EAT Attestation Results
draft-fv-rats-ear-05
| Document | Type |
Replaced Internet-Draft
(rats WG)
Expired & archived
|
|
|---|---|---|---|
| Authors | Thomas Fossati , Eric Voit , Sergei Trofimov , Henk Birkholz | ||
| Last updated | 2025-04-04 (Latest revision 2025-02-06) | ||
| Replaced by | draft-ietf-rats-ear | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Additional resources |
GitHub Repository
C implementation, Apache 2.0 Golang implementation, Apache 2.0 Rust implementation, Apache 2.0 Mailing list discussion |
||
| Stream | WG state | Adopted by a WG | |
| Associated WG milestone |
|
||
| Document shepherd | (None) | ||
| IESG | IESG state | Replaced by draft-ietf-rats-ear | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document defines the EAT Attestation Result (EAR) message format. EAR is used by a verifier to encode the result of the appraisal over an attester's evidence. It embeds an AR4SI's "trustworthiness vector" to present a normalized view of the evaluation results, thus easing the task of defining and computing authorization policies by relying parties. Alongside the trustworthiness vector, EAR provides contextual information bound to the appraisal process. This allows a relying party (or an auditor) to reconstruct the frame of reference in which the trustworthiness vector was originally computed. EAR supports simple devices with one attester as well as composite devices that are made of multiple attesters, allowing the state of each attester to be separately examined. EAR can also accommodate registered and unregistered extensions. It can be serialized and protected using either CWT or JWT.
Authors
Thomas Fossati
Eric Voit
Sergei Trofimov
Henk Birkholz
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)