Skip to main content

A CBOR Tag for Unprotected CWT Claims Sets
draft-ietf-rats-uccs-10

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Kathleen.Moriarty.ietf@gmail.com, The IESG <iesg@ietf.org>, draft-ietf-rats-uccs@ietf.org, rats-chairs@ietf.org, rats@ietf.org, rdd@cert.org, rfc-editor@rfc-editor.org
Subject: Protocol Action: 'A CBOR Tag for Unprotected CWT Claims Sets' to Proposed Standard (draft-ietf-rats-uccs-10.txt)

The IESG has approved the following document:
- 'A CBOR Tag for Unprotected CWT Claims Sets'
  (draft-ietf-rats-uccs-10.txt) as Proposed Standard

This document is the product of the Remote ATtestation ProcedureS Working
Group.

The IESG contact persons are Paul Wouters, Deb Cooley and Roman Danyliw.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-rats-uccs/


Ballot Text

Technical Summary

   When transported over secure channels, CBOR Web Token (CWT, RFC 8392)
   Claims Sets may not need the protection afforded by wrapping them
   into COSE, as is required for a true CWT.  This specification defines
   a CBOR tag for such unprotected CWT Claims Sets (UCCS) and discusses
   conditions for its proper use.

Working Group Summary

The document passed through two working group last calls and represents
working group consensus.

Document Quality

There are 2 known implementations:

* https://github.com/laurencelundblade/ctoken
* https://github.com/veraison/parsec/blob/1d1cf7b1797199c859412ddaaf5f7cb13b3e7fcf/cca/cbor.go#L15

Personnel

   The Document Shepherd for this document is Kathleen Moriarty. The
   Responsible Area Director is Roman Danyliw.

RFC Editor Note