Markdown Version | Session Recording

Session Date/Time: 20 Mar 2024 23:30

suit

Summary

The SUIT working group meeting at IETF 119 covered the status of several drafts, including the manifest format, extensions for trust domains, firmware encryption, reporting of update status, CoMID MTI, and update management. Key discussion points included addressing ISG review comments, the use of IRIs versus URIs, the potential impact of clustering dependencies, and the introduction of candidate verification sequences. Several drafts are nearing completion and are expected to be submitted to the ISG soon.

Key Discussion Points

• SUIT Manifest Format:
  • Mapping from RFC 9124 requirements to manifest features added.
  • Discussions regarding expert review vs. specification required for IANA considerations.
  • Debate on the use of URI references vs. IRIs for internationalization, with a consensus leaning towards URIs due to implementation issues with IRIs and the machine-readable nature of the URIs in SUIT.
  • Discussion on whether informative references should be changed to normative, particularly regarding security recommendations. The ISG prefers normative references for security aspects and raised concerns regarding clustering dependencies.
  • Discussion on renumbering command sequence keys to accommodate candidate verification between fetch and install, with strong opinions on both sides of the issue.
• SUIT Manifest Extensions for Trust Domains:
  • Delegation chains moved to a new draft in the COZY working group.
  • Candidate verification added to address trust domain transitions between fetch and install, requiring potential renumbering of command sequence keys.
• SUIT Firmware Encryption:
  • Updates to examples generated with Python code and checked for CDDL grammar correctness.
  • Explanation added regarding the need for tiered ranks and the reasons for payload encryption.
  • Restructuring of the document to consolidate examples within the content encryption section.
• SUIT Reporting of Update Status:
  • Capability report now has an entry in the report report.
  • Generic failure reasons added to the suit report for minimal error reporting.
• SUIT COVID MTI:
  • HKDF references for ECDHES removed and replaced with AES key wrap.
• SUIT Update Management:
  • Added more information about semantic versioning,
  • Added semantic versions for the update themselves so that a component can have a single semantic version to represent the whole component set.

Decisions and Action Items

• SUIT Manifest Format:
  • ACTION: Brendan to confirm consensus on the IRI/URI decision on the mailing list.
  • ACTION: Brendan to discuss with ADs regarding normative vs. informative references and clustering.
  • ACTION: Brendan to discuss changing install command key with IAB, with a follow-up WG consensus check.
• SUIT Manifest Extensions for Trust Domains:
  • ACTION: Brendan to correct the number in the slides before uploading.
  • ACTION: Dave Fowler to do the Shepherd write-up after key renumbering is resolved.
• SUIT Firmware Encryption:
  • ACTION: Makara to prepare the shepherd right-up for this draft.
  • ACTION: Confirm with the reviewers, Kir and Russ, that the updates are to their satisfaction on the mailing list.
• SUIT Reporting of Update Status:
  • ACTION: Start working group last call for 3 weeks, ending April 12th.
• SUIT CoMID MTI:
  • ACTION: Karen and Brendan to confer after the meeting on who will do the Shepherd write-up for this draft.
• SUIT Update Management:
  • ACTION: Hank committed to review the draft.
  • ACTION: confirm the existing review on the mailing list.

Next Steps

• Address all outstanding action items.
• Prepare shepherd write-ups for drafts nearing completion.
• Submit drafts to the ISG.
• Continue working group last call for "Reporting of Update Status".
• Acquire more reviews for "Update Management".