|
1.
|
Clear description of the referenced document:
|
|
|
|
|
2.
|
Status of approval:
|
|
|
RFC 9334 was approved as an informational document in January 2023.
|
|
3.
|
Justification for the specific reference:
|
|
|
Refer to the specification as produced by IETF to describe the concept and procedure flow models of remote attestation which are used in the confidential computing orchestration.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Information on IPR issues regarding RFCs is available at: https://datatracker.ietf.org/ipr/search/.
Specifically: https://datatracker.ietf.org/ipr/search/?draft=&rfc=9334&doctitle=&group=&holder=&iprtitle=&patent=&submit=rfc
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
RFC 9334 was approved in January 2023
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
RFC 9334 was published in 2023. It is an informational document. Current standards status of this document can be found at https://datatracker.ietf.org/doc/rfc9334/
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
None
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
Normative References/
/
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, ./
/
[RFC7519] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token (JWT)", RFC 7519, DOI 10.17487/RFC7519, May 2015, ./
/
[RFC8392] Jones, M., Wahlstroem, E., Erdtman, S., and H. Tschofenig, "CBOR Web Token (CWT)", RFC 8392, DOI 10.17487/RFC8392, May 2018, ./
/
/
/
Informative References/
/
[CCC-DeepDive] Confidential Computing Consortium, "A Technical Analysis of Confidential Computing", Version 1.3, November 2022, ./
/
[CTAP] FIDO Alliance, "Client to Authenticator Protocol (CTAP)", February 2018, ./
/
[NIST-800-57-p1] Barker, E., "Recommendation for Key Management: Part 1 - General", DOI 10.6028/NIST.SP.800-57pt1r5, May 2020, ./
/
[OPCUA] OPC Foundation, "OPC Unified Architecture Specification, Part 2: Security Model, Release 1.03", OPC 10000-2 , November 2015, ./
/
[RATS-DAA] Birkholz, H., Newton, C., Chen, L., and D. Thaler, "Direct Anonymous Attestation for the Remote Attestation Procedures Architecture", Work in Progress, Internet-Draft, draft-ietf-rats-daa-02, 7 September 2022, ./
/
[RATS-PSA-TOKEN] Tschofenig, H., Frost, S., Brossard, M., Shaw, A., and T. Fossati, "Arm's Platform Security Architecture (PSA) Attestation Token", Work in Progress, Internet-Draft, draft-tschofenig-rats-psa-token-10, 6 September 2022, ./
/
[RATS-TUDA] Fuchs, A., Birkholz, H., McDonald, I., and C. Bormann, "Time-Based Uni-Directional Attestation", Work in Progress, Internet-Draft, draft-birkholz-rats-tuda-07, 10 July 2022, ./
/
[RATS-UCCS] Birkholz, H., O'Donoghue, J., Cam-Winget, N., and C. Bormann, "A CBOR Tag for Unprotected CWT Claims Sets", Work in Progress, Internet-Draft, draft-ietf-rats-uccs-04, 11 January 2023, ./
/
[RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, "Randomness Requirements for Security", BCP 106, RFC 4086, DOI 10.17487/RFC4086, June 2005, ./
/
[RFC4949] Shirey, R., "Internet Security Glossary, Version 2", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, ./
/
[RFC5209] Sangster, P., Khosravi, H., Mani, M., Narayan, K., and J. Tardo, "Network Endpoint Assessment (NEA): Overview and Requirements", RFC 5209, DOI 10.17487/RFC5209, June 2008, ./
/
[RFC6024] Reddy, R. and C. Wallace, "Trust Anchor Management Requirements", RFC 6024, DOI 10.17487/RFC6024, October 2010, ./
/
[RFC8322] Field, J., Banghart, S., and D. Waltermire, "Resource-Oriented Lightweight Information Exchange (ROLIE)", RFC 8322, DOI 10.17487/RFC8322, February 2018, ./
/
[strengthoffunction] NIST, "Strength of Function", ./
/
[TCG-DICE] Trusted Computing Group, "DICE Attestation Architecture", Version 1.00, Revision 0.23, March 2021, ./
/
[TCG-DICE-SIBDA] Trusted Computing Group, "Symmetric Identity Based Device Attestation", Version 1.0, Revision 0.95, January 2020, ./
/
[TCGarch] Trusted Computing Group, "Trusted Platform Module Library, Part 1: Architecture", November 2019, ./
/
[TEEP-ARCH] Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, "Trusted Execution Environment Provisioning (TEEP) Architecture", Work in Progress, Internet-Draft, draft-ietf-teep-architecture-19, 24 October 2022, ./
/
[TLS-CWT] Tschofenig, H. and M. Brossard, "Using CBOR Web Tokens (CWTs) in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)", Work in Progress, Internet-Draft, draft-tschofenig-tls-cwt-02, 13 July 2020, ./
/
[WebAuthN] W3C, "Web Authentication: An API for accessing Public Key Credentials Level 1", March 2019, .
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
None
|
|
