Markdown Version | Session Recording

Session Date/Time: 23 Jul 2024 00:30

SUIT

Summary

The SUIT working group session at IETF 120 covered the status of several drafts, including the manifest format, trust domains, firmware encryption, secure reporting, SUIT MUD, SUIT MTI, and update management exchange. Discussions focused on addressing open issues, clarifying ambiguities, and ensuring alignment with existing standards like COAP and URI definitions. Several action items were identified, including updating drafts based on feedback and seeking additional reviews.

Key Discussion Points

• SUIT Manifest: Discussed changes to the draft, including definitions for hash data elision and clarification on URI usage. The group decided to remove the statement that SUIT URIs are UTF8 encoded.
• Trust Domains: The draft is submitted to the IESG for publication and addressed re-keying between fetch and install.
• Firmware Encryption: The draft is submitted to the IESG for publication and depends on the COSE key thumbprint draft.
• Secure Reporting: Akira and chairs committed to reviewing the draft, and the working group will call for consensus shortly thereafter.
• SUIT MUD: Discussed the status of the SUIT MUD draft, which is blocked by the SUIT Manifest. Suggested that the draft can progress independently from the manifest and to notify Roman.
• SUIT MTI: Issues related to algorithm identifiers were addressed, and clarification was provided on the meaning of "mandatory to implement." Discussion on profiles and consistency.
• Update Management Exchange: Seeking additional reviews for the draft, clarified versions of Manifest are included in a dedicated spot.

Decisions and Action Items

• SUIT Manifest:
  • Brendan to remove "UTF8 encoded" from URI definition.
  • Brendan to update install sequence number as discussed during IETF 119, and re-publish.
  • Brendan to notify discuss filers.
• Trust Domains:
  • Dave Thaler to update Shepard write-up, addressing the two TBDs.
• SUIT MUD:
  • Honest to contact Roman about pushing the draft forward.
• SUIT MTI:
  • Brendan to check for typos and ensure algorithm profiles match HSS LMS specifications.
  • Brendan to add commas into the document in order to properly designate the signature algorithm from encryption algorithm.
• Update Management Exchange:
  • Actively seek additional reviewers.

Next Steps

• Chairs to sync up late this week or early next week to coordinate next steps for the drafts.
• All drafts to be updated per action items.
• Continue to seek reviewers for Update Management Exchange.