%% You should probably cite draft-fv-rats-ear-05 instead of this revision. @techreport{fv-rats-ear-04, number = {draft-fv-rats-ear-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-fv-rats-ear/04/}, author = {Thomas Fossati and Eric Voit and Sergei Trofimov and Henk Birkholz}, title = {{EAT Attestation Results}}, pagetotal = 32, year = , month = , day = , abstract = {This document defines the EAT Attestation Result (EAR) message format. EAR is used by a verifier to encode the result of the appraisal over an attester's evidence. It embeds an AR4SI's "trustworthiness vector" to present a normalized view of the evaluation results, thus easing the task of defining and computing authorization policies by relying parties. Alongside the trustworthiness vector, EAR provides contextual information bound to the appraisal process. This allows a relying party (or an auditor) to reconstruct the frame of reference in which the trustworthiness vector was originally computed. EAR supports simple devices with one attester as well as composite devices that are made of multiple attesters, allowing the state of each attester to be separately examined. EAR can also accommodate registered and unregistered extensions. It can be serialized and protected using either CWT or JWT.}, }