Architecture and Reference Terminology for Remote Attestation Procedures
draft-birkholz-rats-architecture-01
|
| Document |
Type |
|
Active Internet-Draft (individual)
|
|
Last updated |
|
2019-03-11
|
|
Replaces |
|
draft-birkholz-attestation-terminology
|
|
Stream |
|
(None)
|
|
Intended RFC status |
|
(None)
|
|
Formats |
|
plain text
xml
pdf
html
bibtex
|
| Stream |
Stream state |
|
(No stream defined) |
|
Consensus Boilerplate |
|
Unknown
|
|
RFC Editor Note |
|
(None)
|
| IESG |
IESG state |
|
I-D Exists
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
(None)
|
Network Working Group H. Birkholz
Internet-Draft Fraunhofer SIT
Intended status: Standards Track M. Wiseman
Expires: September 13, 2019 GE Global Research
H. Tschofenig
ARM Ltd.
N. Smith
Intel
March 12, 2019
Architecture and Reference Terminology for Remote Attestation Procedures
draft-birkholz-rats-architecture-01
Abstract
Remote ATtestation ProcedureS (RATS) architecture facilitates the
attestation of device characteristics that, in general, are based on
specific trustworthiness qualities intrinsic to a device or service.
It includes trusted computing functionality provided by device
hardware and software that allows trustworthiness qualities to be
asserted and verified as part of, or pre-requisite to, the device's
normal operation. The RATS architecture maps corresponding
attestation functions and capabilities to specific RATS Roles. The
goal is to enable an appropriate conveyance of evidence about device
trustworthiness via network protocols. RATS Roles provide the
endpoint context for understanding the various interaction semantics
of the attestation lifecycle. The RATS architecture provides the
building block concepts, semantics, syntax and framework for
interoperable attestation while remaining hardware-agnostic. This
flexibility is intended to address a significant variety of use-cases
and scenarios involving interoperable attestation. Example usages
include, but are not limited to: financial transactions, voting
machines, critical safety systems, network equipment health, or
trustworthy end-user device management. Existing industry
attestation efforts may be helpful toward informing RATS
architecture. Such as: Remote Integrity VERification (RIVER), the
creation of Entity Attestation Tokens (EAT), software integrity
Measurement And ATtestation (MAAT)
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
Birkholz, et al. Expires September 13, 2019 [Page 1]
Internet-Draft RATS Arch & Terms March 2019
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 13, 2019.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. What is Remote Attestation . . . . . . . . . . . . . . . 4
1.2. The purpose of RATS Architecture and Terminology . . . . 4
1.3. Requirements notation . . . . . . . . . . . . . . . . . . 4
2. RATS Architecture . . . . . . . . . . . . . . . . . . . . . . 4
3. Architectural Components . . . . . . . . . . . . . . . . . . 5
3.1. RATS Roles . . . . . . . . . . . . . . . . . . . . . . . 5
4. RATS Actors . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.1. RATS Duties . . . . . . . . . . . . . . . . . . . . . . . 7
4.1.1. Attester Duties . . . . . . . . . . . . . . . . . . . 8
4.1.2. Verifier Duties . . . . . . . . . . . . . . . . . . . 8
4.1.3. Claimant Duties . . . . . . . . . . . . . . . . . . . 8
4.1.4. Relying Party Duties . . . . . . . . . . . . . . . . 8
4.1.5. RATS Interactions . . . . . . . . . . . . . . . . . . 9
5. Application of RATS . . . . . . . . . . . . . . . . . . . . . 10
Show full document text