Skip to main content

Time-Based Uni-Directional Attestation

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Andreas Fuchs , Henk Birkholz , Ira McDonald , Carsten Bormann
Last updated 2023-01-11 (Latest revision 2022-07-10)
Replaces draft-birkholz-i2nsf-tuda
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document defines the method and bindings used to convey Evidence via Time-based Uni-Directional Attestation (TUDA) in Remote ATtestation procedureS (RATS). TUDA does not require a challenge- response handshake and thereby does not rely on the conveyance of a nonce to prove freshness of remote attestation Evidence. TUDA enables the creation of Secure Audit Logs that can constitute believable Evidence about both current and past operational states of an Attester. In TUDA, RATS entities require access to a Handle Distributor to which a trustable and synchronized time-source is available. The Handle Distributor takes on the role of a Time Stamp Authority (TSA) to distribute Handles incorporating Time Stamp Tokens (TST) to the RATS entities. RATS require an Attesting Environment that generates believable Evidence. While a TPM is used as the corresponding root of trust in this specification, any other type of root of trust can be used with TUDA.


Andreas Fuchs
Henk Birkholz
Ira McDonald
Carsten Bormann

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)