Skip to main content

Remote ATtestation procedureS (RATS) Architecture

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc:, The IESG <>,,,,,
Subject: Document Action: 'Remote Attestation Procedures Architecture' to Informational RFC (draft-ietf-rats-architecture-22.txt)

The IESG has approved the following document:
- 'Remote Attestation Procedures Architecture'
  (draft-ietf-rats-architecture-22.txt) as Informational RFC

This document is the product of the Remote ATtestation ProcedureS Working

The IESG contact persons are Paul Wouters and Roman Danyliw.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   In network protocol exchanges it is often useful for one end of a
   communication to know whether the other end is in an intended
   operating state.  This document provides an architectural overview of
   the entities involved that make such tests possible through the
   process of generating, conveying, and evaluating evidentiary claims.
   An attempt is made to provide for a model that is neutral toward
   processor architectures, the content of claims, and protocols.

Working Group Summary

This document represents a unification of the working group on architectural
considerations. While earlier versions did come with some disagreement, this
version has had good cross working group participation and the editor team
did a nice job of incorporating feedback as appropriate. The working group also
reviewed IPR submitted and ultimately determined to go ahead with this
informational document (

The document is informational as it lays out the notional architecture for implementation.  It is not document as a sufficient level of detail to be a proposed standard.

During AD review, the WG discussed the need for the text that is now Appendix A and refined the language in the terminology (Section 4) and the example topologies (Section 5).

Document Quality

There are existing implementations of the RATS architecture and supporting
documents. Industry points to RATS when discussing remote attestations to
follow the standards being developed. The approach encompasses other existing
formats and protocols that are well excepted for conveying, signing, and
validating evidence. This document is an important one to explain the overall
architecture and considerations for remote attestation, a very important
capability for information security assurance. With industry's push for
increased use of encryption, the endpoint must be more secure and there must be
a way to detect variances from what is expected on a system. Attestation
provides a simplified way to do this over previous posture assessment
technologies. This particular document is an important step toward the goal of
understanding this simple, but complex set of standards.  


Document Shepherd: Kathleen Moriarty

Responsible Area Director: Roman Danyliw

RFC Editor Note