. And use as plain
> > English and non-academic terms as possible, if it is documentation.
> > Further, scope is only the kernel implementation, no more or no
> > less.
> >
> > "do this" is not unfortunately an argument. Feedback is welcome when
> > it is supported by something common sensse.
>
> Even after the code is fully debugged, reviewed and tested, our concern
> is that people will assume the security guarantees of TEE based trusted
> keys to be equivalent to that of a discrete TPM.
>
> >
> > Some meta suggestion of related to email:
> >
> > Please also use a proper email client and split your paragraphs into
> > at most 80 character lines with new line characters when writing email.
> > I prefer to use 72 character line length so that there's some space
> > for longer email threads.
>
> Sure, we'll re-post the suggested documentation changes/additions.
>
> Mimi
So. Wouldn't it be a better idea to post a patch that Sumit could
squash to his (and add co-developed-by tag)?
/Jarkko
next prev parent reply other threads:[~2020-12-08 17:49 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-03 16:01 [PATCH v8 0/4] Introduce TEE based Trusted Keys support Sumit Garg
2020-11-03 16:01 ` [PATCH v8 1/4] KEYS: trusted: Add generic trusted keys framework Sumit Garg
2020-11-24 3:42 ` Jarkko Sakkinen
2021-02-15 13:13 ` Sumit Garg
2021-02-10 17:00 ` Jarkko Sakkinen
2021-02-11 10:34 ` Ahmad Fatoum
2021-02-12 12:22 ` Jarkko Sakkinen
2021-02-15 13:15 ` Sumit Garg
2020-11-03 16:01 ` [PATCH v8 2/4] KEYS: trusted: Introduce TEE based Trusted Keys Sumit Garg
2020-11-24 3:46 ` Jarkko Sakkinen
2021-01-11 16:35 ` Jarkko Sakkinen
2021-01-13 11:17 ` Sumit Garg
2021-01-20 13:36 ` Ahmad Fatoum
2020-11-03 16:01 ` [PATCH v8 3/4] doc: trusted-encrypted: updates with TEE as a new trust source Sumit Garg
2020-12-02 19:34 ` gmail Elaine Palmer
2020-12-04 15:30 ` Jarkko Sakkinen
2020-12-08 15:02 ` Mimi Zohar
2020-12-08 17:49 ` Jarkko Sakkinen [this message]
2020-12-09 16:50 ` Mimi Zohar
2020-12-11 10:36 ` Jarkko Sakkinen
2020-12-11 15:29 ` Mimi Zohar
2020-12-06 18:51 ` Randy Dunlap
2020-12-08 15:55 ` Mimi Zohar
2020-12-08 17:07 ` Mimi Zohar
2020-11-03 16:01 ` [PATCH v8 4/4] MAINTAINERS: Add myself as Trusted Keys co-maintainer Sumit Garg
2020-11-24 3:46 ` Jarkko Sakkinen
2020-11-05 5:07 ` [PATCH v8 0/4] Introduce TEE based Trusted Keys support Jarkko Sakkinen
2020-11-06 9:32 ` Sumit Garg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201208174906.GA58572@kernel.org \
--to=jarkko@kernel.org \
--cc=op-tee@lists.trustedfirmware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox