Internet-Draft Key Attestation Extension June 2022
Wallace & Turner Expires 24 December 2022 [Page]
Workgroup:
Limited Additional Mechanisms for PKIX and SMIME
Internet-Draft:
draft-wallace-lamps-key-attestation-ext-00
Published:
Intended Status:
Standards Track
Expires:
Authors:
C. Wallace
Red Hound
S. Turner
sn3rd

Key Attestation Extension for Certificate Management Protocols

Abstract

Certification Authorities (CAs) issue certificates for public keys conveyed to the CA via a certificate management message or protocol. In some cases, a CA may wish to tailor certificate contents based on whether the corresponding private key is secured by hardware in non-exportable form. This document describes extensions that may be included in any of several widely used certificate management protocols to convey attestations about the private key to the CA to support this determination.

About This Document

This note is to be removed before publishing as an RFC.

Status information for this document may be found at https://datatracker.ietf.org/doc/draft-wallace-lamps-key-attestation-ext/.

Discussion of this document takes place on the spasm Working Group mailing list (mailto:spasm@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/spasm/.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 24 December 2022.

1. Introduction

Many different certificate management protocols exist, including:

  • PKCS #10 [RFC2986]
  • Simple Certificate Enrolment Protocol (SCEP) [RFC8894]
  • Certificate Management over CMS (CMC) [RFC5272]
  • Certificate Management Protocol (CMP) [RFC4210]
  • Certificate Request Management Format (CRMF) [RFC4211]
  • Enrollment over Secure Transport (EST) [RFC7030]
  • Automatic Certificate Management Environment (ACME) [RFC8555]

Each of these specifications defines extensibility mechanisms to customize requests sent to a Certification Authority (CA), Registration Authority (RA), or certificate management server. This document addresses the first six specifications in the above list, as all can be customized using attributes or extensions. [RFC8555] is somewhat different and is addressed by [I-D.draft-bweeks-acme-device-attest].

Many operating system and device vendors offer functionality enabling a device to generate a cryptographic attestation that can be used to establish the provenance of a key:

[WebAuthn] defines an "API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users." In support of this goal, it defines a model and corresponding formats to support attestation functionality. Section 6.5 of [WebAuthn] describes the general attestation structure and section 8 defines some specific attestation formats. Similar to [I-D.draft-bweeks-acme-device-attest], this specification uses the attestation object definition from [WebAuthn] as a means of supporting a variety of attestation formats, which are defined in the IANA registry that was established by [RFC8809]; see [WebAuthnReg].

This document defines a structure, KeyAttestation, that can be used to convey a [WebAuthn] attestation statement as an attribute or extension when using the protocols listed above.

2. Conventions and Definitions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

3. Key Attestation Attribute or Extension

A key attestation attribute or extension MAY be included in certificate request messages to convey an attestation statement for the private key corresponding to the public key contained in the request. The attribute definition and the certificate extension definition are exactly the same, and they are identified by the same object identifier.

ext-keyAttestation EXTENSION ::= {
  SYNTAX KeyAttestation IDENTIFIED BY id-pe-keyAttestation }

attr-keyAttestation ATTRIBUTE ::= {
  SYNTAX KeyAttestation IDENTIFIED BY id-pe-keyAttestation }

id-pe-keyAttestation OBJECT IDENTIFIER ::=  { id-pe TBD }

KeyAttestation ::= SEQUENCE {
  hardwareSecured  BOOLEAN DEFAULT FALSE,
  attestationStatement OCTET STRING
}

The structure consists of two fields: hardwareSecured and attestationStatement. Where the hardwareSecured field is set to TRUE, the private key corresponding to the public key in the request MUST NOT be able to be exported from the cryptoprocessor. The attestationStatement field features an attestation statement as defined in [WebAuthn] encoded as an OCTET STRING.

While the format of an attestation statement varies, all attestation statement formats conveyed via a keyAttestation extension MUST include the public key that is the subject of the corresponding certificate management request. Certificate request messages that contain a key attestation that does not include a public key or that contain a public key that does not match the public key in the certificate request SHOULD be rejected with no certificate issued, however, a CA MAY elect to issue a certificate as if the request did not contain a key attestation per local policy.

Some attestation statement formats support the use of challenge password or nonce values. While the means of conveying challenge password value or a nonce value to certificate request clients is outside the scope of this document, each of SCEP [RFC8894], CMC [RFC5272], CMP [RFC4210] and EST [RFC7030] define means for conveying nonce values to certificate request clients. In some cases, challenge password or nonce values may be conveyed outside of a certificate management protocol. For example, SCEP payloads in Apple's Over-the-Air Profile Delivery and Configuration specification [OTA] deliver challenge passwords in an XML-formatted set of instructions.

Similarly, use and verification of a nonce value relative to an attestation statement is outside the scope of this document. Verification procedures for currently defined attestation statement formats can be found in Section 8 of [WebAuthn]. Certificate request messages that contain a key attestation that cannot be validated, including processing any nonce or challenge password values, SHOULD be rejected with no certificate issued, however, a CA MAY elect to issue a certificate as if the request did not contain a key attestation per local policy.

3.1. Usage in PKCS #10 requests

The PKCS #10 structure may be used directly or in SCEP, CMC, CMP or EST contexts. Where PKCS #10 is used, the public key in the attestation statement MUST match the public key in the CertificationRequestInfo.subjectPKInfo field and the keyAttestation attribute MUST appear in the CertificationRequestInfo.attributes field.

3.2. Usage in CRMF requests

The CRMF structure may be used in CMC, CMP or EST. Where CRMF is used, the public key in the attestation statement MUST match the public key in the CertTemplate.publicKey field and the keyAttestation extension MUST appear in the CertTemplate.extensions field.

4. Example extension

The example extension below features a CBOR-encoded attestation statement of type "apple-appattest", which was genrated using the attestKey method.

   0 5199: SEQUENCE {
   4    1:   BOOLEAN TRUE
   7 5192:   OCTET STRING
         :     A3 63 66 6D 74 6F 61 70 70 6C 65 2D 61 70 70 61
         :     74 74 65 73 74 67 61 74 74 53 74 6D 74 A2 63 78
         :     35 63 82 59 02 DD 30 82 02 D9 30 82 02 5F A0 03
         :     02 01 02 02 06 01 81 02 CA EB C8 30 0A 06 08 2A
         :     86 48 CE 3D 04 03 02 30 4F 31 23 30 21 06 03 55
         :     04 03 0C 1A 41 70 70 6C 65 20 41 70 70 20 41 74
         :     74 65 73 74 61 74 69 6F 6E 20 43 41 20 31 31 13
         :     30 11 06 03 55 04 0A 0C 0A 41 70 70 6C 65 20 49
         :     6E 63 2E 31 13 30 11 06 03 55 04 08 0C 0A 43 61
         :     6C 69 66 6F 72 6E 69 61 30 1E 17 0D 32 32 30 35
         :     32 35 32 33 35 34 32 32 5A 17 0D 32 32 30 35 32
         :     38 32 33 35 34 32 32 5A 30 81 91 31 49 30 47 06
         :     03 55 04 03 0C 40 33 31 34 65 64 62 39 66 62 64
         :     66 34 35 66 61 65 32 30 32 66 39 63 37 31 31 64
         :     62 30 38 34 36 33 65 61 61 36 31 64 31 65 66 62
         :     61 32 32 63 30 30 66 34 63 30 64 33 32 33 61 33
         :     38 37 36 31 61 34 31 1A 30 18 06 03 55 04 0B 0C
         :     11 41 41 41 20 43 65 72 74 69 66 69 63 61 74 69
         :     6F 6E 31 13 30 11 06 03 55 04 0A 0C 0A 41 70 70
         :     6C 65 20 49 6E 63 2E 31 13 30 11 06 03 55 04 08
         :     0C 0A 43 61 6C 69 66 6F 72 6E 69 61 30 59 30 13
         :     06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D
         :     03 01 07 03 42 00 04 B9 3E 33 81 15 20 24 5A E1
         :     50 DF 87 05 5F 96 67 32 4A 3B CA A1 C0 C9 F0 7A
         :     A2 13 0D 41 A2 EA B8 0A FB A4 7F 34 39 00 7F B6
         :     7F 07 30 75 D2 34 96 6F 83 08 F2 FD 0B 3C D3 47
         :     FA 72 11 4A 26 74 67 A3 81 E3 30 81 E0 30 0C 06
         :     03 55 1D 13 01 01 FF 04 02 30 00 30 0E 06 03 55
         :     1D 0F 01 01 FF 04 04 03 02 04 F0 30 70 06 09 2A
         :     86 48 86 F7 63 64 08 05 04 63 30 61 A4 03 02 01
         :     0A BF 89 30 03 02 01 01 BF 89 31 03 02 01 00 BF
         :     89 32 03 02 01 01 BF 89 33 03 02 01 01 BF 89 34
         :     18 04 16 32 46 42 45 4C 48 52 37 32 4E 2E 41 74
         :     74 65 73 74 54 65 73 74 33 A5 06 04 04 73 6B 73
         :     20 BF 89 36 03 02 01 05 BF 89 37 03 02 01 00 BF
         :     89 39 03 02 01 00 BF 89 3A 03 02 01 00 30 19 06
         :     09 2A 86 48 86 F7 63 64 08 07 04 0C 30 0A BF 8A
         :     78 06 04 04 31 35 2E 35 30 33 06 09 2A 86 48 86
         :     F7 63 64 08 02 04 26 30 24 A1 22 04 20 14 CA 34
         :     E9 45 E6 03 AE CF 85 70 E4 B6 81 47 DF 80 49 3B
         :     77 70 9A AF AD 54 29 FD E7 22 3D 1B 24 30 0A 06
         :     08 2A 86 48 CE 3D 04 03 02 03 68 00 30 65 02 31
         :     00 CD 6C B7 16 9F CD AB 4B CB B7 C6 9A E9 3E 00
         :     78 11 7A 2C E7 17 C5 2E 34 92 47 EF 93 64 6A 4A
         :     26 2D 80 70 9F 11 32 A5 F5 16 E7 3F 14 FD 90 21
         :     16 02 30 3D DA EA 07 EA AA 6E 49 70 DA 39 A5 0C
         :     0B 92 9B AA D5 A6 3F 15 C8 0F B5 C0 FC 22 E0 6E
         :     36 B7 9F 87 07 98 37 95 C5 3C FE E5 20 11 C0 58
         :     5B D0 64 59 02 47 30 82 02 43 30 82 01 C8 A0 03
         :     02 01 02 02 10 09 BA C5 E1 BC 40 1A D9 D4 53 95
         :     BC 38 1A 08 54 30 0A 06 08 2A 86 48 CE 3D 04 03
         :     03 30 52 31 26 30 24 06 03 55 04 03 0C 1D 41 70
         :     70 6C 65 20 41 70 70 20 41 74 74 65 73 74 61 74
         :     69 6F 6E 20 52 6F 6F 74 20 43 41 31 13 30 11 06
         :     03 55 04 0A 0C 0A 41 70 70 6C 65 20 49 6E 63 2E
         :     31 13 30 11 06 03 55 04 08 0C 0A 43 61 6C 69 66
         :     6F 72 6E 69 61 30 1E 17 0D 32 30 30 33 31 38 31
         :     38 33 39 35 35 5A 17 0D 33 30 30 33 31 33 30 30
         :     30 30 30 30 5A 30 4F 31 23 30 21 06 03 55 04 03
         :     0C 1A 41 70 70 6C 65 20 41 70 70 20 41 74 74 65
         :     73 74 61 74 69 6F 6E 20 43 41 20 31 31 13 30 11
         :     06 03 55 04 0A 0C 0A 41 70 70 6C 65 20 49 6E 63
         :     2E 31 13 30 11 06 03 55 04 08 0C 0A 43 61 6C 69
         :     66 6F 72 6E 69 61 30 76 30 10 06 07 2A 86 48 CE
         :     3D 02 01 06 05 2B 81 04 00 22 03 62 00 04 AE 5B
         :     37 A0 77 4D 79 B2 35 8F 40 E7 D1 F2 26 26 F1 C2
         :     5F EF 17 80 2D EA B3 82 6A 59 87 4F F8 D2 AD 15
         :     25 78 9A A2 66 04 19 12 48 B6 3C B9 67 06 9E 98
         :     D3 63 BD 5E 37 0F BF A0 8E 32 9E 80 73 A9 85 E7
         :     74 6E A3 59 A2 F6 6F 29 DB 32 AF 45 5E 21 16 58
         :     D5 67 AF 9E 26 7E B2 61 4D C2 1A 66 CE 99 A3 66
         :     30 64 30 12 06 03 55 1D 13 01 01 FF 04 08 30 06
         :     01 01 FF 02 01 00 30 1F 06 03 55 1D 23 04 18 30
         :     16 80 14 AC 91 10 53 33 BD BE 68 41 FF A7 0C A9
         :     E5 FA EA E5 E5 8A A1 30 1D 06 03 55 1D 0E 04 16
         :     04 14 3E E3 5D 1C 04 19 A9 C9 B4 31 F8 84 74 D6
         :     E1 E1 57 72 E3 9B 30 0E 06 03 55 1D 0F 01 01 FF
         :     04 04 03 02 01 06 30 0A 06 08 2A 86 48 CE 3D 04
         :     03 03 03 69 00 30 66 02 31 00 BB BE 88 8D 73 8D
         :     05 02 CF BC FD 66 6D 09 57 50 35 BC D6 87 2C 3F
         :     84 30 49 26 29 ED D1 F9 14 E8 79 99 1C 9A E8 B5
         :     AE F8 D3 A8 54 33 F7 B6 0D 06 02 31 00 AB 38 ED
         :     D0 CC 81 ED 00 A4 52 C3 BA 44 F9 93 63 65 53 FE
         :     CC 29 7F 2E B4 DF 9F 5E BE 5A 4A CA B6 99 5C 4B
         :     82 0D F9 04 38 6F 78 07 BB 58 94 39 B7 67 72 65
         :     63 65 69 70 74 59 0E 41 30 80 06 09 2A 86 48 86
         :     F7 0D 01 07 02 A0 80 30 80 02 01 01 31 0F 30 0D
         :     06 09 60 86 48 01 65 03 04 02 01 05 00 30 80 06
         :     09 2A 86 48 86 F7 0D 01 07 01 A0 80 24 80 04 82
         :     03 E8 31 82 03 FC 30 1E 02 01 02 02 01 01 04 16
         :     32 46 42 45 4C 48 52 37 32 4E 2E 41 74 74 65 73
         :     74 54 65 73 74 33 30 82 02 E7 02 01 03 02 01 01
         :     04 82 02 DD 30 82 02 D9 30 82 02 5F A0 03 02 01
         :     02 02 06 01 81 02 CA EB C8 30 0A 06 08 2A 86 48
         :     CE 3D 04 03 02 30 4F 31 23 30 21 06 03 55 04 03
         :     0C 1A 41 70 70 6C 65 20 41 70 70 20 41 74 74 65
         :     73 74 61 74 69 6F 6E 20 43 41 20 31 31 13 30 11
         :     06 03 55 04 0A 0C 0A 41 70 70 6C 65 20 49 6E 63
         :     2E 31 13 30 11 06 03 55 04 08 0C 0A 43 61 6C 69
         :     66 6F 72 6E 69 61 30 1E 17 0D 32 32 30 35 32 35
         :     32 33 35 34 32 32 5A 17 0D 32 32 30 35 32 38 32
         :     33 35 34 32 32 5A 30 81 91 31 49 30 47 06 03 55
         :     04 03 0C 40 33 31 34 65 64 62 39 66 62 64 66 34
         :     35 66 61 65 32 30 32 66 39 63 37 31 31 64 62 30
         :     38 34 36 33 65 61 61 36 31 64 31 65 66 62 61 32
         :     32 63 30 30 66 34 63 30 64 33 32 33 61 33 38 37
         :     36 31 61 34 31 1A 30 18 06 03 55 04 0B 0C 11 41
         :     41 41 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E
         :     31 13 30 11 06 03 55 04 0A 0C 0A 41 70 70 6C 65
         :     20 49 6E 63 2E 31 13 30 11 06 03 55 04 08 0C 0A
         :     43 61 6C 69 66 6F 72 6E 69 61 30 59 30 13 06 07
         :     2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01
         :     07 03 42 00 04 B9 3E 33 81 15 20 24 5A E1 50 DF
         :     87 05 5F 96 67 32 4A 3B CA A1 C0 C9 F0 7A A2 13
         :     0D 41 A2 EA B8 0A FB A4 7F 34 39 00 7F B6 7F 07
         :     30 75 D2 34 96 6F 83 08 F2 FD 0B 3C D3 47 FA 72
         :     11 4A 26 74 67 A3 81 E3 30 81 E0 30 0C 06 03 55
         :     1D 13 01 01 FF 04 02 30 00 30 0E 06 03 55 1D 0F
         :     01 01 FF 04 04 03 02 04 F0 30 70 06 09 2A 86 48
         :     86 F7 63 64 08 05 04 63 30 61 A4 03 02 01 0A BF
         :     89 30 03 02 01 01 BF 89 31 03 02 01 00 BF 89 32
         :     03 02 01 01 BF 89 33 03 02 01 01 BF 89 34 18 04
         :     16 32 46 42 45 4C 48 52 37 32 4E 2E 41 74 74 65
         :     73 74 54 65 73 74 33 A5 06 04 04 73 6B 73 20 BF
         :     89 36 03 02 01 05 BF 89 37 03 02 01 00 BF 89 39
         :     03 02 01 00 BF 89 3A 03 02 01 00 30 19 06 09 2A
         :     86 48 86 F7 63 64 08 07 04 0C 30 0A BF 8A 78 06
         :     04 04 31 35 2E 35 30 33 06 09 2A 86 48 86 F7 63
         :     64 08 02 04 26 30 24 A1 22 04 20 14 CA 34 E9 45
         :     E6 03 AE CF 85 70 E4 B6 81 47 DF 80 49 3B 77 70
         :     9A AF AD 54 29 FD E7 22 3D 1B 24 30 0A 06 08 2A
         :     86 48 CE 3D 04 03 02 03 68 00 30 65 02 31 00 CD
         :     6C B7 16 9F CD AB 4B CB B7 C6 9A E9 3E 00 78 11
         :     7A 2C E7 17 C5 2E 34 92 47 EF 93 64 6A 4A 26 2D
         :     80 70 9F 11 32 A5 F5 16 E7 3F 14 FD 90 21 16 02
         :     30 3D DA EA 07 EA AA 6E 49 70 DA 39 A5 0C 0B 92
         :     9B AA D5 A6 3F 15 C8 0F B5 C0 FC 22 E0 6E 36 B7
         :     9F 87 07 98 37 95 C5 3C FE E5 20 11 C0 58 5B D0
         :     64 30 28 02 01 04 02 01 01 04 20 4B B4 F5 F1 21
         :     7E ED 8A EF 2A EF A4 90 62 1D 19 00 B5 BE 05 2A
         :     7F 34 3E 0D 1E F4 26 E0 C8 D0 23 30 60 02 01 05
         :     02 01 01 04 58 67 72 31 64 6E 63 6B 56 41 71 34
         :     72 39 45 37 63 62 37 45 61 6A 5A 42 43 56 63 77
         :     36 45 63 73 69 53 35 52 52 69 67 42 50 38 68 70
         :     42 4D 58 66 74 4A 5A 2B 56 32 44 55 37 6A 4E 30
         :     59 6D 56 71 7A 35 6A 4C 37 57 31 61 71 75 64 35
         :     6D 5A 37 48 6E 79 6F 6B 6B 43 67 3D 3D 30 0E 02
         :     01 06 02 01 01 04 06 41 54 54 45 53 54 30 0F 02
         :     01 07 02 01 01 04 07 73 61 6E 64 62 6F 78 30 20
         :     02 01 0C 02 01 01 04 18 32 30 32 32 2D 30 35 2D
         :     32 36 54 32 33 3A 35 34 3A 32 32 2E 30 36 32 5A
         :     30 20 02 01 15 02 01 01 04 18 04 18 32 30 32 32
         :     2D 30 38 2D 32 34 54 32 33 3A 35 34 3A 32 32 2E
         :     30 36 32 5A 00 00 00 00 00 00 A0 80 30 82 03 AE
         :     30 82 03 54 A0 03 02 01 02 02 10 09 39 B4 BC E9
         :     0C C3 A1 81 65 36 37 2F 66 71 41 30 0A 06 08 2A
         :     86 48 CE 3D 04 03 02 30 7C 31 30 30 2E 06 03 55
         :     04 03 0C 27 41 70 70 6C 65 20 41 70 70 6C 69 63
         :     61 74 69 6F 6E 20 49 6E 74 65 67 72 61 74 69 6F
         :     6E 20 43 41 20 35 20 2D 20 47 31 31 26 30 24 06
         :     03 55 04 0B 0C 1D 41 70 70 6C 65 20 43 65 72 74
         :     69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 6F 72
         :     69 74 79 31 13 30 11 06 03 55 04 0A 0C 0A 41 70
         :     70 6C 65 20 49 6E 63 2E 31 0B 30 09 06 03 55 04
         :     06 13 02 55 53 30 1E 17 0D 32 32 30 34 31 39 31
         :     33 33 33 30 33 5A 17 0D 32 33 30 35 31 39 31 33
         :     33 33 30 32 5A 30 5A 31 36 30 34 06 03 55 04 03
         :     0C 2D 41 70 70 6C 69 63 61 74 69 6F 6E 20 41 74
         :     74 65 73 74 61 74 69 6F 6E 20 46 72 61 75 64 20
         :     52 65 63 65 69 70 74 20 53 69 67 6E 69 6E 67 31
         :     13 30 11 06 03 55 04 0A 0C 0A 41 70 70 6C 65 20
         :     49 6E 63 2E 31 0B 30 09 06 03 55 04 06 13 02 55
         :     53 30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08
         :     2A 86 48 CE 3D 03 01 07 03 42 00 04 39 D4 F9 AA
         :     9B 1C C4 45 D6 5B A6 17 AC F2 C0 84 EC 6F 07 08
         :     D5 90 14 A0 E7 6E CF 3D EE 39 99 A9 4C 6B FB 01
         :     55 10 55 55 64 6C DA 8E 23 E0 26 01 14 02 D0 7E
         :     13 B9 54 1F D8 B4 D6 57 D8 2E 93 78 A3 82 01 D8
         :     30 82 01 D4 30 0C 06 03 55 1D 13 01 01 FF 04 02
         :     30 00 30 1F 06 03 55 1D 23 04 18 30 16 80 14 D9
         :     17 FE 4B 67 90 38 4B 92 F4 DB CE D5 57 80 14 0B
         :     8F 3D C9 30 43 06 08 2B 06 01 05 05 07 01 01 04
         :     37 30 35 30 33 06 08 2B 06 01 05 05 07 30 01 86
         :     27 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 61 70 70
         :     6C 65 2E 63 6F 6D 2F 6F 63 73 70 30 33 2D 61 61
         :     69 63 61 35 67 31 30 31 30 82 01 1C 06 03 55 1D
         :     20 04 82 01 13 30 82 01 0F 30 82 01 0B 06 09 2A
         :     86 48 86 F7 63 64 05 01 30 81 FD 30 81 C3 06 08
         :     2B 06 01 05 05 07 02 02 30 81 B6 0C 81 B3 52 65
         :     6C 69 61 6E 63 65 20 6F 6E 20 74 68 69 73 20 63
         :     65 72 74 69 66 69 63 61 74 65 20 62 79 20 61 6E
         :     79 20 70 61 72 74 79 20 61 73 73 75 6D 65 73 20
         :     61 63 63 65 70 74 61 6E 63 65 20 6F 66 20 74 68
         :     65 20 74 68 65 6E 20 61 70 70 6C 69 63 61 62 6C
         :     65 20 73 74 61 6E 64 61 72 64 20 74 65 72 6D 73
         :     20 61 6E 64 20 63 6F 6E 64 69 74 69 6F 6E 73 20
         :     6F 66 20 75 73 65 2C 20 63 65 72 74 69 66 69 63
         :     61 74 65 20 70 6F 6C 69 63 79 20 61 6E 64 20 63
         :     65 72 74 69 66 69 63 61 74 69 6F 6E 20 70 72 61
         :     63 74 69 63 65 20 73 74 61 74 65 6D 65 6E 74 73
         :     2E 30 35 06 08 2B 06 01 05 05 07 02 01 16 29 68
         :     74 74 70 3A 2F 2F 77 77 77 2E 61 70 70 6C 65 2E
         :     63 6F 6D 2F 63 65 72 74 69 66 69 63 61 74 65 61
         :     75 74 68 6F 72 69 74 79 30 1D 06 03 55 1D 0E 04
         :     16 04 14 FB 67 D3 0D BF 73 B7 92 A6 26 5D 48 8D
         :     2C C1 1D 95 E2 73 F8 30 0E 06 03 55 1D 0F 01 01
         :     FF 04 04 03 02 07 80 30 0F 06 09 2A 86 48 86 F7
         :     63 64 0C 0F 04 02 05 00 30 0A 06 08 2A 86 48 CE
         :     3D 04 03 02 03 48 00 30 45 02 21 00 94 90 A0 67
         :     37 73 E7 2F 78 29 36 76 23 B8 DD 51 D7 C8 9A 09
         :     EA BB 00 E3 9C 6E 45 0B 05 58 0B D0 02 20 47 34
         :     1A 2B D1 3C C0 54 A8 0A 3A AA CC 3C C1 45 7C 00
         :     54 53 18 EA 33 8D 7D 6D D5 F6 0B 2B 87 2E 30 82
         :     02 F9 30 82 02 7F A0 03 02 01 02 02 10 56 FB 83
         :     D4 2B FF 8D C3 37 99 23 B5 5A AE 6E BD 30 0A 06
         :     08 2A 86 48 CE 3D 04 03 03 30 67 31 1B 30 19 06
         :     03 55 04 03 0C 12 41 70 70 6C 65 20 52 6F 6F 74
         :     20 43 41 20 2D 20 47 33 31 26 30 24 06 03 55 04
         :     0B 0C 1D 41 70 70 6C 65 20 43 65 72 74 69 66 69
         :     63 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79
         :     31 13 30 11 06 03 55 04 0A 0C 0A 41 70 70 6C 65
         :     20 49 6E 63 2E 31 0B 30 09 06 03 55 04 06 13 02
         :     55 53 30 1E 17 0D 31 39 30 33 32 32 31 37 35 33
         :     33 33 5A 17 0D 33 34 30 33 32 32 30 30 30 30 30
         :     30 5A 30 7C 31 30 30 2E 06 03 55 04 03 0C 27 41
         :     70 70 6C 65 20 41 70 70 6C 69 63 61 74 69 6F 6E
         :     20 49 6E 74 65 67 72 61 74 69 6F 6E 20 43 41 20
         :     35 20 2D 20 47 31 31 26 30 24 06 03 55 04 0B 0C
         :     1D 41 70 70 6C 65 20 43 65 72 74 69 66 69 63 61
         :     74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 13
         :     30 11 06 03 55 04 0A 0C 0A 41 70 70 6C 65 20 49
         :     6E 63 2E 31 0B 30 09 06 03 55 04 06 13 02 55 53
         :     30 59 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A
         :     86 48 CE 3D 03 01 07 03 42 00 04 92 CE 63 BD 7D
         :     86 B1 AB 28 0A 3B 1C E1 AF FB 04 94 80 91 AC F6
         :     31 DF A6 CB 28 35 6F 44 4B E1 21 E5 57 DD 12 8D
         :     8D BA 82 7C 95 BE 49 FA BE 33 CA AE CD 04 19 F1
         :     2F 43 25 FA F4 BE B3 CB 83 7E BA A3 81 F7 30 81
         :     F4 30 0F 06 03 55 1D 13 01 01 FF 04 05 30 03 01
         :     01 FF 30 1F 06 03 55 1D 23 04 18 30 16 80 14 BB
         :     B0 DE A1 58 33 88 9A A4 8A 99 DE BE BD EB AF DA
         :     CB 24 AB 30 46 06 08 2B 06 01 05 05 07 01 01 04
         :     3A 30 38 30 36 06 08 2B 06 01 05 05 07 30 01 86
         :     2A 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 61 70 70
         :     6C 65 2E 63 6F 6D 2F 6F 63 73 70 30 33 2D 61 70
         :     70 6C 65 72 6F 6F 74 63 61 67 33 30 37 06 03 55
         :     1D 1F 04 30 30 2E 30 2C A0 2A A0 28 86 26 68 74
         :     74 70 3A 2F 2F 63 72 6C 2E 61 70 70 6C 65 2E 63
         :     6F 6D 2F 61 70 70 6C 65 72 6F 6F 74 63 61 67 33
         :     2E 63 72 6C 30 1D 06 03 55 1D 0E 04 16 04 14 D9
         :     17 FE 4B 67 90 38 4B 92 F4 DB CE D5 57 80 14 0B
         :     8F 3D C9 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03
         :     02 01 06 30 10 06 0A 2A 86 48 86 F7 63 64 06 02
         :     03 04 02 05 00 30 0A 06 08 2A 86 48 CE 3D 04 03
         :     03 03 68 00 30 65 02 31 00 8D 6F A6 9F A1 E0 E4
         :     EC 5B 4E 73 8A 92 7F 3D 78 53 98 8F F4 DA 1F 58
         :     1E C3 75 4A FE 38 A8 4C 2A 83 1A 1A AA 0D A6 64
         :     6D E1 B9 93 E8 D1 55 4C ED 02 30 67 3B 2C B4 E1
         :     E8 37 07 77 CB D5 EC 76 A8 1A 3A 55 3B 3F 35 6A
         :     C8 C5 E6 92 B0 E1 61 BE 80 49 69 E4 5F 2B A9 6C
         :     E1 11 02 AA CC 61 D9 38 B7 73 4A 30 82 02 43 30
         :     82 01 C9 A0 03 02 01 02 02 08 2D C5 FC 88 D2 C5
         :     4B 95 30 0A 06 08 2A 86 48 CE 3D 04 03 03 30 67
         :     31 1B 30 19 06 03 55 04 03 0C 12 41 70 70 6C 65
         :     20 52 6F 6F 74 20 43 41 20 2D 20 47 33 31 26 30
         :     24 06 03 55 04 0B 0C 1D 41 70 70 6C 65 20 43 65
         :     72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68
         :     6F 72 69 74 79 31 13 30 11 06 03 55 04 0A 0C 0A
         :     41 70 70 6C 65 20 49 6E 63 2E 31 0B 30 09 06 03
         :     55 04 06 13 02 55 53 30 1E 17 0D 31 34 30 34 33
         :     30 31 38 31 39 30 36 5A 17 0D 33 39 30 34 33 30
         :     31 38 31 39 30 36 5A 30 67 31 1B 30 19 06 03 55
         :     04 03 0C 12 41 70 70 6C 65 20 52 6F 6F 74 20 43
         :     41 20 2D 20 47 33 31 26 30 24 06 03 55 04 0B 0C
         :     1D 41 70 70 6C 65 20 43 65 72 74 69 66 69 63 61
         :     74 69 6F 6E 20 41 75 74 68 6F 72 69 74 79 31 13
         :     30 11 06 03 55 04 0A 0C 0A 41 70 70 6C 65 20 49
         :     6E 63 2E 31 0B 30 09 06 03 55 04 06 13 02 55 53
         :     30 76 30 10 06 07 2A 86 48 CE 3D 02 01 06 05 2B
         :     81 04 00 22 03 62 00 04 98 E9 2F 3D 40 72 A4 ED
         :     93 22 72 81 13 1C DD 10 95 F1 C5 A3 4E 71 DC 14
         :     16 D9 0E E5 A6 05 2A 77 64 7B 5F 4E 38 D3 BB 1C
         :     44 B5 7F F5 1F B6 32 62 5D C9 E9 84 5B 4F 30 4F
         :     11 5A 00 FD 58 58 0C A5 F5 0F 2C 4D 07 47 13 75
         :     DA 97 97 97 6F 31 5C ED 2B 9D 7B 20 3B D8 B9 54
         :     D9 5E 99 A4 3A 51 0A 31 A3 42 30 40 30 1D 06 03
         :     55 1D 0E 04 16 04 14 BB B0 DE A1 58 33 88 9A A4
         :     8A 99 DE BE BD EB AF DA CB 24 AB 30 0F 06 03 55
         :     1D 13 01 01 FF 04 05 30 03 01 01 FF 30 0E 06 03
         :     55 1D 0F 01 01 FF 04 04 03 02 01 06 30 0A 06 08
         :     2A 86 48 CE 3D 04 03 03 03 68 00 30 65 02 31 00
         :     83 E9 C1 C4 16 5E 1A 5D 34 18 D9 ED EF F4 6C 0E
         :     00 46 4B B8 DF B2 46 11 C5 0F FD E6 7A 8C A1 A6
         :     6B CE C2 03 D4 9C F5 93 C6 74 B8 6A DF AA 23 15
         :     02 30 6D 66 8A 10 CA D4 0D D4 4F CD 8D 43 3E B4
         :     8A 63 A5 33 6E E3 6D DA 17 B7 64 1F C8 53 26 F9
         :     88 62 74 39 0B 17 5B CB 51 A8 0C E8 18 03 E7 A2
         :     B2 28 00 00 31 81 FC 30 81 F9 02 01 01 30 81 90
         :     30 7C 31 30 30 2E 06 03 55 04 03 0C 27 41 70 70
         :     6C 65 20 41 70 70 6C 69 63 61 74 69 6F 6E 20 49
         :     6E 74 65 67 72 61 74 69 6F 6E 20 43 41 20 35 20
         :     2D 20 47 31 31 26 30 24 06 03 55 04 0B 0C 1D 41
         :     70 70 6C 65 20 43 65 72 74 69 66 69 63 61 74 69
         :     6F 6E 20 41 75 74 68 6F 72 69 74 79 31 13 30 11
         :     06 03 55 04 0A 0C 0A 41 70 70 6C 65 20 49 6E 63
         :     2E 31 0B 30 09 06 03 55 04 06 13 02 55 53 02 10
         :     09 39 B4 BC E9 0C C3 A1 81 65 36 37 2F 66 71 41
         :     30 0D 06 09 60 86 48 01 65 03 04 02 01 05 00 30
         :     0A 06 08 2A 86 48 CE 3D 04 03 02 04 46 30 44 02
         :     20 0B DC 9C C6 40 B8 12 CB 48 93 35 22 D5 95 35
         :     9D 5F 41 CB 4F D4 5F DD 8A D5 C9 48 16 1E 8A 02
         :     73 02 20 1C BE 13 1D C1 59 E4 C9 2E 03 59 A7 64
         :     E1 26 3D 6D DF 8B CB 74 67 D1 A8 C0 5E 96 BE E1
         :     9F B1 57 00 00 00 00 00 00 68 61 75 74 68 44 61
         :     74 61 58 A4 50 4E 95 49 A7 B7 37 91 86 C1 DE B6
         :     F0 D0 E3 74 47 11 10 E0 D7 0B 6F 4A A2 BA D9 90
         :     EA 3D 35 2D 40 00 00 00 00 61 70 70 61 74 74 65
         :     73 74 64 65 76 65 6C 6F 70 00 20 31 4E DB 9F BD
         :     F4 5F AE 20 2F 9C 71 1D B0 84 63 EA A6 1D 1E FB
         :     A2 2C 00 F4 C0 D3 23 A3 87 61 A4 A5 01 02 03 26
         :     20 01 21 58 20 B9 3E 33 81 15 20 24 5A E1 50 DF
         :     87 05 5F 96 67 32 4A 3B CA A1 C0 C9 F0 7A A2 13
         :     0D 41 A2 EA B8 22 58 20 0A FB A4 7F 34 39 00 7F
         :     B6 7F 07 30 75 D2 34 96 6F 83 08 F2 FD 0B 3C D3
         :     47 FA 72 11 4A 26 74 67
         :   }

The contents of the attestationStatement field in the above example are shown below in JSON format.

{"fmt": "apple-appattest", "attStmt": {"x5c":
[h'
308202D93082025FA0030201020206018102CAEBC8300A06082A8648CE3D040302304
F3123302106035504030C1A4170706C6520417070204174746573746174696F6E2043
41203131133011060355040A0C0A4170706C6520496E632E3113301106035504080C0
A43616C69666F726E6961301E170D3232303532353233353432325A170D3232303532
383233353432325A3081913149304706035504030C403331346564623966626466343
566616532303266396337313164623038343633656161363164316566626132326330
3066346330643332336133383736316134311A3018060355040B0C114141412043657
274696669636174696F6E31133011060355040A0C0A4170706C6520496E632E311330
1106035504080C0A43616C69666F726E69613059301306072A8648CE3D020106082A8
648CE3D03010703420004B93E33811520245AE150DF87055F9667324A3BCAA1C0C9F0
7AA2130D41A2EAB80AFBA47F3439007FB67F073075D234966F8308F2FD0B3CD347FA7
2114A267467A381E33081E0300C0603551D130101FF04023000300E0603551D0F0101
FF0404030204F0307006092A864886F76364080504633061A40302010ABF893003020
101BF893103020100BF893203020101BF893303020101BF8934180416324642454C48
5237324E2E4174746573745465737433A5060404736B7320BF893603020105BF89370
3020100BF893903020100BF893A03020100301906092A864886F763640807040C300A
BF8A7806040431352E35303306092A864886F76364080204263024A122042014CA34E
945E603AECF8570E4B68147DF80493B77709AAFAD5429FDE7223D1B24300A06082A86
48CE3D0403020368003065023100CD6CB7169FCDAB4BCBB7C69AE93E0078117A2CE71
7C52E349247EF93646A4A262D80709F1132A5F516E73F14FD90211602303DDAEA07EA
AA6E4970DA39A50C0B929BAAD5A63F15C80FB5C0FC22E06E36B79F8707983795C53CF
EE52011C0585BD064',
h'
30820243308201C8A003020102021009BAC5E1BC401AD9D45395BC381A0854300A060
82A8648CE3D04030330523126302406035504030C1D4170706C652041707020417474
6573746174696F6E20526F6F7420434131133011060355040A0C0A4170706C6520496
E632E3113301106035504080C0A43616C69666F726E6961301E170D32303033313831
38333935355A170D3330303331333030303030305A304F3123302106035504030C1A4
170706C6520417070204174746573746174696F6E204341203131133011060355040A
0C0A4170706C6520496E632E3113301106035504080C0A43616C69666F726E6961307
6301006072A8648CE3D020106052B8104002203620004AE5B37A0774D79B2358F40E7
D1F22626F1C25FEF17802DEAB3826A59874FF8D2AD1525789AA26604191248B63CB96
7069E98D363BD5E370FBFA08E329E8073A985E7746EA359A2F66F29DB32AF455E2116
58D567AF9E267EB2614DC21A66CE99A366306430120603551D130101FF04083006010
1FF020100301F0603551D23041830168014AC91105333BDBE6841FFA70CA9E5FAEAE5
E58AA1301D0603551D0E041604143EE35D1C0419A9C9B431F88474D6E1E15772E39B3
00E0603551D0F0101FF040403020106300A06082A8648CE3D04030303690030660231
00BBBE888D738D0502CFBCFD666D09575035BCD6872C3F8430492629EDD1F914E8799
91C9AE8B5AEF8D3A85433F7B60D06023100AB38EDD0CC81ED00A452C3BA44F9936365
53FECC297F2EB4DF9F5EBE5A4ACAB6995C4B820DF904386F7807BB589439B7'],
"receipt":
h'
308006092A864886F70D010702A0803080020101310F300D060960864801650304020
10500308006092A864886F70D010701A0802480048203E8318203FC301E0201020201
010416324642454C485237324E2E4174746573745465737433308202E702010302010
1048202DD308202D93082025FA0030201020206018102CAEBC8300A06082A8648CE3D
040302304F3123302106035504030C1A4170706C65204170702041747465737461746
96F6E204341203131133011060355040A0C0A4170706C6520496E632E311330110603
5504080C0A43616C69666F726E6961301E170D3232303532353233353432325A170D3
232303532383233353432325A3081913149304706035504030C403331346564623966
626466343566616532303266396337313164623038343633656161363164316566626
1323263303066346330643332336133383736316134311A3018060355040B0C114141
412043657274696669636174696F6E31133011060355040A0C0A4170706C6520496E6
32E3113301106035504080C0A43616C69666F726E69613059301306072A8648CE3D02
0106082A8648CE3D03010703420004B93E33811520245AE150DF87055F9667324A3BC
AA1C0C9F07AA2130D41A2EAB80AFBA47F3439007FB67F073075D234966F8308F2FD0B
3CD347FA72114A267467A381E33081E0300C0603551D130101FF04023000300E06035
51D0F0101FF0404030204F0307006092A864886F76364080504633061A40302010ABF
893003020101BF893103020100BF893203020101BF893303020101BF8934180416324
642454C485237324E2E4174746573745465737433A5060404736B7320BF8936030201
05BF893703020100BF893903020100BF893A03020100301906092A864886F76364080
7040C300ABF8A7806040431352E35303306092A864886F76364080204263024A12204
2014CA34E945E603AECF8570E4B68147DF80493B77709AAFAD5429FDE7223D1B24300
A06082A8648CE3D0403020368003065023100CD6CB7169FCDAB4BCBB7C69AE93E0078
117A2CE717C52E349247EF93646A4A262D80709F1132A5F516E73F14FD90211602303
DDAEA07EAAA6E4970DA39A50C0B929BAAD5A63F15C80FB5C0FC22E06E36B79F870798
3795C53CFEE52011C0585BD064302802010402010104204BB4F5F1217EED8AEF2AEFA
490621D1900B5BE052A7F343E0D1EF426E0C8D0233060020105020101045867723164
6E636B564171347239453763623745616A5A424356637736456373695335525269674
250386870424D5866744A5A2B56324455376A4E30596D56717A356A4C375731617175
64356D5A37486E796F6B6B43673D3D300E0201060201010406415454455354300F020
107020101040773616E64626F78302002010C0201010418323032322D30352D323654
32333A35343A32322E3036325A302002011502010104180418323032322D30382D323
45432333A35343A32322E3036325A000000000000A080308203AE30820354A0030201
0202100939B4BCE90CC3A1816536372F667141300A06082A8648CE3D040302307C313
0302E06035504030C274170706C65204170706C69636174696F6E20496E7465677261
74696F6E2043412035202D20473131263024060355040B0C1D4170706C65204365727
4696669636174696F6E20417574686F7269747931133011060355040A0C0A4170706C
6520496E632E310B3009060355040613025553301E170D32323034313931333333303
35A170D3233303531393133333330325A305A3136303406035504030C2D4170706C69
636174696F6E204174746573746174696F6E204672617564205265636569707420536
9676E696E6731133011060355040A0C0A4170706C6520496E632E310B300906035504
06130255533059301306072A8648CE3D020106082A8648CE3D0301070342000439D4F
9AA9B1CC445D65BA617ACF2C084EC6F0708D59014A0E76ECF3DEE3999A94C6BFB0155
105555646CDA8E23E026011402D07E13B9541FD8B4D657D82E9378A38201D8308201D
4300C0603551D130101FF04023000301F0603551D23041830168014D917FE4B679038
4B92F4DBCED55780140B8F3DC9304306082B0601050507010104373035303306082B0
60105050730018627687474703A2F2F6F6373702E6170706C652E636F6D2F6F637370
30332D616169636135673130313082011C0603551D20048201133082010F3082010B0
6092A864886F7636405013081FD3081C306082B060105050702023081B60C81B35265
6C69616E6365206F6E207468697320636572746966696361746520627920616E79207
06172747920617373756D657320616363657074616E6365206F662074686520746865
6E206170706C696361626C65207374616E64617264207465726D7320616E6420636F6
E646974696F6E73206F66207573652C20636572746966696361746520706F6C696379
20616E642063657274696669636174696F6E2070726163746963652073746174656D6
56E74732E303506082B060105050702011629687474703A2F2F7777772E6170706C65
2E636F6D2F6365727469666963617465617574686F72697479301D0603551D0E04160
414FB67D30DBF73B792A6265D488D2CC11D95E273F8300E0603551D0F0101FF040403
020780300F06092A864886F763640C0F04020500300A06082A8648CE3D04030203480
030450221009490A0673773E72F7829367623B8DD51D7C89A09EABB00E39C6E450B05
580BD0022047341A2BD13CC054A80A3AAACC3CC1457C00545318EA338D7D6DD5F60B2
B872E308202F93082027FA003020102021056FB83D42BFF8DC3379923B55AAE6EBD30
0A06082A8648CE3D0403033067311B301906035504030C124170706C6520526F6F742
04341202D20473331263024060355040B0C1D4170706C652043657274696669636174
696F6E20417574686F7269747931133011060355040A0C0A4170706C6520496E632E3
10B3009060355040613025553301E170D3139303332323137353333335A170D333430
3332323030303030305A307C3130302E06035504030C274170706C65204170706C696
36174696F6E20496E746567726174696F6E2043412035202D20473131263024060355
040B0C1D4170706C652043657274696669636174696F6E20417574686F72697479311
33011060355040A0C0A4170706C6520496E632E310B30090603550406130255533059
301306072A8648CE3D020106082A8648CE3D0301070342000492CE63BD7D86B1AB280
A3B1CE1AFFB04948091ACF631DFA6CB28356F444BE121E557DD128D8DBA827C95BE49
FABE33CAAECD0419F12F4325FAF4BEB3CB837EBAA381F73081F4300F0603551D13010
1FF040530030101FF301F0603551D23041830168014BBB0DEA15833889AA48A99DEBE
BDEBAFDACB24AB304606082B06010505070101043A3038303606082B0601050507300
1862A687474703A2F2F6F6373702E6170706C652E636F6D2F6F63737030332D617070
6C65726F6F746361673330370603551D1F0430302E302CA02AA0288626687474703A2
F2F63726C2E6170706C652E636F6D2F6170706C65726F6F74636167332E63726C301D
0603551D0E04160414D917FE4B6790384B92F4DBCED55780140B8F3DC9300E0603551
D0F0101FF0404030201063010060A2A864886F7636406020304020500300A06082A86
48CE3D04030303680030650231008D6FA69FA1E0E4EC5B4E738A927F3D7853988FF4D
A1F581EC3754AFE38A84C2A831A1AAA0DA6646DE1B993E8D1554CED0230673B2CB4E1
E8370777CBD5EC76A81A3A553B3F356AC8C5E692B0E161BE804969E45F2BA96CE1110
2AACC61D938B7734A30820243308201C9A00302010202082DC5FC88D2C54B95300A06
082A8648CE3D0403033067311B301906035504030C124170706C6520526F6F7420434
1202D20473331263024060355040B0C1D4170706C652043657274696669636174696F
6E20417574686F7269747931133011060355040A0C0A4170706C6520496E632E310B3
009060355040613025553301E170D3134303433303138313930365A170D3339303433
303138313930365A3067311B301906035504030C124170706C6520526F6F742043412
02D20473331263024060355040B0C1D4170706C652043657274696669636174696F6E
20417574686F7269747931133011060355040A0C0A4170706C6520496E632E310B300
90603550406130255533076301006072A8648CE3D020106052B810400220362000498
E92F3D4072A4ED93227281131CDD1095F1C5A34E71DC1416D90EE5A6052A77647B5F4
E38D3BB1C44B57FF51FB632625DC9E9845B4F304F115A00FD58580CA5F50F2C4D0747
1375DA9797976F315CED2B9D7B203BD8B954D95E99A43A510A31A3423040301D06035
51D0E04160414BBB0DEA15833889AA48A99DEBEBDEBAFDACB24AB300F0603551D1301
01FF040530030101FF300E0603551D0F0101FF040403020106300A06082A8648CE3D0
40303036800306502310083E9C1C4165E1A5D3418D9EDEFF46C0E00464BB8DFB24611
C50FFDE67A8CA1A66BCEC203D49CF593C674B86ADFAA231502306D668A10CAD40DD44
FCD8D433EB48A63A5336EE36DDA17B7641FC85326F9886274390B175BCB51A80CE818
03E7A2B22800003181FC3081F9020101308190307C3130302E06035504030C2741707
06C65204170706C69636174696F6E20496E746567726174696F6E2043412035202D20
473131263024060355040B0C1D4170706C652043657274696669636174696F6E20417
574686F7269747931133011060355040A0C0A4170706C6520496E632E310B30090603
5504061302555302100939B4BCE90CC3A1816536372F667141300D060960864801650
30402010500300A06082A8648CE3D0403020446304402200BDC9CC640B812CB489335
22D595359D5F41CB4FD45FDD8AD5C948161E8A027302201CBE131DC159E4C92E0359A
764E1263D6DDF8BCB7467D1A8C05E96BEE19FB157000000000000'}, "authData":
h'
504E9549A7B7379186C1DEB6F0D0E374471110E0D70B6F4AA2BAD990EA3D352D40000
00000617070617474657374646576656C6F700020314EDB9FBDF45FAE202F9C711DB0
8463EAA61D1EFBA22C00F4C0D323A38761A4A5010203262001215820B93E338115202
45AE150DF87055F9667324A3BCAA1C0C9F07AA2130D41A2EAB82258200AFBA47F3439
007FB67F073075D234966F8308F2FD0B3CD347FA72114A267467'}

The attestation certificate, i.e., the first entry in the x5c array, contains an extension that features a nonce value generated by concatenating the authData value with a SHA256 hash of the challenge password (i.e., the string "Sample Nonce Value" in this case) then hashing the concatenation. The value from the extension is below.

562  51:     SEQUENCE {
564   9:       OBJECT IDENTIFIER '1 2 840 113635 100 8 2'
575  38:       OCTET STRING, encapsulates {
577  36:         SEQUENCE {
579  34:           [1] {
581  32:             OCTET STRING
       :               14 CA 34 E9 45 E6 03 AE CF 85 70 E4 B6 81 47 DF
       :               80 49 3B 77 70 9A AF AD 54 29 FD E7 22 3D 1B 24
       :             }
       :           }
       :         }
       :       }

Note, at present there is no registration for the "apple-appattest" type in the https://www.iana.org/assignments/webauthn/webauthn.xhtml registry, which is WebAuthn-centric. New registrations will be required for common formats, like the one above.

5. Security Considerations

See Section 13 of [WebAuthn] for additional security considerations related to attestation statement formats, including certificate revocation.

CAs, RAs and certificate management servers will need a set of trust anchors to validate attestation statements that may originate from any number of sources. Where possible, a dedicated trust anchor and issuing CA should be used when verifying a given type of attestation statement. Where a trust anchor or issuing CA are shared for mulitple sources of attestation statements, including constraints in attestation signer certificates or attestation certificates is recommended. [COTS] and [fido-metadata] define structures for conveying trust anchors that may be used for verifying attestations such that constraints are implied or are explicitly stated. Expression and validation of constraints imposed on trust anchors, CAs or attestation signers is beyond the scope of this specification.

Key attestation statements may include a variety of information in addition to the public key being attested. While not described in this document, CAs, RAs and certificate management servers are free to use any policy when evaluating this information. This evaluation can result in rejection of a certificate request that features a verifiable key attestation for the public key contained in the request. For example, an attestation statement may indicate use of an unacceptable firmware version.

6. IANA Considerations

6.1. Key attestation extension object identifier

An object identifier from the id-pe arc defined in [RFC7299] should be assigned for id-pe-keyAttestation.

6.2. Key attestation extension ASN.1 module object identifier

An object identifier from the id-mod arc defined in [RFC7299] should be assigned for id-mod-keyAttestation.

6.3. Attestation statement formats

Section 2.1 of [RFC8809] describes registration of new attestation statement format types.

7. ASN.1 Module

The following ASN.1 module makes use of the conventions from [RFC5912].

KeyAttestationExtn-2022
  { iso(1) identified-organization(3) dod(6)
    internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
    id-mod-keyAttestation(TBD2) }

DEFINITIONS IMPLICIT TAGS ::=
BEGIN

IMPORTS

  id-pe
  FROM PKIX1Explicit-2009 -- from [RFC5912]
    { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-explicit-02(51) }

  EXTENSION, ATTRIBUTE
  FROM PKIX-CommonTypes-2009 -- from [RFC5912]
    { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon-02(57) }
  ;

-- EXPORT ALL --

ext-keyAttestation EXTENSION ::= {
  SYNTAX KeyAttestation IDENTIFIED BY id-pe-keyAttestation }

attr-keyAttestation ATTRIBUTE ::= {
  TYPE KeyAttestation IDENTIFIED BY id-pe-keyAttestation }

id-pe-keyAttestation OBJECT IDENTIFIER ::=  { id-pe TBD }

KeyAttestation ::= SEQUENCE {
  hardwareSecured  BOOLEAN DEFAULT FALSE,
  attestationStatement OCTET STRING
}

END

8. References

8.1. Normative References

[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/rfc/rfc2119>.
[RFC2986]
Nystrom, M. and B. Kaliski, "PKCS #10: Certification Request Syntax Specification Version 1.7", RFC 2986, DOI 10.17487/RFC2986, , <https://www.rfc-editor.org/rfc/rfc2986>.
[RFC4210]
Adams, C., Farrell, S., Kause, T., and T. Mononen, "Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP)", RFC 4210, DOI 10.17487/RFC4210, , <https://www.rfc-editor.org/rfc/rfc4210>.
[RFC4211]
Schaad, J., "Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", RFC 4211, DOI 10.17487/RFC4211, , <https://www.rfc-editor.org/rfc/rfc4211>.
[RFC5272]
Schaad, J. and M. Myers, "Certificate Management over CMS (CMC)", RFC 5272, DOI 10.17487/RFC5272, , <https://www.rfc-editor.org/rfc/rfc5272>.
[RFC5912]
Hoffman, P. and J. Schaad, "New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)", RFC 5912, DOI 10.17487/RFC5912, , <https://www.rfc-editor.org/rfc/rfc5912>.
[RFC7030]
Pritikin, M., Ed., Yee, P., Ed., and D. Harkins, Ed., "Enrollment over Secure Transport", RFC 7030, DOI 10.17487/RFC7030, , <https://www.rfc-editor.org/rfc/rfc7030>.
[RFC7299]
Housley, R., "Object Identifier Registry for the PKIX Working Group", RFC 7299, DOI 10.17487/RFC7299, , <https://www.rfc-editor.org/rfc/rfc7299>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/rfc/rfc8174>.
[RFC8809]
Hodges, J., Mandyam, G., and M. Jones, "Registries for Web Authentication (WebAuthn)", RFC 8809, DOI 10.17487/RFC8809, , <https://www.rfc-editor.org/rfc/rfc8809>.
[RFC8894]
Gutmann, P., "Simple Certificate Enrolment Protocol", RFC 8894, DOI 10.17487/RFC8894, , <https://www.rfc-editor.org/rfc/rfc8894>.
[WebAuthn]
Hodges, J., Jones, J., Jones, M. B., Kumar, A., and E. Lundberg, "Web Authentication: An API for accessing Public Key Credentials Level 2", , <https://www.w3.org/TR/webauthn-2/>.

8.2. Informative References

[COTS]
Wallace, C. and R. Housley, "Concise TA Stores (CoTS)", .
[fido-metadata]
FIDO Alliance, "FIDO Metadata Statement", , <https://fidoalliance.org/specs/mds/fido-metadata-statement-v3.0-ps-20210518.html>.
[I-D.draft-bweeks-acme-device-attest]
Weeks, B., "Automated Certificate Management Environment (ACME) Device Attestation Extension", Work in Progress, Internet-Draft, draft-bweeks-acme-device-attest-00, , <https://datatracker.ietf.org/doc/html/draft-bweeks-acme-device-attest-00>.
[OTA]
Apple, "Over-the-Air Profile Delivery and Configuration", , <https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/Introduction/Introduction.html>.
[RFC8555]
Barnes, R., Hoffman-Andrews, J., McCarney, D., and J. Kasten, "Automatic Certificate Management Environment (ACME)", RFC 8555, DOI 10.17487/RFC8555, , <https://www.rfc-editor.org/rfc/rfc8555>.
[WebAuthnReg]
IANA, "WebAuthn Attestation Statement Format Identifiers", <https://www.iana.org/assignments/webauthn/webauthn.xhtml>.

Acknowledgments

TODO acknowledge.

Authors' Addresses

Carl Wallace
Red Hound Software
Sean Turner
sn3rd