doc: create notation threat model

[yizha1]

Updates:

• Create notation threat model

Signed-off-by: Yi Zha [email protected]

[toddysm]

Looking at the threat model, I believe we need to update it with the following information:

• How is the artifact to be signed produced?
  For that we can use illustrate few examples: container image, SBOM, or another artifact but those two will illustrate the scenarios.
• How is the descriptor to be signed obtained?
  This one is important to cover because the descriptor is fetched remotely.
• On the validation side, how is the cert pulled?
  In general I think we need to be more detailed on the different "stores": cert store, policy store, config store, plugin store. They all may be on the file system but each one may have different access control settings.
• Adding some details about the external stores (KMS, Registry) would be good
• Do we need to create a thread model for signing with local keys? This is still a scenario although we can document that is not recommended.

[toddysm]

Some more thoughts about the threat model...

We should split the File System into separate storages: Cert Store, Configuration Store, Policy Store, and Plugin Store. Each one of those can be exploited separately depending on the level of File System access of the user (because those are in different directories).

[yizha1]

Some more thoughts about the threat model...

We should split the File System into separate storages: Cert Store, Configuration Store, Policy Store, and Plugin Store. Each one of those can be exploited separately depending on the level of File System access of the user (because those are in different directories).

I will update it to make it clear. There are different directories, but they are owned by the same user. We don't support system level configuration yet.

[yizha1]

@toddysm PTAL the latest updates. I haven't split the file system yet and will do it later.

[byronchien]

• media/notation-verify-local.png is missing a Step 2?
• should there also be a remote verify example with a plugin?

[yizha1]

• media/notation-verify-local.png is missing a Step 2?
  I will fix it.
• should there also be a remote verify example with a plugin?
  I will try to add an example for it, but I didn't try any verify plugin yet, do you have any document that I can refer to?

[byronchien]

• should there also be a remote verify example with a plugin?
  I will try to add an example for it, but I didn't try any verify plugin yet, do you have any document that I can refer to?

the example plugin here has a verify-signature option, but don't have a different plugin to point you to

[yizha1]

@priteshbandi @byronchien @JeyJeyGao Please check whether the flow diagram of "verifying remote artifacts using plugin" is correct. I am not sure whether plugin should read trust store instead of notation.

[JeyJeyGao]

@priteshbandi @byronchien @JeyJeyGao Please check whether the flow diagram of "verifying remote artifacts using plugin" is correct. I am not sure whether plugin should read trust store instead of notation.

In fact, notation verification plugin can verifiy both local and remote artifacts. Also notation plugin doesn't need to read notation trust store, but there is no limitation that plugin is forbidden to read it, that is to say, whether to read the notation trust store depends on the plugin implementation.

[byronchien]

In media/notation-sign-local.png there are two step 6s ("Read certificate bundle file" and "Return signature and certificates").

i'm also not 100% clear on what happens in the "Read certificate bundle file" step. if the plugin is retrieving keys/certs for signing, should the source be specified as certificate/key storage rather than just file system?

[yizha1]

In media/notation-sign-local.png there are two step 6s ("Read certificate bundle file" and "Return signature and certificates").

i'm also not 100% clear on what happens in the "Read certificate bundle file" step. if the plugin is retrieving keys/certs for signing, should the source be specified as certificate/key storage rather than just file system?

I will fix the duplicated number 6. Currently signing certificate is stored in KMS, but the root/intermediate CA may not be able to fetch from KMS, since root/intermediate CA is from CA vendor. Currently it can be fetched via files stored in filesystem. That is the purpose of "Read certificate bundle file. " Do you have any concrete examples on how the CA certificates are handled?

[yizha1]

@priteshbandi resolved all the comments and added new threats except the following one:

I still didn't get the point, since it is expected behavior as the normal expire/revoked, right?

Compromised(expire or revoked) CA in certificate chain
Impact:

• Expiry
  An expired cert in cert chain won’t lead to failure of expiry validation if signature is timestamped or is from a signingAuthority. Ref: trust-store-trust-policy.md#signature-verification(point 6)
  If signature is not timestamped and is not from signingAuthority, expired CA will result in failure of expiry validation.
• Revocation
  Revocation of any CA in certificate chain will lead to failure of revocation validation. Ref: trust-store-trust-policy.md#signature-verification(point 7)
  Mitigation: Already mitigated(see impact)

[Two-Hearts]

nit:
Since we are adding this file at threatmodels/notation-threatmodel.md, shall we deprecate/remove the file threatmodel.md?

[priteshbandi]

Added some comments.

[priteshbandi]

LGTM

[shizhMSFT]

LGTM

[toddysm]

LGTM