)]}'
{"specs/approved/attestation-interface.rst":[{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"a8b0425a642bc5a5b4a37b997537c070e8d25685","unresolved":true,"context_lines":[{"line_number":331,"context_line":"port which the Keylime agent is listening on. The Ironic controller will save"},{"line_number":332,"context_line":"these variables as ``driver_info\\keylime_agent_uuid``,"},{"line_number":333,"context_line":"``driver_info\\keylime_agent_address``, and"},{"line_number":334,"context_line":"``driver_info\\keylime_agent_port`` for further use. If the conductor does not"},{"line_number":335,"context_line":"receive these credentials cleaning will fail."},{"line_number":336,"context_line":""},{"line_number":337,"context_line":"The allowlist and excludelist will be sent to the verifier by calling the"},{"line_number":338,"context_line":"keylime_tenant cli programatically. Once the verifier has received the"}],"source_content_type":"text/x-rst","patch_set":30,"id":"e397e1dd_6a864ed9","line":335,"range":{"start_line":334,"start_character":59,"end_line":335,"end_character":45},"updated":"2021-07-20 13:43:09.000000000","message":"Huh? I\u0027m not sure this makes sense.","commit_id":"4f97a6ffaa2d3586c96fbd140928ca754de6cf7d"}],"specs/approved/security-interface.rst":[{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"b147e5f3814700c892a1f2fbde627ac8dd068115","unresolved":false,"context_lines":[{"line_number":11,"context_line":"https://storyboard.openstack.org/#!/story/2002713"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"In order to help verify that baremetal nodes are in a trustworthy"},{"line_number":14,"context_line":"state, we are in need of an interface that allows us to take certian"},{"line_number":15,"context_line":"actions or verification steps while proceeding along the state machine."},{"line_number":16,"context_line":""},{"line_number":17,"context_line":"Some of these steps may involve calling an extenal attestation server,"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_4a4c9e74","line":14,"range":{"start_line":14,"start_character":61,"end_line":14,"end_character":68},"updated":"2018-07-16 08:25:05.000000000","message":"typo","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":14,"context_line":"state, we are in need of an interface that allows us to take certian"},{"line_number":15,"context_line":"actions or verification steps while proceeding along the state machine."},{"line_number":16,"context_line":""},{"line_number":17,"context_line":"Some of these steps may involve calling an extenal attestation server,"},{"line_number":18,"context_line":"or executing a special step during cleaning in order to ensure that a"},{"line_number":19,"context_line":"node is owned by the attestation server."},{"line_number":20,"context_line":""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_3fc47e40","line":17,"updated":"2018-07-20 15:07:18.000000000","message":"typo: external","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":6133,"name":"yolanda.robla","email":"yroblamo@redhat.com","username":"yolanda.robla"},"change_message_id":"216a1b467b735f862a3b6c5d3a17ea2e5707d10d","unresolved":false,"context_lines":[{"line_number":24,"context_line":"Problem description"},{"line_number":25,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"Presently, we rely upon a certian level of trust for users that leverage"},{"line_number":28,"context_line":"baremetal resources. While wo do perform cleaning between deployments,"},{"line_number":29,"context_line":"a malicious attacker could potentially modify firmware of attached devices"},{"line_number":30,"context_line":"in ways that may or may not be readibly detectable."}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_75620840","line":27,"range":{"start_line":27,"start_character":26,"end_line":27,"end_character":33},"updated":"2018-06-27 14:42:55.000000000","message":"certain","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":6133,"name":"yolanda.robla","email":"yroblamo@redhat.com","username":"yolanda.robla"},"change_message_id":"216a1b467b735f862a3b6c5d3a17ea2e5707d10d","unresolved":false,"context_lines":[{"line_number":25,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"Presently, we rely upon a certian level of trust for users that leverage"},{"line_number":28,"context_line":"baremetal resources. While wo do perform cleaning between deployments,"},{"line_number":29,"context_line":"a malicious attacker could potentially modify firmware of attached devices"},{"line_number":30,"context_line":"in ways that may or may not be readibly detectable."},{"line_number":31,"context_line":""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_355c907c","line":28,"range":{"start_line":28,"start_character":27,"end_line":28,"end_character":29},"updated":"2018-06-27 14:42:55.000000000","message":"we","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":6133,"name":"yolanda.robla","email":"yroblamo@redhat.com","username":"yolanda.robla"},"change_message_id":"216a1b467b735f862a3b6c5d3a17ea2e5707d10d","unresolved":false,"context_lines":[{"line_number":29,"context_line":"a malicious attacker could potentially modify firmware of attached devices"},{"line_number":30,"context_line":"in ways that may or may not be readibly detectable."},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"The solution that has been proposed for this the use of a measured launch"},{"line_number":33,"context_line":"environments with engagement of Trusted Platform Management modules to help"},{"line_number":34,"context_line":"ensure that the running system profile is exactly as desired or approved,"},{"line_number":35,"context_line":"by the attestation sevice."}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_15ccf432","line":32,"range":{"start_line":32,"start_character":40,"end_line":32,"end_character":44},"updated":"2018-06-27 14:42:55.000000000","message":"is the use","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"b147e5f3814700c892a1f2fbde627ac8dd068115","unresolved":false,"context_lines":[{"line_number":32,"context_line":"The solution that has been proposed for this the use of a measured launch"},{"line_number":33,"context_line":"environments with engagement of Trusted Platform Management modules to help"},{"line_number":34,"context_line":"ensure that the running system profile is exactly as desired or approved,"},{"line_number":35,"context_line":"by the attestation sevice."},{"line_number":36,"context_line":""},{"line_number":37,"context_line":"But from a security standpoint, security is not always about code."},{"line_number":38,"context_line":"Sometimes security is adherence to process."}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_2a97e29e","line":35,"range":{"start_line":35,"start_character":19,"end_line":35,"end_character":25},"updated":"2018-07-16 08:25:05.000000000","message":"typo :)","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":6133,"name":"yolanda.robla","email":"yroblamo@redhat.com","username":"yolanda.robla"},"change_message_id":"216a1b467b735f862a3b6c5d3a17ea2e5707d10d","unresolved":false,"context_lines":[{"line_number":54,"context_line":"when retrieved via the REST API, and will be able to be set as another"},{"line_number":55,"context_line":"interface."},{"line_number":56,"context_line":""},{"line_number":57,"context_line":"Using this security interface, will will then create a simple hook interface"},{"line_number":58,"context_line":"which will map to logical points along the state machine transitions where"},{"line_number":59,"context_line":"we execute pertinant steps, as methods."},{"line_number":60,"context_line":""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_b5f50054","line":57,"range":{"start_line":57,"start_character":31,"end_line":57,"end_character":35},"updated":"2018-06-27 14:42:55.000000000","message":"we will","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":6133,"name":"yolanda.robla","email":"yroblamo@redhat.com","username":"yolanda.robla"},"change_message_id":"216a1b467b735f862a3b6c5d3a17ea2e5707d10d","unresolved":false,"context_lines":[{"line_number":109,"context_line":"Driver API impact"},{"line_number":110,"context_line":"-----------------"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"The security interface methods that would be proposed would consist"},{"line_number":113,"context_line":"of a ``noop`` interface as well as a ``command`` which passes through"},{"line_number":114,"context_line":"the methods to configured parameters, if present in the configuration"},{"line_number":115,"context_line":"file."}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_f557f826","line":112,"range":{"start_line":112,"start_character":0,"end_line":112,"end_character":3},"updated":"2018-06-27 14:42:55.000000000","message":"How is that going to be implemented? Each operator should have to create their own driver for it? Will the hooks have any limitation, or we are giving freedom here? Will we provide some default driver that does real actions there?","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"b147e5f3814700c892a1f2fbde627ac8dd068115","unresolved":false,"context_lines":[{"line_number":109,"context_line":"Driver API impact"},{"line_number":110,"context_line":"-----------------"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"The security interface methods that would be proposed would consist"},{"line_number":113,"context_line":"of a ``noop`` interface as well as a ``command`` which passes through"},{"line_number":114,"context_line":"the methods to configured parameters, if present in the configuration"},{"line_number":115,"context_line":"file."}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_ea79ea81","line":112,"range":{"start_line":112,"start_character":0,"end_line":112,"end_character":3},"in_reply_to":"5f7c97a3_e5b71df8","updated":"2018-07-16 08:25:05.000000000","message":"It would be nice to have an example here, that will help understand how it look like.\nAs I understand it, the attestation service is probably running at a centralized node, so I wonder where is the information stored about the service, will ironic provide such information during node enrollment?","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"4d2017a855cdcb0925516e3dc0d0db3e242b0268","unresolved":false,"context_lines":[{"line_number":109,"context_line":"Driver API impact"},{"line_number":110,"context_line":"-----------------"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"The security interface methods that would be proposed would consist"},{"line_number":113,"context_line":"of a ``noop`` interface as well as a ``command`` which passes through"},{"line_number":114,"context_line":"the methods to configured parameters, if present in the configuration"},{"line_number":115,"context_line":"file."}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_e5b71df8","line":112,"range":{"start_line":112,"start_character":0,"end_line":112,"end_character":3},"in_reply_to":"5f7c97a3_f557f826","updated":"2018-06-28 20:46:08.000000000","message":"The command interface would propose config file parameters which would exec the parameter with a single argument of the node\u0027s UUID, allowing operators to do whatever they would like.\n\nA further step down the road would be more complex integrations.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"6d13343cef7dd235214a929c3b7013447398dd64","unresolved":false,"context_lines":[{"line_number":116,"context_line":""},{"line_number":117,"context_line":"These methods would consist of::"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    def node_enrollment(self, task):"},{"line_number":120,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":121,"context_line":""},{"line_number":122,"context_line":"    def node_deploying(self, task):"}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_0f4ccfc5","line":119,"range":{"start_line":119,"start_character":4,"end_line":119,"end_character":36},"updated":"2018-08-06 06:09:51.000000000","message":"Would these APIs have any return values?","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"aa9349445b3e37ffc457ce7302b204000a18069a","unresolved":false,"context_lines":[{"line_number":116,"context_line":""},{"line_number":117,"context_line":"These methods would consist of::"},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"    def node_enrollment(self, task):"},{"line_number":120,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":121,"context_line":""},{"line_number":122,"context_line":"    def node_deploying(self, task):"}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_ef9b2cc6","line":119,"range":{"start_line":119,"start_character":4,"end_line":119,"end_character":36},"in_reply_to":"3f79a3b5_0f4ccfc5","updated":"2018-08-09 20:45:30.000000000","message":"My thought was it could be default None if the command exits with a return code of 0, if 1 then raise. The idea of all consolidating it down to one method and one call that we just wire in for all state transitions is growing on me.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":120,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":121,"context_line":""},{"line_number":122,"context_line":"    def node_deploying(self, task):"},{"line_number":123,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""},{"line_number":124,"context_line":""},{"line_number":125,"context_line":"    def node_cleaning(self, task):"},{"line_number":126,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_dfbeaaad","line":123,"updated":"2018-07-20 15:07:18.000000000","message":"do we need starting/finishing variants for each of these hooks? I guess \u0027deploying done\u0027 is of particular interest.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"aa9349445b3e37ffc457ce7302b204000a18069a","unresolved":false,"context_lines":[{"line_number":120,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":121,"context_line":""},{"line_number":122,"context_line":"    def node_deploying(self, task):"},{"line_number":123,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""},{"line_number":124,"context_line":""},{"line_number":125,"context_line":"    def node_cleaning(self, task):"},{"line_number":126,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_4fb4a035","line":123,"in_reply_to":"5f7c97a3_9e890172","updated":"2018-08-09 20:45:30.000000000","message":"I don\u0027t think so. I think it would be only \"we have reached this point\" calls.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":26340,"name":"Ilya Etingof","email":"etingof@gmail.com","username":"etingof"},"change_message_id":"b17f99d0a43bfef1ca22bf2248e13a4e536fc472","unresolved":false,"context_lines":[{"line_number":120,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":121,"context_line":""},{"line_number":122,"context_line":"    def node_deploying(self, task):"},{"line_number":123,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""},{"line_number":124,"context_line":""},{"line_number":125,"context_line":"    def node_cleaning(self, task):"},{"line_number":126,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_9e890172","line":123,"in_reply_to":"5f7c97a3_dfbeaaad","updated":"2018-08-02 15:26:21.000000000","message":"Does conductor know reliably that the deployment it done?","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":126,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""},{"line_number":127,"context_line":""},{"line_number":128,"context_line":"    def node_deleting(self, task):"},{"line_number":129,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":130,"context_line":""},{"line_number":131,"context_line":"    def validate(self, task):"},{"line_number":132,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_ffb926c4","line":129,"updated":"2018-07-20 15:07:18.000000000","message":"inspecting too?\n\nwhy not just make a hook called on any state transition?\n\n def node_transition(self, task, new_state, previous_state)","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"6d13343cef7dd235214a929c3b7013447398dd64","unresolved":false,"context_lines":[{"line_number":126,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""},{"line_number":127,"context_line":""},{"line_number":128,"context_line":"    def node_deleting(self, task):"},{"line_number":129,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":130,"context_line":""},{"line_number":131,"context_line":"    def validate(self, task):"},{"line_number":132,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_ef75d3fb","line":129,"in_reply_to":"5f7c97a3_ffb926c4","updated":"2018-08-06 06:09:51.000000000","message":"+1","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"6d13343cef7dd235214a929c3b7013447398dd64","unresolved":false,"context_lines":[{"line_number":129,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":130,"context_line":""},{"line_number":131,"context_line":"    def validate(self, task):"},{"line_number":132,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""},{"line_number":133,"context_line":""},{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_8fbc5f6a","line":132,"range":{"start_line":132,"start_character":8,"end_line":132,"end_character":54},"updated":"2018-08-06 06:09:51.000000000","message":"We normally perform the interface level validation using \u0027validate\u0027 method. Should we name this method differently to perform the operation of returning \"security state of the node\"?","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"aa9349445b3e37ffc457ce7302b204000a18069a","unresolved":false,"context_lines":[{"line_number":129,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":130,"context_line":""},{"line_number":131,"context_line":"    def validate(self, task):"},{"line_number":132,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""},{"line_number":133,"context_line":""},{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_1c1ee46f","line":132,"range":{"start_line":132,"start_character":8,"end_line":132,"end_character":54},"in_reply_to":"3f79a3b5_8fbc5f6a","updated":"2018-08-09 20:45:30.000000000","message":"I guess I was thinking it could still operate the same and be used as a validate, and would be useful to raise that to users... Hmm.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":132,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""},{"line_number":133,"context_line":""},{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"Nova driver impact"},{"line_number":138,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_9fda721a","line":135,"updated":"2018-07-20 15:07:18.000000000","message":"we can make it a bit more generic and extend the configuration with something like\n\n [security]\n command \u003d something-something {node.uuid} {node.provision_state}\n\n(using standard python\u0027s format method and passing the whole node)","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"aa9349445b3e37ffc457ce7302b204000a18069a","unresolved":false,"context_lines":[{"line_number":132,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""},{"line_number":133,"context_line":""},{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"Nova driver impact"},{"line_number":138,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":3,"id":"3f79a3b5_2f3604e8","line":135,"in_reply_to":"5f7c97a3_9fda721a","updated":"2018-08-09 20:45:30.000000000","message":"That could work. Although I could see someone wanting to create a non-command vendory interface. I guess it could be re-used...","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":156,"context_line":""},{"line_number":157,"context_line":".. todo:"},{"line_number":158,"context_line":"   To consider: should we enable multiple arguments. Realistically operators"},{"line_number":159,"context_line":"   with a command interface may need to do all sorts of actions."},{"line_number":160,"context_line":""},{"line_number":161,"context_line":".. todo:"},{"line_number":162,"context_line":"   Another consideration is would an operator prefer to have commands"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_bfddee13","line":159,"updated":"2018-07-20 15:07:18.000000000","message":"see above","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":161,"context_line":".. todo:"},{"line_number":162,"context_line":"   Another consideration is would an operator prefer to have commands"},{"line_number":163,"context_line":"   rootwrapped... or we could just let the operator do it themselves..."},{"line_number":164,"context_line":"   which is the idea behind this."},{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Other end user impact"},{"line_number":167,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_5fe05acb","line":164,"updated":"2018-07-20 15:07:18.000000000","message":"let it be their problem, I guess.. some may use a suid program.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"e41ce1295a1fde5a6598289e698e58381284c4ea","unresolved":false,"context_lines":[{"line_number":179,"context_line":"An additional external process execution would occur with the ``command``"},{"line_number":180,"context_line":"security interface, which will have scalability impact for those that"},{"line_number":181,"context_line":"utilize that interface. Documentation should encourage Python native"},{"line_number":182,"context_line":"modules as opposed to the ``command`` interface."},{"line_number":183,"context_line":""},{"line_number":184,"context_line":"Other deployer impact"},{"line_number":185,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_7fe3d6d7","line":182,"updated":"2018-07-20 15:07:18.000000000","message":"/me wonders if we can run it without waiting for its result. at least by default.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":6133,"name":"yolanda.robla","email":"yroblamo@redhat.com","username":"yolanda.robla"},"change_message_id":"216a1b467b735f862a3b6c5d3a17ea2e5707d10d","unresolved":false,"context_lines":[{"line_number":207,"context_line":"Work Items"},{"line_number":208,"context_line":"----------"},{"line_number":209,"context_line":""},{"line_number":210,"context_line":"* Add ``storage_interface`` database field."},{"line_number":211,"context_line":"* Implement base interface addition"},{"line_number":212,"context_line":"* Implement ``noop`` and ``command`` interfaces."},{"line_number":213,"context_line":"* Add node RPC object field"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_b578a0c1","line":210,"range":{"start_line":210,"start_character":8,"end_line":210,"end_character":25},"updated":"2018-06-27 14:42:55.000000000","message":"security_interface","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"4d2017a855cdcb0925516e3dc0d0db3e242b0268","unresolved":false,"context_lines":[{"line_number":207,"context_line":"Work Items"},{"line_number":208,"context_line":"----------"},{"line_number":209,"context_line":""},{"line_number":210,"context_line":"* Add ``storage_interface`` database field."},{"line_number":211,"context_line":"* Implement base interface addition"},{"line_number":212,"context_line":"* Implement ``noop`` and ``command`` interfaces."},{"line_number":213,"context_line":"* Add node RPC object field"}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_a5a605c0","line":210,"range":{"start_line":210,"start_character":8,"end_line":210,"end_character":25},"in_reply_to":"5f7c97a3_b578a0c1","updated":"2018-06-28 20:46:08.000000000","message":"lol! I\u0027ll fix.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"b147e5f3814700c892a1f2fbde627ac8dd068115","unresolved":false,"context_lines":[{"line_number":212,"context_line":"* Implement ``noop`` and ``command`` interfaces."},{"line_number":213,"context_line":"* Add node RPC object field"},{"line_number":214,"context_line":"* Add API support and microversion."},{"line_number":215,"context_line":""},{"line_number":216,"context_line":"Dependencies"},{"line_number":217,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":218,"context_line":""}],"source_content_type":"text/x-rst","patch_set":3,"id":"5f7c97a3_3e808449","line":215,"updated":"2018-07-16 08:25:05.000000000","message":"a client patch is also needed.","commit_id":"769fe54999fdd220f34506e017b8558fbd5a3419"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"efe759c0da604e2d9a85f87a88a227ba5df3365a","unresolved":false,"context_lines":[{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"Eventually we would like to offer a \u0027Keylime\u0027 driver and interface"},{"line_number":138,"context_line":"to provide attestation through the Keylime verifier. Configuration for"},{"line_number":139,"context_line":"contacting the Keylime verifier would be passed through the config"},{"line_number":140,"context_line":"file. The first step is to have a node enrolled with the verifier."}],"source_content_type":"text/x-rst","patch_set":5,"id":"9f560f44_691d0372","line":137,"updated":"2020-09-23 16:18:29.000000000","message":"Why not concentrate on the keylime driver rather than a generic one? I guess it could be easier than inventing a future-proof interface.","commit_id":"2ce7df4cbbece9fac09648080ea92d38dd163c23"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fe72bb86a2600219c9472b1108822d368b3a69d2","unresolved":false,"context_lines":[{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"Eventually we would like to offer a \u0027Keylime\u0027 driver and interface"},{"line_number":138,"context_line":"to provide attestation through the Keylime verifier. Configuration for"},{"line_number":139,"context_line":"contacting the Keylime verifier would be passed through the config"},{"line_number":140,"context_line":"file. The first step is to have a node enrolled with the verifier."}],"source_content_type":"text/x-rst","patch_set":5,"id":"9f560f44_e4677a50","line":137,"in_reply_to":"9f560f44_691d0372","updated":"2020-09-23 16:50:33.000000000","message":"A Keylime driver and interface spec is being worked on, but this piece of work needed to be specified first.","commit_id":"2ce7df4cbbece9fac09648080ea92d38dd163c23"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"edbe06fc968c380a92c7902767117a976dc0c555","unresolved":false,"context_lines":[{"line_number":134,"context_line":"For the ``command`` security interface, each method would pass a single"},{"line_number":135,"context_line":"argument of the UUID of the node being acted upon."},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"Eventually we would like to offer a \u0027Keylime\u0027 driver and interface"},{"line_number":138,"context_line":"to provide attestation through the Keylime verifier. Configuration for"},{"line_number":139,"context_line":"contacting the Keylime verifier would be passed through the config"},{"line_number":140,"context_line":"file. The first step is to have a node enrolled with the verifier."}],"source_content_type":"text/x-rst","patch_set":5,"id":"9f560f44_60b668fc","line":137,"in_reply_to":"9f560f44_691d0372","updated":"2020-09-28 16:16:41.000000000","message":"Nevermind I understand now and I\u0027d agree. Thanks for your comment!","commit_id":"2ce7df4cbbece9fac09648080ea92d38dd163c23"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"faf46b1023ac956ea202b6e741bb6f699bd4dcae","unresolved":false,"context_lines":[{"line_number":123,"context_line":"    def node_cleaning(self, task):"},{"line_number":124,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""},{"line_number":125,"context_line":""},{"line_number":126,"context_line":"    def node_deleting(self, task):"},{"line_number":127,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"    def validate(self, task):"},{"line_number":130,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_ca8026a0","line":127,"range":{"start_line":126,"start_character":4,"end_line":127,"end_character":71},"updated":"2020-09-29 09:49:34.000000000","message":"Does the node_* methods raise exception if the security system returns failure. Will the underlying tasks like cleaning, deploying would be failed if security system returns failure?","commit_id":"2a0c938bff7f38f4aa81a94e2aa510c6077b8007"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"90b50b5ef498eef47390b16d32e2e3b795886886","unresolved":false,"context_lines":[{"line_number":123,"context_line":"    def node_cleaning(self, task):"},{"line_number":124,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""},{"line_number":125,"context_line":""},{"line_number":126,"context_line":"    def node_deleting(self, task):"},{"line_number":127,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"    def validate(self, task):"},{"line_number":130,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_589b47c7","line":127,"range":{"start_line":126,"start_character":4,"end_line":127,"end_character":71},"in_reply_to":"9f560f44_ca8026a0","updated":"2020-09-29 17:21:35.000000000","message":"These methods would be called along different points of the node\u0027s lifecycle. So a failure at some of these different points would halt the rest of the chain.","commit_id":"2a0c938bff7f38f4aa81a94e2aa510c6077b8007"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"faf46b1023ac956ea202b6e741bb6f699bd4dcae","unresolved":false,"context_lines":[{"line_number":126,"context_line":"    def node_deleting(self, task):"},{"line_number":127,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"    def validate(self, task):"},{"line_number":130,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"Eventually we would like to offer a \u0027Keylime\u0027 driver and interface"},{"line_number":133,"context_line":"to provide attestation through the Keylime verifier. Configuration for"}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_2f461452","line":130,"range":{"start_line":129,"start_character":0,"end_line":130,"end_character":54},"updated":"2020-09-29 09:49:34.000000000","message":"How will it collect the security state? Or Is it a method that would be called by attestation server? \n\nDoes this interface require a method that could be called by security system periodically to attest? \n\nHow is this going to get used? Probably we need to name it as node_validate() as validate() is a standard method to validate the required properties of the interface.","commit_id":"2a0c938bff7f38f4aa81a94e2aa510c6077b8007"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"90b50b5ef498eef47390b16d32e2e3b795886886","unresolved":false,"context_lines":[{"line_number":126,"context_line":"    def node_deleting(self, task):"},{"line_number":127,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"    def validate(self, task):"},{"line_number":130,"context_line":"        \"\"\"Validate the security state of the node.\"\"\""},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"Eventually we would like to offer a \u0027Keylime\u0027 driver and interface"},{"line_number":133,"context_line":"to provide attestation through the Keylime verifier. Configuration for"}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_3ee2bb31","line":130,"range":{"start_line":129,"start_character":0,"end_line":130,"end_character":54},"in_reply_to":"9f560f44_2f461452","updated":"2020-09-29 17:21:35.000000000","message":"On further thought, this method isn\u0027t actually needed and will be removed.","commit_id":"2a0c938bff7f38f4aa81a94e2aa510c6077b8007"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"faf46b1023ac956ea202b6e741bb6f699bd4dcae","unresolved":false,"context_lines":[{"line_number":153,"context_line":"Security impact"},{"line_number":154,"context_line":"---------------"},{"line_number":155,"context_line":""},{"line_number":156,"context_line":"No security impact is anticipated. The ``command`` security interface"},{"line_number":157,"context_line":"will only pass the UUID of the node, and the responsibility is upon any"},{"line_number":158,"context_line":"operator configured external tooling to handle secure credential storage"},{"line_number":159,"context_line":"and retrieval."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_e5d55dba","line":156,"range":{"start_line":156,"start_character":39,"end_line":156,"end_character":69},"updated":"2020-09-29 09:49:34.000000000","message":"What is ``command`` security interface ?","commit_id":"2a0c938bff7f38f4aa81a94e2aa510c6077b8007"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"90b50b5ef498eef47390b16d32e2e3b795886886","unresolved":false,"context_lines":[{"line_number":153,"context_line":"Security impact"},{"line_number":154,"context_line":"---------------"},{"line_number":155,"context_line":""},{"line_number":156,"context_line":"No security impact is anticipated. The ``command`` security interface"},{"line_number":157,"context_line":"will only pass the UUID of the node, and the responsibility is upon any"},{"line_number":158,"context_line":"operator configured external tooling to handle secure credential storage"},{"line_number":159,"context_line":"and retrieval."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_dd4d89c6","line":156,"range":{"start_line":156,"start_character":39,"end_line":156,"end_character":69},"in_reply_to":"9f560f44_e5d55dba","updated":"2020-09-29 17:21:35.000000000","message":"My bad. The command interface is a scrapped idea and this is just a piece of the spec which I forgot to remove.","commit_id":"2a0c938bff7f38f4aa81a94e2aa510c6077b8007"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"db22281ca714486041934a7733bcb864f4f5ac6b","unresolved":false,"context_lines":[{"line_number":114,"context_line":""},{"line_number":115,"context_line":"These methods would consist of::"},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"    def node_enrollment(self, task):"},{"line_number":118,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"    def node_deploying(self, task):"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_7e0a291e","line":117,"updated":"2020-10-05 13:24:31.000000000","message":"nit: maybe my personal thing, but I\u0027d call these \"on_enrollment\" or \"on_node_enrollment\"","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"07916c0fb1e80ce4113af48044a604c13a39fe7d","unresolved":false,"context_lines":[{"line_number":114,"context_line":""},{"line_number":115,"context_line":"These methods would consist of::"},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"    def node_enrollment(self, task):"},{"line_number":118,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"    def node_deploying(self, task):"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_182caa48","line":117,"in_reply_to":"9f560f44_7e0a291e","updated":"2020-10-08 14:21:39.000000000","message":"Talking with Julia and working on the Keylime spec, we\u0027ve decided to completely redo the methods for the security_interface to be more focused on orchestration of an attestation service. This approach provides more flexibility to operators and doesn\u0027t bog Ironic down with the specifics of any one particular security approach as much.","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"db22281ca714486041934a7733bcb864f4f5ac6b","unresolved":false,"context_lines":[{"line_number":115,"context_line":"These methods would consist of::"},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"    def node_enrollment(self, task):"},{"line_number":118,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"    def node_deploying(self, task):"},{"line_number":121,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_de19b57a","line":118,"updated":"2020-10-05 13:24:31.000000000","message":"What do we do if this fails? Is this run synchronously during enrollment, so that we can report failure?","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"07916c0fb1e80ce4113af48044a604c13a39fe7d","unresolved":false,"context_lines":[{"line_number":115,"context_line":"These methods would consist of::"},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"    def node_enrollment(self, task):"},{"line_number":118,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"    def node_deploying(self, task):"},{"line_number":121,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_98e43a10","line":118,"in_reply_to":"9f560f44_de19b57a","updated":"2020-10-08 14:21:39.000000000","message":"Same as above","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"db22281ca714486041934a7733bcb864f4f5ac6b","unresolved":false,"context_lines":[{"line_number":118,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"    def node_deploying(self, task):"},{"line_number":121,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""},{"line_number":122,"context_line":""},{"line_number":123,"context_line":"    def node_cleaning(self, task):"},{"line_number":124,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_be14c142","line":121,"updated":"2020-10-05 13:24:31.000000000","message":"At which point is this run, right before the deployment?","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"07916c0fb1e80ce4113af48044a604c13a39fe7d","unresolved":false,"context_lines":[{"line_number":118,"context_line":"        \"\"\"Informs the security system that a node has been enrolled.\"\"\""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"    def node_deploying(self, task):"},{"line_number":121,"context_line":"        \"\"\"Informs the security system that a node is deploying.\"\"\""},{"line_number":122,"context_line":""},{"line_number":123,"context_line":"    def node_cleaning(self, task):"},{"line_number":124,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_d8ea32d7","line":121,"in_reply_to":"9f560f44_be14c142","updated":"2020-10-08 14:21:39.000000000","message":"Same as above","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"db22281ca714486041934a7733bcb864f4f5ac6b","unresolved":false,"context_lines":[{"line_number":124,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""},{"line_number":125,"context_line":""},{"line_number":126,"context_line":"    def node_deleting(self, task):"},{"line_number":127,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"These methods will exist along different points in a node\u0027s lifecyle."},{"line_number":130,"context_line":"These calls will raise an error on failure and Ironic will act"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_1e25edae","line":127,"updated":"2020-10-05 13:24:31.000000000","message":"I guess we cannot raise errors here or?","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"07916c0fb1e80ce4113af48044a604c13a39fe7d","unresolved":false,"context_lines":[{"line_number":124,"context_line":"        \"\"\"Informs the security system that a node is cleaning.\"\"\""},{"line_number":125,"context_line":""},{"line_number":126,"context_line":"    def node_deleting(self, task):"},{"line_number":127,"context_line":"        \"\"\"Informs the security system that a node is being removed.\"\"\""},{"line_number":128,"context_line":""},{"line_number":129,"context_line":"These methods will exist along different points in a node\u0027s lifecyle."},{"line_number":130,"context_line":"These calls will raise an error on failure and Ironic will act"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_b8e77e0f","line":127,"in_reply_to":"9f560f44_1e25edae","updated":"2020-10-08 14:21:39.000000000","message":"Same as above","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"db22281ca714486041934a7733bcb864f4f5ac6b","unresolved":false,"context_lines":[{"line_number":136,"context_line":"file. The first step is to have a node enrolled with the verifier."},{"line_number":137,"context_line":"Following this, an attestation call to the Keylime verifier can be"},{"line_number":138,"context_line":"made at any state in the node\u0027s lifecycle, and so the interface"},{"line_number":139,"context_line":"will be flexible enough to be called in their respective states."},{"line_number":140,"context_line":""},{"line_number":141,"context_line":""},{"line_number":142,"context_line":"Nova driver impact"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_fe2759b4","line":139,"updated":"2020-10-05 13:24:31.000000000","message":"Honestly, I\u0027d expand the scope of this spec to include the said keylime driver. It\u0027s hard to review an interface without understanding how it will be used.","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"07916c0fb1e80ce4113af48044a604c13a39fe7d","unresolved":false,"context_lines":[{"line_number":136,"context_line":"file. The first step is to have a node enrolled with the verifier."},{"line_number":137,"context_line":"Following this, an attestation call to the Keylime verifier can be"},{"line_number":138,"context_line":"made at any state in the node\u0027s lifecycle, and so the interface"},{"line_number":139,"context_line":"will be flexible enough to be called in their respective states."},{"line_number":140,"context_line":""},{"line_number":141,"context_line":""},{"line_number":142,"context_line":"Nova driver impact"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_38dc0e44","line":139,"in_reply_to":"9f560f44_fe2759b4","updated":"2020-10-08 14:21:39.000000000","message":"Thats understandable. I had been working on the Keylime spec but the further along in that spec I get the more I find myself revisiting and reconsidering specifics in this spec.","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"db22281ca714486041934a7733bcb864f4f5ac6b","unresolved":false,"context_lines":[{"line_number":175,"context_line":"---------------------"},{"line_number":176,"context_line":""},{"line_number":177,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":178,"context_line":"will map to a ``noop`` interface."},{"line_number":179,"context_line":""},{"line_number":180,"context_line":"Developer impact"},{"line_number":181,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_5e1f655a","line":178,"updated":"2020-10-05 13:24:31.000000000","message":"nit: we call these \"no-security\", although I do agree that it sounds scary :)","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"07916c0fb1e80ce4113af48044a604c13a39fe7d","unresolved":false,"context_lines":[{"line_number":175,"context_line":"---------------------"},{"line_number":176,"context_line":""},{"line_number":177,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":178,"context_line":"will map to a ``noop`` interface."},{"line_number":179,"context_line":""},{"line_number":180,"context_line":"Developer impact"},{"line_number":181,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":8,"id":"9f560f44_b84bfe25","line":178,"in_reply_to":"9f560f44_5e1f655a","updated":"2020-10-08 14:21:39.000000000","message":"Fixed. Thanks for pointing this out.","commit_id":"5521608f1612dd989e9bfb229f0b336373750df1"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":42,"context_line":"three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The verifier and registrar"},{"line_number":43,"context_line":"run on machines external to the Ironic workflow. Ironic will only need to worry about knowing"},{"line_number":44,"context_line":"how to contact these machines. The agent will need to run on the node we are trying to attest"},{"line_number":45,"context_line":"and be passed configuration options."},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"So a logical first step is to provide the ability for additional processes"},{"line_number":48,"context_line":"to be executed along the workflow that are security centric logical points"}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_94b067de","line":45,"updated":"2020-10-10 13:59:19.000000000","message":"please wrap this paragraph into 79 chars to make linting pass.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":42,"context_line":"three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The verifier and registrar"},{"line_number":43,"context_line":"run on machines external to the Ironic workflow. Ironic will only need to worry about knowing"},{"line_number":44,"context_line":"how to contact these machines. The agent will need to run on the node we are trying to attest"},{"line_number":45,"context_line":"and be passed configuration options."},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"So a logical first step is to provide the ability for additional processes"},{"line_number":48,"context_line":"to be executed along the workflow that are security centric logical points"}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_3704674a","line":45,"in_reply_to":"9f560f44_94b067de","updated":"2020-10-27 19:07:12.000000000","message":"ack","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":56,"context_line":""},{"line_number":57,"context_line":"The third step is to build a hardware manager for the Ironic Python Agent which communicates"},{"line_number":58,"context_line":"with the registrar and verifier. The manager would trigger attestations at certain points along"},{"line_number":59,"context_line":"the node\u0027s workflow ex) during the boot process."},{"line_number":60,"context_line":""},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"Proposed change"}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_34bfdbab","line":59,"updated":"2020-10-10 13:59:19.000000000","message":"This indicates the IPA would be in the same network with registrar and verifier, but I think typically they are in the management network in the multitenant scenario.\nI was involving keylime for a short period, the initial thought was to integrate keylime-agent into IPA, ironic will orchestrate the whole process, and maybe a deployment step.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":56,"context_line":""},{"line_number":57,"context_line":"The third step is to build a hardware manager for the Ironic Python Agent which communicates"},{"line_number":58,"context_line":"with the registrar and verifier. The manager would trigger attestations at certain points along"},{"line_number":59,"context_line":"the node\u0027s workflow ex) during the boot process."},{"line_number":60,"context_line":""},{"line_number":61,"context_line":""},{"line_number":62,"context_line":"Proposed change"}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_c82bd42d","line":59,"in_reply_to":"9f560f44_34bfdbab","updated":"2020-10-27 19:07:12.000000000","message":"This piece is a bit inaccurate. It should be that the manager talks to the Keylime agent on the node, and the agent talks to the verifier. Regardless, I don\u0027t believe there is any way for the Keylime agent to work if the node is not in the same network as the verifier. Being in the management network should not matter? It would be added to the documentation that operators must ensure the verifier is in the same network.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":81,"context_line":"Keylime Interface"},{"line_number":82,"context_line":"Implement a keylime interface which inherits the security interface."},{"line_number":83,"context_line":"This interface defaults to a keylime driver and makes calls to it in order to attest the security of the nodes by keylime."},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"Keylime Hardware Manager"},{"line_number":86,"context_line":"A piece of code which will call Keylime agent code given configuration information from the controller. These Keylime"},{"line_number":87,"context_line":"packages would be included as part of the IPA image."}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_94fea767","line":84,"updated":"2020-10-10 13:59:19.000000000","message":"Could you elaborate the difference with Keylime Driver and Keylime Interface and what they are responsible for?","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":81,"context_line":"Keylime Interface"},{"line_number":82,"context_line":"Implement a keylime interface which inherits the security interface."},{"line_number":83,"context_line":"This interface defaults to a keylime driver and makes calls to it in order to attest the security of the nodes by keylime."},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"Keylime Hardware Manager"},{"line_number":86,"context_line":"A piece of code which will call Keylime agent code given configuration information from the controller. These Keylime"},{"line_number":87,"context_line":"packages would be included as part of the IPA image."}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_c8f634fa","line":84,"in_reply_to":"9f560f44_94fea767","updated":"2020-10-27 19:07:12.000000000","message":"On thinking about this, with the way this draft has evolved I\u0027m beginning to think that there is no need for the driver itself. It seems more logical to just have it so any generic hardware type supports the Keylime interface.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":83,"context_line":"This interface defaults to a keylime driver and makes calls to it in order to attest the security of the nodes by keylime."},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"Keylime Hardware Manager"},{"line_number":86,"context_line":"A piece of code which will call Keylime agent code given configuration information from the controller. These Keylime"},{"line_number":87,"context_line":"packages would be included as part of the IPA image."},{"line_number":88,"context_line":""},{"line_number":89,"context_line":"Alternatives"}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_d4f3ff9d","line":86,"range":{"start_line":86,"start_character":92,"end_line":86,"end_character":102},"updated":"2020-10-10 13:59:19.000000000","message":"I guess it means ironic here? but not quite sure.\nAlso, if we integrate hardware manager with agent, I am guessing it\u0027s used for doing in-band attestation, how the interaction looks like, could you provide more details here?","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":83,"context_line":"This interface defaults to a keylime driver and makes calls to it in order to attest the security of the nodes by keylime."},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"Keylime Hardware Manager"},{"line_number":86,"context_line":"A piece of code which will call Keylime agent code given configuration information from the controller. These Keylime"},{"line_number":87,"context_line":"packages would be included as part of the IPA image."},{"line_number":88,"context_line":""},{"line_number":89,"context_line":"Alternatives"}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_747376b2","line":86,"range":{"start_line":86,"start_character":92,"end_line":86,"end_character":102},"in_reply_to":"9f560f44_d4f3ff9d","updated":"2020-10-27 19:07:12.000000000","message":"yeah this was worded poorly. The idea is a hardware manager in the IPA which helps with configuring the Keylime agent on startup. Once setup, the attestation process is going to be between the verifier and agent. The ipa hardware manager and the controller do not need to do anything else at that point. The controller can go to the verifier to get the latest security status and act from there. I\u0027m not sure what steps will be taken or by whom on an attestation failure however.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":107,"context_line":""},{"line_number":108,"context_line":"No impact to the state machine is expected. All calls to the new interface\u0027s"},{"line_number":109,"context_line":"methods will take place in existing workflows driven by the state machine."},{"line_number":110,"context_line":""},{"line_number":111,"context_line":"REST API impact"},{"line_number":112,"context_line":"---------------"},{"line_number":113,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_d4381f3c","line":110,"updated":"2020-10-10 13:59:19.000000000","message":"do we take action during state transision based on the result of attestation report?","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":107,"context_line":""},{"line_number":108,"context_line":"No impact to the state machine is expected. All calls to the new interface\u0027s"},{"line_number":109,"context_line":"methods will take place in existing workflows driven by the state machine."},{"line_number":110,"context_line":""},{"line_number":111,"context_line":"REST API impact"},{"line_number":112,"context_line":"---------------"},{"line_number":113,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_d4dc0a76","line":110,"in_reply_to":"9f560f44_d4381f3c","updated":"2020-10-27 19:07:12.000000000","message":"I think we would want to take action immediately. Though it seems like it could break the state machine if that were the case.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":165,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":166,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":167,"context_line":"for the security interface, and fail if the validation is not successful."},{"line_number":168,"context_line":""},{"line_number":169,"context_line":"Ramdisk impact"},{"line_number":170,"context_line":"--------------"},{"line_number":171,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_5416cfa8","line":168,"updated":"2020-10-10 13:59:19.000000000","message":"It seems the security validation is a process to get attestation result for the verifier, so I wonder when and how do we get the initial result?","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":165,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":166,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":167,"context_line":"for the security interface, and fail if the validation is not successful."},{"line_number":168,"context_line":""},{"line_number":169,"context_line":"Ramdisk impact"},{"line_number":170,"context_line":"--------------"},{"line_number":171,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_94cc52bd","line":168,"in_reply_to":"9f560f44_5416cfa8","updated":"2020-10-27 19:07:12.000000000","message":"Unless I am misunderstanding, Julia mentioned something about doing attestation before the first heartbeat. This way one we receive the heartbeat we know we can immediately perform a check.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":169,"context_line":"Ramdisk impact"},{"line_number":170,"context_line":"--------------"},{"line_number":171,"context_line":""},{"line_number":172,"context_line":"None"},{"line_number":173,"context_line":""},{"line_number":174,"context_line":"Security impact"},{"line_number":175,"context_line":"---------------"}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_b4e00bcd","line":172,"updated":"2020-10-10 13:59:19.000000000","message":"it appears ramdisk needs to be enhanced.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":169,"context_line":"Ramdisk impact"},{"line_number":170,"context_line":"--------------"},{"line_number":171,"context_line":""},{"line_number":172,"context_line":"None"},{"line_number":173,"context_line":""},{"line_number":174,"context_line":"Security impact"},{"line_number":175,"context_line":"---------------"}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_f4bae607","line":172,"in_reply_to":"9f560f44_b4e00bcd","updated":"2020-10-27 19:07:12.000000000","message":"yeah this is where we should mention the Keylime agent being included.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":196,"context_line":""},{"line_number":197,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":198,"context_line":"will map to a ``no-security`` interface."},{"line_number":199,"context_line":""},{"line_number":200,"context_line":"Developer impact"},{"line_number":201,"context_line":"----------------"},{"line_number":202,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_341b5bcb","line":199,"updated":"2020-10-10 13:59:19.000000000","message":"we will need configuration options for the keylime security interface to interact with the verifier, e.g., the server address and port, and probably the certificate.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a471088051709040543bbfdd9c87c8d0a5041c7b","unresolved":false,"context_lines":[{"line_number":196,"context_line":""},{"line_number":197,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":198,"context_line":"will map to a ``no-security`` interface."},{"line_number":199,"context_line":""},{"line_number":200,"context_line":"Developer impact"},{"line_number":201,"context_line":"----------------"},{"line_number":202,"context_line":""}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_343a9e97","line":199,"in_reply_to":"9f560f44_341b5bcb","updated":"2020-10-27 19:07:12.000000000","message":"Yes correct. Thank you for pointing this out.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"1fdabcf1ffd889df37b8d7c65102b0e1027090e1","unresolved":false,"context_lines":[{"line_number":247,"context_line":"Documentation Impact"},{"line_number":248,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":249,"context_line":""},{"line_number":250,"context_line":"None"},{"line_number":251,"context_line":""},{"line_number":252,"context_line":"References"},{"line_number":253,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":9,"id":"9f560f44_143f3722","line":250,"updated":"2020-10-10 13:59:19.000000000","message":"keylime verifier and registra are beyond ironic, it would be good to have documentation update on how users can put it into practice.","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"44ee4c0f9fb2c9f6d43b86756b41df2c039a57dd","unresolved":false,"context_lines":[{"line_number":247,"context_line":"Documentation Impact"},{"line_number":248,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":249,"context_line":""},{"line_number":250,"context_line":"None"},{"line_number":251,"context_line":""},{"line_number":252,"context_line":"References"},{"line_number":253,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":9,"id":"3f65232a_1455e2c6","line":250,"in_reply_to":"9f560f44_143f3722","updated":"2020-10-27 19:08:09.000000000","message":"Will do. Thank you","commit_id":"a36271f95c99c3d1bd7eabd32af5a9ca76465f68"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":65,"context_line":""},{"line_number":66,"context_line":"Proposed change"},{"line_number":67,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":68,"context_line":"Security Interface"},{"line_number":69,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"},{"line_number":70,"context_line":"which maps to a `task.node.driver.security` interface, along with the other"},{"line_number":71,"context_line":"standard configuration parameters and defaults behavior that exists with"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_32f4b95b","line":68,"updated":"2020-10-28 16:58:14.000000000","message":"nit: if you intended this as a heading, it\u0027s not one (same below), use\n\n Security Interface\n ------------------","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":65,"context_line":""},{"line_number":66,"context_line":"Proposed change"},{"line_number":67,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":68,"context_line":"Security Interface"},{"line_number":69,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"},{"line_number":70,"context_line":"which maps to a `task.node.driver.security` interface, along with the other"},{"line_number":71,"context_line":"standard configuration parameters and defaults behavior that exists with"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_755bbb2d","line":68,"in_reply_to":"1f621f24_32f4b95b","updated":"2020-10-29 19:48:38.000000000","message":"yes, my bad","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":90,"context_line":""},{"line_number":91,"context_line":""},{"line_number":92,"context_line":"Keylime Hardware Manager"},{"line_number":93,"context_line":"An extension to the IPA which will call Keylime agent code given"},{"line_number":94,"context_line":"configuration information from the controller. The manager would pass these"},{"line_number":95,"context_line":"configuration parameters to the Keylime agent and prompt the Keylime agent to"},{"line_number":96,"context_line":"register itself with the verifier in the initial setup."}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_92e94d82","line":93,"updated":"2020-10-28 16:58:14.000000000","message":"How will the configuration be passed from ironic (?) to the hw manager, via kernel params? What exactly is this information?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"a624472b72f10ce64ef1cfb3e0329979e183d592","unresolved":false,"context_lines":[{"line_number":90,"context_line":""},{"line_number":91,"context_line":""},{"line_number":92,"context_line":"Keylime Hardware Manager"},{"line_number":93,"context_line":"An extension to the IPA which will call Keylime agent code given"},{"line_number":94,"context_line":"configuration information from the controller. The manager would pass these"},{"line_number":95,"context_line":"configuration parameters to the Keylime agent and prompt the Keylime agent to"},{"line_number":96,"context_line":"register itself with the verifier in the initial setup."}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_133b6dd1","line":93,"in_reply_to":"1f621f24_92e94d82","updated":"2020-10-29 20:07:48.000000000","message":"We just realized maybe we don\u0027t need hw manager for keylime-agent. We would create a dib element for keylime-agent and make it run as a system service to talk with IPA. But hw manager is potentially needed to perform TPM setup we think. We\u0027ll rewrite this part.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":154,"context_line":""},{"line_number":155,"context_line":"    def get_security_status(self, task):"},{"line_number":156,"context_line":"        \"\"\"Grabs the latest information about the node\u0027s security state"},{"line_number":157,"context_line":"        from the attestation machine.\"\"\""},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    def track_machine(self, task):"},{"line_number":160,"context_line":"        \"\"\"Saves information which might need to be sent to the IPA."}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_72ee3189","line":157,"updated":"2020-10-28 16:58:14.000000000","message":"What\u0027s the return value?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":154,"context_line":""},{"line_number":155,"context_line":"    def get_security_status(self, task):"},{"line_number":156,"context_line":"        \"\"\"Grabs the latest information about the node\u0027s security state"},{"line_number":157,"context_line":"        from the attestation machine.\"\"\""},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    def track_machine(self, task):"},{"line_number":160,"context_line":"        \"\"\"Saves information which might need to be sent to the IPA."}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_f8232e04","line":157,"in_reply_to":"1f621f24_72ee3189","updated":"2020-10-29 19:48:38.000000000","message":"The return value would be None or 0 if everything is fine, and it could raise an exception if the verifier returns an unexpected status. The idea is to have the behavior and action taken be configurable after all.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    def track_machine(self, task):"},{"line_number":160,"context_line":"        \"\"\"Saves information which might need to be sent to the IPA."},{"line_number":161,"context_line":"        Sends this information to the IPA as needed.\"\"\""},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def attest(self, task):"},{"line_number":164,"context_line":"        \"\"\"Commands the node to perform an attestation.\"\"\""}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_d202a53e","line":161,"updated":"2020-10-28 16:58:14.000000000","message":"How exactly is it doing it?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    def track_machine(self, task):"},{"line_number":160,"context_line":"        \"\"\"Saves information which might need to be sent to the IPA."},{"line_number":161,"context_line":"        Sends this information to the IPA as needed.\"\"\""},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def attest(self, task):"},{"line_number":164,"context_line":"        \"\"\"Commands the node to perform an attestation.\"\"\""}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_98131ab9","line":161,"in_reply_to":"1f621f24_d202a53e","updated":"2020-10-29 19:48:38.000000000","message":"I\u0027m beginning to think this method is not even needed if we can just use kernel parameters.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":158,"context_line":""},{"line_number":159,"context_line":"    def track_machine(self, task):"},{"line_number":160,"context_line":"        \"\"\"Saves information which might need to be sent to the IPA."},{"line_number":161,"context_line":"        Sends this information to the IPA as needed.\"\"\""},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def attest(self, task):"},{"line_number":164,"context_line":"        \"\"\"Commands the node to perform an attestation.\"\"\""}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_827d6de9","line":161,"in_reply_to":"1f621f24_d202a53e","updated":"2020-11-10 18:20:10.000000000","message":"my original thought, because this was largely first driven by how to integrate with a centrali","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":161,"context_line":"        Sends this information to the IPA as needed.\"\"\""},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def attest(self, task):"},{"line_number":164,"context_line":"        \"\"\"Commands the node to perform an attestation.\"\"\""},{"line_number":165,"context_line":""},{"line_number":166,"context_line":"These methods can exist along any point of the node\u0027s lifecycle."},{"line_number":167,"context_line":"The action taken on a particular security state will be configurable. For"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_b2ff2933","line":164,"updated":"2020-10-28 16:58:14.000000000","message":"What exactly happens here and when is it called?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":161,"context_line":"        Sends this information to the IPA as needed.\"\"\""},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def attest(self, task):"},{"line_number":164,"context_line":"        \"\"\"Commands the node to perform an attestation.\"\"\""},{"line_number":165,"context_line":""},{"line_number":166,"context_line":"These methods can exist along any point of the node\u0027s lifecycle."},{"line_number":167,"context_line":"The action taken on a particular security state will be configurable. For"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_78f43e5c","line":164,"in_reply_to":"1f621f24_b2ff2933","updated":"2020-10-29 19:48:38.000000000","message":"This method is not super well thought out at the moment. And its hard for me to say when or if it will be. The current workflow is for the node to periodically attest itself and for the verifier to keep up to date with the state of the node. Keylime offers the ability to do revocation for you and take some kind of action when a node has become invalid. It might be possible to have the verifier tell the controller when things go wrong, in which case we just need an api endpoint. And we also want the controller to be able to grab the most current status of the node at any point as we might want to perform a check before doing any state transitions. But if we need to guarantee that an attestation is recent, its not quite possible. This method is supposed to fill in that hole. All that is to say that I don\u0027t know how this would be done or if it is even needed, but the more I flesh out the spec the more I am leaning towards it being unnecessary.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":168,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":169,"context_line":"will be configurable."},{"line_number":170,"context_line":""},{"line_number":171,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":172,"context_line":"heartbeat. When the controller receieves the first heartbeat, they may"},{"line_number":173,"context_line":"perform a get_security_check()."},{"line_number":174,"context_line":""}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_12fd3d3a","line":171,"updated":"2020-10-28 16:58:14.000000000","message":"So, when starting deployment? Does it correspond to track_machine?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":168,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":169,"context_line":"will be configurable."},{"line_number":170,"context_line":""},{"line_number":171,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":172,"context_line":"heartbeat. When the controller receieves the first heartbeat, they may"},{"line_number":173,"context_line":"perform a get_security_check()."},{"line_number":174,"context_line":""}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_38fac641","line":171,"in_reply_to":"1f621f24_12fd3d3a","updated":"2020-10-29 19:48:38.000000000","message":"I think with kernel parameters this entire process can be done. The idea behind track_machine() was that configuring the keylime agent might not be as simple as kernel parameters, but it appears I may have over-complicated things.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":169,"context_line":"will be configurable."},{"line_number":170,"context_line":""},{"line_number":171,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":172,"context_line":"heartbeat. When the controller receieves the first heartbeat, they may"},{"line_number":173,"context_line":"perform a get_security_check()."},{"line_number":174,"context_line":""},{"line_number":175,"context_line":"Nova driver impact"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_f2f9a14d","line":172,"updated":"2020-10-28 16:58:14.000000000","message":"nit: receives","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":169,"context_line":"will be configurable."},{"line_number":170,"context_line":""},{"line_number":171,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":172,"context_line":"heartbeat. When the controller receieves the first heartbeat, they may"},{"line_number":173,"context_line":"perform a get_security_check()."},{"line_number":174,"context_line":""},{"line_number":175,"context_line":"Nova driver impact"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_cb795030","line":172,"in_reply_to":"1f621f24_f2f9a14d","updated":"2020-10-29 19:48:38.000000000","message":"ack","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":170,"context_line":""},{"line_number":171,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":172,"context_line":"heartbeat. When the controller receieves the first heartbeat, they may"},{"line_number":173,"context_line":"perform a get_security_check()."},{"line_number":174,"context_line":""},{"line_number":175,"context_line":"Nova driver impact"},{"line_number":176,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_5294d5e8","line":173,"updated":"2020-10-28 16:58:14.000000000","message":"get_security_status?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":170,"context_line":""},{"line_number":171,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":172,"context_line":"heartbeat. When the controller receieves the first heartbeat, they may"},{"line_number":173,"context_line":"perform a get_security_check()."},{"line_number":174,"context_line":""},{"line_number":175,"context_line":"Nova driver impact"},{"line_number":176,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_709469e9","line":173,"in_reply_to":"1f621f24_5294d5e8","updated":"2020-10-29 19:48:38.000000000","message":"yes, my bad.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":188,"context_line":"Security impact"},{"line_number":189,"context_line":"---------------"},{"line_number":190,"context_line":""},{"line_number":191,"context_line":"No security impact is anticipated."},{"line_number":192,"context_line":""},{"line_number":193,"context_line":"Other end user impact"},{"line_number":194,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_3299591f","line":191,"updated":"2020-10-28 16:58:14.000000000","message":"I guess this should be populated since we expect a positive effect.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":188,"context_line":"Security impact"},{"line_number":189,"context_line":"---------------"},{"line_number":190,"context_line":""},{"line_number":191,"context_line":"No security impact is anticipated."},{"line_number":192,"context_line":""},{"line_number":193,"context_line":"Other end user impact"},{"line_number":194,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_d0ff3d32","line":191,"in_reply_to":"1f621f24_3299591f","updated":"2020-10-29 19:48:38.000000000","message":"will do.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":211,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":212,"context_line":"will map to a ``no-security`` interface. For the Keylime security interface"},{"line_number":213,"context_line":"to communicate with the verifier and registra, the configuration should"},{"line_number":214,"context_line":"contain the server\u0027s ip, port and certificate."},{"line_number":215,"context_line":""},{"line_number":216,"context_line":"Developer impact"},{"line_number":217,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_929e6d05","line":214,"updated":"2020-10-28 16:58:14.000000000","message":"Could you specify the proposed configuration options (at least briefly)?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":211,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":212,"context_line":"will map to a ``no-security`` interface. For the Keylime security interface"},{"line_number":213,"context_line":"to communicate with the verifier and registra, the configuration should"},{"line_number":214,"context_line":"contain the server\u0027s ip, port and certificate."},{"line_number":215,"context_line":""},{"line_number":216,"context_line":"Developer impact"},{"line_number":217,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_0bb50832","line":214,"in_reply_to":"1f621f24_929e6d05","updated":"2020-10-29 19:48:38.000000000","message":"Will do.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":252,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":253,"context_line":""},{"line_number":254,"context_line":"Testing for this interface and basic funcitionality, only unit testing"},{"line_number":255,"context_line":"should be expected."},{"line_number":256,"context_line":""},{"line_number":257,"context_line":"Upgrades and Backwards Compatibility"},{"line_number":258,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_72a3d150","line":255,"updated":"2020-10-28 16:58:14.000000000","message":"I guess we cannot provide integration tests because there is no suitable TPM emulation that we could use?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":252,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":253,"context_line":""},{"line_number":254,"context_line":"Testing for this interface and basic funcitionality, only unit testing"},{"line_number":255,"context_line":"should be expected."},{"line_number":256,"context_line":""},{"line_number":257,"context_line":"Upgrades and Backwards Compatibility"},{"line_number":258,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_d051fd64","line":255,"in_reply_to":"1f621f24_72a3d150","updated":"2020-10-29 19:48:38.000000000","message":"There is the ansible-keylime-tpm-eumulator for testing Keylime. I would think this could be used for testing purposes as well.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":263,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":264,"context_line":""},{"line_number":265,"context_line":"Documentation will be provided about how to use keylime-verifer and"},{"line_number":266,"context_line":"keylime-registra."},{"line_number":267,"context_line":""},{"line_number":268,"context_line":"References"},{"line_number":269,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_d28745b6","line":266,"updated":"2020-10-28 16:58:14.000000000","message":"nit: Is it really \"registra\"?","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":263,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":264,"context_line":""},{"line_number":265,"context_line":"Documentation will be provided about how to use keylime-verifer and"},{"line_number":266,"context_line":"keylime-registra."},{"line_number":267,"context_line":""},{"line_number":268,"context_line":"References"},{"line_number":269,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_70c62919","line":266,"in_reply_to":"1f621f24_d28745b6","updated":"2020-10-29 19:48:38.000000000","message":"it is not.","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"4333f9e0705ddae01d4cb7d735b4263c5768b30e","unresolved":false,"context_lines":[{"line_number":272,"context_line":""},{"line_number":273,"context_line":".. note:"},{"line_number":274,"context_line":"   This was discussed during the Rocky PTG, although we only gained"},{"line_number":275,"context_line":"   consensus that doing this would be useful to some."}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_b28449b3","line":275,"updated":"2020-10-28 16:58:14.000000000","message":"nit: I think this note can be removed","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"1a8b83ef7486d0b7b40b07b8ac754af19ac51958","unresolved":false,"context_lines":[{"line_number":272,"context_line":""},{"line_number":273,"context_line":".. note:"},{"line_number":274,"context_line":"   This was discussed during the Rocky PTG, although we only gained"},{"line_number":275,"context_line":"   consensus that doing this would be useful to some."}],"source_content_type":"text/x-rst","patch_set":11,"id":"1f621f24_f0d999f4","line":275,"in_reply_to":"1f621f24_b28449b3","updated":"2020-10-29 19:48:38.000000000","message":"Sure","commit_id":"8545e2c3ad7938c8c80462af5af38628a4184f1a"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":18,"context_line":"or executing a special step during cleaning in order to ensure that a"},{"line_number":19,"context_line":"node is owned by the attestation server."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"At a high level, we need an interface of hooks. And there is no better"},{"line_number":22,"context_line":"way than to provide a facility to execute external tooling."},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"Problem description"},{"line_number":25,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_b0a3059e","line":22,"range":{"start_line":21,"start_character":0,"end_line":22,"end_character":59},"updated":"2020-11-10 18:20:10.000000000","message":"This is from the 2nd revision, and I still think it kind of fits, but it could likely be removed.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":18,"context_line":"or executing a special step during cleaning in order to ensure that a"},{"line_number":19,"context_line":"node is owned by the attestation server."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"At a high level, we need an interface of hooks. And there is no better"},{"line_number":22,"context_line":"way than to provide a facility to execute external tooling."},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"Problem description"},{"line_number":25,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_338c127e","line":22,"range":{"start_line":21,"start_character":0,"end_line":22,"end_character":59},"in_reply_to":"1f621f24_b0a3059e","updated":"2020-11-12 20:55:20.000000000","message":"Sure","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":30,"context_line":"in ways that may or may not be readily detectable."},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"The solution that has been proposed for this is the use of a measured launch"},{"line_number":33,"context_line":"environments with engagement of Trusted Platform Management modules to help"},{"line_number":34,"context_line":"ensure that the running system profile is exactly as desired or approved,"},{"line_number":35,"context_line":"by the attestation service."},{"line_number":36,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_d0bfa1a7","line":33,"range":{"start_line":33,"start_character":0,"end_line":33,"end_character":12},"updated":"2020-11-10 18:20:10.000000000","message":"Nit: this word is plural, but a MLE seems to be singular at time of execution. I just stumble over it when reading the paragrah so it may be smoother to make singular.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":30,"context_line":"in ways that may or may not be readily detectable."},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"The solution that has been proposed for this is the use of a measured launch"},{"line_number":33,"context_line":"environments with engagement of Trusted Platform Management modules to help"},{"line_number":34,"context_line":"ensure that the running system profile is exactly as desired or approved,"},{"line_number":35,"context_line":"by the attestation service."},{"line_number":36,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_33a6d254","line":33,"range":{"start_line":33,"start_character":0,"end_line":33,"end_character":12},"in_reply_to":"1f621f24_c2d34ed4","updated":"2020-11-12 20:55:20.000000000","message":"hmm. I think its just best if we remove mention of mle\u0027s altogether.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":30,"context_line":"in ways that may or may not be readily detectable."},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"The solution that has been proposed for this is the use of a measured launch"},{"line_number":33,"context_line":"environments with engagement of Trusted Platform Management modules to help"},{"line_number":34,"context_line":"ensure that the running system profile is exactly as desired or approved,"},{"line_number":35,"context_line":"by the attestation service."},{"line_number":36,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_c2d34ed4","line":33,"range":{"start_line":33,"start_character":0,"end_line":33,"end_character":12},"in_reply_to":"1f621f24_d0bfa1a7","updated":"2020-11-11 12:58:48.000000000","message":"I feel like MLE is a Intel term tied to their technology.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":49,"context_line":"to be executed along the workflow that are security centric logical points"},{"line_number":50,"context_line":"that, could be later molded into tight integration with an attestation"},{"line_number":51,"context_line":"service. This first step requires a new interface type \u0027security_interface\u0027"},{"line_number":52,"context_line":"to be added as a subclass of \u0027BaseDriver\u0027."},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"The second step is to provide a \u0027security_interface\u0027 implementation."},{"line_number":55,"context_line":"This implementation would use Keylime to learn about the security state of a"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_f0f0dd93","line":52,"updated":"2020-11-10 18:20:10.000000000","message":"It may be good to note and also propose a default no-op version which would help with testing.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":49,"context_line":"to be executed along the workflow that are security centric logical points"},{"line_number":50,"context_line":"that, could be later molded into tight integration with an attestation"},{"line_number":51,"context_line":"service. This first step requires a new interface type \u0027security_interface\u0027"},{"line_number":52,"context_line":"to be added as a subclass of \u0027BaseDriver\u0027."},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"The second step is to provide a \u0027security_interface\u0027 implementation."},{"line_number":55,"context_line":"This implementation would use Keylime to learn about the security state of a"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_f35d7a47","line":52,"in_reply_to":"1f621f24_f0f0dd93","updated":"2020-11-12 20:55:20.000000000","message":"I\u0027ll mention the trivial interface here. Though I was already nit\u0027ted before about calling this interface \u0027no-security\u0027 instead of \u0027noop\u0027 before though.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":56,"context_line":"node and manage configurations."},{"line_number":57,"context_line":""},{"line_number":58,"context_line":"The third step is a set of enhancements for the ramdisk to support TPM 2.0,"},{"line_number":59,"context_line":"and installation of the Keylime agent. From there the Keylime agent"},{"line_number":60,"context_line":"would communicate with the registrar and verifier. The manager would"},{"line_number":61,"context_line":"trigger attestations at certain points along the node\u0027s workflow ex) during"},{"line_number":62,"context_line":"the boot process. Note that in order to perform attestation, the verifier"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_302c1501","line":59,"range":{"start_line":59,"start_character":3,"end_line":59,"end_character":23},"updated":"2020-11-10 18:20:10.000000000","message":"inclusion may be a better way of phrasing it, fwiw.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":56,"context_line":"node and manage configurations."},{"line_number":57,"context_line":""},{"line_number":58,"context_line":"The third step is a set of enhancements for the ramdisk to support TPM 2.0,"},{"line_number":59,"context_line":"and installation of the Keylime agent. From there the Keylime agent"},{"line_number":60,"context_line":"would communicate with the registrar and verifier. The manager would"},{"line_number":61,"context_line":"trigger attestations at certain points along the node\u0027s workflow ex) during"},{"line_number":62,"context_line":"the boot process. Note that in order to perform attestation, the verifier"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_ce06d51c","line":59,"range":{"start_line":59,"start_character":3,"end_line":59,"end_character":23},"in_reply_to":"1f621f24_302c1501","updated":"2020-11-12 20:55:20.000000000","message":"ack","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":59,"context_line":"and installation of the Keylime agent. From there the Keylime agent"},{"line_number":60,"context_line":"would communicate with the registrar and verifier. The manager would"},{"line_number":61,"context_line":"trigger attestations at certain points along the node\u0027s workflow ex) during"},{"line_number":62,"context_line":"the boot process. Note that in order to perform attestation, the verifier"},{"line_number":63,"context_line":"must be within the same network as the node."},{"line_number":64,"context_line":""},{"line_number":65,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_42457e42","line":62,"updated":"2020-11-11 12:58:48.000000000","message":"The registrar has to be the same network too. I am wondering how it can be utilized in multitenancy, that\u0027s our major use case.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":59,"context_line":"and installation of the Keylime agent. From there the Keylime agent"},{"line_number":60,"context_line":"would communicate with the registrar and verifier. The manager would"},{"line_number":61,"context_line":"trigger attestations at certain points along the node\u0027s workflow ex) during"},{"line_number":62,"context_line":"the boot process. Note that in order to perform attestation, the verifier"},{"line_number":63,"context_line":"must be within the same network as the node."},{"line_number":64,"context_line":""},{"line_number":65,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_ea51ea37","line":62,"in_reply_to":"1f621f24_42457e42","updated":"2020-11-12 20:55:20.000000000","message":"I am not really understanding what multitenancy implies for keylime and this architecture. Could you elaborate on why multitenancy raises concerns?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":64,"context_line":""},{"line_number":65,"context_line":""},{"line_number":66,"context_line":"Proposed change"},{"line_number":67,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":68,"context_line":"Security Interface"},{"line_number":69,"context_line":"------------------"},{"line_number":70,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_5037114e","line":67,"updated":"2020-11-10 18:20:10.000000000","message":"nit^2: you may want an empty line between the section headers","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":64,"context_line":""},{"line_number":65,"context_line":""},{"line_number":66,"context_line":"Proposed change"},{"line_number":67,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":68,"context_line":"Security Interface"},{"line_number":69,"context_line":"------------------"},{"line_number":70,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_8e297d8b","line":67,"in_reply_to":"1f621f24_5037114e","updated":"2020-11-12 20:55:20.000000000","message":"got it","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":88,"context_line":"the results. Doing so will require methods which will make calls to the"},{"line_number":89,"context_line":"Keylime verifier through the available REST API as well as calls to the IPA"},{"line_number":90,"context_line":"to pass necessary configuration parameters. The Keylime interface will be"},{"line_number":91,"context_line":"supported by any generic hardware type."},{"line_number":92,"context_line":""},{"line_number":93,"context_line":""},{"line_number":94,"context_line":"Alternatives"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_9025290c","line":91,"updated":"2020-11-10 18:20:10.000000000","message":"fwiw, I think we list this as an \"optional\" interface (like network_interface, storage_interface) in the driver construction code. I _think_ that gets you out of having to have any declaration in relation to the node. Anyway, just noting for ease of finding the easiest path.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":98,"context_line":"will be a specific model for a deployment or portion of a deployment, and thus"},{"line_number":99,"context_line":"we may one day have need for \"vendor\" specific drivers for particular security"},{"line_number":100,"context_line":"solutions and workflow. As such, not creating a new interface for this seems"},{"line_number":101,"context_line":"less ideal."},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"Data model impact"},{"line_number":104,"context_line":"-----------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_307a55f0","line":101,"updated":"2020-11-10 18:20:10.000000000","message":"And not doing so would/could result in vendor driver fragmentation. Imagine hardware types that are vendor-with-additional-security :(","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":105,"context_line":""},{"line_number":106,"context_line":"Addition of a ``security_interface`` field to the node object, and this"},{"line_number":107,"context_line":"will require a database migration to create the field. The field will"},{"line_number":108,"context_line":"default to ``None`` which will map to a noo interface."},{"line_number":109,"context_line":""},{"line_number":110,"context_line":"State Machine Impact"},{"line_number":111,"context_line":"--------------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_508551ce","line":108,"range":{"start_line":108,"start_character":39,"end_line":108,"end_character":45},"updated":"2020-11-10 18:20:10.000000000","message":"s/noo/no-op/","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":105,"context_line":""},{"line_number":106,"context_line":"Addition of a ``security_interface`` field to the node object, and this"},{"line_number":107,"context_line":"will require a database migration to create the field. The field will"},{"line_number":108,"context_line":"default to ``None`` which will map to a noo interface."},{"line_number":109,"context_line":""},{"line_number":110,"context_line":"State Machine Impact"},{"line_number":111,"context_line":"--------------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_002b6c82","line":108,"range":{"start_line":108,"start_character":39,"end_line":108,"end_character":45},"in_reply_to":"1f621f24_508551ce","updated":"2020-11-12 20:55:20.000000000","message":"fixed","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":112,"context_line":""},{"line_number":113,"context_line":"No impact to the state machine is expected. All calls to the new interface\u0027s"},{"line_number":114,"context_line":"methods will take place in existing workflows driven by the state machine."},{"line_number":115,"context_line":"Action will be taken on a result immediately upon receiving the result."},{"line_number":116,"context_line":""},{"line_number":117,"context_line":"REST API impact"},{"line_number":118,"context_line":"---------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_505ef175","line":115,"updated":"2020-11-10 18:20:10.000000000","message":"A later idea, but do we just fail, or do we fail and put into maintenance?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":138,"context_line":"--------------"},{"line_number":139,"context_line":""},{"line_number":140,"context_line":"This new ``security_interface`` field requires the RPC version to be"},{"line_number":141,"context_line":"incremented."},{"line_number":142,"context_line":""},{"line_number":143,"context_line":"Driver API impact"},{"line_number":144,"context_line":"-----------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_425e1e12","line":141,"updated":"2020-11-11 12:58:48.000000000","message":"rpc version is affected if we add new rpc methods, doesn\u0027t seem required till here. If there is any, it needs to be listed here.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":138,"context_line":"--------------"},{"line_number":139,"context_line":""},{"line_number":140,"context_line":"This new ``security_interface`` field requires the RPC version to be"},{"line_number":141,"context_line":"incremented."},{"line_number":142,"context_line":""},{"line_number":143,"context_line":"Driver API impact"},{"line_number":144,"context_line":"-----------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_f828b2e2","line":141,"in_reply_to":"1f621f24_425e1e12","updated":"2020-11-12 20:55:20.000000000","message":"yeah there are no new rpc methods and I don\u0027t believe we will need any either.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":144,"context_line":"-----------------"},{"line_number":145,"context_line":""},{"line_number":146,"context_line":"The security interface methods that would be proposed would consist"},{"line_number":147,"context_line":"of a ``no-security`` interface defined on a new base class SecurityInterface."},{"line_number":148,"context_line":""},{"line_number":149,"context_line":"These methods would consist of::"},{"line_number":150,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_c2a7ce0a","line":147,"range":{"start_line":147,"start_character":7,"end_line":147,"end_character":18},"updated":"2020-11-11 12:58:48.000000000","message":"this sounds scary, maybe noop is just fine..","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":144,"context_line":"-----------------"},{"line_number":145,"context_line":""},{"line_number":146,"context_line":"The security interface methods that would be proposed would consist"},{"line_number":147,"context_line":"of a ``no-security`` interface defined on a new base class SecurityInterface."},{"line_number":148,"context_line":""},{"line_number":149,"context_line":"These methods would consist of::"},{"line_number":150,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_98e9beb8","line":147,"range":{"start_line":147,"start_character":7,"end_line":147,"end_character":18},"in_reply_to":"1f621f24_c2a7ce0a","updated":"2020-11-12 20:55:20.000000000","message":"We\u0027ve already gotten feedback along the lines of \u0027I know it sounds scary, but no-x is what we usually do\u0027","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":150,"context_line":""},{"line_number":151,"context_line":"    def get_security_status(self, task):"},{"line_number":152,"context_line":"        \"\"\"Grabs the latest information about the node\u0027s security state"},{"line_number":153,"context_line":"        from the attestation machine. Returns nothing on success, raises"},{"line_number":154,"context_line":"        an exception if status is not what we expect."},{"line_number":155,"context_line":"        \"\"\""},{"line_number":156,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_428c5e7e","line":153,"range":{"start_line":153,"start_character":17,"end_line":153,"end_character":36},"updated":"2020-11-11 12:58:48.000000000","message":"does it mean verifier here?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":150,"context_line":""},{"line_number":151,"context_line":"    def get_security_status(self, task):"},{"line_number":152,"context_line":"        \"\"\"Grabs the latest information about the node\u0027s security state"},{"line_number":153,"context_line":"        from the attestation machine. Returns nothing on success, raises"},{"line_number":154,"context_line":"        an exception if status is not what we expect."},{"line_number":155,"context_line":"        \"\"\""},{"line_number":156,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_f8fa7272","line":153,"range":{"start_line":153,"start_character":17,"end_line":153,"end_character":36},"in_reply_to":"1f621f24_428c5e7e","updated":"2020-11-12 20:55:20.000000000","message":"its the verifier in the case of Keylime. Or is verifier a generic enough term for other potential attestation frameworks?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":150,"context_line":""},{"line_number":151,"context_line":"    def get_security_status(self, task):"},{"line_number":152,"context_line":"        \"\"\"Grabs the latest information about the node\u0027s security state"},{"line_number":153,"context_line":"        from the attestation machine. Returns nothing on success, raises"},{"line_number":154,"context_line":"        an exception if status is not what we expect."},{"line_number":155,"context_line":"        \"\"\""},{"line_number":156,"context_line":""},{"line_number":157,"context_line":"    def attest(self, task):"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_a285725c","line":154,"range":{"start_line":153,"start_character":38,"end_line":154,"end_character":53},"updated":"2020-11-11 12:58:48.000000000","message":"according to the definition, maybe rename the method to validate_security_status?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":150,"context_line":""},{"line_number":151,"context_line":"    def get_security_status(self, task):"},{"line_number":152,"context_line":"        \"\"\"Grabs the latest information about the node\u0027s security state"},{"line_number":153,"context_line":"        from the attestation machine. Returns nothing on success, raises"},{"line_number":154,"context_line":"        an exception if status is not what we expect."},{"line_number":155,"context_line":"        \"\"\""},{"line_number":156,"context_line":""},{"line_number":157,"context_line":"    def attest(self, task):"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_7815c29b","line":154,"range":{"start_line":153,"start_character":38,"end_line":154,"end_character":53},"in_reply_to":"1f621f24_a285725c","updated":"2020-11-12 20:55:20.000000000","message":"hmm. I suppose yeah since this method is responsible for taking the appropriate action after getting the status.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":158,"context_line":"        \"\"\"Commands the node to perform an attestation."},{"line_number":159,"context_line":"        \"\"\""},{"line_number":160,"context_line":""},{"line_number":161,"context_line":"These methods can exist along any point of the node\u0027s lifecycle."},{"line_number":162,"context_line":"The action taken on a particular security state will be configurable. For"},{"line_number":163,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":164,"context_line":"will be configurable."}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_02db867b","line":161,"updated":"2020-11-11 12:58:48.000000000","message":"agent only lives at cleaning/deployment time, what do we expect ironic do if the node is on active state?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"31cb636080acfb391d23becd3319dc284533c368","unresolved":false,"context_lines":[{"line_number":158,"context_line":"        \"\"\"Commands the node to perform an attestation."},{"line_number":159,"context_line":"        \"\"\""},{"line_number":160,"context_line":""},{"line_number":161,"context_line":"These methods can exist along any point of the node\u0027s lifecycle."},{"line_number":162,"context_line":"The action taken on a particular security state will be configurable. For"},{"line_number":163,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":164,"context_line":"will be configurable."}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_0d02800a","line":161,"in_reply_to":"1f621f24_02db867b","updated":"2020-11-12 22:10:49.000000000","message":"When the node is on active state, I think it\u0027s up to user to attest the node or not and Ironic won\u0027t control that.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":167,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":168,"context_line":"perform a get_security_status()."},{"line_number":169,"context_line":""},{"line_number":170,"context_line":"Nova driver impact"},{"line_number":171,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_02ca664c","line":168,"updated":"2020-11-11 12:58:48.000000000","message":"I feel I have asked the question before, anyway, the operation procedure seems to be an agent registers/activates itself to the registrar, then ironic would act like a keylime tenant and add the agent to verifier with whitelist, get the verification result.\nSo I wonder where ironic gets the whitelist? Or keylime can be operated differently?","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"e7b219457fca6f022777c0604d87ff503bcda4b3","unresolved":false,"context_lines":[{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":167,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":168,"context_line":"perform a get_security_status()."},{"line_number":169,"context_line":""},{"line_number":170,"context_line":"Nova driver impact"},{"line_number":171,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"523fccae_8cbf6bb4","line":168,"in_reply_to":"1aa492ed_914b454a","updated":"2020-12-02 18:57:34.000000000","message":"Generation and passing whitelists isn\u0027t something the controller can really do, as we are expecting the first heartbeat to happen after the agent has registered itself. We are currently exploring having all of this done as part of the image building process as an element.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"31cb636080acfb391d23becd3319dc284533c368","unresolved":false,"context_lines":[{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":167,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":168,"context_line":"perform a get_security_status()."},{"line_number":169,"context_line":""},{"line_number":170,"context_line":"Nova driver impact"},{"line_number":171,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_2d481c85","line":168,"in_reply_to":"1f621f24_02ca664c","updated":"2020-11-12 22:10:49.000000000","message":"My naive thought is that the node generates a whitelist. In the security interface attest() method, ironic will request for the whitelist and send it to the verifier.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"b8a0b5d9eaa1f34ef3707e9eee7f11f9d1731509","unresolved":false,"context_lines":[{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":167,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":168,"context_line":"perform a get_security_status()."},{"line_number":169,"context_line":""},{"line_number":170,"context_line":"Nova driver impact"},{"line_number":171,"context_line":"------------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1aa492ed_914b454a","line":168,"in_reply_to":"1f621f24_2d481c85","updated":"2020-11-27 07:42:45.000000000","message":"Whitelist as I understand it, it should be externally supplied, ironic has no knowledge about it, but in current keylime operation, the whiltelist is supplied when adding an agent. so I am still trying to figure out the complete workflow here.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":179,"context_line":""},{"line_number":180,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":181,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":182,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":183,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":184,"context_line":"manager."},{"line_number":185,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_f08f3dca","line":182,"range":{"start_line":182,"start_character":48,"end_line":182,"end_character":72},"updated":"2020-11-10 18:20:10.000000000","message":"patched version","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"a13db8998df7cc4f1860cf0874208cd64f2e0ff3","unresolved":false,"context_lines":[{"line_number":179,"context_line":""},{"line_number":180,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":181,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":182,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":183,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":184,"context_line":"manager."},{"line_number":185,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_d83b0835","line":182,"range":{"start_line":182,"start_character":48,"end_line":182,"end_character":72},"in_reply_to":"1f621f24_02c42690","updated":"2020-11-16 15:05:39.000000000","message":"This is what the keylime documentation said in regards to tpm2-tools. Its possible their documentation needs to be updated.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"b8a0b5d9eaa1f34ef3707e9eee7f11f9d1731509","unresolved":false,"context_lines":[{"line_number":179,"context_line":""},{"line_number":180,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":181,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":182,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":183,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":184,"context_line":"manager."},{"line_number":185,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"a60b597b_20eb5ee1","line":182,"range":{"start_line":182,"start_character":48,"end_line":182,"end_character":72},"in_reply_to":"1f621f24_d83b0835","updated":"2020-11-27 07:42:45.000000000","message":"Probably a documentation issue, we tested with non-patched version (shipped with distros), it works fine.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":179,"context_line":""},{"line_number":180,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":181,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":182,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":183,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":184,"context_line":"manager."},{"line_number":185,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_02c42690","line":182,"range":{"start_line":182,"start_character":48,"end_line":182,"end_character":72},"in_reply_to":"1f621f24_f08f3dca","updated":"2020-11-11 12:58:48.000000000","message":"I wonder why we need a patched version? It may cause trouble to the ramdisk building. CentOS 8 shipped 3.2 which is supported by keylime.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":219,"context_line":""},{"line_number":220,"context_line":"These options would go under the ``[keylime]`` section"},{"line_number":221,"context_line":""},{"line_number":222,"context_line":"registrar_ip"},{"line_number":223,"context_line":"  The ip address of the Keylime registrar"},{"line_number":224,"context_line":""},{"line_number":225,"context_line":"verifier_ip"},{"line_number":226,"context_line":"  The ip address of the Keylime verifier"},{"line_number":227,"context_line":""},{"line_number":228,"context_line":"certificate"},{"line_number":229,"context_line":"  The certificate which a node will need to present when interacting with the"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_70e7adad","line":226,"range":{"start_line":222,"start_character":0,"end_line":226,"end_character":40},"updated":"2020-11-10 18:20:10.000000000","message":"Some operators need to support DNS, and also v6 addresses, so it may make sense just to call this \"registrar_address\" and \"verifier_address\" such that the operator can either hardcode/pass in static IPs, v6 addresses, or FQDNs.\n\nFWIW, v6 is huge in the telecom space, so anything we do where we think about IP addresses, we need to think \"Do we mean v4? should we be specific?\"","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":219,"context_line":""},{"line_number":220,"context_line":"These options would go under the ``[keylime]`` section"},{"line_number":221,"context_line":""},{"line_number":222,"context_line":"registrar_ip"},{"line_number":223,"context_line":"  The ip address of the Keylime registrar"},{"line_number":224,"context_line":""},{"line_number":225,"context_line":"verifier_ip"},{"line_number":226,"context_line":"  The ip address of the Keylime verifier"},{"line_number":227,"context_line":""},{"line_number":228,"context_line":"certificate"},{"line_number":229,"context_line":"  The certificate which a node will need to present when interacting with the"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_62523ae0","line":226,"range":{"start_line":222,"start_character":0,"end_line":226,"end_character":40},"in_reply_to":"1f621f24_70e7adad","updated":"2020-11-11 12:58:48.000000000","message":"++, or \"host\"","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"e2cfc0b1e679389fd13d9d503d10c0a61c5c2194","unresolved":false,"context_lines":[{"line_number":227,"context_line":""},{"line_number":228,"context_line":"certificate"},{"line_number":229,"context_line":"  The certificate which a node will need to present when interacting with the"},{"line_number":230,"context_line":"  registrar or verifier"},{"line_number":231,"context_line":""},{"line_number":232,"context_line":"Developer impact"},{"line_number":233,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_626b5a84","line":230,"updated":"2020-11-11 12:58:48.000000000","message":"Currently keylime doens\u0027t provide a client package, I think it\u0027s required so that ironic can utilize and interact with keylime services instead of installing full keylime code into ironic node.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"cd4ccc28e3fa86f9dedc95f1c6c9125fcc8ccee2","unresolved":false,"context_lines":[{"line_number":227,"context_line":""},{"line_number":228,"context_line":"certificate"},{"line_number":229,"context_line":"  The certificate which a node will need to present when interacting with the"},{"line_number":230,"context_line":"  registrar or verifier"},{"line_number":231,"context_line":""},{"line_number":232,"context_line":"Developer impact"},{"line_number":233,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_e522cfb8","line":230,"in_reply_to":"1f621f24_626b5a84","updated":"2020-11-11 21:54:04.000000000","message":"yeah, a client package doesn\u0027t exist. Do you think it\u0027s required to build one? We might want to skip this for now since we don\u0027t want to be keylime client package maintainers.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":24828,"name":"Kaifeng Wang","email":"kaifeng.w@gmail.com","username":"wangkf"},"change_message_id":"bfd158e5bcd07e3a771a868cc75ca35774e78544","unresolved":false,"context_lines":[{"line_number":227,"context_line":""},{"line_number":228,"context_line":"certificate"},{"line_number":229,"context_line":"  The certificate which a node will need to present when interacting with the"},{"line_number":230,"context_line":"  registrar or verifier"},{"line_number":231,"context_line":""},{"line_number":232,"context_line":"Developer impact"},{"line_number":233,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_a528ca96","line":230,"in_reply_to":"1f621f24_e522cfb8","updated":"2020-11-12 16:13:03.000000000","message":"Accessing keylime services is quite lite at the moment, it\u0027s ok to place into keylime security interface initially, so this is not a blocker for the spec. In the long run I do hope this happends at keylime side.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":241,"context_line":"-----------"},{"line_number":242,"context_line":""},{"line_number":243,"context_line":"Primary assignee:"},{"line_number":244,"context_line":"  Julia Kreger \u003cTheJulia\u003e"},{"line_number":245,"context_line":"  Leo McGann \u003cljmcgann\u003e"},{"line_number":246,"context_line":"  Danni Shi \u003csdanni\u003e"},{"line_number":247,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_50ba716d","line":244,"updated":"2020-11-10 18:20:10.000000000","message":"You guys can likely remove me, fwiw.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"722e21742b0f9142f9bac0e849409bb99640e9ad","unresolved":false,"context_lines":[{"line_number":241,"context_line":"-----------"},{"line_number":242,"context_line":""},{"line_number":243,"context_line":"Primary assignee:"},{"line_number":244,"context_line":"  Julia Kreger \u003cTheJulia\u003e"},{"line_number":245,"context_line":"  Leo McGann \u003cljmcgann\u003e"},{"line_number":246,"context_line":"  Danni Shi \u003csdanni\u003e"},{"line_number":247,"context_line":""}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_b80c4c94","line":244,"in_reply_to":"1f621f24_50ba716d","updated":"2020-11-16 15:07:19.000000000","message":"*poof*","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"c7fc3c33c94018a9af6e79a171a213ac60106514","unresolved":false,"context_lines":[{"line_number":253,"context_line":""},{"line_number":254,"context_line":"* Add ``security_interface`` database field."},{"line_number":255,"context_line":"* Implement base interface addition"},{"line_number":256,"context_line":"* Implement ``no-security`` interface."},{"line_number":257,"context_line":"* Add node RPC object field"},{"line_number":258,"context_line":"* Add API support and microversion."},{"line_number":259,"context_line":"* Implement Keylime security interface."}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_90afe928","line":256,"updated":"2020-11-10 18:20:10.000000000","message":"no-security or no-op?!? I\u0027m fine with either.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c0850f16862d4541eaf529582c0a8b244156224b","unresolved":false,"context_lines":[{"line_number":253,"context_line":""},{"line_number":254,"context_line":"* Add ``security_interface`` database field."},{"line_number":255,"context_line":"* Implement base interface addition"},{"line_number":256,"context_line":"* Implement ``no-security`` interface."},{"line_number":257,"context_line":"* Add node RPC object field"},{"line_number":258,"context_line":"* Add API support and microversion."},{"line_number":259,"context_line":"* Implement Keylime security interface."}],"source_content_type":"text/x-rst","patch_set":13,"id":"1f621f24_8a62f608","line":256,"in_reply_to":"1f621f24_90afe928","updated":"2020-11-12 20:55:20.000000000","message":"no-security is correct.","commit_id":"b8a07817be95b951aa5ce082a61642d6585c7eed"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"0a9973b9954f49a91ede7a1f72ddd556e51e099d","unresolved":true,"context_lines":[{"line_number":119,"context_line":"---------------"},{"line_number":120,"context_line":""},{"line_number":121,"context_line":"The ``security_interface`` will be added to the node object and guarded by an"},{"line_number":122,"context_line":"API microversion."},{"line_number":123,"context_line":""},{"line_number":124,"context_line":"Client (CLI) impact"},{"line_number":125,"context_line":"-------------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"eb03d944_80d684ab","line":122,"updated":"2020-12-01 15:08:40.000000000","message":"Also is the validation return results, but historically I think that has been acceptable leakage across microversions as it is implied [{interface: success_value}] or something like that.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"0a9973b9954f49a91ede7a1f72ddd556e51e099d","unresolved":true,"context_lines":[{"line_number":173,"context_line":""},{"line_number":174,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":175,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":176,"context_line":"for the security interface, and fail if the validation is not successful."},{"line_number":177,"context_line":""},{"line_number":178,"context_line":"Ramdisk impact"},{"line_number":179,"context_line":"--------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"dc7e3e58_ee82a672","line":176,"updated":"2020-12-01 15:08:40.000000000","message":"For what is worth, the check will likely need to be guarded by API micro-version or setting.\n\nI think it is a bit up to the individual engineer who implements said check though. Being such a small thing, Nova shouldn\u0027t really object to its appearance as unplanned work at some point.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"1e67c1ce32e0a805a59b6b11570cf316c3d5bc52","unresolved":false,"context_lines":[{"line_number":173,"context_line":""},{"line_number":174,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":175,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":176,"context_line":"for the security interface, and fail if the validation is not successful."},{"line_number":177,"context_line":""},{"line_number":178,"context_line":"Ramdisk impact"},{"line_number":179,"context_line":"--------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"529f2575_e4f45cce","line":176,"in_reply_to":"823d8feb_cf54697a","updated":"2020-12-02 23:33:24.000000000","message":"Ack","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"ba050a632f9cea3902fc7bc9326f1f7b327613cc","unresolved":true,"context_lines":[{"line_number":173,"context_line":""},{"line_number":174,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":175,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":176,"context_line":"for the security interface, and fail if the validation is not successful."},{"line_number":177,"context_line":""},{"line_number":178,"context_line":"Ramdisk impact"},{"line_number":179,"context_line":"--------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"823d8feb_cf54697a","line":176,"in_reply_to":"dc7e3e58_ee82a672","updated":"2020-12-02 17:59:00.000000000","message":"ack. I added a snippet mentioning this.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"0a9973b9954f49a91ede7a1f72ddd556e51e099d","unresolved":true,"context_lines":[{"line_number":180,"context_line":""},{"line_number":181,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":182,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":183,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":184,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":185,"context_line":"manager."},{"line_number":186,"context_line":""}],"source_content_type":"text/x-rst","patch_set":15,"id":"964f5854_1573247a","line":183,"range":{"start_line":183,"start_character":50,"end_line":183,"end_character":65},"updated":"2020-12-01 15:08:40.000000000","message":"This is not upstreamed? Or has upstream fragmented? Or will it be upstream?","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"1e67c1ce32e0a805a59b6b11570cf316c3d5bc52","unresolved":false,"context_lines":[{"line_number":180,"context_line":""},{"line_number":181,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":182,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":183,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":184,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":185,"context_line":"manager."},{"line_number":186,"context_line":""}],"source_content_type":"text/x-rst","patch_set":15,"id":"0e13f449_234c104e","line":183,"range":{"start_line":183,"start_character":50,"end_line":183,"end_character":65},"in_reply_to":"0c9077aa_b9e8fd63","updated":"2020-12-02 23:33:24.000000000","message":"Ack","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"ba050a632f9cea3902fc7bc9326f1f7b327613cc","unresolved":true,"context_lines":[{"line_number":180,"context_line":""},{"line_number":181,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":182,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":183,"context_line":"ramdisk. This includes tpm2-tss software stack, a patched version of the"},{"line_number":184,"context_line":"tpm2-tools utilities, and, although not required, the tpm2-abrmd resource"},{"line_number":185,"context_line":"manager."},{"line_number":186,"context_line":""}],"source_content_type":"text/x-rst","patch_set":15,"id":"0c9077aa_b9e8fd63","line":183,"range":{"start_line":183,"start_character":50,"end_line":183,"end_character":65},"in_reply_to":"964f5854_1573247a","updated":"2020-12-02 17:59:00.000000000","message":"According to Kaifeng, this has been tested and upstreamed already. I wrote in \u0027patched\u0027 as that is what the Keylime documentation says currently, but it might just be a documentation error on their end.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"0a9973b9954f49a91ede7a1f72ddd556e51e099d","unresolved":true,"context_lines":[{"line_number":186,"context_line":""},{"line_number":187,"context_line":"Keylime-agent will be setup on the ramdisk. A new dib element will be created"},{"line_number":188,"context_line":"to install keylime-agent and make it run as a system service. Keylime-agent"},{"line_number":189,"context_line":"service should run before IPA."},{"line_number":190,"context_line":""},{"line_number":191,"context_line":"Security impact"},{"line_number":192,"context_line":"---------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"07db468a_68b0221e","line":189,"range":{"start_line":189,"start_character":8,"end_line":189,"end_character":18},"updated":"2020-12-01 15:08:40.000000000","message":"Could you clarify why it should run before?\n\nIt occurs to me that some operators may need it to be shutdown because the agent may be preparing to do horrible things to the machine like flash all of the firmware.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"129a4c8c8be8114b4681d829b506b9fc70e8eb05","unresolved":true,"context_lines":[{"line_number":186,"context_line":""},{"line_number":187,"context_line":"Keylime-agent will be setup on the ramdisk. A new dib element will be created"},{"line_number":188,"context_line":"to install keylime-agent and make it run as a system service. Keylime-agent"},{"line_number":189,"context_line":"service should run before IPA."},{"line_number":190,"context_line":""},{"line_number":191,"context_line":"Security impact"},{"line_number":192,"context_line":"---------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"667d3f52_b40b3bb4","line":189,"range":{"start_line":189,"start_character":8,"end_line":189,"end_character":18},"in_reply_to":"07db468a_68b0221e","updated":"2020-12-02 18:25:47.000000000","message":"I might have some misunderstanding about it. During last discussion on keylime-agent element, you said ipa should depend on keylime-agent, so I thought it should run before. But yeah, now I think it\u0027s inappropriate to let it run before ipa.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"1e67c1ce32e0a805a59b6b11570cf316c3d5bc52","unresolved":true,"context_lines":[{"line_number":186,"context_line":""},{"line_number":187,"context_line":"Keylime-agent will be setup on the ramdisk. A new dib element will be created"},{"line_number":188,"context_line":"to install keylime-agent and make it run as a system service. Keylime-agent"},{"line_number":189,"context_line":"service should run before IPA."},{"line_number":190,"context_line":""},{"line_number":191,"context_line":"Security impact"},{"line_number":192,"context_line":"---------------"}],"source_content_type":"text/x-rst","patch_set":15,"id":"207ca19c_ca0a65ef","line":189,"range":{"start_line":189,"start_character":8,"end_line":189,"end_character":18},"in_reply_to":"667d3f52_b40b3bb4","updated":"2020-12-02 23:33:24.000000000","message":"either way works I guess, but mechanics wise after may be cleaner. I could see both cases now that I think about it.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"0a9973b9954f49a91ede7a1f72ddd556e51e099d","unresolved":true,"context_lines":[{"line_number":227,"context_line":"  The address of the Keylime verifier"},{"line_number":228,"context_line":""},{"line_number":229,"context_line":"certificate"},{"line_number":230,"context_line":"  The certificate which a node will need to present when interacting with the"},{"line_number":231,"context_line":"  registrar or verifier"},{"line_number":232,"context_line":""},{"line_number":233,"context_line":"Developer impact"}],"source_content_type":"text/x-rst","patch_set":15,"id":"ffe0b56c_0b9d2cbb","line":230,"range":{"start_line":230,"start_character":26,"end_line":230,"end_character":30},"updated":"2020-12-01 15:08:40.000000000","message":"When you say node, do you mean conductor? Or is a certificate provided by the ironic deployment to the agent to be used for interacting with keylime? I guess it might help to understand when this is being used, but that is likely just a nit.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"1e67c1ce32e0a805a59b6b11570cf316c3d5bc52","unresolved":false,"context_lines":[{"line_number":227,"context_line":"  The address of the Keylime verifier"},{"line_number":228,"context_line":""},{"line_number":229,"context_line":"certificate"},{"line_number":230,"context_line":"  The certificate which a node will need to present when interacting with the"},{"line_number":231,"context_line":"  registrar or verifier"},{"line_number":232,"context_line":""},{"line_number":233,"context_line":"Developer impact"}],"source_content_type":"text/x-rst","patch_set":15,"id":"87be805a_7a2f59e0","line":230,"range":{"start_line":230,"start_character":26,"end_line":230,"end_character":30},"in_reply_to":"1da7f816_d9171895","updated":"2020-12-02 23:33:24.000000000","message":"Ack","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"ba050a632f9cea3902fc7bc9326f1f7b327613cc","unresolved":true,"context_lines":[{"line_number":227,"context_line":"  The address of the Keylime verifier"},{"line_number":228,"context_line":""},{"line_number":229,"context_line":"certificate"},{"line_number":230,"context_line":"  The certificate which a node will need to present when interacting with the"},{"line_number":231,"context_line":"  registrar or verifier"},{"line_number":232,"context_line":""},{"line_number":233,"context_line":"Developer impact"}],"source_content_type":"text/x-rst","patch_set":15,"id":"1da7f816_d9171895","line":230,"range":{"start_line":230,"start_character":26,"end_line":230,"end_character":30},"in_reply_to":"ffe0b56c_0b9d2cbb","updated":"2020-12-02 17:59:00.000000000","message":"I think this actually should be removed. The original thought was that the controller might need to pass a certificate to the agent in order to get started, but that isn\u0027t how we are really doing things now. I think that would be out of the scope of ironic as we are now opting to have the agent all set up on the node before the first heartbeat anyways.","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"63c78800a4a691da45eecc8969cdedadd85ae678","unresolved":true,"context_lines":[{"line_number":266,"context_line":"Testing"},{"line_number":267,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":268,"context_line":""},{"line_number":269,"context_line":"Testing for this interface and basic funcitionality, as well as integration"},{"line_number":270,"context_line":"testing using the ansible-keylime-tpm-emulator for TPM emulation."},{"line_number":271,"context_line":""},{"line_number":272,"context_line":"Upgrades and Backwards Compatibility"}],"source_content_type":"text/x-rst","patch_set":15,"id":"7caafa3c_bdc325c8","line":269,"range":{"start_line":269,"start_character":37,"end_line":269,"end_character":51},"updated":"2020-12-01 02:51:19.000000000","message":"functionality","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"ba050a632f9cea3902fc7bc9326f1f7b327613cc","unresolved":false,"context_lines":[{"line_number":266,"context_line":"Testing"},{"line_number":267,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":268,"context_line":""},{"line_number":269,"context_line":"Testing for this interface and basic funcitionality, as well as integration"},{"line_number":270,"context_line":"testing using the ansible-keylime-tpm-emulator for TPM emulation."},{"line_number":271,"context_line":""},{"line_number":272,"context_line":"Upgrades and Backwards Compatibility"}],"source_content_type":"text/x-rst","patch_set":15,"id":"338115ac_aabb36db","line":269,"range":{"start_line":269,"start_character":37,"end_line":269,"end_character":51},"in_reply_to":"7caafa3c_bdc325c8","updated":"2020-12-02 17:59:00.000000000","message":"Ack","commit_id":"9980ef0c46398cff876b7ecc6f862447ccdce9ad"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"225255a404b7efa72f46c5351c4632bd9ac9412f","unresolved":true,"context_lines":[{"line_number":220,"context_line":""},{"line_number":221,"context_line":"These options would go under the ``[keylime]`` section"},{"line_number":222,"context_line":""},{"line_number":223,"context_line":"registrar_i"},{"line_number":224,"context_line":"  The ip address of the Keylime registrar"},{"line_number":225,"context_line":""},{"line_number":226,"context_line":"verifier_ip"}],"source_content_type":"text/x-rst","patch_set":16,"id":"5bea407f_003d5155","line":223,"updated":"2020-12-02 23:37:02.000000000","message":"These changed in the last revision. They likely should be registrar_address.","commit_id":"0392e765f2e436f04ea385f6176fa90fe360aadc"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"225255a404b7efa72f46c5351c4632bd9ac9412f","unresolved":true,"context_lines":[{"line_number":223,"context_line":"registrar_i"},{"line_number":224,"context_line":"  The ip address of the Keylime registrar"},{"line_number":225,"context_line":""},{"line_number":226,"context_line":"verifier_ip"},{"line_number":227,"context_line":"  The ip address of the Keylime verifier"},{"line_number":228,"context_line":""},{"line_number":229,"context_line":"Developer impact"}],"source_content_type":"text/x-rst","patch_set":16,"id":"6bb48f68_bc678e1f","line":226,"updated":"2020-12-02 23:37:02.000000000","message":"Just an IP, Not a DNS name? What about IPv6?\n\nWhat about a port? Address might fit better. :)","commit_id":"0392e765f2e436f04ea385f6176fa90fe360aadc"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"6d9318b9b29570b8cf7aff7c72c45d5f92ae6eb1","unresolved":false,"context_lines":[{"line_number":223,"context_line":"registrar_i"},{"line_number":224,"context_line":"  The ip address of the Keylime registrar"},{"line_number":225,"context_line":""},{"line_number":226,"context_line":"verifier_ip"},{"line_number":227,"context_line":"  The ip address of the Keylime verifier"},{"line_number":228,"context_line":""},{"line_number":229,"context_line":"Developer impact"}],"source_content_type":"text/x-rst","patch_set":16,"id":"63909000_b63ceb82","line":226,"in_reply_to":"6bb48f68_bc678e1f","updated":"2020-12-03 16:34:22.000000000","message":"Ack","commit_id":"0392e765f2e436f04ea385f6176fa90fe360aadc"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"8e545b3130262ddafa3c94d3d4d045671adfc25b","unresolved":true,"context_lines":[{"line_number":38,"context_line":"Sometimes security is adherence to process."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"To leverage TPM\u0027s for attestation, we propose Keylime, an open source remote"},{"line_number":41,"context_line":"boot attestation and runtime integrity measurement system. In Keylime, there"},{"line_number":42,"context_line":"are three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The"},{"line_number":43,"context_line":"verifier and registrar run on machines external to the Ironic workflow."},{"line_number":44,"context_line":"Ironic will only need to worry about knowing how to contact these machines."}],"source_content_type":"text/x-rst","patch_set":17,"id":"b5342523_4261d3ec","line":41,"updated":"2020-12-04 23:25:05.000000000","message":"Is this proposing to add Keylime as an Openstack project under Bare Metal? If not, the spec should focus on the interface to Ironic and use cases for the interface, with Keylime referenced as one potential implementation. Ideally, we\u0027d have multiple examples of services that could have a driver implemented in the SecurityInterface.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"918b7b1b3a6c5c6743d7dab540740037613c48c2","unresolved":false,"context_lines":[{"line_number":38,"context_line":"Sometimes security is adherence to process."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"To leverage TPM\u0027s for attestation, we propose Keylime, an open source remote"},{"line_number":41,"context_line":"boot attestation and runtime integrity measurement system. In Keylime, there"},{"line_number":42,"context_line":"are three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The"},{"line_number":43,"context_line":"verifier and registrar run on machines external to the Ironic workflow."},{"line_number":44,"context_line":"Ironic will only need to worry about knowing how to contact these machines."}],"source_content_type":"text/x-rst","patch_set":17,"id":"5a96e93d_93b4d4d1","line":41,"updated":"2020-12-10 17:06:05.000000000","message":"Since keylime is FOSS and vendor-neutral (?), I have no problems with it being a reference (and potentially only) implementation.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"87dead62193fc10fd2067d11adff08fca92848c8","unresolved":true,"context_lines":[{"line_number":38,"context_line":"Sometimes security is adherence to process."},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"To leverage TPM\u0027s for attestation, we propose Keylime, an open source remote"},{"line_number":41,"context_line":"boot attestation and runtime integrity measurement system. In Keylime, there"},{"line_number":42,"context_line":"are three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The"},{"line_number":43,"context_line":"verifier and registrar run on machines external to the Ironic workflow."},{"line_number":44,"context_line":"Ironic will only need to worry about knowing how to contact these machines."}],"source_content_type":"text/x-rst","patch_set":17,"id":"aeec6b01_d669c8a3","line":41,"in_reply_to":"b5342523_4261d3ec","updated":"2020-12-08 19:33:31.000000000","message":"The idea of this spec is to put forth the generic security interface and a Keylime driver. Originally this spec was two specs but it was ultimately decided to merge the two as without the keylime details it wasn\u0027t obvious why a security interface would even be useful.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"8e545b3130262ddafa3c94d3d4d045671adfc25b","unresolved":true,"context_lines":[{"line_number":99,"context_line":"will be a specific model for a deployment or portion of a deployment, and thus"},{"line_number":100,"context_line":"we may one day have need for \"vendor\" specific drivers for particular security"},{"line_number":101,"context_line":"solutions and workflow. As such, not creating a new interface for this seems"},{"line_number":102,"context_line":"less ideal."},{"line_number":103,"context_line":""},{"line_number":104,"context_line":"Data model impact"},{"line_number":105,"context_line":"-----------------"}],"source_content_type":"text/x-rst","patch_set":17,"id":"6a720465_1e4387a2","line":102,"updated":"2020-12-04 23:25:05.000000000","message":"I don\u0027t think this addresses all potential alternatives. In fact, I built a similar framework where a machine with invalid firmware was removed from inventory via cleaning steps that validated the firmware and failed cleaning if it was invalid.\n\nI\u0027d like more explanation here as to why our existing, generic idea of \"steps\" (clean steps / deploy steps) cannot satisfy this use case.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"87dead62193fc10fd2067d11adff08fca92848c8","unresolved":true,"context_lines":[{"line_number":99,"context_line":"will be a specific model for a deployment or portion of a deployment, and thus"},{"line_number":100,"context_line":"we may one day have need for \"vendor\" specific drivers for particular security"},{"line_number":101,"context_line":"solutions and workflow. As such, not creating a new interface for this seems"},{"line_number":102,"context_line":"less ideal."},{"line_number":103,"context_line":""},{"line_number":104,"context_line":"Data model impact"},{"line_number":105,"context_line":"-----------------"}],"source_content_type":"text/x-rst","patch_set":17,"id":"c7392010_c61b701a","line":102,"in_reply_to":"6a720465_1e4387a2","updated":"2020-12-08 19:33:31.000000000","message":"Well this allows us to perform all of these steps at any moment, instead of along some state transition. With Keylime we can monitor booting and control the exact commands that a node is used for using the whitelists. Otherwise, what happens in between provisioning and cleaning is unknown. This is important for hardware leasing, where we an owner doesn\u0027t know who the hardware is being leased to and wants to more tightly monitor everything and make sure nothing which adheres from expectations occurs.\n\nAlso, if we did things at clean time, wouldnt some sort of attestation service be needed anyways? A driver with an interface which executes special steps at certain transitions seems more modular than building these actions into existing cleaning routines.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"167414e3d9d8a5c4b7eed1e071356da74de297c7","unresolved":false,"context_lines":[{"line_number":156,"context_line":"        \"\"\""},{"line_number":157,"context_line":""},{"line_number":158,"context_line":"    def attest(self, task):"},{"line_number":159,"context_line":"        \"\"\"Commands the node to perform an attestation."},{"line_number":160,"context_line":"        \"\"\""},{"line_number":161,"context_line":""},{"line_number":162,"context_line":"These methods can exist during the node\u0027s cleaning and deployment time."}],"source_content_type":"text/x-rst","patch_set":17,"id":"9690d1c1_caa5931e","line":159,"updated":"2020-12-03 16:09:27.000000000","message":"What exactly does it involve? How is it different from validate_security_status? When is it called?","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"b1779778165c8bbd61d782d3627d5ae644d25384","unresolved":false,"context_lines":[{"line_number":156,"context_line":"        \"\"\""},{"line_number":157,"context_line":""},{"line_number":158,"context_line":"    def attest(self, task):"},{"line_number":159,"context_line":"        \"\"\"Commands the node to perform an attestation."},{"line_number":160,"context_line":"        \"\"\""},{"line_number":161,"context_line":""},{"line_number":162,"context_line":"These methods can exist during the node\u0027s cleaning and deployment time."}],"source_content_type":"text/x-rst","patch_set":17,"id":"a7d20e0c_51f5dce6","line":159,"in_reply_to":"9690d1c1_caa5931e","updated":"2020-12-04 16:53:17.000000000","message":"The idea is that this attest call would be called at points along the state machine and tell the agent to attest itself. The validate_security_status call would just be a call to go to the verifier and get a status and act on it. It may end up being that both of these calls are used at the same point along the state machine, but the validate_security_status call may end up being made periodically while in a certain state.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"8e545b3130262ddafa3c94d3d4d045671adfc25b","unresolved":false,"context_lines":[{"line_number":156,"context_line":"        \"\"\""},{"line_number":157,"context_line":""},{"line_number":158,"context_line":"    def attest(self, task):"},{"line_number":159,"context_line":"        \"\"\"Commands the node to perform an attestation."},{"line_number":160,"context_line":"        \"\"\""},{"line_number":161,"context_line":""},{"line_number":162,"context_line":"These methods can exist during the node\u0027s cleaning and deployment time."}],"source_content_type":"text/x-rst","patch_set":17,"id":"7fe9176b_6285d24a","line":159,"in_reply_to":"a7d20e0c_51f5dce6","updated":"2020-12-04 23:25:05.000000000","message":"Is there any other place in our code where we something designed to interact with IPA, but does not exist in DeployInterface? This seems like a weird merging of concerns and IMO is more evidence that this case could be handled by our existing \"steps\" model.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"167414e3d9d8a5c4b7eed1e071356da74de297c7","unresolved":false,"context_lines":[{"line_number":164,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":165,"context_line":"will be configurable."},{"line_number":166,"context_line":""},{"line_number":167,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":168,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":169,"context_line":"perform a validate_security_status()."},{"line_number":170,"context_line":""}],"source_content_type":"text/x-rst","patch_set":17,"id":"0cec6a7d_1fe0258a","line":167,"updated":"2020-12-03 16:09:27.000000000","message":"Does this initial registration have anything to do with ironic? If yes, please expand on what it involves.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"b1779778165c8bbd61d782d3627d5ae644d25384","unresolved":false,"context_lines":[{"line_number":164,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":165,"context_line":"will be configurable."},{"line_number":166,"context_line":""},{"line_number":167,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":168,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":169,"context_line":"perform a validate_security_status()."},{"line_number":170,"context_line":""}],"source_content_type":"text/x-rst","patch_set":17,"id":"a558d1cc_71ea6425","line":167,"in_reply_to":"0cec6a7d_1fe0258a","updated":"2020-12-04 16:53:17.000000000","message":"There shouldnt be any work for this on ironic\u0027s end","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"8e545b3130262ddafa3c94d3d4d045671adfc25b","unresolved":false,"context_lines":[{"line_number":164,"context_line":"example, whether or not we raise an error on attestation failure"},{"line_number":165,"context_line":"will be configurable."},{"line_number":166,"context_line":""},{"line_number":167,"context_line":"Initial registration of the Keylime agent will be done before the first"},{"line_number":168,"context_line":"heartbeat. When the controller receives the first heartbeat, they may"},{"line_number":169,"context_line":"perform a validate_security_status()."},{"line_number":170,"context_line":""}],"source_content_type":"text/x-rst","patch_set":17,"id":"22f7d4f4_93853738","line":167,"in_reply_to":"a558d1cc_71ea6425","updated":"2020-12-04 23:25:05.000000000","message":"If the initial registration for Keylime doesn\u0027t involve Ironic, it probably shouldn\u0027t be mentioned here.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"167414e3d9d8a5c4b7eed1e071356da74de297c7","unresolved":false,"context_lines":[{"line_number":173,"context_line":""},{"line_number":174,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":175,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":176,"context_line":"for the security interface, and fail if the validation is not successful. This"},{"line_number":177,"context_line":"check will need to be guarded by a API micro-versioning, though such a"},{"line_number":178,"context_line":"trivial change should not be a hangup for the Nova engineers."},{"line_number":179,"context_line":""}],"source_content_type":"text/x-rst","patch_set":17,"id":"8a179498_495239ea","line":176,"updated":"2020-12-03 16:09:27.000000000","message":"Validation \u003d the standard validate() call, not validate_security_status? Maybe we should have added validate explicitly just for clarity..","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"b1779778165c8bbd61d782d3627d5ae644d25384","unresolved":false,"context_lines":[{"line_number":173,"context_line":""},{"line_number":174,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":175,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":176,"context_line":"for the security interface, and fail if the validation is not successful. This"},{"line_number":177,"context_line":"check will need to be guarded by a API micro-versioning, though such a"},{"line_number":178,"context_line":"trivial change should not be a hangup for the Nova engineers."},{"line_number":179,"context_line":""}],"source_content_type":"text/x-rst","patch_set":17,"id":"32fdbb57_268d1f55","line":176,"in_reply_to":"8a179498_495239ea","updated":"2020-12-04 16:53:17.000000000","message":"yeah this would be the standard validate() call.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"167414e3d9d8a5c4b7eed1e071356da74de297c7","unresolved":false,"context_lines":[{"line_number":183,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":184,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":185,"context_line":"ramdisk. This includes tpm2-tss software stack, tpm2-tools utilities,"},{"line_number":186,"context_line":"and, although not required, the tpm2-abrmd resource manager."},{"line_number":187,"context_line":""},{"line_number":188,"context_line":"Keylime-agent will be setup on the ramdisk. A new dib element will be created"},{"line_number":189,"context_line":"to install keylime-agent and make it run as a system service."}],"source_content_type":"text/x-rst","patch_set":17,"id":"cdfdba93_dc757caa","line":186,"updated":"2020-12-03 16:09:27.000000000","message":"Does the keylime agent need any information to identify the node? If yes, we need a way to pass it before the first heartbeat.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"b1779778165c8bbd61d782d3627d5ae644d25384","unresolved":false,"context_lines":[{"line_number":183,"context_line":"To have the Keylime agent work with TPM 2.0, certain libraries and"},{"line_number":184,"context_line":"configuration must be provided. These enhancements will come as part of the"},{"line_number":185,"context_line":"ramdisk. This includes tpm2-tss software stack, tpm2-tools utilities,"},{"line_number":186,"context_line":"and, although not required, the tpm2-abrmd resource manager."},{"line_number":187,"context_line":""},{"line_number":188,"context_line":"Keylime-agent will be setup on the ramdisk. A new dib element will be created"},{"line_number":189,"context_line":"to install keylime-agent and make it run as a system service."}],"source_content_type":"text/x-rst","patch_set":17,"id":"c06d7a0d_fd5d9b0e","line":186,"in_reply_to":"cdfdba93_dc757caa","updated":"2020-12-04 16:53:17.000000000","message":"yeah. We have been looking into putting some of this information, mainly allowlists and  verifier_address (the agent and controller need this), through building it into the image.","commit_id":"9f5ebd5616ee58d9b57b771fbdb89b576459383d"},{"author":{"_account_id":23851,"name":"Riccardo Pittau","email":"elfosardo@gmail.com","username":"elfosardo"},"change_message_id":"383098949b0be7110a25b96ec961b48e4aa7a02d","unresolved":true,"context_lines":[{"line_number":70,"context_line":"------------------"},{"line_number":71,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"},{"line_number":72,"context_line":"which maps to a `task.node.driver.security` interface, along with the other"},{"line_number":73,"context_line":"standard configuration parameters and defaults behavior that exists with"},{"line_number":74,"context_line":"the driver composition model."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"Accordingly the ``security_interface`` would be returned on the node object"}],"source_content_type":"text/x-rst","patch_set":20,"id":"abec7bed_62a3ebc2","line":73,"range":{"start_line":73,"start_character":38,"end_line":73,"end_character":55},"updated":"2021-02-23 09:52:16.000000000","message":"nit: default behaviors","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":23851,"name":"Riccardo Pittau","email":"elfosardo@gmail.com","username":"elfosardo"},"change_message_id":"383098949b0be7110a25b96ec961b48e4aa7a02d","unresolved":true,"context_lines":[{"line_number":70,"context_line":"------------------"},{"line_number":71,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"},{"line_number":72,"context_line":"which maps to a `task.node.driver.security` interface, along with the other"},{"line_number":73,"context_line":"standard configuration parameters and defaults behavior that exists with"},{"line_number":74,"context_line":"the driver composition model."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"Accordingly the ``security_interface`` would be returned on the node object"}],"source_content_type":"text/x-rst","patch_set":20,"id":"3e8cb88a_28daba88","line":73,"range":{"start_line":73,"start_character":61,"end_line":73,"end_character":67},"updated":"2021-02-23 09:52:16.000000000","message":"nit: exist","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"d089b4eb7afe166cc253c66195213438eca7a671","unresolved":false,"context_lines":[{"line_number":70,"context_line":"------------------"},{"line_number":71,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"},{"line_number":72,"context_line":"which maps to a `task.node.driver.security` interface, along with the other"},{"line_number":73,"context_line":"standard configuration parameters and defaults behavior that exists with"},{"line_number":74,"context_line":"the driver composition model."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"Accordingly the ``security_interface`` would be returned on the node object"}],"source_content_type":"text/x-rst","patch_set":20,"id":"20f5ff62_e1adc367","line":73,"range":{"start_line":73,"start_character":61,"end_line":73,"end_character":67},"in_reply_to":"3e8cb88a_28daba88","updated":"2021-03-29 21:05:10.000000000","message":"Ack","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"d089b4eb7afe166cc253c66195213438eca7a671","unresolved":false,"context_lines":[{"line_number":70,"context_line":"------------------"},{"line_number":71,"context_line":"The addition of a ``security_interface`` field in the ``nodes`` table,"},{"line_number":72,"context_line":"which maps to a `task.node.driver.security` interface, along with the other"},{"line_number":73,"context_line":"standard configuration parameters and defaults behavior that exists with"},{"line_number":74,"context_line":"the driver composition model."},{"line_number":75,"context_line":""},{"line_number":76,"context_line":"Accordingly the ``security_interface`` would be returned on the node object"}],"source_content_type":"text/x-rst","patch_set":20,"id":"fbcc000a_587b190b","line":73,"range":{"start_line":73,"start_character":38,"end_line":73,"end_character":55},"in_reply_to":"abec7bed_62a3ebc2","updated":"2021-03-29 21:05:10.000000000","message":"Ack","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":23851,"name":"Riccardo Pittau","email":"elfosardo@gmail.com","username":"elfosardo"},"change_message_id":"383098949b0be7110a25b96ec961b48e4aa7a02d","unresolved":true,"context_lines":[{"line_number":84,"context_line":"network used to communicate with the attestation service is secure and"},{"line_number":85,"context_line":"that the attestation entity is also always trustworthy. Trying to concern"},{"line_number":86,"context_line":"ourselves with issues like replay attacks or spoofed messages is beyond"},{"line_number":87,"context_line":"the scope of IMA security attestation."},{"line_number":88,"context_line":""},{"line_number":89,"context_line":"To accomodate operator workflows wherein an operator may not have"},{"line_number":90,"context_line":"access to the attestation service, we cannot allow the attestation service"}],"source_content_type":"text/x-rst","patch_set":20,"id":"3590f2e6_f2f1b685","line":87,"range":{"start_line":87,"start_character":13,"end_line":87,"end_character":16},"updated":"2021-02-23 09:52:16.000000000","message":"nit: probably good to add the full words (Integrity Measurement Architecture) and not just the achronim here; also an external reference could help.","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"445ef208b81a1bb4f02d88ef629e41f2c9e9db6b","unresolved":true,"context_lines":[{"line_number":202,"context_line":"will be configurable. For example, whether or not we raise an error"},{"line_number":203,"context_line":"on attestation failure will be configurable."},{"line_number":204,"context_line":""},{"line_number":205,"context_line":"Initial registration of the attestation agent will be done before the first"},{"line_number":206,"context_line":"heartbeat."},{"line_number":207,"context_line":""},{"line_number":208,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":209,"context_line":"and cleaning."}],"source_content_type":"text/x-rst","patch_set":20,"id":"f7518679_f7484973","line":206,"range":{"start_line":205,"start_character":0,"end_line":206,"end_character":10},"updated":"2020-12-17 19:36:28.000000000","message":"how will this be achieved?\n\nThink \"keep the ramdisk generic\"","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"e9fa9eb6e5b727e1d865f00e2733b525d8842332","unresolved":true,"context_lines":[{"line_number":202,"context_line":"will be configurable. For example, whether or not we raise an error"},{"line_number":203,"context_line":"on attestation failure will be configurable."},{"line_number":204,"context_line":""},{"line_number":205,"context_line":"Initial registration of the attestation agent will be done before the first"},{"line_number":206,"context_line":"heartbeat."},{"line_number":207,"context_line":""},{"line_number":208,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":209,"context_line":"and cleaning."}],"source_content_type":"text/x-rst","patch_set":20,"id":"f321dc6b_8f93ebd1","line":206,"range":{"start_line":205,"start_character":0,"end_line":206,"end_character":10},"in_reply_to":"f7518679_f7484973","updated":"2021-01-28 14:40:48.000000000","message":"The Keylime agent will be installed and started using a dib image element.","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"445ef208b81a1bb4f02d88ef629e41f2c9e9db6b","unresolved":true,"context_lines":[{"line_number":208,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":209,"context_line":"and cleaning."},{"line_number":210,"context_line":""},{"line_number":211,"context_line":"For deployment, all security steps will have to be performed at the"},{"line_number":212,"context_line":"end of the deployment process. Deployment will begin with"},{"line_number":213,"context_line":"a node registering itself with our attestation service. Once registered,"},{"line_number":214,"context_line":"the node will send out its first heartbeat. Upon receiving the heartbeat,"},{"line_number":215,"context_line":"the controller knows it may perform any of the security_interface"}],"source_content_type":"text/x-rst","patch_set":20,"id":"b7896d04_96bd1e89","line":212,"range":{"start_line":211,"start_character":16,"end_line":212,"end_character":31},"updated":"2020-12-17 19:36:28.000000000","message":"Why are we waiting until after after deployment to trigger the attestation?","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"e63c403538ba82f7bd781319ef2800f4b7f7be07","unresolved":true,"context_lines":[{"line_number":208,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":209,"context_line":"and cleaning."},{"line_number":210,"context_line":""},{"line_number":211,"context_line":"For deployment, all security steps will have to be performed at the"},{"line_number":212,"context_line":"end of the deployment process. Deployment will begin with"},{"line_number":213,"context_line":"a node registering itself with our attestation service. Once registered,"},{"line_number":214,"context_line":"the node will send out its first heartbeat. Upon receiving the heartbeat,"},{"line_number":215,"context_line":"the controller knows it may perform any of the security_interface"}],"source_content_type":"text/x-rst","patch_set":20,"id":"8e895754_b06984d1","line":212,"range":{"start_line":211,"start_character":16,"end_line":212,"end_character":31},"in_reply_to":"018822a8_df1aebc3","updated":"2021-02-18 06:49:25.000000000","message":"I would just dual tag the step with a low step number... or maybe a high step number. I don\u0027t remember offhand if it descends or ascends. That way it gets pulled in, but can be overriden or explicitly skipped. Or we could match it to a trait.","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"4651f1245e012469c6d4d0cc1acdae7003efc69e","unresolved":true,"context_lines":[{"line_number":208,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":209,"context_line":"and cleaning."},{"line_number":210,"context_line":""},{"line_number":211,"context_line":"For deployment, all security steps will have to be performed at the"},{"line_number":212,"context_line":"end of the deployment process. Deployment will begin with"},{"line_number":213,"context_line":"a node registering itself with our attestation service. Once registered,"},{"line_number":214,"context_line":"the node will send out its first heartbeat. Upon receiving the heartbeat,"},{"line_number":215,"context_line":"the controller knows it may perform any of the security_interface"}],"source_content_type":"text/x-rst","patch_set":20,"id":"018822a8_df1aebc3","line":212,"range":{"start_line":211,"start_character":16,"end_line":212,"end_character":31},"in_reply_to":"b7896d04_96bd1e89","updated":"2021-02-08 16:59:25.000000000","message":"During the deployment process, maybe we should trigger the attestation at both cleaning and deploying steps?","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"a06883ea57c076526668f2fc5f4c5f5b350f33e0","unresolved":true,"context_lines":[{"line_number":220,"context_line":"If the status is something we do not expect, or the controller is unable to"},{"line_number":221,"context_line":"access the verifier due to network issues, we will fail the deployment."},{"line_number":222,"context_line":""},{"line_number":223,"context_line":"From a security perspective, all steps will need to be performed at the end"},{"line_number":224,"context_line":"of the cleaning process. The Ironic controller will begin with a call to the"},{"line_number":225,"context_line":"attest() method which instructs the attestation agent on the node to attest"},{"line_number":226,"context_line":"itself to ensure the status we will get from the verifier is as up to date as"},{"line_number":227,"context_line":"possible. We then call the validate_security_status() to check that the"}],"source_content_type":"text/x-rst","patch_set":20,"id":"ecf8e139_26735b45","line":224,"range":{"start_line":223,"start_character":30,"end_line":224,"end_character":24},"updated":"2021-01-29 09:21:50.000000000","message":"Currently \u0027cleaning\u0027 is an optional operation. Does this necessitates that the \u0027cleaning\u0027 as a required operation before provisioning to use security interfaces? Can\u0027t this be done as part of the deployment process itself?","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"445ef208b81a1bb4f02d88ef629e41f2c9e9db6b","unresolved":true,"context_lines":[{"line_number":220,"context_line":"If the status is something we do not expect, or the controller is unable to"},{"line_number":221,"context_line":"access the verifier due to network issues, we will fail the deployment."},{"line_number":222,"context_line":""},{"line_number":223,"context_line":"From a security perspective, all steps will need to be performed at the end"},{"line_number":224,"context_line":"of the cleaning process. The Ironic controller will begin with a call to the"},{"line_number":225,"context_line":"attest() method which instructs the attestation agent on the node to attest"},{"line_number":226,"context_line":"itself to ensure the status we will get from the verifier is as up to date as"},{"line_number":227,"context_line":"possible. We then call the validate_security_status() to check that the"}],"source_content_type":"text/x-rst","patch_set":20,"id":"1ec9d907_bc36af0a","line":224,"range":{"start_line":223,"start_character":32,"end_line":224,"end_character":25},"updated":"2020-12-17 19:36:28.000000000","message":"This... ideally.. should always already be the case, fwiw.","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"25b5104469dcbc9851380903bd7468c283eaa3af","unresolved":true,"context_lines":[{"line_number":220,"context_line":"If the status is something we do not expect, or the controller is unable to"},{"line_number":221,"context_line":"access the verifier due to network issues, we will fail the deployment."},{"line_number":222,"context_line":""},{"line_number":223,"context_line":"From a security perspective, all steps will need to be performed at the end"},{"line_number":224,"context_line":"of the cleaning process. The Ironic controller will begin with a call to the"},{"line_number":225,"context_line":"attest() method which instructs the attestation agent on the node to attest"},{"line_number":226,"context_line":"itself to ensure the status we will get from the verifier is as up to date as"},{"line_number":227,"context_line":"possible. We then call the validate_security_status() to check that the"}],"source_content_type":"text/x-rst","patch_set":20,"id":"b319253a_d25bcb16","line":224,"range":{"start_line":223,"start_character":30,"end_line":224,"end_character":24},"in_reply_to":"ecf8e139_26735b45","updated":"2021-02-08 13:09:33.000000000","message":"True, which is an unfortunate knob we have in the configuration. I\u0027m not aware of any operators running without it at this point.","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11076,"name":"Shivanand Tendulker","email":"stendulker@gmail.com","username":"stendulker"},"change_message_id":"a06883ea57c076526668f2fc5f4c5f5b350f33e0","unresolved":true,"context_lines":[{"line_number":277,"context_line":"Other deployer impact"},{"line_number":278,"context_line":"---------------------"},{"line_number":279,"context_line":""},{"line_number":280,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":281,"context_line":"will map to a ``no-security`` interface."},{"line_number":282,"context_line":""},{"line_number":283,"context_line":"Config options"},{"line_number":284,"context_line":"~~~~~~~~~~~~~~"}],"source_content_type":"text/x-rst","patch_set":20,"id":"c2c940c9_73b5f92b","line":281,"range":{"start_line":280,"start_character":0,"end_line":281,"end_character":40},"updated":"2021-01-29 09:21:50.000000000","message":"Also the keylime based security interface can be used for the nodes that support TPM 2.0","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":32617,"name":"Danni Shi","email":"sdanni@redhat.com","username":"sdanni"},"change_message_id":"4651f1245e012469c6d4d0cc1acdae7003efc69e","unresolved":true,"context_lines":[{"line_number":277,"context_line":"Other deployer impact"},{"line_number":278,"context_line":"---------------------"},{"line_number":279,"context_line":""},{"line_number":280,"context_line":"The ``security`` interface will not be enabled by default, since the default"},{"line_number":281,"context_line":"will map to a ``no-security`` interface."},{"line_number":282,"context_line":""},{"line_number":283,"context_line":"Config options"},{"line_number":284,"context_line":"~~~~~~~~~~~~~~"}],"source_content_type":"text/x-rst","patch_set":20,"id":"ec946680_680053c1","line":281,"range":{"start_line":280,"start_character":0,"end_line":281,"end_character":40},"in_reply_to":"c2c940c9_73b5f92b","updated":"2021-02-08 16:59:25.000000000","message":"Yeah, we are working on setup TPM 2.0 on nodes. (using TPM emulator for now for development)","commit_id":"aad3f56ff92ed579f0be3b666cf30f0039acb0b1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":42,"context_line":"are three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The"},{"line_number":43,"context_line":"verifier and registrar run on machines external to the Ironic workflow."},{"line_number":44,"context_line":"Ironic will only need to worry about knowing how to contact these machines."},{"line_number":45,"context_line":"The Ironic conductor uses \u0027keylime tenant\u0027 CLI to communicate with verifier,"},{"line_number":46,"context_line":"registrar, and agent API endpoints."},{"line_number":47,"context_line":"The agent will need to run on the node we are trying to attest and be"},{"line_number":48,"context_line":"passed configuration options."}],"source_content_type":"text/x-rst","patch_set":24,"id":"6335dd45_60013cb8","line":45,"range":{"start_line":45,"start_character":0,"end_line":45,"end_character":76},"updated":"2021-04-06 17:59:18.000000000","message":"tenant has an overloaded meaning in openstack. Maybe worth a ..note tag to delineate the use of the word tenant in this document to be \"keylime tenant\". Additional links to keylime docs may be helpful in that regard.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":42,"context_line":"are three main components: a \u0027verifier\u0027, a \u0027registrar\u0027, and an \u0027agent\u0027. The"},{"line_number":43,"context_line":"verifier and registrar run on machines external to the Ironic workflow."},{"line_number":44,"context_line":"Ironic will only need to worry about knowing how to contact these machines."},{"line_number":45,"context_line":"The Ironic conductor uses \u0027keylime tenant\u0027 CLI to communicate with verifier,"},{"line_number":46,"context_line":"registrar, and agent API endpoints."},{"line_number":47,"context_line":"The agent will need to run on the node we are trying to attest and be"},{"line_number":48,"context_line":"passed configuration options."}],"source_content_type":"text/x-rst","patch_set":24,"id":"fcd757c7_bf3b851b","line":45,"range":{"start_line":45,"start_character":0,"end_line":45,"end_character":76},"in_reply_to":"6335dd45_60013cb8","updated":"2021-04-07 19:05:47.000000000","message":"Done","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":46,"context_line":"registrar, and agent API endpoints."},{"line_number":47,"context_line":"The agent will need to run on the node we are trying to attest and be"},{"line_number":48,"context_line":"passed configuration options."},{"line_number":49,"context_line":"So a logical first step is to provide the ability for additional processes"},{"line_number":50,"context_line":"to be executed along the workflow that are security centric logical points"},{"line_number":51,"context_line":"that, could be later molded into tight integration with an attestation"},{"line_number":52,"context_line":"service. This first step requires a new interface type \u0027security_interface\u0027"},{"line_number":53,"context_line":"to be added as a subclass of \u0027BaseDriver\u0027."},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"The second step is to provide a \u0027security_interface\u0027 implementation."},{"line_number":56,"context_line":"This implementation would use Keylime to learn about the security state of a"}],"source_content_type":"text/x-rst","patch_set":24,"id":"3103c6e7_ef6357d5","line":53,"range":{"start_line":49,"start_character":0,"end_line":53,"end_character":42},"updated":"2021-04-06 17:59:18.000000000","message":"This is a little confusing.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":46,"context_line":"registrar, and agent API endpoints."},{"line_number":47,"context_line":"The agent will need to run on the node we are trying to attest and be"},{"line_number":48,"context_line":"passed configuration options."},{"line_number":49,"context_line":"So a logical first step is to provide the ability for additional processes"},{"line_number":50,"context_line":"to be executed along the workflow that are security centric logical points"},{"line_number":51,"context_line":"that, could be later molded into tight integration with an attestation"},{"line_number":52,"context_line":"service. This first step requires a new interface type \u0027security_interface\u0027"},{"line_number":53,"context_line":"to be added as a subclass of \u0027BaseDriver\u0027."},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"The second step is to provide a \u0027security_interface\u0027 implementation."},{"line_number":56,"context_line":"This implementation would use Keylime to learn about the security state of a"}],"source_content_type":"text/x-rst","patch_set":24,"id":"e2b09080_731976e7","line":53,"range":{"start_line":49,"start_character":0,"end_line":53,"end_character":42},"in_reply_to":"3103c6e7_ef6357d5","updated":"2021-04-07 19:05:47.000000000","message":"reworded a bit. I guess the idea is just a few extra interface calls along existing workflows.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":52,"context_line":"service. This first step requires a new interface type \u0027security_interface\u0027"},{"line_number":53,"context_line":"to be added as a subclass of \u0027BaseDriver\u0027."},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"The second step is to provide a \u0027security_interface\u0027 implementation."},{"line_number":56,"context_line":"This implementation would use Keylime to learn about the security state of a"},{"line_number":57,"context_line":"node and manage configurations."},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"The third step is a set of enhancements for the ramdisk to support TPM 2.0,"},{"line_number":60,"context_line":"and installation of the Keylime agent. From there the Keylime agent"}],"source_content_type":"text/x-rst","patch_set":24,"id":"f6eaf655_182ef688","line":57,"range":{"start_line":55,"start_character":0,"end_line":57,"end_character":31},"updated":"2021-04-06 17:59:18.000000000","message":"This is kind of implied by the first step. Could it be that we need to explain what the desired end state is. What is the security interface, etc..\n\nAn example of what I\u0027m kind of thinking https://opendev.org/openstack/ironic/src/branch/master/setup.cfg#L121","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":52,"context_line":"service. This first step requires a new interface type \u0027security_interface\u0027"},{"line_number":53,"context_line":"to be added as a subclass of \u0027BaseDriver\u0027."},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"The second step is to provide a \u0027security_interface\u0027 implementation."},{"line_number":56,"context_line":"This implementation would use Keylime to learn about the security state of a"},{"line_number":57,"context_line":"node and manage configurations."},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"The third step is a set of enhancements for the ramdisk to support TPM 2.0,"},{"line_number":60,"context_line":"and installation of the Keylime agent. From there the Keylime agent"}],"source_content_type":"text/x-rst","patch_set":24,"id":"99e1e337_ccb87d1b","line":57,"range":{"start_line":55,"start_character":0,"end_line":57,"end_character":31},"in_reply_to":"f6eaf655_182ef688","updated":"2021-04-07 19:05:47.000000000","message":"I\u0027ve reworded a bunch of the information here.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":85,"context_line":"network used to communicate with the attestation service is secure and"},{"line_number":86,"context_line":"that the attestation entity is also always trustworthy. Trying to concern"},{"line_number":87,"context_line":"ourselves with issues like replay attacks or spoofed messages is beyond"},{"line_number":88,"context_line":"the scope of IMA security attestation."},{"line_number":89,"context_line":""},{"line_number":90,"context_line":"To accommodate operator workflows wherein an operator may not have"},{"line_number":91,"context_line":"access to the attestation service, we cannot allow the attestation service"}],"source_content_type":"text/x-rst","patch_set":24,"id":"05d9ff15_bbaf8b97","line":88,"range":{"start_line":88,"start_character":13,"end_line":88,"end_character":16},"updated":"2021-04-06 17:59:18.000000000","message":"Three letter acronym without explaination? I guess I don\u0027t understand what IMA is in this context.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":85,"context_line":"network used to communicate with the attestation service is secure and"},{"line_number":86,"context_line":"that the attestation entity is also always trustworthy. Trying to concern"},{"line_number":87,"context_line":"ourselves with issues like replay attacks or spoofed messages is beyond"},{"line_number":88,"context_line":"the scope of IMA security attestation."},{"line_number":89,"context_line":""},{"line_number":90,"context_line":"To accommodate operator workflows wherein an operator may not have"},{"line_number":91,"context_line":"access to the attestation service, we cannot allow the attestation service"}],"source_content_type":"text/x-rst","patch_set":24,"id":"546de8a5_32b10286","line":88,"range":{"start_line":88,"start_character":13,"end_line":88,"end_character":16},"in_reply_to":"05d9ff15_bbaf8b97","updated":"2021-04-07 19:05:47.000000000","message":"I have added a terms glossary that goes into the Keylime terms more and also defined \"IMA\" and \"TPM\" and how they are used in Keylime","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":102,"context_line":"Presently, we are mainly concerned with monitoring deployment and"},{"line_number":103,"context_line":"cleaning of a node. The intended workflow will be to use the interface"},{"line_number":104,"context_line":"during these steps to ensure the firmware of a node has not been"},{"line_number":105,"context_line":"modified. This workflow could be extended to periodically monitor a"},{"line_number":106,"context_line":"node, however we will not attempt to organize that in this spec."},{"line_number":107,"context_line":""},{"line_number":108,"context_line":""},{"line_number":109,"context_line":"Keylime Interface"}],"source_content_type":"text/x-rst","patch_set":24,"id":"f1800698_13f4dc11","line":106,"range":{"start_line":105,"start_character":10,"end_line":106,"end_character":64},"updated":"2021-04-06 17:59:18.000000000","message":"I\u0027d drop this sentence. There are technical issues to reach that... or maybe not, or it could be another service. From another standpoint, I think other reviewers would focus on the possible future.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":102,"context_line":"Presently, we are mainly concerned with monitoring deployment and"},{"line_number":103,"context_line":"cleaning of a node. The intended workflow will be to use the interface"},{"line_number":104,"context_line":"during these steps to ensure the firmware of a node has not been"},{"line_number":105,"context_line":"modified. This workflow could be extended to periodically monitor a"},{"line_number":106,"context_line":"node, however we will not attempt to organize that in this spec."},{"line_number":107,"context_line":""},{"line_number":108,"context_line":""},{"line_number":109,"context_line":"Keylime Interface"}],"source_content_type":"text/x-rst","patch_set":24,"id":"0c76a80c_e9241773","line":106,"range":{"start_line":105,"start_character":10,"end_line":106,"end_character":64},"in_reply_to":"f1800698_13f4dc11","updated":"2021-04-07 19:05:47.000000000","message":"Done","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":113,"context_line":"information about the security state of the node and take action based on"},{"line_number":114,"context_line":"the results. Doing so will require methods which will make calls to the"},{"line_number":115,"context_line":"Keylime verifier through the available REST API as well as calls to the IPA"},{"line_number":116,"context_line":"to pass necessary configuration parameters. The Keylime interface will be"},{"line_number":117,"context_line":"supported by any generic hardware type."},{"line_number":118,"context_line":""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"Keylime Configuration"},{"line_number":121,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":24,"id":"c9d846ae_9b8f3713","line":118,"range":{"start_line":116,"start_character":44,"end_line":118,"end_character":0},"updated":"2021-04-06 17:59:18.000000000","message":"I\u0027d reword this \"Keylime is anticipated to be supported by generic hardware types, however this is also an implementation detail as it is not vendor hardware dependent in the driver model as it is more similar to a network or storage interface integration.\"","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":113,"context_line":"information about the security state of the node and take action based on"},{"line_number":114,"context_line":"the results. Doing so will require methods which will make calls to the"},{"line_number":115,"context_line":"Keylime verifier through the available REST API as well as calls to the IPA"},{"line_number":116,"context_line":"to pass necessary configuration parameters. The Keylime interface will be"},{"line_number":117,"context_line":"supported by any generic hardware type."},{"line_number":118,"context_line":""},{"line_number":119,"context_line":""},{"line_number":120,"context_line":"Keylime Configuration"},{"line_number":121,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":24,"id":"61efee62_691d570c","line":118,"range":{"start_line":116,"start_character":44,"end_line":118,"end_character":0},"in_reply_to":"c9d846ae_9b8f3713","updated":"2021-04-07 19:05:47.000000000","message":"Done","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":134,"context_line":"    Keylime verifier/node/tenant -\u003e registrar: mutual TLS connection for"},{"line_number":135,"context_line":"    post/put requests;"},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"    unencrypted connection for get/delete requests"},{"line_number":138,"context_line":""},{"line_number":139,"context_line":"Every Keylime agent must have a uuid associated with it in order to register"},{"line_number":140,"context_line":"itself with the registrar. It generates its uuid using the Keylime config"}],"source_content_type":"text/x-rst","patch_set":24,"id":"ab11c037_9a455800","line":137,"range":{"start_line":137,"start_character":0,"end_line":137,"end_character":50},"updated":"2021-04-06 17:59:18.000000000","message":"In discussing with with sdanni and Leo, it seems that this is formatting that just needs to be corected.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":134,"context_line":"    Keylime verifier/node/tenant -\u003e registrar: mutual TLS connection for"},{"line_number":135,"context_line":"    post/put requests;"},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"    unencrypted connection for get/delete requests"},{"line_number":138,"context_line":""},{"line_number":139,"context_line":"Every Keylime agent must have a uuid associated with it in order to register"},{"line_number":140,"context_line":"itself with the registrar. It generates its uuid using the Keylime config"}],"source_content_type":"text/x-rst","patch_set":24,"id":"ad4cb837_03bf91f5","line":137,"range":{"start_line":137,"start_character":0,"end_line":137,"end_character":50},"in_reply_to":"ab11c037_9a455800","updated":"2021-04-07 19:05:47.000000000","message":"yes. Fixed","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":138,"context_line":""},{"line_number":139,"context_line":"Every Keylime agent must have a uuid associated with it in order to register"},{"line_number":140,"context_line":"itself with the registrar. It generates its uuid using the Keylime config"},{"line_number":141,"context_line":"file. The uuid defaults to a random id."},{"line_number":142,"context_line":""},{"line_number":143,"context_line":""},{"line_number":144,"context_line":"Allowlist"}],"source_content_type":"text/x-rst","patch_set":24,"id":"13eb9c3d_52dc4d9d","line":141,"range":{"start_line":141,"start_character":6,"end_line":141,"end_character":39},"updated":"2021-04-06 17:59:18.000000000","message":"Note: This is an interesting possibility as it could potentially be injected, but that may be thinking ahead.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":138,"context_line":""},{"line_number":139,"context_line":"Every Keylime agent must have a uuid associated with it in order to register"},{"line_number":140,"context_line":"itself with the registrar. It generates its uuid using the Keylime config"},{"line_number":141,"context_line":"file. The uuid defaults to a random id."},{"line_number":142,"context_line":""},{"line_number":143,"context_line":""},{"line_number":144,"context_line":"Allowlist"}],"source_content_type":"text/x-rst","patch_set":24,"id":"8d31a33a_6826ce54","line":141,"range":{"start_line":141,"start_character":6,"end_line":141,"end_character":39},"in_reply_to":"13eb9c3d_52dc4d9d","updated":"2021-04-07 19:05:47.000000000","message":"Yeah this solution isn\u0027t perfect. We are weirdly restricted by some Keylime design decisions that I am not entirely sure of the justifications for. The Keylime agent sets its own uuid and tells a registrar who it is. And your options for a uuid are a fixed string you could add during image building, a random string, or a hostname.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":148,"context_line":"The operator will be responsible for generating, making available, and"},{"line_number":149,"context_line":"signing with checksum the allowlist for Ironic to retrieve and assign to a"},{"line_number":150,"context_line":"node. The paths of allowlist and checksum can be saved as"},{"line_number":151,"context_line":"driver_info\\keylime_allowlist and driver_info\\keylime_allowlist_checksum."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"Linux\u0027s integrity Measurement Architecture (IMA) submodule gathers measurement"},{"line_number":154,"context_line":"list signed with TPM quote. The Keylime tenant retrieves the allowlist to"}],"source_content_type":"text/x-rst","patch_set":24,"id":"423c8e48_aa1f00b0","line":151,"range":{"start_line":151,"start_character":0,"end_line":151,"end_character":73},"updated":"2021-04-06 17:59:18.000000000","message":"typically we wrap this with `` characters on each side of the field/subfield value name. Example: ``driver_info\\keylime_allowlist``","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":148,"context_line":"The operator will be responsible for generating, making available, and"},{"line_number":149,"context_line":"signing with checksum the allowlist for Ironic to retrieve and assign to a"},{"line_number":150,"context_line":"node. The paths of allowlist and checksum can be saved as"},{"line_number":151,"context_line":"driver_info\\keylime_allowlist and driver_info\\keylime_allowlist_checksum."},{"line_number":152,"context_line":""},{"line_number":153,"context_line":"Linux\u0027s integrity Measurement Architecture (IMA) submodule gathers measurement"},{"line_number":154,"context_line":"list signed with TPM quote. The Keylime tenant retrieves the allowlist to"}],"source_content_type":"text/x-rst","patch_set":24,"id":"aa47ad60_9f6425fb","line":151,"range":{"start_line":151,"start_character":0,"end_line":151,"end_character":73},"in_reply_to":"423c8e48_aa1f00b0","updated":"2021-04-07 19:05:47.000000000","message":"Done","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":154,"context_line":"list signed with TPM quote. The Keylime tenant retrieves the allowlist to"},{"line_number":155,"context_line":"send to the verifier. Verifier obtains the measurement list and performs"},{"line_number":156,"context_line":"attestation by comparing the measurement list against allowlist."},{"line_number":157,"context_line":""},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"The workflow for node attestation will go as follows:"},{"line_number":160,"context_line":""}],"source_content_type":"text/x-rst","patch_set":24,"id":"12b0f138_0c8d13fc","line":157,"range":{"start_line":157,"start_character":0,"end_line":157,"end_character":0},"updated":"2021-04-06 17:59:18.000000000","message":"Note: Supplying an allow list is *required* to ask the system for an entire measurement.\n\nI would add an explicit note..\n\n.. note:: xyz","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":154,"context_line":"list signed with TPM quote. The Keylime tenant retrieves the allowlist to"},{"line_number":155,"context_line":"send to the verifier. Verifier obtains the measurement list and performs"},{"line_number":156,"context_line":"attestation by comparing the measurement list against allowlist."},{"line_number":157,"context_line":""},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"The workflow for node attestation will go as follows:"},{"line_number":160,"context_line":""}],"source_content_type":"text/x-rst","patch_set":24,"id":"c709e7af_c4f86f75","line":157,"range":{"start_line":157,"start_character":0,"end_line":157,"end_character":0},"in_reply_to":"12b0f138_0c8d13fc","updated":"2021-04-07 19:05:47.000000000","message":"Done. I also forgot to mention here that the excludelist is not required. I have added some excludelist information","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":155,"context_line":"send to the verifier. Verifier obtains the measurement list and performs"},{"line_number":156,"context_line":"attestation by comparing the measurement list against allowlist."},{"line_number":157,"context_line":""},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"The workflow for node attestation will go as follows:"},{"line_number":160,"context_line":""},{"line_number":161,"context_line":"diagram {"}],"source_content_type":"text/x-rst","patch_set":24,"id":"c2c2036b_8266966d","line":158,"updated":"2021-04-06 17:59:18.000000000","message":"This seems like overall workflow below, should there be a header?","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":155,"context_line":"send to the verifier. Verifier obtains the measurement list and performs"},{"line_number":156,"context_line":"attestation by comparing the measurement list against allowlist."},{"line_number":157,"context_line":""},{"line_number":158,"context_line":""},{"line_number":159,"context_line":"The workflow for node attestation will go as follows:"},{"line_number":160,"context_line":""},{"line_number":161,"context_line":"diagram {"}],"source_content_type":"text/x-rst","patch_set":24,"id":"46c9b8d8_678d1c10","line":158,"in_reply_to":"c2c2036b_8266966d","updated":"2021-04-07 19:05:47.000000000","message":"yes. I have added this header and moved it further down in the document.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":163,"context_line":"activation \u003d none; span_height \u003d 1; edge_length \u003d 250;"},{"line_number":164,"context_line":"default_note_color \u003d white; default_fontsize \u003d 12;"},{"line_number":165,"context_line":"Image -\u003e Node [label \u003d \"The node is booted with an image generated by"},{"line_number":166,"context_line":"diskimage-builder tool. Keylime and TPM environment is setup in the image\"];"},{"line_number":167,"context_line":"Node -\u003e Keylime-registrar [label \u003d \"Makes a post request to register the agent"},{"line_number":168,"context_line":"on the node\"];"},{"line_number":169,"context_line":"Keylime-registrar -\u003e Node [label \u003d \"Responses the node with an"}],"source_content_type":"text/x-rst","patch_set":24,"id":"24b96bf8_6a6d67a0","line":166,"updated":"2021-04-06 17:59:18.000000000","message":"fwiw, diskimage-builder can likely also generate an allow-list based upon contents.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":163,"context_line":"activation \u003d none; span_height \u003d 1; edge_length \u003d 250;"},{"line_number":164,"context_line":"default_note_color \u003d white; default_fontsize \u003d 12;"},{"line_number":165,"context_line":"Image -\u003e Node [label \u003d \"The node is booted with an image generated by"},{"line_number":166,"context_line":"diskimage-builder tool. Keylime and TPM environment is setup in the image\"];"},{"line_number":167,"context_line":"Node -\u003e Keylime-registrar [label \u003d \"Makes a post request to register the agent"},{"line_number":168,"context_line":"on the node\"];"},{"line_number":169,"context_line":"Keylime-registrar -\u003e Node [label \u003d \"Responses the node with an"}],"source_content_type":"text/x-rst","patch_set":24,"id":"7849f4b7_54027223","line":166,"in_reply_to":"24b96bf8_6a6d67a0","updated":"2021-04-07 19:05:47.000000000","message":"We had explored this option but are leaning against it as the same allowlist can be used for multiple nodes. It also seems precarious to us to have the node we are attesting send over its ideal state, as if a compromise happens before the registration finishes, who is to say the allowlist hasn\u0027t been hijacked?","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":164,"context_line":"default_note_color \u003d white; default_fontsize \u003d 12;"},{"line_number":165,"context_line":"Image -\u003e Node [label \u003d \"The node is booted with an image generated by"},{"line_number":166,"context_line":"diskimage-builder tool. Keylime and TPM environment is setup in the image\"];"},{"line_number":167,"context_line":"Node -\u003e Keylime-registrar [label \u003d \"Makes a post request to register the agent"},{"line_number":168,"context_line":"on the node\"];"},{"line_number":169,"context_line":"Keylime-registrar -\u003e Node [label \u003d \"Responses the node with an"},{"line_number":170,"context_line":"encrypted AIK\"]; Node -\u003e Keylime-registrar [label \u003d \"Makes an activation"}],"source_content_type":"text/x-rst","patch_set":24,"id":"d37a7b50_60539487","line":167,"range":{"start_line":167,"start_character":74,"end_line":167,"end_character":78},"updated":"2021-04-06 17:59:18.000000000","message":"keylime agent?\n\nMight be good to delineate *what* on the node is doing this.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":164,"context_line":"default_note_color \u003d white; default_fontsize \u003d 12;"},{"line_number":165,"context_line":"Image -\u003e Node [label \u003d \"The node is booted with an image generated by"},{"line_number":166,"context_line":"diskimage-builder tool. Keylime and TPM environment is setup in the image\"];"},{"line_number":167,"context_line":"Node -\u003e Keylime-registrar [label \u003d \"Makes a post request to register the agent"},{"line_number":168,"context_line":"on the node\"];"},{"line_number":169,"context_line":"Keylime-registrar -\u003e Node [label \u003d \"Responses the node with an"},{"line_number":170,"context_line":"encrypted AIK\"]; Node -\u003e Keylime-registrar [label \u003d \"Makes an activation"}],"source_content_type":"text/x-rst","patch_set":24,"id":"686eda1e_ae729b34","line":167,"range":{"start_line":167,"start_character":74,"end_line":167,"end_character":78},"in_reply_to":"d37a7b50_60539487","updated":"2021-04-07 19:05:47.000000000","message":"Keylime agent yes. Fixed","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":186,"context_line":"Alternatives"},{"line_number":187,"context_line":"------------"},{"line_number":188,"context_line":""},{"line_number":189,"context_line":"We could add such functionality to various interfaces, but generally security"},{"line_number":190,"context_line":"will be a specific model for a deployment or portion of a deployment, and thus"},{"line_number":191,"context_line":"we may one day have need for \"vendor\" specific drivers for particular security"},{"line_number":192,"context_line":"solutions and workflow. As such, not creating a new interface for this seems"}],"source_content_type":"text/x-rst","patch_set":24,"id":"6acc1558_d7cad106","line":189,"range":{"start_line":189,"start_character":34,"end_line":189,"end_character":55},"updated":"2021-04-06 17:59:18.000000000","message":"Technically I still think various interfaces might need modification for cross-driver integration, but again, more implementation detail wise. I think the overall theme of this is to avoid \"vendor\" specific drivers and workflows by using an open source solution.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":193,"context_line":"less ideal."},{"line_number":194,"context_line":""},{"line_number":195,"context_line":"Another alternative would be to perform certain checks along state transitions."},{"line_number":196,"context_line":"For example, at clean time we can check the firmware and fail if things have"},{"line_number":197,"context_line":"been modified. However, this is undesirable in a scenario where we have strict"},{"line_number":198,"context_line":"workflows and processes we want to adhere to. In the situation where an owner"},{"line_number":199,"context_line":"lends a node to an untrustworthy lessee the owner might want to ensure the"}],"source_content_type":"text/x-rst","patch_set":24,"id":"7e3578f1_2ff04ee2","line":196,"range":{"start_line":196,"start_character":12,"end_line":196,"end_character":64},"updated":"2021-04-06 17:59:18.000000000","message":"so I suspect we would kind of end up always doing this on clean and deploy, but that is more of an implementation detail about how the clean/deploy steps model works in the drivers.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":193,"context_line":"less ideal."},{"line_number":194,"context_line":""},{"line_number":195,"context_line":"Another alternative would be to perform certain checks along state transitions."},{"line_number":196,"context_line":"For example, at clean time we can check the firmware and fail if things have"},{"line_number":197,"context_line":"been modified. However, this is undesirable in a scenario where we have strict"},{"line_number":198,"context_line":"workflows and processes we want to adhere to. In the situation where an owner"},{"line_number":199,"context_line":"lends a node to an untrustworthy lessee the owner might want to ensure the"}],"source_content_type":"text/x-rst","patch_set":24,"id":"2220061e_e4146d6d","line":196,"range":{"start_line":196,"start_character":12,"end_line":196,"end_character":64},"in_reply_to":"7e3578f1_2ff04ee2","updated":"2021-04-07 19:05:47.000000000","message":"yeah, I anticipate the workflow would be used in both clean and deploy steps","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":269,"context_line":"will be configurable. For example, whether or not we raise an error"},{"line_number":270,"context_line":"on attestation failure will be configurable."},{"line_number":271,"context_line":""},{"line_number":272,"context_line":"Initial registration of the attestation agent will be done before the first"},{"line_number":273,"context_line":"heartbeat."},{"line_number":274,"context_line":""},{"line_number":275,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":276,"context_line":"and cleaning."}],"source_content_type":"text/x-rst","patch_set":24,"id":"dddd3980_6cb3aea0","line":273,"range":{"start_line":272,"start_character":0,"end_line":273,"end_character":10},"updated":"2021-04-06 17:59:18.000000000","message":"Yeouch. How will this able to be troubleshooted?\n\nIt *might* be helpful to convey it. At a minimum it is a risk.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":269,"context_line":"will be configurable. For example, whether or not we raise an error"},{"line_number":270,"context_line":"on attestation failure will be configurable."},{"line_number":271,"context_line":""},{"line_number":272,"context_line":"Initial registration of the attestation agent will be done before the first"},{"line_number":273,"context_line":"heartbeat."},{"line_number":274,"context_line":""},{"line_number":275,"context_line":"With all this in mind, we have devised workflows for deployment"},{"line_number":276,"context_line":"and cleaning."}],"source_content_type":"text/x-rst","patch_set":24,"id":"52433e85_a8eb5afb","line":273,"range":{"start_line":272,"start_character":0,"end_line":273,"end_character":10},"in_reply_to":"dddd3980_6cb3aea0","updated":"2021-04-07 19:05:47.000000000","message":"This is an assumption we needed before but we have changed the workflow in such a way that I don\u0027t think we need this assumption anymore.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":279,"context_line":"service. Once registered, the node will send out its first heartbeat. The"},{"line_number":280,"context_line":"heartbeat contains the agent\u0027s uuid and ip address. Upon receiving the"},{"line_number":281,"context_line":"heartbeat, the controller knows it may perform any of the security_interface"},{"line_number":282,"context_line":"methods. The Ironic controller will save the uuid as"},{"line_number":283,"context_line":"driver_info\\keylime_agent_uuid for further use. At the end of deployment, the"},{"line_number":284,"context_line":"controller will perform an attest() method call to ensure the status it"},{"line_number":285,"context_line":"retrieves in the next call is up to date. The conductor may perform a"},{"line_number":286,"context_line":"validate_security_status() call to get the status of the node. If the status"}],"source_content_type":"text/x-rst","patch_set":24,"id":"06f10fe7_5e168cba","line":283,"range":{"start_line":282,"start_character":9,"end_line":283,"end_character":47},"updated":"2021-04-06 17:59:18.000000000","message":"Two things:\n1) always wrap field or special values with `` characters. This makes them bold int he rendered output and helps tracking/identification\n2) We really frown upon a driver updating driver_info. We recommend driver_internal_info, however that field is cleaned out upon certain transitions, which should be *okay* I guess. Maybe?\n\nIt would be good, somewhere, likely before this to note the settings to be used in driver_info field and what they control. This is the first instance where keylime_agent_uuid is noted.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":279,"context_line":"service. Once registered, the node will send out its first heartbeat. The"},{"line_number":280,"context_line":"heartbeat contains the agent\u0027s uuid and ip address. Upon receiving the"},{"line_number":281,"context_line":"heartbeat, the controller knows it may perform any of the security_interface"},{"line_number":282,"context_line":"methods. The Ironic controller will save the uuid as"},{"line_number":283,"context_line":"driver_info\\keylime_agent_uuid for further use. At the end of deployment, the"},{"line_number":284,"context_line":"controller will perform an attest() method call to ensure the status it"},{"line_number":285,"context_line":"retrieves in the next call is up to date. The conductor may perform a"},{"line_number":286,"context_line":"validate_security_status() call to get the status of the node. If the status"}],"source_content_type":"text/x-rst","patch_set":24,"id":"58bcf0c8_93a52e9f","line":283,"range":{"start_line":282,"start_character":9,"end_line":283,"end_character":47},"in_reply_to":"06f10fe7_5e168cba","updated":"2021-04-07 19:05:47.000000000","message":"Done","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":292,"context_line":""},{"line_number":293,"context_line":"Nova driver impact"},{"line_number":294,"context_line":"------------------"},{"line_number":295,"context_line":""},{"line_number":296,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":297,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":298,"context_line":"for the security interface, and fail if the validation is not successful. This"},{"line_number":299,"context_line":"check will need to be guarded by a API micro-versioning, though such a"},{"line_number":300,"context_line":"trivial change should not be a hangup for the Nova engineers."},{"line_number":301,"context_line":""},{"line_number":302,"context_line":"Ramdisk impact"},{"line_number":303,"context_line":"--------------"}],"source_content_type":"text/x-rst","patch_set":24,"id":"7f0aa5d9_4f373031","line":300,"range":{"start_line":295,"start_character":0,"end_line":300,"end_character":61},"updated":"2021-04-06 17:59:18.000000000","message":"For this scope, I\u0027d just say None. But I\u0027m not sure how we woudl provide the most up to date possible information via that interface validation method use. It is not as if async calls can occur during that time, it all has to be sync, and the turnaround time on that call has to remain relatively short so the API level validation call is more \"hey, does everything look sane\", not \"Is everything good or perfect\"","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":292,"context_line":""},{"line_number":293,"context_line":"Nova driver impact"},{"line_number":294,"context_line":"------------------"},{"line_number":295,"context_line":""},{"line_number":296,"context_line":"No initial change is expected, however once merged the node validation"},{"line_number":297,"context_line":"checks performed in the `nova.virt.ironic` driver should include a check"},{"line_number":298,"context_line":"for the security interface, and fail if the validation is not successful. This"},{"line_number":299,"context_line":"check will need to be guarded by a API micro-versioning, though such a"},{"line_number":300,"context_line":"trivial change should not be a hangup for the Nova engineers."},{"line_number":301,"context_line":""},{"line_number":302,"context_line":"Ramdisk impact"},{"line_number":303,"context_line":"--------------"}],"source_content_type":"text/x-rst","patch_set":24,"id":"e7681db3_54d424b8","line":300,"range":{"start_line":295,"start_character":0,"end_line":300,"end_character":61},"in_reply_to":"7f0aa5d9_4f373031","updated":"2021-04-07 19:05:47.000000000","message":"Ack","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":343,"context_line":"These options would go under the ``[keylime]`` section"},{"line_number":344,"context_line":""},{"line_number":345,"context_line":"registrar_address"},{"line_number":346,"context_line":"  The address of the Keylime registrar"},{"line_number":347,"context_line":""},{"line_number":348,"context_line":"verifier_address"},{"line_number":349,"context_line":"  The address of the Keylime verifier"}],"source_content_type":"text/x-rst","patch_set":24,"id":"0f379765_73e22bb4","line":346,"updated":"2021-04-06 17:59:18.000000000","message":"address as in URL? or is it always operating on a specific IETF allocated port?","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":343,"context_line":"These options would go under the ``[keylime]`` section"},{"line_number":344,"context_line":""},{"line_number":345,"context_line":"registrar_address"},{"line_number":346,"context_line":"  The address of the Keylime registrar"},{"line_number":347,"context_line":""},{"line_number":348,"context_line":"verifier_address"},{"line_number":349,"context_line":"  The address of the Keylime verifier"}],"source_content_type":"text/x-rst","patch_set":24,"id":"5650c4bc_14003e17","line":346,"in_reply_to":"0f379765_73e22bb4","updated":"2021-04-07 19:05:47.000000000","message":"URL I suppose","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":346,"context_line":"  The address of the Keylime registrar"},{"line_number":347,"context_line":""},{"line_number":348,"context_line":"verifier_address"},{"line_number":349,"context_line":"  The address of the Keylime verifier"},{"line_number":350,"context_line":""},{"line_number":351,"context_line":"Developer impact"},{"line_number":352,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":24,"id":"bce155db_cb2e4db7","line":349,"updated":"2021-04-06 17:59:18.000000000","message":"Same question as above.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":true,"context_lines":[{"line_number":346,"context_line":"  The address of the Keylime registrar"},{"line_number":347,"context_line":""},{"line_number":348,"context_line":"verifier_address"},{"line_number":349,"context_line":"  The address of the Keylime verifier"},{"line_number":350,"context_line":""},{"line_number":351,"context_line":"Developer impact"},{"line_number":352,"context_line":"----------------"}],"source_content_type":"text/x-rst","patch_set":24,"id":"4a6eeee4_5e6ab31a","line":349,"in_reply_to":"bce155db_cb2e4db7","updated":"2021-04-07 19:05:47.000000000","message":"^","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":360,"context_line":"-----------"},{"line_number":361,"context_line":""},{"line_number":362,"context_line":"Primary assignee:"},{"line_number":363,"context_line":"  Leo McGann \u003cljmcgann\u003e"},{"line_number":364,"context_line":"  Danni Shi \u003csdanni\u003e"},{"line_number":365,"context_line":""},{"line_number":366,"context_line":"Other contributors:"},{"line_number":367,"context_line":"  None"},{"line_number":368,"context_line":""}],"source_content_type":"text/x-rst","patch_set":24,"id":"fed76127_4e6b2f22","line":365,"range":{"start_line":363,"start_character":0,"end_line":365,"end_character":0},"updated":"2021-04-06 17:59:18.000000000","message":"Add your email addresses, in case a PTL needs to send you an email or someone looking at this next year has questions or needs insight.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"fa54553a2e07de276a5ce759fe6823e9c2db295e","unresolved":false,"context_lines":[{"line_number":360,"context_line":"-----------"},{"line_number":361,"context_line":""},{"line_number":362,"context_line":"Primary assignee:"},{"line_number":363,"context_line":"  Leo McGann \u003cljmcgann\u003e"},{"line_number":364,"context_line":"  Danni Shi \u003csdanni\u003e"},{"line_number":365,"context_line":""},{"line_number":366,"context_line":"Other contributors:"},{"line_number":367,"context_line":"  None"},{"line_number":368,"context_line":""}],"source_content_type":"text/x-rst","patch_set":24,"id":"8e693625_609dc71a","line":365,"range":{"start_line":363,"start_character":0,"end_line":365,"end_character":0},"in_reply_to":"fed76127_4e6b2f22","updated":"2021-04-07 19:05:47.000000000","message":"Ack","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2abb01a238d79d7c9692092c1736db3454a173c","unresolved":true,"context_lines":[{"line_number":385,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":386,"context_line":""},{"line_number":387,"context_line":"Testing for this interface and basic functionality, as well as integration"},{"line_number":388,"context_line":"testing using the ansible-keylime-tpm-emulator for TPM emulation."},{"line_number":389,"context_line":""},{"line_number":390,"context_line":"Upgrades and Backwards Compatibility"},{"line_number":391,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"}],"source_content_type":"text/x-rst","patch_set":24,"id":"7b39a4d9_eb2f5214","line":388,"updated":"2021-04-06 17:59:18.000000000","message":"Is this mean to be in CI? We can definitely help guide on that, but complex integrations often require additional planning/thought. That being said, it is also something that can likely be iterated upon and that definitely doesn\u0027t need to be entirely explained up front.","commit_id":"e4e2b272606b5d226972b981b6daed9fda625726"},{"author":{"_account_id":7386,"name":"Tzu-Mainn Chen","email":"tzumainn@redhat.com","username":"tzumainn"},"change_message_id":"3594186fa2d62caa692303afa16229fc11ae91e0","unresolved":true,"context_lines":[{"line_number":178,"context_line":""},{"line_number":179,"context_line":"Allowlists and Excludelists will be generated by operators beforehand and"},{"line_number":180,"context_line":"a file path or url to locate such files will be supplied to Ironic during node"},{"line_number":181,"context_line":"creation. Allowlists may also be signed with a checksum to ensure they have not"},{"line_number":182,"context_line":"been tampered with. Such checksums would also be supplied to Ironic with a path"},{"line_number":183,"context_line":"to the file. Supplying an allowlist is required in order to perform"},{"line_number":184,"context_line":"attestation. Excludelists are not required but are used in a majority of"}],"source_content_type":"text/x-rst","patch_set":26,"id":"235088cd_74beda20","line":181,"updated":"2021-04-14 18:03:50.000000000","message":"These files could also be generated by a non-operator - for example, someone leasing a node - correct? These users could then make them available through a https server.","commit_id":"29316c292d3e1d1d019637d0962d5c425f4206e1"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"700f6f0455935cc1149d30e9465e89957cac5227","unresolved":true,"context_lines":[{"line_number":178,"context_line":""},{"line_number":179,"context_line":"Allowlists and Excludelists will be generated by operators beforehand and"},{"line_number":180,"context_line":"a file path or url to locate such files will be supplied to Ironic during node"},{"line_number":181,"context_line":"creation. Allowlists may also be signed with a checksum to ensure they have not"},{"line_number":182,"context_line":"been tampered with. Such checksums would also be supplied to Ironic with a path"},{"line_number":183,"context_line":"to the file. Supplying an allowlist is required in order to perform"},{"line_number":184,"context_line":"attestation. Excludelists are not required but are used in a majority of"}],"source_content_type":"text/x-rst","patch_set":26,"id":"b389c33b_6b6c11f1","line":181,"in_reply_to":"235088cd_74beda20","updated":"2021-04-14 19:43:52.000000000","message":"yes. In the instance of putting the files in the conductors filesystem, an operator would have to place them there. But anybody can generate and host an allowlist on a remote server.","commit_id":"29316c292d3e1d1d019637d0962d5c425f4206e1"},{"author":{"_account_id":7386,"name":"Tzu-Mainn Chen","email":"tzumainn@redhat.com","username":"tzumainn"},"change_message_id":"3594186fa2d62caa692303afa16229fc11ae91e0","unresolved":true,"context_lines":[{"line_number":312,"context_line":"and excludelist for the node. The operator will make these files available on"},{"line_number":313,"context_line":"the same machine as the Ironic controller and pass in a filepath to Ironic on"},{"line_number":314,"context_line":"node creation. The operator will also pass in configuration files how to locate"},{"line_number":315,"context_line":"the Keylime registrar and verifier."},{"line_number":316,"context_line":""},{"line_number":317,"context_line":"During the image building process the node image will be set up with an"},{"line_number":318,"context_line":"instance of the Keylime agent, as well as TPM, and IMA configurations which"}],"source_content_type":"text/x-rst","patch_set":26,"id":"d58e9ded_d2601c94","line":315,"updated":"2021-04-14 18:03:50.000000000","message":"I think it\u0027s important to detail a non-operator workflow here as well: someone who has their own security practices and wants Ironic to do little more than to call the appropriate security interface. The spec already accommodates for this by allowing a lessee to specify the location of the allowlist through a URL, so I think you should call that out here.","commit_id":"29316c292d3e1d1d019637d0962d5c425f4206e1"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"5b59ac80039a495d7dae17a880e236802775782c","unresolved":true,"context_lines":[{"line_number":217,"context_line":""},{"line_number":218,"context_line":"Addition of a ``security_interface`` field to the node object, and this"},{"line_number":219,"context_line":"will require a database migration to create the field. The field will"},{"line_number":220,"context_line":"default to ``None`` which will map to a no-security interface."},{"line_number":221,"context_line":""},{"line_number":222,"context_line":"State Machine Impact"},{"line_number":223,"context_line":"--------------------"}],"source_content_type":"text/x-rst","patch_set":27,"id":"bbd64eed_67c95ef3","line":220,"range":{"start_line":220,"start_character":40,"end_line":220,"end_character":51},"updated":"2021-06-29 14:46:25.000000000","message":"So, in discussing this with Iury, he raised concerns of the perception of ``no-security``. While it jives with our driver naming scheme, it maybe sets the wrong perception because there *are* other mechanisms. Perhaps maybe this is more an implementation detail or maybe we should just call this an attestation_interface instead of security_interface.... I dunno.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c99bf74810f4114b03ba305cee7076788bb2ec79","unresolved":true,"context_lines":[{"line_number":217,"context_line":""},{"line_number":218,"context_line":"Addition of a ``security_interface`` field to the node object, and this"},{"line_number":219,"context_line":"will require a database migration to create the field. The field will"},{"line_number":220,"context_line":"default to ``None`` which will map to a no-security interface."},{"line_number":221,"context_line":""},{"line_number":222,"context_line":"State Machine Impact"},{"line_number":223,"context_line":"--------------------"}],"source_content_type":"text/x-rst","patch_set":27,"id":"0cf72902_f41cc109","line":220,"range":{"start_line":220,"start_character":40,"end_line":220,"end_character":51},"in_reply_to":"bbd64eed_67c95ef3","updated":"2021-07-01 15:35:14.000000000","message":"Yeah, I suppose attestation_interface is a bit more accurate to what is achieved here. Ill make the change","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"613a8065389cb27a9572c2203fb3a26164db755b","unresolved":true,"context_lines":[{"line_number":309,"context_line":"cleaning using a Keylime implementation of the security interface."},{"line_number":310,"context_line":""},{"line_number":311,"context_line":"Beforehand, the operator will stand up a machine with the Keylime verifier and"},{"line_number":312,"context_line":"registrar. The user will generate their own allowlist, allowlist checksum,"},{"line_number":313,"context_line":"and excludelist for the node. An admin may make these files"},{"line_number":314,"context_line":"available on the same machine as the Ironic controller and pass in the"},{"line_number":315,"context_line":"filepath or a non admin may make these files available to grab and instead"}],"source_content_type":"text/x-rst","patch_set":27,"id":"1cd40bfd_6e7e88eb","line":312,"range":{"start_line":312,"start_character":15,"end_line":312,"end_character":20},"updated":"2021-04-26 14:11:12.000000000","message":"The user in this case is still an admin. This makes it a bit confusing in this context.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"b7de840223c81a320f1747609425305c6195a3e4","unresolved":true,"context_lines":[{"line_number":309,"context_line":"cleaning using a Keylime implementation of the security interface."},{"line_number":310,"context_line":""},{"line_number":311,"context_line":"Beforehand, the operator will stand up a machine with the Keylime verifier and"},{"line_number":312,"context_line":"registrar. The user will generate their own allowlist, allowlist checksum,"},{"line_number":313,"context_line":"and excludelist for the node. An admin may make these files"},{"line_number":314,"context_line":"available on the same machine as the Ironic controller and pass in the"},{"line_number":315,"context_line":"filepath or a non admin may make these files available to grab and instead"}],"source_content_type":"text/x-rst","patch_set":27,"id":"a1abd57b_5d5b139b","line":312,"range":{"start_line":312,"start_character":15,"end_line":312,"end_character":20},"in_reply_to":"1cd40bfd_6e7e88eb","updated":"2021-05-04 20:32:13.000000000","message":"The entire workflow could be done by a non admin. For example, a lessee with their own keylime instance on their network wants to attest their node to make sure a previous lessee has not compromised.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"613a8065389cb27a9572c2203fb3a26164db755b","unresolved":true,"context_lines":[{"line_number":327,"context_line":"The node will send a heartbeat containing the agent\u0027s uuid address."},{"line_number":328,"context_line":"Upon receiving the heartbeat, the controller knows it may perform any of the"},{"line_number":329,"context_line":"security_interface methods. The Ironic controller will save the uuid as"},{"line_number":330,"context_line":"``instance_info\\keylime_agent_uuid`` for further use."},{"line_number":331,"context_line":""},{"line_number":332,"context_line":"Next, attest() will be called to send the allowlist and excludelist to the"},{"line_number":333,"context_line":"verifier. At this point if the controller does not have ``keylime_agent_uuid``"}],"source_content_type":"text/x-rst","patch_set":27,"id":"d269784f_706cb5ee","line":330,"range":{"start_line":330,"start_character":0,"end_line":330,"end_character":37},"updated":"2021-04-26 14:11:12.000000000","message":"Instance info is generally reserved for the api user to define the instance configuration information, I\u0027m not sure instance_info is the right field, but it can.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"528d5651b13899bd6f7974dabe2f54fda508d833","unresolved":true,"context_lines":[{"line_number":327,"context_line":"The node will send a heartbeat containing the agent\u0027s uuid address."},{"line_number":328,"context_line":"Upon receiving the heartbeat, the controller knows it may perform any of the"},{"line_number":329,"context_line":"security_interface methods. The Ironic controller will save the uuid as"},{"line_number":330,"context_line":"``instance_info\\keylime_agent_uuid`` for further use."},{"line_number":331,"context_line":""},{"line_number":332,"context_line":"Next, attest() will be called to send the allowlist and excludelist to the"},{"line_number":333,"context_line":"verifier. At this point if the controller does not have ``keylime_agent_uuid``"}],"source_content_type":"text/x-rst","patch_set":27,"id":"66275a9b_c5782e94","line":330,"range":{"start_line":330,"start_character":0,"end_line":330,"end_character":37},"in_reply_to":"55a1692f_fe6bd662","updated":"2021-06-29 14:36:20.000000000","message":"Ideally we use driver_internal_info for ephemeral things related to driver operation and task execution, not instance_info. instance_info is wiped upon undeploy.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"b7de840223c81a320f1747609425305c6195a3e4","unresolved":true,"context_lines":[{"line_number":327,"context_line":"The node will send a heartbeat containing the agent\u0027s uuid address."},{"line_number":328,"context_line":"Upon receiving the heartbeat, the controller knows it may perform any of the"},{"line_number":329,"context_line":"security_interface methods. The Ironic controller will save the uuid as"},{"line_number":330,"context_line":"``instance_info\\keylime_agent_uuid`` for further use."},{"line_number":331,"context_line":""},{"line_number":332,"context_line":"Next, attest() will be called to send the allowlist and excludelist to the"},{"line_number":333,"context_line":"verifier. At this point if the controller does not have ``keylime_agent_uuid``"}],"source_content_type":"text/x-rst","patch_set":27,"id":"55a1692f_fe6bd662","line":330,"range":{"start_line":330,"start_character":0,"end_line":330,"end_character":37},"in_reply_to":"5b127655_43fcf0dc","updated":"2021-05-04 20:32:13.000000000","message":"ok. This info is temporary and should be erased with each new instance so I figured instance_info would be best but if there is a better option then please let me know.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":32454,"name":"Leo McGann","email":"lmcgann06@gmail.com","username":"ljmcgann"},"change_message_id":"c99bf74810f4114b03ba305cee7076788bb2ec79","unresolved":true,"context_lines":[{"line_number":327,"context_line":"The node will send a heartbeat containing the agent\u0027s uuid address."},{"line_number":328,"context_line":"Upon receiving the heartbeat, the controller knows it may perform any of the"},{"line_number":329,"context_line":"security_interface methods. The Ironic controller will save the uuid as"},{"line_number":330,"context_line":"``instance_info\\keylime_agent_uuid`` for further use."},{"line_number":331,"context_line":""},{"line_number":332,"context_line":"Next, attest() will be called to send the allowlist and excludelist to the"},{"line_number":333,"context_line":"verifier. At this point if the controller does not have ``keylime_agent_uuid``"}],"source_content_type":"text/x-rst","patch_set":27,"id":"f03d5f51_d0d0689b","line":330,"range":{"start_line":330,"start_character":0,"end_line":330,"end_character":37},"in_reply_to":"66275a9b_c5782e94","updated":"2021-07-01 15:35:14.000000000","message":"gotcha. Will fix","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"69ae1f0f8fd70aa669b0a8b4cbfa479cf6637efe","unresolved":true,"context_lines":[{"line_number":327,"context_line":"The node will send a heartbeat containing the agent\u0027s uuid address."},{"line_number":328,"context_line":"Upon receiving the heartbeat, the controller knows it may perform any of the"},{"line_number":329,"context_line":"security_interface methods. The Ironic controller will save the uuid as"},{"line_number":330,"context_line":"``instance_info\\keylime_agent_uuid`` for further use."},{"line_number":331,"context_line":""},{"line_number":332,"context_line":"Next, attest() will be called to send the allowlist and excludelist to the"},{"line_number":333,"context_line":"verifier. At this point if the controller does not have ``keylime_agent_uuid``"}],"source_content_type":"text/x-rst","patch_set":27,"id":"5b127655_43fcf0dc","line":330,"range":{"start_line":330,"start_character":0,"end_line":330,"end_character":37},"in_reply_to":"d269784f_706cb5ee","updated":"2021-05-04 16:51:35.000000000","message":"Err, but it can be sorted out in development is what I meant to say.","commit_id":"51edddf8ecfecfb48c5e88512949144d96ff66aa"}]}