On 19.07.25 21:21, Eric Rescorla wrote:
On Sat, Jul 19, 2025 at 4:50 AM Thomas Fossati
<thomas.foss...@linaro.org> wrote:
3. The TLS authentication key is within the TEE boundary and, as such,
it’s protected from exfiltration/manipulation.
This last property is expressed, at least partly, via the EA binder,
so I guess it belongs in aTLS.
As I said, it's nowhere near sufficient for the TLS authentication key to
be in the TEE. For instance, there has to be a guarantee that the system
not exfiltrate the traffic keys.
A clarification question: did you mean * the draft should describe such guarantees in the security considerations section? * the draft should describe /mechanisms/ which provide such a guarantee? If the former, sure, we can add this.If the latter, I don't think so. The problem is that we want to focus on protocol design and not eat the lunch of RATS :) In addition to what Thomas already mentioned about "policy", I think what you suggest becomes more of a systems architecture question. We faced a lot of challenges in the work on Intel TDX. Some main challenges in my view include:
* There is a lot of heterogeneity in the architectures (e.g., see Table 1 in [1]). * Specifications of such mechanisms are often incomplete. For example, Intel is not willing to release the specifications even for the researchers. See [2] as concrete evidence. * Specifications that do exist are vague and/or outdated. See [3] as a concrete example. * Specifications are often inconsistent. See Appendix A in [1] as an example. * Specifications exist mostly on websites which keep changing or in "secretly" updated white papers. See my public email [4] to the principal engineer of Intel/chair of Confidential Computing Consortium (CCC) Technical Advisory Council (TAC), which basically didn't change anything and the same thing continues to date.Given the above and based on my 6 years experience with this technology, I definitely do not recommend taking this path for the BoF. Instead, what can be reasonably done is the standardization of the protocol. With RATS and TLS expertise in-house, IETF is very well positioned to do this.
Usama [1] https://ieeexplore.ieee.org/document/10373038[2] https://community.intel.com/t5/Intel-Software-Guard-Extensions/Missing-specification-documents-for-TDX/m-p/1527218
[3] https://community.intel.com/t5/Intel-Software-Guard-Extensions/index-1-in-tdxtcbcomponents/m-p/1520194
[4] https://lists.confidentialcomputing.io/g/attestation/topic/full_transparency_of_intel/99387880
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
