Internet Assigned Numbers Authority

Remote Attestation Procedures (RATS)

Created
2024-07-26
Last Updated
2024-08-02
Available Formats

XML

HTML

Plain text

Registry included below

Entity Attestation Token (EAT) Intended Uses

Registration Procedure(s)
Expert Review
Expert(s)
Unassigned
Reference
[RFC-ietf-rats-eat-30]
Available Formats

CSV
Value Description Reference
0 Reserved [RFC-ietf-rats-eat-30]
1 Generic attestation describes an application where the EAT consumer requires the most up-to-date security assessment of the attesting entity. It is expected that this is the most commonly-used application of EAT. [RFC-ietf-rats-eat-30]
2 Entities that are registering for a new service may be expected to provide an attestation as part of the registration process. This "intuse" setting indicates that the attestation is not intended for any use but registration. [RFC-ietf-rats-eat-30]
3 Entities may be provisioned with different values or settings by an EAT consumer. Examples include key material or device management trees. The consumer may require an EAT to assess entity security state of the entity prior to provisioning. [RFC-ietf-rats-eat-30]
4 Certification Authorities (CAs) may require attestation results (which in a background check model might require receiving evidence to be passed to a verifier) to make decisions about the issuance of certificates. An EAT may be used as part of the certificate signing request (CSR). [RFC-ietf-rats-eat-30]
5 An EAT consumer may require an attestation as part of an accompanying proof-of-possession (PoP) application. More precisely, a PoP transaction is intended to provide to the recipient cryptographically-verifiable proof that the sender has possession of a key. This kind of attestation may be necessary to verify the security state of the entity storing the private key used in a PoP application. [RFC-ietf-rats-eat-30]
6-255 Unassigned