Remote Attestation Procedures for Network Security Functions (NSFs) through the I2NSF Security Controller

Document Type Expired Internet-Draft (individual)
Authors Antonio Pastor  , Diego Lopez  , Adrian Shaw 
Last updated 2019-08-15 (latest revision 2019-02-11)
Replaces draft-pastor-i2nsf-vnsf-attestation
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes the procedures a client can follow to assess the trust on an external NSF platform and its client-defined configuration through the I2NSF Security Controller. The procedure to assess trustworthiness is based on a remote attestation of the platform and the NSFs running on it performed through a Trusted Platform Module (TPM) invoked by the Security Controller.


Antonio Pastor (
Diego Lopez (
Adrian Shaw (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)