The Entity Attestation Token (EAT)

	draft-ietf-rats-eat-31.txt
	Date:	06/09/2024
	Authors:	Laurence Lundblade, Giridhar Mandyam, Jeremy O'Donoghue, Carl Wallace
	Working Group:	Remote ATtestation ProcedureS (rats)

An Entity Attestation Token (EAT) provides an attested claims set that describes state and characteristics of an entity, a device like a smartphone, IoT device, network equipment or such. This claims set is used by a relying party, server or service to determine the type and degree of trust placed in the entity. An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with attestation-oriented claims.

Reference Interaction Models for Remote Attestation Procedures

	draft-ietf-rats-reference-interaction-models-11.txt
	Date:	22/07/2024
	Authors:	Henk Birkholz, Michael Eckel, Wei Pan, Eric Voit
	Working Group:	Remote ATtestation ProcedureS (rats)

This document describes interaction models for remote attestation procedures (RATS). Three conveying mechanisms -- Challenge/Response, Uni-Directional, and Streaming Remote Attestation -- are illustrated and defined. Analogously, a general overview about the information elements typically used by corresponding conveyance protocols are highlighted.

A CBOR Tag for Unprotected CWT Claims Sets

	draft-ietf-rats-uccs-12.txt
	Date:	03/11/2024
	Authors:	Henk Birkholz, Jeremy O'Donoghue, Nancy Cam-Winget, Carsten Bormann
	Working Group:	Remote ATtestation ProcedureS (rats)

This document defines the Unprotected CWT Claims Set (UCCS), a data format for representing a CBOR Web Token (CWT) Claims Set without protecting it by a signature, message authentication code (MAC), or encryption. UCCS enables the use of CWT claims in environments where protection is provided by other means, such as secure communication channels or trusted execution environments. This specification defines a CBOR tag for UCCS and describes the UCCS format, its encoding, and processing considerations, and discusses security implications of using unprotected claims sets. // (This editors' note will be removed by the RFC editor:) The // present revision (–12) contains remaining document changes based // on feedback from the IESG evaluation and has been submitted as // input to IETF 121.

Attestation Event Stream Subscription

	draft-ietf-rats-network-device-subscription-05.txt
	Date:	07/07/2024
	Authors:	Henk Birkholz, Eric Voit, Wei Pan
	Working Group:	Remote ATtestation ProcedureS (rats)

This document defines how to subscribe to YANG Event Streams for Remote Attestation Procedures (RATS). In RATS, the Conceptional Messages defined can potentially be subscribed to. Specifically, the YANG module defined in this document augments the YANG module for TPM-based Challenge-Response based Remote Attestation (CHARRA) to allow for subscription to the Conceptual Message type Evidence. Additionally, this memo provides the methods and means to define additional Event Streams for other Conceptual Messages than Evidence as illustrated in the RATS Architecture, e.g., Attestation Results, Reference Values, or Endorsements. The module defined requires at least one TPM 1.2, TPM 2.0, or equivalent hardware implementation providing the same protected capabilities as TPMs to be available in the Attester the YANG server is running on.

Direct Anonymous Attestation for the Remote Attestation Procedures Architecture

	draft-ietf-rats-daa-06.txt
	Date:	05/09/2024
	Authors:	Henk Birkholz, Christopher Newton, Liqun Chen, Dave Thaler
	Working Group:	Remote ATtestation ProcedureS (rats)

This document maps the concept of Direct Anonymous Attestation (DAA) to the Remote Attestation Procedures (RATS) Architecture. The protocol entity DAA Issuer is introduced and its mapping with existing RATS roles in DAA protocol steps is specified.

Attestation Results for Secure Interactions

	draft-ietf-rats-ar4si-07.txt
	Date:	02/09/2024
	Authors:	Eric Voit, Henk Birkholz, Thomas Hardjono, Thomas Fossati, Vincent Scarlata
	Working Group:	Remote ATtestation ProcedureS (rats)

This document defines reusable Attestation Result information elements. When these elements are offered to Relying Parties as Evidence, different aspects of Attester trustworthiness can be evaluated. Additionally, where the Relying Party is interfacing with a heterogeneous mix of Attesting Environment and Verifier types, consistent policies can be applied to subsequent information exchange between each Attester and the Relying Party.

EAT Media Types

	draft-ietf-rats-eat-media-type-12.txt
	Date:	03/11/2024
	Authors:	Laurence Lundblade, Henk Birkholz, Thomas Fossati
	Working Group:	Remote ATtestation ProcedureS (rats)

Payloads used in Remote Attestation Procedures may require an associated media type for their conveyance, for example when used in RESTful APIs. This memo defines media types to be used for Entity Attestation Tokens (EAT).

Concise Reference Integrity Manifest

	draft-ietf-rats-corim-06.txt
	Date:	18/10/2024
	Authors:	Henk Birkholz, Thomas Fossati, Yogesh Deshpande, Ned Smith, Wei Pan
	Working Group:	Remote ATtestation ProcedureS (rats)

Remote Attestation Procedures (RATS) enable Relying Parties to assess the trustworthiness of a remote Attester and therefore to decide whether or not to engage in secure interactions with it. Evidence about trustworthiness can be rather complex and it is deemed unrealistic that every Relying Party is capable of the appraisal of Evidence. Therefore that burden is typically offloaded to a Verifier. In order to conduct Evidence appraisal, a Verifier requires not only fresh Evidence from an Attester, but also trusted Endorsements and Reference Values from Endorsers and Reference Value Providers, such as manufacturers, distributors, or device owners. This document specifies the information elements for representing Endorsements and Reference Values in CBOR format.

RATS Endorsements

	draft-ietf-rats-endorsements-05.txt
	Date:	08/11/2024
	Authors:	Dave Thaler, Henk Birkholz, Thomas Fossati
	Working Group:	Remote ATtestation ProcedureS (rats)

In the IETF Remote Attestation Procedures (RATS) architecture, a Verifier accepts Evidence and, using Appraisal Policy typically with additional input from Endorsements and Reference Values, generates Attestation Results in formats that are useful for Relying Parties. This document illustrates the purpose and role of Endorsements and discusses some considerations in the choice of message format for Endorsements in the scope of the RATS architecture.

RATS Conceptual Messages Wrapper (CMW)

	draft-ietf-rats-msg-wrap-11.txt
	Date:	15/11/2024
	Authors:	Henk Birkholz, Ned Smith, Thomas Fossati, Hannes Tschofenig, Dionna Glaze
	Working Group:	Remote ATtestation ProcedureS (rats)

This document defines the RATS conceptual message wrapper (CMW) format, a type of encapsulation format that can be used for any RATS messages, such as Evidence, Attestation Results, Endorsements, and Reference Values. Additionally, the document describes a collection type that enables the aggregation of one or more CMWs into a single message. This document also defines corresponding CBOR tag, JSON Web Tokens (JWT) and CBOR Web Tokens (CWT) claims, as well as an X.509 extension. These allow embedding the wrapped conceptual messages into CBOR-based protocols, web APIs, and PKIX protocols. In addition, a Media Type and a CoAP Content-Format are defined for transporting CMWs in HTTP, MIME, CoAP and other Internet protocols.

Epoch Markers

	draft-ietf-rats-epoch-markers-00.txt
	Date:	10/10/2024
	Authors:	Henk Birkholz, Thomas Fossati, Wei Pan, Carsten Bormann
	Working Group:	Remote ATtestation ProcedureS (rats)

This document defines Epoch Markers as a way to establish a notion of freshness among actors in a distributed system. Epoch Markers are similar to "time ticks" and are produced and distributed by a dedicated system, the Epoch Bell. Systems that receive Epoch Markers do not have to track freshness using their own understanding of time (e.g., via a local real-time clock). Instead, the reception of a certain Epoch Marker establishes a new epoch that is shared between all recipients.

EAT Measured Component

	draft-ietf-rats-eat-measured-component-00.txt
	Date:	10/10/2024
	Authors:	Simon Frost, Thomas Fossati, Hannes Tschofenig
	Working Group:	Remote ATtestation ProcedureS (rats)

A measured component is a measurable object of an attester's target environment, that is, an object whose state can be sampled and digested. Examples of measured components include the invariant part of firmware that is loaded in memory at startup time, a run-time integrity check, a file system object, or a CPU register. This document defines a "measured component" format that can be used with the EAT Measurements claim.

PKI-based Attestation Evidence

	draft-ietf-rats-pkix-evidence-00.txt
	Date:	11/10/2024
	Authors:	Mike Ounsworth, Richard Kettlewell, Jean-Pierre Fiset, Hannes Tschofenig, Tirumaleswar Reddy.K, Monty Wiseman
	Working Group:	Remote ATtestation ProcedureS (rats)

This document specifies ASN.1 structures produced by an Attester as part of the remote attestation procedures and constitute Evidence. This document follows the Remote ATtestation procedureS (RATS) architecture where Evidence is sent by an Attester and processed by a Verifier.

Remote Posture Assessment for Systems,Containers,and Applications at Scale

	draft-ietf-rats-posture-assessment-01.txt
	Date:	21/10/2024
	Authors:	Kathleen Moriarty, Monty Wiseman, A.J. Stein, Chandra Nelogal
	Working Group:	Remote ATtestation ProcedureS (rats)

This document establishes an architectural pattern whereby a remote attestation could be issued for a complete set of benchmarks or controls that are defined and grouped by an external entity, eliminating the need to send over individual attestations for each item within a benchmark or control framework. This document establishes a pattern to list sets of benchmarks and controls within CWT and JWT formats for use as an Entity Attestation Token (EAT). While the discussion below pertains mostly to TPM, other Roots of Trust such as TCG DICE, and non-TCG defined components will also be included.

Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Remote ATtestation ProcedureS (rats)

WG	Name	Remote ATtestation ProcedureS
	Acronym	rats
	Area	Security Area (sec)
	State	Active
	Charter	charter-ietf-rats-02 Approved
	Document dependencies	Document dependencies Loading... Pan and zoom the dependency graph after the layout settles. Show legend Loading...
	Additional resources	Issue tracker, Wiki, Zulip Stream
Personnel	Chairs	Kathleen Moriarty, Ned Smith
	Area Director	Deb Cooley
Mailing list	Address	rats@ietf.org
	To subscribe	https://www.ietf.org/mailman/listinfo/rats
	Archive	https://mailarchive.ietf.org/arch/browse/rats/
Chat	Room address	https://zulip.ietf.org/#narrow/stream/rats

Charter for Working Group

Introduction

In network protocol exchanges, it is often the case that one entity (a Relying Party) requires evidence about the remote peer (and system components [RFC4949] thereof), in order to assess the trustworthiness of the peer. Remote attestation procedures (RATS) determine whether relying parties can establish a level of confidence in the trustworthiness of remote peers, called Attesters. The objective is achieved by a two-stage appraisal procedure facilitated by a trusted third party, called Verifier, with trusted links to the supply chain.

The procedures for the two stages are:

Evidence Appraisal: a Verifier applies policy and supply chain input, such as Endorsements and References Values, to create Attestation Results from Evidence.
Attestation Results Appraisal: a Relying Party applies policy to Attestation Results associated with an Attester's Evidence that originates from a trusted Verifier. The results are trust decisions regarding the Attester.

To improve the confidence in a system component's trustworthiness, a relying party may require evidence about:

system component identity,
composition of system components, including nested components,
roots of trust,
an assertion/claim origination or provenance,
manufacturing origin,
system component integrity,
system component configuration,
operational state and measurements of steps which led to the operational state, or
other factors that could influence trust decisions.

While domain-specific attestation mechanisms such as Trusted Computing Group (TCG) Trusted Platform Module (TPM)/TPM Software Stack (TSS), Fast Identity Online (FIDO) Alliance attestation, and Android Keystore attestation exist, there is no interoperable way to create and process attestation evidence to make determinations about system components among relying parties of different manufactures and origins.

Goals

The WG has defined an architecture (draft-ietf-rats-architecture) for remote attestation. The WG will standardize formats for describing evidence and attestation results and the associated procedures and protocols to convey evidence for appraisal to a verifier and attestation results to a relying party. Additionally, the WG will standardize formats for endorsements and reference values, and may apply and/or profile existing protocols (e.g., DTLS, CoAP, or MUD) to convey them to the verifier. Formats and protocols for appraisal policy for evidence and appraisal policy for attestation results are out of scope.

The WG will continue to cooperate and coordinate with other IETF WGs such as TEEP, SUIT, CoRE, ACE, and CBOR; and work with organizations in the community, such as the TCG, Global Platform, and the FIDO Alliance, as appropriate.

Program of Work

The working group will develop standards supporting interoperable remote attestation procedures for system components. The main deliverables are as follows:

Specify use cases for remote attestation (to document and achieve WG consensus but not expected to be published as an RFC).
Specify augmentations to the RATS architecture (draft-ietf-rats-architecture) in support of specific attestation techniques.
Standardize an information model for evidence and attestations results scoped by the specified use-cases.
Standardize data models that implement and secure the defined information model (e.g., CBOR Web Token structures [RFC8392], JSON Web Token structures [RFC7519]).
If feasible, use or extend existing protocols to securely convey evidence and attestation results, or if not, then standardize interoperable protocols for this purpose.
Standardize interoperable data formats to securely declare and convey endorsements and reference values.

Milestones

Date	Milestone	Associated documents
Nov 2024	Submit RATS Conceptual Message Wrapper for WGLC	draft-ietf-rats-msg-wrap
Jul 2024	Submit EAT Media types for publication	draft-ietf-rats-eat-media-type
Mar 2024	Submit Concise Reference Integrity and Endorsement Manifests for publication	draft-ietf-rats-corim
Dec 2023	Submit Reference Interaction Models to WGLC	draft-ietf-rats-reference-interaction-models
Dec 2023	Submit Attestation Results for Secure Interactions for publication	draft-fv-rats-ear
Dec 2023	Submit Direct Anonymous Attestation for RATs to WGLC	draft-ietf-rats-daa
Dec 2023	Submit Network Device Subscription to WGLC	draft-ietf-rats-network-device-subscription
Dec 2023	Submit Entity Attestation Token for publication	draft-ietf-rats-eat
Dec 2023	Submit CBOR Tag for Unprotected CWT Claim sets for publication	draft-ietf-rats-uccs
Dec 2023	Submit Concise Reference Integrity and Endorsement Manifests to WGLC	draft-ietf-rats-corim
Dec 2023	Submit Direct Anonymous Attestation for RATs for publication	draft-ietf-rats-daa
Nov 2023	Submit Network Device Subscription for publication	draft-ietf-rats-network-device-subscription
Nov 2023	Submit Reference Interaction Models	draft-ietf-rats-reference-interaction-models
Nov 2023	Submit Attestation Results for Secure Interactions for WGLC	draft-ietf-rats-ar4si
Jul 2023	Submit CBOR Tag for Unprotected CWT Claim sets to WGLC	draft-ietf-rats-uccs

Done milestones

Date	Milestone	Associated documents
Done	Submit EAT Media types to WGLC	draft-ietf-rats-eat-media-type
Done	Call for adoption on Concise Reference Integrity and Endorsement Manifests	draft-ietf-rats-corim