| draft-ietf-rats-yang-tpm-charra-10.txt | draft-ietf-rats-yang-tpm-charra-11.txt | |||
|---|---|---|---|---|
| RATS Working Group H. Birkholz | RATS Working Group H. Birkholz | |||
| Internet-Draft M. Eckel | Internet-Draft M. Eckel | |||
| Intended status: Standards Track Fraunhofer SIT | Intended status: Standards Track Fraunhofer SIT | |||
| Expires: 13 February 2022 S. Bhandari | Expires: 27 February 2022 S. Bhandari | |||
| ThoughtSpot | ThoughtSpot | |||
| E. Voit | E. Voit | |||
| B. Sulzen | B. Sulzen | |||
| Cisco | Cisco | |||
| L. Xia | L. Xia | |||
| Huawei | Huawei | |||
| T. Laffey | T. Laffey | |||
| HPE | HPE | |||
| G. Fedorkow | G. Fedorkow | |||
| Juniper | Juniper | |||
| 12 August 2021 | 26 August 2021 | |||
| A YANG Data Model for Challenge-Response-based Remote Attestation | A YANG Data Model for Challenge-Response-based Remote Attestation | |||
| Procedures using TPMs | Procedures using TPMs | |||
| draft-ietf-rats-yang-tpm-charra-10 | draft-ietf-rats-yang-tpm-charra-11 | |||
| Abstract | Abstract | |||
| This document defines YANG RPCs and a small number of configuration | This document defines YANG RPCs and a small number of configuration | |||
| nodes required to retrieve attestation evidence about integrity | nodes required to retrieve attestation evidence about integrity | |||
| measurements from a device, following the operational context defined | measurements from a device, following the operational context defined | |||
| in TPM-based Network Device Remote Integrity Verification. | in TPM-based Network Device Remote Integrity Verification. | |||
| Complementary measurement logs are also provided by the YANG RPCs, | Complementary measurement logs are also provided by the YANG RPCs, | |||
| originating from one or more roots of trust for measurement (RTMs). | originating from one or more roots of trust for measurement (RTMs). | |||
| The module defined requires at least one TPM 1.2 or TPM 2.0 as well | The module defined requires at least one TPM 1.2 or TPM 2.0 as well | |||
| skipping to change at page 2, line 4 ¶ | skipping to change at page 2, line 4 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 13 February 2022. | This Internet-Draft will expire on 27 February 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| and restrictions with respect to this document. Code Components | and restrictions with respect to this document. Code Components | |||
| extracted from this document must include Simplified BSD License text | extracted from this document must include Simplified BSD License text | |||
| as described in Section 4.e of the Trust Legal Provisions and are | as described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | |||
| 2. The YANG Module for Basic Remote Attestation Procedures . . . 3 | 2. The YANG Module for Basic Remote Attestation Procedures . . . 4 | |||
| 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3 | 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 3 | 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 4 | |||
| 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 32 | 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 33 | |||
| 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 47 | 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 48 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 47 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 49 | |||
| 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 48 | 5. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 50 | |||
| 6. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 48 | 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 49 | 6.1. Normative References . . . . . . . . . . . . . . . . . . 51 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . . 49 | 6.2. Informative References . . . . . . . . . . . . . . . . . 53 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . . 51 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 53 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 51 | ||||
| 1. Introduction | 1. Introduction | |||
| This document is based on the general terminology defined in the | This document is based on the general terminology defined in the | |||
| [I-D.ietf-rats-architecture] and uses the operational context defined | [I-D.ietf-rats-architecture] and uses the operational context defined | |||
| in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the | in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the | |||
| interaction model and information elements defined in | interaction model and information elements defined in | |||
| [I-D.ietf-rats-reference-interaction-models]. The currently | [I-D.ietf-rats-reference-interaction-models]. The currently | |||
| supported hardware security modules (HSMs) are the Trusted Platform | supported hardware security modules (HSMs) are the Trusted Platform | |||
| Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted | Modules (TPMs) [TPM1.2] and [TPM2.0] as specified by the Trusted | |||
| skipping to change at page 5, line 13 ¶ | skipping to change at page 6, line 5 ¶ | |||
| +--ro TPM_QUOTE2? binary | +--ro TPM_QUOTE2? binary | |||
| 2.1.1.3.2. 'tpm20-challenge-response-attestation' | 2.1.1.3.2. 'tpm20-challenge-response-attestation' | |||
| This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_ | This RPC allows a Verifier to request signed TPM PCRs (_TPM Quote_ | |||
| operation) from a TPM 2.0 compliant cryptoprocessor. Where the | operation) from a TPM 2.0 compliant cryptoprocessor. Where the | |||
| feature 'TPMs' is active, and one or more 'certificate-name' is not | feature 'TPMs' is active, and one or more 'certificate-name' is not | |||
| provided, all TPM 2.0 compliant cryptoprocessors will respond. A | provided, all TPM 2.0 compliant cryptoprocessors will respond. A | |||
| YANG tree diagram of this RPC is as follows: | YANG tree diagram of this RPC is as follows: | |||
| +---x tpm20-challenge-response-attestation {taa:TPM20}? | +---x tpm20-challenge-response-attestation {taa:tpm}? | |||
| +---w input | +---w input | |||
| | +---w tpm20-attestation-challenge | | +---w tpm20-attestation-challenge | |||
| | +---w nonce-value binary | | +---w nonce-value binary | |||
| | +---w tpm20-pcr-selection* [] | | +---w tpm20-pcr-selection* [] | |||
| | | +---w TPM20-hash-algo? identityref | | | +---w TPM20-hash-algo? identityref | |||
| | | +---w pcr-index* tpm:pcr | | | +---w pcr-index* tpm:pcr | |||
| | +---w certificate-name* certificate-name-ref {tpm:TPMs}? | | +---w certificate-name* certificate-name-ref {tpm:TPMs}? | |||
| +--ro output | +--ro output | |||
| +--ro tpm20-attestation-response* [] | +--ro tpm20-attestation-response* [] | |||
| +--ro certificate-name certificate-name-ref | +--ro certificate-name certificate-name-ref | |||
| skipping to change at page 6, line 5 ¶ | skipping to change at page 7, line 5 ¶ | |||
| +--ro up-time? uint32 | +--ro up-time? uint32 | |||
| +--ro unsigned-pcr-values* [] | +--ro unsigned-pcr-values* [] | |||
| +--ro TPM20-hash-algo? identityref | +--ro TPM20-hash-algo? identityref | |||
| +--ro pcr-values* [pcr-index] | +--ro pcr-values* [pcr-index] | |||
| +--ro pcr-index pcr | +--ro pcr-index pcr | |||
| +--ro pcr-value? binary | +--ro pcr-value? binary | |||
| An example of an RPC challenge requesting PCRs 0-7 from a SHA-256 | An example of an RPC challenge requesting PCRs 0-7 from a SHA-256 | |||
| bank could look like the following: | bank could look like the following: | |||
| <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
| <tpm20-challenge-response-attestation> | <tpm20-challenge-response-attestation> | |||
| xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | |||
| <certificate-name> | <certificate-name> | |||
| (identifier of a TPM signature key with which the Verifier is supposed | (identifier of a TPM signature key with which the Verifier is | |||
| to sign the attestation data) | supposed to sign the attestation data) | |||
| </certificate-name> | </certificate-name> | |||
| <nonce> | <nonce> | |||
| 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9d | 0xe041307208d9f78f5b1bbecd19e2d152ad49de2fc5a7d8dbf769f6b8ffdeab9 | |||
| </nonce> | </nonce> | |||
| <tpm20-pcr-selection> | <tpm20-pcr-selection> | |||
| <tpm20-hash-algo | <tpm20-hash-algo | |||
| xmlns:taa="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> | xmlns:taa="urn:ietf:params:xml:ns:yang:ietf-tcg-algs"> | |||
| taa:TPM_ALG_SHA256 | taa:TPM_ALG_SHA256 | |||
| </tpm20-hash-algo> | </tpm20-hash-algo> | |||
| <pcr-index>0</pcr-index> | <pcr-index>0</pcr-index> | |||
| <pcr-index>1</pcr-index> | <pcr-index>1</pcr-index> | |||
| <pcr-index>2</pcr-index> | <pcr-index>2</pcr-index> | |||
| <pcr-index>3</pcr-index> | <pcr-index>3</pcr-index> | |||
| <pcr-index>4</pcr-index> | <pcr-index>4</pcr-index> | |||
| <pcr-index>5</pcr-index> | <pcr-index>5</pcr-index> | |||
| <pcr-index>6</pcr-index> | <pcr-index>6</pcr-index> | |||
| <pcr-index>7</pcr-index> | <pcr-index>7</pcr-index> | |||
| </tpm20-pcr-selection> | </tpm20-pcr-selection> | |||
| </tpm20-challenge-response-attestation> | </tpm20-challenge-response-attestation> | |||
| </rpc> | </rpc> | |||
| A successful response could be formatted as follows: | A successful response could be formatted as follows: | |||
| <rpc-reply message-id="101" | <rpc-reply message-id="101" | |||
| xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> | |||
| <tpm20-attestation-response | <tpm20-attestation-response | |||
| xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"> | |||
| <certificate-name | <certificate-name | |||
| xmlns:ks=urn:ietf:params:xml:ns:yang:ietf-keystore> | xmlns:ks=urn:ietf:params:xml:ns:yang:ietf-keystore> | |||
| ks:(instance of Certificate name in the Keystore) | ks:(instance of Certificate name in the Keystore) | |||
| skipping to change at page 47, line 24 ¶ | skipping to change at page 48, line 24 ¶ | |||
| } | } | |||
| <CODE ENDS> | <CODE ENDS> | |||
| Note that not all cryptographic functions are required for use by | Note that not all cryptographic functions are required for use by | |||
| "ietf-tpm-remote-attestation.yang". However the full definition of | "ietf-tpm-remote-attestation.yang". However the full definition of | |||
| Table 3 of [TCG-Algos] will allow use by additional YANG | Table 3 of [TCG-Algos] will allow use by additional YANG | |||
| specifications. | specifications. | |||
| 3. IANA Considerations | 3. IANA Considerations | |||
| This document will include requests to IANA: | This document registers the following namespace URIs in the "ns" | |||
| class of the IETF XML Registry [IANA.xml-registry] as per [RFC3688]: | ||||
| To be defined yet. But keeping up with changes to "ietf-tcg- | URI: urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation | |||
| algs.yang" will be necessary. | ||||
| Registrant Contact: The IESG. | ||||
| XML: N/A; the requested URI is an XML namespace. | ||||
| URI: urn:ietf:params:xml:ns:yang:ietf-tcg-algs | ||||
| Registrant Contact: The IESG. | ||||
| XML: N/A; the requested URI is an XML namespace. | ||||
| This document registers the following YANG modules in the "YANG | ||||
| Module Names" registry [IANA.yang-parameters] as per Section 14 of | ||||
| [RFC6020]: | ||||
| Name: ietf-tpm-remote-attestation | ||||
| Namespace: urn:ietf:params:xml:ns:yang:ietf-tpm-remote- | ||||
| attestation | ||||
| Prefix: tpm | ||||
| Reference: draft-ietf-rats-yang-tpm-charra (RFC form) | ||||
| Name: ietf-tcg-algs | ||||
| Namespace: urn:ietf:params:xml:ns:yang:ietf-tcg-algs | ||||
| Prefix: taa | ||||
| Reference: draft-ietf-rats-yang-tpm-charra (RFC form) | ||||
| 4. Security Considerations | 4. Security Considerations | |||
| The YANG module specified in this document defines a schema for data | The YANG module specified in this document defines a schema for data | |||
| that is designed to be accessed via network management protocols such | that is designed to be accessed via network management protocols such | |||
| as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer | as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer | |||
| is the secure transport layer, and the mandatory-to-implement secure | is the secure transport layer, and the mandatory-to-implement secure | |||
| transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer | transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer | |||
| is HTTPS, and the mandatory-to-implement secure transport is TLS | is HTTPS, and the mandatory-to-implement secure transport is TLS | |||
| [RFC8446]. | [RFC8446]. | |||
| skipping to change at page 48, line 30 ¶ | skipping to change at page 50, line 14 ¶ | |||
| the certificate is for an active AIK, i. e. the certificate | the certificate is for an active AIK, i. e. the certificate | |||
| provided is able to support Attestation on the targeted TPM 1.2. | provided is able to support Attestation on the targeted TPM 1.2. | |||
| RPC 'tpm20-challenge-response-attestation': It must be verified that | RPC 'tpm20-challenge-response-attestation': It must be verified that | |||
| the certificate is for an active AK, i. e. the certificate | the certificate is for an active AK, i. e. the certificate | |||
| provided is able to support Attestation on the targeted TPM 2.0. | provided is able to support Attestation on the targeted TPM 2.0. | |||
| RPC 'log-retrieval': Pulling lots of logs can chew up system | RPC 'log-retrieval': Pulling lots of logs can chew up system | |||
| resources. | resources. | |||
| 5. Acknowledgements | 5. Change Log | |||
| Not yet. | Changes from version 08 to version 09: | |||
| 6. Change Log | * Minor formatting tweaks for shepherd. IANA registered. | |||
| Changes from version 05 to version 06: | Changes from version 05 to version 06: | |||
| * More YANG Dr comments covered | * More YANG Dr comments covered | |||
| Changes from version 04 to version 05: | Changes from version 04 to version 05: | |||
| * YANG Dr comments covered | * YANG Dr comments covered | |||
| Changes from version 03 to version 04: | Changes from version 03 to version 04: | |||
| skipping to change at page 49, line 45 ¶ | skipping to change at page 51, line 31 ¶ | |||
| * Relabeled location with compute-node or tpm-name where appropriate | * Relabeled location with compute-node or tpm-name where appropriate | |||
| * Added a valid entity-mib physical-index to compute-node and tpm- | * Added a valid entity-mib physical-index to compute-node and tpm- | |||
| name to map it back to hardware inventory | name to map it back to hardware inventory | |||
| * Relabeled name to tpm_name | * Relabeled name to tpm_name | |||
| * Removed event-string in last-entry | * Removed event-string in last-entry | |||
| 7. References | 6. References | |||
| 7.1. Normative References | 6.1. Normative References | |||
| [I-D.ietf-netconf-keystore] | [I-D.ietf-netconf-keystore] | |||
| Watsen, K., "A YANG Data Model for a Keystore", Work in | Watsen, K., "A YANG Data Model for a Keystore", Work in | |||
| Progress, Internet-Draft, draft-ietf-netconf-keystore-22, | Progress, Internet-Draft, draft-ietf-netconf-keystore-22, | |||
| 18 May 2021, <https://www.ietf.org/archive/id/draft-ietf- | 18 May 2021, <https://www.ietf.org/archive/id/draft-ietf- | |||
| netconf-keystore-22.txt>. | netconf-keystore-22.txt>. | |||
| [I-D.ietf-rats-architecture] | [I-D.ietf-rats-architecture] | |||
| Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | |||
| W. Pan, "Remote Attestation Procedures Architecture", Work | W. Pan, "Remote Attestation Procedures Architecture", Work | |||
| skipping to change at page 50, line 26 ¶ | skipping to change at page 52, line 8 ¶ | |||
| ietf-rats-architecture-12.txt>. | ietf-rats-architecture-12.txt>. | |||
| [I-D.ietf-rats-tpm-based-network-device-attest] | [I-D.ietf-rats-tpm-based-network-device-attest] | |||
| Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | |||
| based Network Device Remote Integrity Verification", Work | based Network Device Remote Integrity Verification", Work | |||
| in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | |||
| network-device-attest-08, 26 July 2021, | network-device-attest-08, 26 July 2021, | |||
| <https://www.ietf.org/archive/id/draft-ietf-rats-tpm- | <https://www.ietf.org/archive/id/draft-ietf-rats-tpm- | |||
| based-network-device-attest-08.txt>. | based-network-device-attest-08.txt>. | |||
| [IANA.xml-registry] | ||||
| IANA, "IETF XML Registry", | ||||
| <http://www.iana.org/assignments/xml-registry>. | ||||
| [IANA.yang-parameters] | ||||
| IANA, "YANG Parameters", | ||||
| <http://www.iana.org/assignments/yang-parameters>. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | ||||
| DOI 10.17487/RFC3688, January 2004, | ||||
| <https://www.rfc-editor.org/info/rfc3688>. | ||||
| [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | ||||
| the Network Configuration Protocol (NETCONF)", RFC 6020, | ||||
| DOI 10.17487/RFC6020, October 2010, | ||||
| <https://www.rfc-editor.org/info/rfc6020>. | ||||
| [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | |||
| RFC 6991, DOI 10.17487/RFC6991, July 2013, | RFC 6991, DOI 10.17487/RFC6991, July 2013, | |||
| <https://www.rfc-editor.org/info/rfc6991>. | <https://www.rfc-editor.org/info/rfc6991>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A | [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A | |||
| YANG Data Model for Hardware Management", RFC 8348, | YANG Data Model for Hardware Management", RFC 8348, | |||
| skipping to change at page 51, line 14 ¶ | skipping to change at page 53, line 14 ¶ | |||
| [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013, | [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013, | |||
| <https://trustedcomputinggroup.org/resource/tpm-library- | <https://trustedcomputinggroup.org/resource/tpm-library- | |||
| specification/>. | specification/>. | |||
| [TPM2.0-Key] | [TPM2.0-Key] | |||
| TCG, ., "TPM 2.0 Keys for Device Identity and Attestation, | TCG, ., "TPM 2.0 Keys for Device Identity and Attestation, | |||
| Rev10", 14 April 2021, <https://trustedcomputinggroup.org/ | Rev10", 14 April 2021, <https://trustedcomputinggroup.org/ | |||
| wp-content/uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf>. | wp-content/uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf>. | |||
| 7.2. Informative References | 6.2. Informative References | |||
| [I-D.ietf-rats-reference-interaction-models] | [I-D.ietf-rats-reference-interaction-models] | |||
| Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference | Birkholz, H., Eckel, M., Pan, W., and E. Voit, "Reference | |||
| Interaction Models for Remote Attestation Procedures", | Interaction Models for Remote Attestation Procedures", | |||
| Work in Progress, Internet-Draft, draft-ietf-rats- | Work in Progress, Internet-Draft, draft-ietf-rats- | |||
| reference-interaction-models-04, 26 July 2021, | reference-interaction-models-04, 26 July 2021, | |||
| <https://www.ietf.org/archive/id/draft-ietf-rats- | <https://www.ietf.org/archive/id/draft-ietf-rats- | |||
| reference-interaction-models-04.txt>. | reference-interaction-models-04.txt>. | |||
| [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | |||
| End of changes. 18 change blocks. | ||||
| 53 lines changed or deleted | 100 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||