| draft-ietf-rats-yang-tpm-charra-19.txt | draft-ietf-rats-yang-tpm-charra-20.txt | |||
|---|---|---|---|---|
| RATS Working Group H. Birkholz | RATS Working Group H. Birkholz | |||
| Internet-Draft M. Eckel | Internet-Draft M. Eckel | |||
| Intended status: Standards Track Fraunhofer SIT | Intended status: Standards Track Fraunhofer SIT | |||
| Expires: 17 October 2022 S. Bhandari | Expires: 19 November 2022 S. Bhandari | |||
| ThoughtSpot | ThoughtSpot | |||
| E. Voit | E. Voit | |||
| B. Sulzen | B. Sulzen | |||
| Cisco | Cisco | |||
| L. Xia | L. Xia | |||
| Huawei | Huawei | |||
| T. Laffey | T. Laffey | |||
| HPE | HPE | |||
| G. Fedorkow | G. Fedorkow | |||
| Juniper | Juniper | |||
| 15 April 2022 | 18 May 2022 | |||
| A YANG Data Model for Challenge-Response-based Remote Attestation | A YANG Data Model for Challenge-Response-based Remote Attestation | |||
| Procedures using TPMs | Procedures using TPMs | |||
| draft-ietf-rats-yang-tpm-charra-19 | draft-ietf-rats-yang-tpm-charra-20 | |||
| Abstract | Abstract | |||
| This document defines YANG RPCs and a few configuration nodes | This document defines YANG RPCs and a few configuration nodes | |||
| required to retrieve attestation evidence about integrity | required to retrieve attestation evidence about integrity | |||
| measurements from a device, following the operational context defined | measurements from a device, following the operational context defined | |||
| in TPM-based Network Device Remote Integrity Verification. | in TPM-based Network Device Remote Integrity Verification. | |||
| Complementary measurement logs are also provided by the YANG RPCs, | Complementary measurement logs are also provided by the YANG RPCs, | |||
| originating from one or more roots of trust for measurement (RTMs). | originating from one or more roots of trust for measurement (RTMs). | |||
| The module defined requires at least one TPM 1.2 or TPM 2.0 as well | The module defined requires at least one TPM 1.2 or TPM 2.0 as well | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 17 October 2022. | This Internet-Draft will expire on 19 November 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 9, line 14 ¶ | skipping to change at page 9, line 14 ¶ | |||
| +--rw tpms | +--rw tpms | |||
| +--rw tpm* [name] | +--rw tpm* [name] | |||
| +--rw name string | +--rw name string | |||
| +--ro hardware-based boolean | +--ro hardware-based boolean | |||
| +--ro physical-index? int32 {hw:entity-mib}? | +--ro physical-index? int32 {hw:entity-mib}? | |||
| +--ro path? string | +--ro path? string | |||
| +--ro compute-node compute-node-ref {tpm:mtpm}? | +--ro compute-node compute-node-ref {tpm:mtpm}? | |||
| +--ro manufacturer? string | +--ro manufacturer? string | |||
| +--rw firmware-version identityref | +--rw firmware-version identityref | |||
| +--rw tpm12-hash-algo? identityref | +--rw tpm12-hash-algo? identityref {taa:tpm12}? | |||
| +--rw tpm12-pcrs* pcr | +--rw tpm12-pcrs* pcr | |||
| +--rw tpm20-pcr-bank* [tpm20-hash-algo] | +--rw tpm20-pcr-bank* [tpm20-hash-algo] {taa:tpm20}? | |||
| | +--rw tpm20-hash-algo identityref | | +--rw tpm20-hash-algo identityref | |||
| | +--rw pcr-index* tpm:pcr | | +--rw pcr-index* tpm:pcr | |||
| +--ro status enumeration | +--ro status enumeration | |||
| +--rw certificates | +--rw certificates | |||
| +--rw certificate* [name] | +--rw certificate* [name] | |||
| +--rw name string | +--rw name string | |||
| +--rw keystore-ref? leafref {ks:asymmetric-keys}? | +--rw keystore-ref? leafref {ks:asymmetric-keys}? | |||
| +--rw type? enumeration | +--rw type? enumeration | |||
| container 'attester-supported-algos' - Identifies which TCG hash | container 'attester-supported-algos' - Identifies which TCG hash | |||
| algorithms are available for use on the Attesting platform. An | algorithms are available for use on the Attesting platform. An | |||
| operator will use this information to limit algorithms available for | operator will use this information to limit algorithms available for | |||
| use by RPCs to just a desired set from the universe of all allowed | use by RPCs to just a desired set from the universe of all allowed | |||
| hash algorithms by the TCG. | hash algorithms by the TCG. | |||
| +--rw attester-supported-algos | +--rw attester-supported-algos | |||
| +--rw tpm12-asymmetric-signing* identityref | +--rw tpm12-asymmetric-signing* identityref {taa:tpm12}? | |||
| +--rw tpm12-hash* identityref | +--rw tpm12-hash* identityref {taa:tpm12}? | |||
| +--rw tpm20-asymmetric-signing* identityref | +--rw tpm20-asymmetric-signing* identityref {taa:tpm20}? | |||
| +--rw tpm20-hash* identityref | +--rw tpm20-hash* identityref {taa:tpm20}? | |||
| container 'compute-nodes' - When there is more than one TPM | container 'compute-nodes' - When there is more than one TPM | |||
| supported, this container maintains the set of information related to | supported, this container maintains the set of information related to | |||
| the compute node associated with a specific TPM. This allows each | the compute node associated with a specific TPM. This allows each | |||
| specific TPM to identify to which 'compute-node' it belongs. | specific TPM to identify to which 'compute-node' it belongs. | |||
| +--rw compute-nodes {tpm:mtpm}? | +--rw compute-nodes {tpm:mtpm}? | |||
| +--ro compute-node* [node-id] | +--ro compute-node* [node-id] | |||
| +--ro node-id string | +--ro node-id string | |||
| +--ro node-physical-index? int32 {hw:entity-mib}? | +--ro node-physical-index? int32 {hw:entity-mib}? | |||
| +--ro node-name? string | +--ro node-name? string | |||
| +--ro node-location? string | +--ro node-location? string | |||
| 2.1.1.6. YANG Module | 2.1.1.6. YANG Module | |||
| <CODE BEGINS> file "ietf-tpm-remote-attestation@2022-03-23.yang" | <CODE BEGINS> file "ietf-tpm-remote-attestation@2022-05-13.yang" | |||
| module ietf-tpm-remote-attestation { | module ietf-tpm-remote-attestation { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; | namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; | |||
| prefix tpm; | prefix tpm; | |||
| import ietf-yang-types { | import ietf-yang-types { | |||
| prefix yang; | prefix yang; | |||
| } | } | |||
| import ietf-hardware { | import ietf-hardware { | |||
| prefix hw; | prefix hw; | |||
| skipping to change at page 10, line 46 ¶ | skipping to change at page 10, line 46 ¶ | |||
| description | description | |||
| "A YANG module to enable a TPM 1.2 and TPM 2.0 based | "A YANG module to enable a TPM 1.2 and TPM 2.0 based | |||
| remote attestation procedure using a challenge-response | remote attestation procedure using a challenge-response | |||
| interaction model and the TPM 1.2 and TPM 2.0 Quote | interaction model and the TPM 1.2 and TPM 2.0 Quote | |||
| primitive operations. | primitive operations. | |||
| Copyright (c) 2022 IETF Trust and the persons identified | Copyright (c) 2022 IETF Trust and the persons identified | |||
| as authors of the code. All rights reserved. | as authors of the code. All rights reserved. | |||
| Redistribution and use in source and binary forms, with or | Redistribution and use in source and binary forms, with or | |||
| without modification, is permitted pursuant to, and subject to | without modification, is permitted pursuant to, and subject to | |||
| the license terms contained in, the Simplified BSD License set | the license terms contained in, the Revised BSD License set | |||
| forth in Section 4.c of the IETF Trust's Legal Provisions | forth in Section 4.c of the IETF Trust's Legal Provisions | |||
| Relating to IETF Documents | Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info). | (https://trustee.ietf.org/license-info). | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | |||
| itself for full legal notices. | itself for full legal notices. | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | |||
| NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | |||
| 'MAY', and 'OPTIONAL' in this document are to be interpreted as | 'MAY', and 'OPTIONAL' in this document are to be interpreted as | |||
| described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | |||
| they appear in all capitals, as shown here."; | they appear in all capitals, as shown here."; | |||
| revision 2022-03-23 { | revision 2022-05-13 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | "RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | |||
| Attestation Procedures using TPMs"; | Attestation Procedures using TPMs"; | |||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Features */ | /* Features */ | |||
| /*****************/ | /*****************/ | |||
| skipping to change at page 15, line 32 ¶ | skipping to change at page 15, line 32 ¶ | |||
| description | description | |||
| "Specifies the list of PCRs and Hash Algorithms that can be | "Specifies the list of PCRs and Hash Algorithms that can be | |||
| returned within a TPM2B_DIGEST."; | returned within a TPM2B_DIGEST."; | |||
| reference | reference | |||
| "TPM2.0-Structures: | "TPM2.0-Structures: | |||
| https://www.trustedcomputinggroup.org/wp-content/uploads/ | https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
| TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; | TPM-Rev-2.0-Part-2-Structures-01.38.pdf Section 10.9.7"; | |||
| uses tpm20-hash-algo; | uses tpm20-hash-algo; | |||
| leaf-list pcr-index { | leaf-list pcr-index { | |||
| type pcr; | type pcr; | |||
| must '/tpm:rats-support-structures/tpm:tpms' | ||||
| + '/tpm:tpm[name = current()]' | ||||
| + '/tpm:tpm20-pcr-bank[pcr-index = current()]' { | ||||
| error-message "Acquiring this PCR index is not supported"; | ||||
| } | ||||
| description | description | |||
| "The numbers of the PCRs that which are being tracked | "The numbers of the PCRs that which are being tracked | |||
| with a hash based on the tpm20-hash-algo. In addition, | with a hash based on the tpm20-hash-algo. In addition, | |||
| any selection of PCRs MUST verify that the set of PCRs | any selection of PCRs MUST verify that the set of PCRs | |||
| requested are a subset the set of PCR indexes exposed | requested are a subset the set of PCR indexes selected | |||
| within /tpm:rats-support-structures/tpm:tpms | are available for that specific TPM."; | |||
| /tpm:tpm[name=current()]/tpm:tpm20-pcr-bank | ||||
| /tpm:pcr-index"; | ||||
| } | } | |||
| } | } | |||
| } | } | |||
| grouping certificate-name-ref { | grouping certificate-name-ref { | |||
| description | description | |||
| "Identifies a certificate in a keystore."; | "Identifies a certificate in a keystore."; | |||
| leaf certificate-name { | leaf certificate-name { | |||
| type certificate-name-ref; | type certificate-name-ref; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "Identifies a certificate in a keystore."; | "Identifies a certificate in a keystore."; | |||
| } | } | |||
| } | } | |||
| grouping tpm-name { | grouping tpm-name { | |||
| description | description | |||
| "A unique TPM on a device."; | "A unique TPM on a device."; | |||
| leaf name { | leaf name { | |||
| type string; | type string; | |||
| description | description | |||
| "Unique system generated name for a TPM on a device."; | "Unique system generated name for a TPM on a device."; | |||
| } | } | |||
| } | } | |||
| skipping to change at page 29, line 11 ¶ | skipping to change at page 29, line 4 ¶ | |||
| } | } | |||
| leaf firmware-version { | leaf firmware-version { | |||
| type identityref { | type identityref { | |||
| base taa:cryptoprocessor; | base taa:cryptoprocessor; | |||
| } | } | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "Identifies the cryptoprocessor API set supported. This | "Identifies the cryptoprocessor API set supported. This | |||
| is automatically configured by the device and should not | is automatically configured by the device and should not | |||
| be changed."; | be changed."; | |||
| } | } | |||
| uses tpm12-hash-algo { | uses tpm12-hash-algo { | |||
| if-feature "taa:tpm12"; | ||||
| when "derived-from-or-self(firmware-version, 'taa:tpm12')"; | when "derived-from-or-self(firmware-version, 'taa:tpm12')"; | |||
| refine "tpm12-hash-algo" { | refine "tpm12-hash-algo" { | |||
| description | description | |||
| "The hash algorithm overwrites the default used for PCRs | "The hash algorithm overwrites the default used for PCRs | |||
| on this TPM1.2 compliant cryptoprocessor."; | on this TPM1.2 compliant cryptoprocessor."; | |||
| } | } | |||
| } | } | |||
| leaf-list tpm12-pcrs { | leaf-list tpm12-pcrs { | |||
| when | if-feature "taa:tpm12"; | |||
| when | ||||
| "derived-from-or-self(../firmware-version, 'taa:tpm12')"; | "derived-from-or-self(../firmware-version, 'taa:tpm12')"; | |||
| type pcr; | type pcr; | |||
| description | description | |||
| "The PCRs which may be extracted from this TPM1.2 | "The PCRs which may be extracted from this TPM1.2 | |||
| compliant cryptoprocessor."; | compliant cryptoprocessor."; | |||
| } | } | |||
| list tpm20-pcr-bank { | list tpm20-pcr-bank { | |||
| when | if-feature "taa:tpm20"; | |||
| when | ||||
| "derived-from-or-self(../firmware-version, 'taa:tpm20')"; | "derived-from-or-self(../firmware-version, 'taa:tpm20')"; | |||
| key "tpm20-hash-algo"; | key "tpm20-hash-algo"; | |||
| description | description | |||
| "Specifies the list of PCRs that may be extracted for | "Specifies the list of PCRs that may be extracted for | |||
| a specific Hash Algorithm on this TPM2 compliant | a specific Hash Algorithm on this TPM2 compliant | |||
| cryptoprocessor. A bank is a set of PCRs which are | cryptoprocessor. A bank is a set of PCRs which are | |||
| extended using a particular hash algorithm."; | extended using a particular hash algorithm."; | |||
| reference | reference | |||
| "TPM2.0-Structures: | "TPM2.0-Structures: | |||
| https://www.trustedcomputinggroup.org/wp-content/uploads/ | https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
| skipping to change at page 32, line 8 ¶ | skipping to change at page 32, line 4 ¶ | |||
| https://trustedcomputinggroup.org/wp-content/ | https://trustedcomputinggroup.org/wp-content/ | |||
| uploads/TPM-2p0-Keys-for-Device-Identity- | uploads/TPM-2p0-Keys-for-Device-Identity- | |||
| and-Attestation_v1_r12_pub10082021.pdf | and-Attestation_v1_r12_pub10082021.pdf | |||
| Section 3.2"; | Section 3.2"; | |||
| } | } | |||
| } | } | |||
| description | description | |||
| "Function supported by this certificate from within the | "Function supported by this certificate from within the | |||
| TPM."; | TPM."; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| container attester-supported-algos { | container attester-supported-algos { | |||
| description | description | |||
| "Identifies which TPM algorithms are available for use on an | "Identifies which TPM algorithms are available for use on an | |||
| attesting platform."; | attesting platform."; | |||
| leaf-list tpm12-asymmetric-signing { | leaf-list tpm12-asymmetric-signing { | |||
| when "../../tpm:tpms" | if-feature "taa:tpm12"; | |||
| when "../../tpm:tpms" | ||||
| + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | |||
| type identityref { | type identityref { | |||
| base taa:asymmetric; | base taa:asymmetric; | |||
| } | } | |||
| description | description | |||
| "Platform Supported TPM12 asymmetric algorithms."; | "Platform Supported TPM12 asymmetric algorithms."; | |||
| } | } | |||
| leaf-list tpm12-hash { | leaf-list tpm12-hash { | |||
| when "../../tpm:tpms" | if-feature "taa:tpm12"; | |||
| when "../../tpm:tpms" | ||||
| + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm12']"; | |||
| type identityref { | type identityref { | |||
| base taa:hash; | base taa:hash; | |||
| } | } | |||
| description | description | |||
| "Platform supported TPM12 hash algorithms."; | "Platform supported TPM12 hash algorithms."; | |||
| } | } | |||
| leaf-list tpm20-asymmetric-signing { | leaf-list tpm20-asymmetric-signing { | |||
| when "../../tpm:tpms" | if-feature "taa:tpm20"; | |||
| when "../../tpm:tpms" | ||||
| + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | |||
| type identityref { | type identityref { | |||
| base taa:asymmetric; | base taa:asymmetric; | |||
| } | } | |||
| description | description | |||
| "Platform Supported TPM20 asymmetric algorithms."; | "Platform Supported TPM20 asymmetric algorithms."; | |||
| } | } | |||
| leaf-list tpm20-hash { | leaf-list tpm20-hash { | |||
| when "../../tpm:tpms" | if-feature "taa:tpm20"; | |||
| when "../../tpm:tpms" | ||||
| + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | + "/tpm:tpm[tpm:firmware-version='taa:tpm20']"; | |||
| type identityref { | type identityref { | |||
| base taa:hash; | base taa:hash; | |||
| } | } | |||
| description | description | |||
| "Platform supported TPM20 hash algorithms."; | "Platform supported TPM20 hash algorithms."; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| skipping to change at page 55, line 14 ¶ | skipping to change at page 55, line 14 ¶ | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | |||
| <https://www.rfc-editor.org/info/rfc8446>. | <https://www.rfc-editor.org/info/rfc8446>. | |||
| [TCG-Algos] | [TCG-Algos] | |||
| "TCG Algorithm Registry", n.d., | "TCG Algorithm Registry", n.d., | |||
| <https://trustedcomputinggroup.org/wp-content/uploads/TCG- | <https://trustedcomputinggroup.org/wp-content/uploads/TCG- | |||
| _Algorithm_Registry_r1p32_pub.pdf>. | _Algorithm_Registry_r1p32_pub.pdf>. | |||
| [TPM1.2] TCG, ., "TPM 1.2 Main Specification", 2 October 2003, | [TPM1.2] TCG, "TPM 1.2 Main Specification", 2 October 2003, | |||
| <https://trustedcomputinggroup.org/resource/tpm-main- | <https://trustedcomputinggroup.org/resource/tpm-main- | |||
| specification/>. | specification/>. | |||
| [TPM1.2-Commands] | [TPM1.2-Commands] | |||
| "TPM Main Part 3 Commands", n.d., | "TPM Main Part 3 Commands", n.d., | |||
| <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | |||
| Main-Part-3-Commands_v1.2_rev116_01032011.pdf>. | Main-Part-3-Commands_v1.2_rev116_01032011.pdf>. | |||
| [TPM1.2-Structures] | [TPM1.2-Structures] | |||
| "TPM Main Part 2 TPM Structures", n.d., | "TPM Main Part 2 TPM Structures", n.d., | |||
| <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | |||
| Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf>. | Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf>. | |||
| [TPM2.0] TCG, ., "TPM 2.0 Library Specification", 15 March 2013, | [TPM2.0] TCG, "TPM 2.0 Library Specification", 15 March 2013, | |||
| <https://trustedcomputinggroup.org/resource/tpm-library- | <https://trustedcomputinggroup.org/resource/tpm-library- | |||
| specification/>. | specification/>. | |||
| [TPM2.0-Arch] | [TPM2.0-Arch] | |||
| "Trusted Platform Module Library - Part 1: Architecture", | "Trusted Platform Module Library - Part 1: Architecture", | |||
| n.d., <https://trustedcomputinggroup.org/wp- | n.d., <https://trustedcomputinggroup.org/wp- | |||
| content/uploads/ | content/uploads/ | |||
| TCG_TPM2_r1p59_Part1_Architecture_pub.pdf>. | TCG_TPM2_r1p59_Part1_Architecture_pub.pdf>. | |||
| [TPM2.0-Key] | [TPM2.0-Key] | |||
| TCG, ., "TPM 2.0 Keys for Device Identity and Attestation, | TCG, "TPM 2.0 Keys for Device Identity and Attestation, | |||
| Rev12", 8 October 2021, | Rev12", 8 October 2021, | |||
| <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | <https://trustedcomputinggroup.org/wp-content/uploads/TPM- | |||
| 2p0-Keys-for-Device-Identity-and- | 2p0-Keys-for-Device-Identity-and- | |||
| Attestation_v1_r12_pub10082021.pdf>. | Attestation_v1_r12_pub10082021.pdf>. | |||
| [TPM2.0-Structures] | [TPM2.0-Structures] | |||
| "Trusted Platform Module Library - Part 2: Structures", | "Trusted Platform Module Library - Part 2: Structures", | |||
| n.d., <https://trustedcomputinggroup.org/wp- | n.d., <https://trustedcomputinggroup.org/wp- | |||
| content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf>. | content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf>. | |||
| End of changes. 26 change blocks. | ||||
| 33 lines changed or deleted | 33 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||