--- 1/draft-ietf-rats-yang-tpm-charra-03.txt 2020-12-16 10:13:13.707473177 -0800 +++ 2/draft-ietf-rats-yang-tpm-charra-04.txt 2020-12-16 10:13:13.795475422 -0800 @@ -1,29 +1,30 @@ RATS Working Group H. Birkholz Internet-Draft M. Eckel Intended status: Standards Track Fraunhofer SIT -Expires: April 3, 2021 E. Voit - S. Bhandari +Expires: June 19, 2021 S. Bhandari + ThoughtSpot + E. Voit B. Sulzen Cisco L. Xia Huawei T. Laffey HPE G. Fedorkow Juniper - September 30, 2020 + December 16, 2020 A YANG Data Model for Challenge-Response-based Remote Attestation Procedures using TPMs - draft-ietf-rats-yang-tpm-charra-03 + draft-ietf-rats-yang-tpm-charra-04 Abstract This document defines a YANG RPC and a minimal datastore required to retrieve attestation evidence about integrity measurements from a device following the operational context defined in [I-D.ietf-rats-tpm-based-network-device-attest]. Complementary measurement logs are also provided by the YANG RPC originating from one or more roots of trust of measurement. The module defined requires at least one TPM 1.2 or TPM 2.0 and corresponding Trusted @@ -37,22 +38,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - - This Internet-Draft will expire on April 3, 2021. + This Internet-Draft will expire on June 19, 2021. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -63,37 +63,37 @@ described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 2. The YANG Module for Basic Remote Attestation Procedures . . . 3 2.1. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3 2.2. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 6 2.2.1. ietf-tpm-remote-attestation . . . . . . . . . . . . . 6 - 2.2.2. ietf-tcg-algs . . . . . . . . . . . . . . . . . . . . 35 - 3. IANA considerations . . . . . . . . . . . . . . . . . . . . . 51 - 4. Security Considerations . . . . . . . . . . . . . . . . . . . 51 - 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 52 - 6. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 52 - 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 53 - 7.1. Normative References . . . . . . . . . . . . . . . . . . 53 - 7.2. Informative References . . . . . . . . . . . . . . . . . 54 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 55 + 2.2.2. ietf-tcg-algs . . . . . . . . . . . . . . . . . . . . 30 + 3. IANA considerations . . . . . . . . . . . . . . . . . . . . . 46 + 4. Security Considerations . . . . . . . . . . . . . . . . . . . 46 + 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 47 + 6. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 47 + 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 49 + 7.1. Normative References . . . . . . . . . . . . . . . . . . 49 + 7.2. Informative References . . . . . . . . . . . . . . . . . 50 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 50 1. Introduction This document is based on the terminology defined in the [I-D.ietf-rats-architecture] and uses the operational context defined in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the interaction model and information elements defined in - [I-D.birkholz-rats-reference-interaction-model]. The currently + [I-D.ietf-rats-reference-interaction-models]. The currently supported hardware security modules (HWM) are the Trusted Platform Module (TPM) [TPM1.2] and [TPM2.0] specified by the Trusted Computing Group (TCG). One ore more TPMs embedded in the components of a composite device - sometimes also referred to as an aggregate device - are required in order to use the YANG module defined in this document. A TPM is used as a root of trust for reporting (RTR) in order to retrieve attestation evidence from a composite device (quote primitive operation). Additionally, it is used as a root of trust for storage (RTS) in order to retain shielded secrets and store system measurements using a folding hash function (extend primitive @@ -109,44 +109,44 @@ 2. The YANG Module for Basic Remote Attestation Procedures One or more TPMs MUST be embedded in the composite device that is providing attestation evidence via the YANG module defined in this document. The ietf-basic-remote-attestation YANG module enables a composite device to take on the role of Claimant and Attester in accordance with the Remote Attestation Procedures (RATS) architecture [I-D.ietf-rats-architecture] and the corresponding challenge-response interaction model defined in the - [I-D.birkholz-rats-reference-interaction-model] document. A fresh - nonce with an appropriate amount of entropy MUST be supplied by the - YANG client in order to enable a proof-of-freshness with respect to - the attestation evidence provided by the attester running the YANG + [I-D.ietf-rats-reference-interaction-models] document. A fresh nonce + with an appropriate amount of entropy MUST be supplied by the YANG + client in order to enable a proof-of-freshness with respect to the + attestation evidence provided by the attester running the YANG datastore. The functions of this YANG module are restricted to 0-1 TPMs per hardware component. 2.1. Tree Diagram module: ietf-tpm-remote-attestation +--rw rats-support-structures - +--rw compute-nodes! + +--rw compute-nodes {tpm:TPMs}? | +--ro compute-node* [node-id] | +--ro node-id string | +--ro node-physical-index? int32 {ietfhw:entity-mib}? | +--ro node-name? string | +--ro node-location? string +--rw tpms | +--rw tpm* [tpm-name] | +--rw tpm-name string | +--ro hardware-based? boolean | +--ro tpm-physical-index? int32 {ietfhw:entity-mib}? | +--ro tpm-path? string - | +--ro compute-node compute-node-ref + | +--ro compute-node compute-node-ref {tpm:TPMs}? | +--ro tpm-manufacturer? string | +--rw tpm-firmware-version identityref | +--rw TPM12-hash-algo? identityref | +--rw TPM12-pcrs* pcr | +--rw tpm20-pcr-bank* [TPM20-hash-algo] | | +--rw TPM20-hash-algo identityref | | +--rw pcr-index* tpm:pcr | +--ro tpm-status enumeration | +--rw certificates | +--rw certificate* [certificate-name] @@ -158,66 +158,42 @@ +--rw tpm12-hash* identityref {taa:TPM12}? +--rw tpm20-asymmetric-signing* identityref {taa:TPM20}? +--rw tpm20-hash* identityref {taa:TPM20}? rpcs: +---x tpm12-challenge-response-attestation {taa:TPM12}? | +---w input | | +---w tpm12-attestation-challenge | | +---w pcr-index* pcr | | +---w nonce-value binary - | | +---w add-version? boolean | | +---w certificate-name* certificate-name-ref + | | {tpm:TPMs}? | +--ro output | +--ro tpm12-attestation-response* [] - | +--ro certificate-name? certificate-name-ref + | +--ro certificate-name certificate-name-ref | +--ro up-time? uint32 - | +--ro node-id? string - | +--ro node-physical-index? int32 - | | {ietfhw:entity-mib}? - | +--ro fixed? binary - | +--ro external-data? binary - | +--ro signature-size? uint32 - | +--ro signature? binary - | +--ro (tpm12-quote) - | +--:(tpm12-quote1) - | | +--ro version* [] - | | | +--ro major? uint8 - | | | +--ro minor? uint8 - | | | +--ro rev-Major? uint8 - | | | +--ro rev-Minor? uint8 - | | +--ro digest-value? binary - | | +--ro TPM_PCR_COMPOSITE* [] - | | +--ro pcr-index* pcr - | | +--ro value-size? uint32 - | | +--ro tpm12-pcr-value* binary - | +--:(tpm12-quote2) - | +--ro tag? uint8 - | +--ro pcr-index* pcr - | +--ro locality-at-release? uint8 - | +--ro digest-at-release? binary + | +--ro TPM_QUOTE2? binary +---x tpm20-challenge-response-attestation {taa:TPM20}? | +---w input | | +---w tpm20-attestation-challenge | | +---w nonce-value binary | | +---w tpm20-pcr-selection* [] | | | +---w TPM20-hash-algo? identityref | | | +---w pcr-index* tpm:pcr | | +---w certificate-name* certificate-name-ref + | | {tpm:TPMs}? | +--ro output | +--ro tpm20-attestation-response* [] - | +--ro certificate-name? certificate-name-ref + | +--ro certificate-name certificate-name-ref | +--ro TPMS_QUOTE_INFO binary | +--ro quote-signature? binary | +--ro up-time? uint32 - | +--ro node-id? string - | +--ro node-physical-index? int32 {ietfhw:entity-mib}? | +--ro unsigned-pcr-values* [] | +--ro TPM20-hash-algo? identityref | +--ro pcr-values* [pcr-index] | +--ro pcr-index pcr | +--ro pcr-value? binary +---x log-retrieval +---w input | +---w log-selector* [] | | +---w tpm-name* string | | +---w (index-type)? @@ -311,21 +287,21 @@ single Attestation key, knowledge of the certificate allows a specific TPM to be identified. container - Identifies which TCG algorithms are available for use the Attesting platform. This allows an operator to limit algorithms available for use by RPCs to just a desired set from the universe of all allowed by TCG. 2.2.1.4. YANG Module - file ietf-tpm-remote-attestation@2020-09-18.yang + file ietf-tpm-remote-attestation@2020-12-09.yang module ietf-tpm-remote-attestation { namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; prefix "tpm"; import ietf-yang-types { prefix yang; } import ietf-hardware { prefix ietfhw; } @@ -339,21 +314,21 @@ organization "IETF RATS (Remote ATtestation procedureS) Working Group"; contact "WG Web : WG List : Author : Eric Voit Author : Henk Birkholz Author : Michael Eckel - Author : Shwetha Bhandari + Author : Shwetha Bhandari Author : Bill Sulzen Author : Liang Xia (Frank) Author : Tom Laffey Author : Guy Fedorkow "; description "A YANG module to enable a TPM 1.2 and TPM 2.0 based remote attestation procedure using a challenge-response interaction model and the TPM 1.2 and TPM 2.0 Quote primitive operations. @@ -379,28 +354,38 @@ (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself for full legal notices. The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, they appear in all capitals, as shown here."; - revision "2020-09-18" { + revision "2020-12-15" { description "Initial version"; reference "draft-ietf-rats-yang-tpm-charra"; } /*****************/ + /* Features */ + /*****************/ + + feature TPMs { + description + "The device supports the remote attestation of multiple + TPM based cryptoprocessors."; + } + + /*****************/ /* Typedefs */ /*****************/ typedef pcr { type uint8 { range "0..31"; } description "Valid index number for a PCR. At this point 0-31 is viable."; } @@ -609,20 +596,21 @@ } } grouping certificate-name-ref { description "Identifies a certificate in a keystore."; leaf certificate-name { type certificate-name-ref; description "Identifies a certificate in a keystore."; + mandatory true; } } grouping tpm-name { description "A unique TPM on a device."; leaf tpm-name { type string; description "Unique system generated name for a TPM on a device."; @@ -636,286 +624,44 @@ type string; config false; description "Name of one or more unique TPMs on a device. If this object exists, a selection should pull only the objects related to these TPM(s). If it does not exist, all qualifying TPMs that are 'hardware-based' equals true on the device are selected."; } } - grouping compute-node-identifier { - description - "In a distributed system with multiple compute nodes - this is the node identified by name and physical-index."; - leaf node-id { - type string; - description - "ID of the compute node, such as Board Serial Number."; - } - leaf node-physical-index { - if-feature ietfhw:entity-mib; - type int32 { - range "1..2147483647"; - } - config false; - description - "The entPhysicalIndex for the compute node."; - reference - "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; - } - } - - grouping tpm12-pcr-info-short { - description - "This structure is for defining a digest at release when the only - information that is necessary is the release configuration."; - uses tpm12-pcr-selection; - leaf locality-at-release { - type uint8; - description - "This SHALL be the locality modifier required to release the - information (TPM 1.2 type TPM_LOCALITY_SELECTION)"; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007 - Section 8.6"; - } - leaf digest-at-release { - type binary; - description - "This SHALL be the digest of the PCR indices and PCR values - to verify when revealing auth data (TPM 1.2 type - TPM_COMPOSITE_HASH)."; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007 - Section 5.4.1."; - } - } - - grouping tpm12-version { - description - "This structure provides information relative the version of - the TPM."; - list version { - description - "This indicates the version of the structure - (TPM 1.2 type TPM_STRUCT_VER). This MUST be 1.1.0.0."; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007 - Section 5.1."; - leaf major { - type uint8; - description - "Indicates the major version of the structure. - MUST be 0x01."; - } - leaf minor { - type uint8; - description - "Indicates the minor version of the structure. - MUST be 0x01."; - } - leaf rev-Major { - type uint8; - description - "Indicates the rev major version of the structure. - MUST be 0x00."; - } - leaf rev-Minor { - type uint8; - description - "Indicates the rev minor version of the structure. - MUST be 0x00."; - } - } - } - - grouping tpm12-quote-info-common { - description - "These statements are within both quote variants of the TPM 1.2"; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007, - Section 11.3 & 11.4."; - leaf fixed { - type binary; - description - "This SHALL always be the string 'QUOT' or 'QUO2' - (length is 4 bytes)."; - } - leaf external-data { - type binary; - description - "160 bits of externally supplied data, typically a nonce."; - } - leaf signature-size { - type uint32; - description - "The size of TPM 1.2 'signature' value."; - } - leaf signature { - type binary; - description - "Signature over hash of tpm12-quote-info2'."; - } - } - - grouping tpm12-quote-info { - description - "This structure provides the mechanism for the TPM to quote the - current values of a list of PCRs (as used by the TPM_Quote2 - command)."; - uses tpm12-version; - leaf digest-value { - type binary; - description - "This SHALL be the result of the composite hash algorithm using - the current values of the requested PCR indices - (TPM 1.2 type TPM_COMPOSITE_HASH.)"; - } - } - - grouping tpm12-quote-info2 { - description - "This structure provides the mechanism for the TPM to quote the - current values of a list of PCRs - (as used by the TPM_Quote2 command)."; - leaf tag { - type uint8; - description - "This SHALL be TPM_TAG_QUOTE_INFO2."; - } - uses tpm12-pcr-info-short; - } - - grouping tpm12-cap-version-info { - description - "TPM returns the current version and revision of the TPM 1.2 ."; - list TPM_PCR_COMPOSITE { - description - "The TPM 1.2 TPM_PCRVALUEs for the pcr-indices."; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007, Section 8.2"; - uses tpm12-pcr-selection; - leaf value-size { - type uint32; - description - "This SHALL be the size of the 'tpm12-pcr-value' field - (not the number of PCRs)."; - } - leaf-list tpm12-pcr-value { - type binary; - description - "The list of TPM_PCRVALUEs from each PCR selected in sequence - of tpm12-pcr-selection."; - } - list version-info { - description - "An optional output parameter from a TPM 1.2 TPM_Quote2."; - leaf tag { - type uint16; /* This should be converted into an ENUM */ - description - "The TPM 1.2 version and revision - (TPM 1.2 type TPM_STRUCTURE_TAG). - This MUST be TPM_CAP_VERSION_INFO (0x0030)"; - } - uses tpm12-version; - leaf spec-level { - type uint16; - description - "A number indicating the level of ordinals supported."; - } - leaf errata-rev { - type uint8; - description - "A number indicating the errata version of the - specification."; - } - leaf tpm-vendor-id { - type binary; - description - "The vendor ID unique to each TPM manufacturer."; - } - leaf vendor-specific-size { - type uint16; - description - "The size of the vendor-specific area."; - } - leaf vendor-specific { - type binary; - description - "Vendor specific information."; - } - } - } - } - - grouping tpm12-pcr-composite { - description - "The actual values of the selected PCRs (a list of TPM_PCRVALUEs - (binary) and associated metadata for TPM 1.2."; - list TPM_PCR_COMPOSITE { - description - "The TPM 1.2 TPM_PCRVALUEs for the pcr-indices."; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007, Section 8.2"; - uses tpm12-pcr-selection; - leaf value-size { - type uint32; - description - "This SHALL be the size of the 'tpm12-pcr-value' field - (not the number of PCRs)."; - } - leaf-list tpm12-pcr-value { - type binary; - description - "The list of TPM_PCRVALUEs from each PCR selected in sequence - of tpm12-pcr-selection."; - } - } - } - grouping node-uptime { description "Uptime in seconds of the node."; leaf up-time { type uint32; description "Uptime in seconds of this node reporting its data"; } } grouping tpm12-attestation { description "Contains an instance of TPM1.2 style signed cryptoprocessor measurements. It is supplemented by unsigned Attester information."; uses node-uptime; - uses compute-node-identifier; - uses tpm12-quote-info-common; - choice tpm12-quote { - mandatory true; - description - "Either a tpm12-quote-info or tpm12-quote-info2, depending - on whether TPM_Quote or TPM_Quote2 was used - (cf. input field add-verson)."; - case tpm12-quote1 { - description - "BIOS/UEFI event logs"; - uses tpm12-quote-info; - uses tpm12-pcr-composite; - } - case tpm12-quote2 { + leaf TPM_QUOTE2 { + type binary; description - "BIOS/UEFI event logs"; - uses tpm12-quote-info2; - } - + "Result of a TPM1.2 Quote2 operation. This includes PCRs, + signatures, locality, the provided nonce and other data which + can be further parsed to appraise the Attester."; + reference + "TPM1.2 commands rev116 July 2007, Section 16.5"; } } grouping tpm20-attestation { description "Contains an instance of TPM2 style signed cryptoprocessor measurements. It is supplemented by unsigned Attester information."; leaf TPMS_QUOTE_INFO { mandatory true; @@ -929,27 +675,37 @@ TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.12.1"; } leaf quote-signature { type binary; description "Quote signature returned by TPM Quote. The signature was generated using the key associated with the certificate-name."; } uses node-uptime; - uses compute-node-identifier; list unsigned-pcr-values { description - "PCR values in each PCR bank. This often should not be - necessary for TPM2, as the raw information needing - signature and hash validation will be coming from - the 'quote' leaf"; + "PCR values in each PCR bank. This might appear redundant with + the TPM2B_DIGEST, but that digest is calculated across multiple + PCRs. Having to verify across multiple PCRs does not + necessarily make it easy for a Verifier to appraise just the + minimum set of PCR information which has changed since the last + received TPM2B_DIGEST. Put another way, why should a Verifier + reconstruct the proper value of all PCR Quotes when only a + single PCR has changed? + + To help this happen, if the Attester does know specific PCR + values, the Attester can provide these individual values via + 'unsigned-pcr-values'. By comparing this information to the + what has previously been validated, it is possible for a + Verifier to confirm the Attester's signature while eliminating + significant processing."; uses TPM20-hash-algo; list pcr-values { key pcr-index; description "List of one PCR bank."; leaf pcr-index { type pcr; description "PCR index number."; } @@ -1202,30 +956,22 @@ attesting device."; input { container tpm12-attestation-challenge { description "This container includes every information element defined in the reference challenge-response interaction model for remote attestation. Corresponding values are based on TPM 1.2 structure definitions"; uses tpm12-pcr-selection; uses nonce; - leaf add-version { - type boolean; - description - "Whether or not to include TPM_CAP_VERSION_INFO; if true, - then TPM_Quote2 must be used to create the response."; - reference - "TPM Main Part 2 TPM Structures v1.2 July 2007, - Section 21.6"; - } leaf-list certificate-name { + if-feature "tpm:TPMs"; must "/tpm:rats-support-structures/tpm:tpms" + "/tpm:tpm[tpm:tpm-firmware-version='taa:tpm12']" + "/tpm:certificates/" + "/tpm:certificate[certificate-name-ref=current()]" { error-message "Not an available TPM1.2 AIK certificate."; } type certificate-name-ref; description "When populated, the RPC will only get a Quote for the TPMs associated with these certificate(s)."; @@ -1257,20 +1004,21 @@ input { container tpm20-attestation-challenge { description "This container includes every information element defined in the reference challenge-response interaction model for remote attestation. Corresponding values are based on TPM 2.0 structure definitions"; uses nonce; uses tpm20-pcr-selection; leaf-list certificate-name { + if-feature "tpm:TPMs"; must "/tpm:rats-support-structures/tpm:tpms" + "/tpm:tpm[tpm:tpm-firmware-version='taa:tpm20']" + "/tpm:certificates/" + "/tpm:certificate[certificate-name-ref=current()]" { error-message "Not an available TPM2.0 AIK certificate."; } type certificate-name-ref; description "When populated, the RPC will only get a Quote for the TPMs associated with the certificates."; @@ -1379,33 +1127,48 @@ /**************************************/ /* Config & Oper accessible nodes */ /**************************************/ container rats-support-structures { description "The datastore definition enabling verifiers or relying parties to discover the information necessary to use the remote attestation RPCs appropriately."; container compute-nodes { - presence - "Indicates that more than one TPM exists on a device."; + if-feature "tpm:TPMs"; description "Holds the set device subsystems/components in this composite device that support TPM operations."; list compute-node { key node-id; config false; min-elements 2; - uses compute-node-identifier; description - "A components in this composite device that RATS which + "A component in this composite device that supports TPM operations."; + leaf node-id { + type string; + description + "ID of the compute node, such as Board Serial Number."; + + } + leaf node-physical-index { + if-feature ietfhw:entity-mib; + type int32 { + range "1..2147483647"; + } + config false; + description + "The entPhysicalIndex for the compute node."; + reference + "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; + } leaf node-name { type string; description "Name of the compute node."; } leaf node-location { type string; description "Location of the compute node, such as slot number."; } @@ -1440,21 +1203,21 @@ "RFC 6933: Entity MIB (Version 4) - entPhysicalIndex"; } leaf tpm-path { type string; config false; description "Path to a unique TPM on a device. This can change agross reboots."; } leaf compute-node { - when "../../../compute-nodes"; + if-feature "tpm:TPMs"; type compute-node-ref; config false; mandatory true; description "When there is more that one TPM, this indicates for which compute node this TPM services."; } leaf tpm-manufacturer { type string; config false; @@ -2481,29 +2242,35 @@ RPC: - Pulling lots of logs can chew up system resources. 5. Acknowledgements Not yet. 6. Change Log + Changes from version 03 to version 04: + + o TPM1.2 Quote1 eliminated + o YANG model simplifications so redundant info isn't exposed + Changes from version 02 to version 03: o moved to tcg-algs o cleaned up model to eliminate sources of errors o removed key establishment RPC o added lots of XPATH which must all be scrubbed still + o Descriptive text added on model contents. Changes from version 01 to version 02: o Extracted Crypto-types into a separate YANG file o Mades the algorithms explicit, not strings o Hash Algo as key the selected TPM2 PCRs @@ -2529,41 +2296,41 @@ name to map it back to hardware inventory o Relabeled name to tpm_name o Removed event-string in last-entry 7. References 7.1. Normative References - [I-D.birkholz-rats-reference-interaction-model] - Birkholz, H., Eckel, M., Newton, C., and L. Chen, - "Reference Interaction Models for Remote Attestation - Procedures", draft-birkholz-rats-reference-interaction- - model-03 (work in progress), July 2020. - [I-D.ietf-netconf-keystore] Watsen, K., "A YANG Data Model for a Keystore", draft- ietf-netconf-keystore-20 (work in progress), August 2020. [I-D.ietf-rats-architecture] Birkholz, H., Thaler, D., Richardson, M., Smith, N., and W. Pan, "Remote Attestation Procedures Architecture", - draft-ietf-rats-architecture-06 (work in progress), - September 2020. + draft-ietf-rats-architecture-08 (work in progress), + December 2020. + + [I-D.ietf-rats-reference-interaction-models] + Birkholz, H., Eckel, M., Newton, C., and L. Chen, + "Reference Interaction Models for Remote Attestation + Procedures", draft-ietf-rats-reference-interaction- + models-01 (work in progress), October 2020. [I-D.ietf-rats-tpm-based-network-device-attest] Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- based Network Device Remote Integrity Verification", - draft-ietf-rats-tpm-based-network-device-attest-04 (work - in progress), September 2020. + draft-ietf-rats-tpm-based-network-device-attest-06 (work + in progress), December 2020. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, DOI 10.17487/RFC6991, July 2013, . @@ -2619,30 +2386,30 @@ Email: henk.birkholz@sit.fraunhofer.de Michael Eckel Fraunhofer SIT Rheinstrasse 75 Darmstadt 64295 Germany Email: michael.eckel@sit.fraunhofer.de + Shwetha Bhandari + ThoughtSpot + + Email: shwetha.bhandari@thoughtspot.com Eric Voit Cisco Systems Email: evoit@cisco.com - Shwetha Bhandari - Cisco Systems - - Email: shwethab@cisco.com Bill Sulzen Cisco Systems Email: bsulzen@cisco.com Liang Xia (Frank) Huawei Technologies 101 Software Avenue, Yuhuatai District Nanjing, Jiangsu 210012 China