Skip to main content

Scalable Remote Attestation for Systems, Containers, and Applications

The information below is for an old version of the document.
Document Type This is an older version of an Internet-Draft whose latest revision is Expired
Authors Kathleen Moriarty , Antonio Fontes
Last updated 2021-12-06 (Latest revision 2021-06-04)
Stream (None)
Expired & archived
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document establishes an architectural pattern whereby a remote attestation could be issued for a complete set of benchmarks or controls that are defined and grouped by an external entity, preventing the need to send over individual attestations for each item within a benchmark or control framework. This document establishes a pattern to list sets of benchmarks and controls within CWT and JWT formats for use as an Entity Attestation Token (EAT).


Kathleen Moriarty
Antonio Fontes

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)