Skip to main content

Scalable Remote Attestation for Systems, Containers, and Applications

Document Type Expired Internet-Draft (individual)
Authors Kathleen Moriarty , Antonio Fontes
Last updated 2022-06-13 (Latest revision 2021-12-10)
Stream (None)
Expired & archived
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document establishes an architectural pattern whereby a remote attestation could be issued for a complete set of benchmarks or controls that are defined and grouped by an external entity, preventing the need to send over individual attestations for each item within a benchmark or control framework. This document establishes a pattern to list sets of benchmarks and controls within CWT and JWT formats for use as an Entity Attestation Token (EAT).


Kathleen Moriarty
Antonio Fontes

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)