Fraunhofer SIT

Rheinstrasse 75 Darmstadt 64295 henk.birkholz@ietf.contact

Sandelman Software Works

Canada mcr+ietf@sandelman.ca

Huawei Technologies

liuchunchi@huawei.com

Security Remote ATtestation ProcedureS Internet-Draft Manufacturer Usage Description (MUD) files and the MUD URIs that point to them are defined in RFC 8520. This document introduces a new type of MUD file to be delivered in conjunction with a MUD file signature and/or to be referenced via a MUD URI embedded in other documents or messages, such as an IEEE 802.1AR Secure Device Identifier (DevID) or a CBOR Web Token (CWT). These signed documents can be presented to other entities, e.g., a network management system or network path orchestrator. If this entity also takes on the role of a verifier as defined by the IETF Remote ATtestation procedureS (RATS) architecture, this verifier can use the references included in the MUD file specified in this document to discover, for example, appropriate reference value providers, endorsement documents or endorsement distribution APIs, trust anchor stores, remote verifier services (sometimes referred to as Attestation Verification Services), or transparency logs. All theses references in the MUD file pointing to resources and auxiliary RATS services can satisfy general RATS prerequisite by enabling discovery or improve discovery resilience of corresponding resources or services.

Introduction Verifiers, Endorsers, and Attesters are roles defined in the RATS Architecture . In the RATS architecture, the Relying Party roles depend on the Verifier to bear the burden of Evidence appraisal and to generate corresponding Attestation Results for them. Attestation Results compose a believable chunk of information that can be digested by Relying Parities in order to assess an Attester's trustworthiness. The assessment of a remote peer's trustworthiness is vital to determine whether any future protocol interaction between a Relying Party and a remote Attester can be considered secure. To create these Attestation Results to be consumed by Relying Parties, the Attestation Evidence an Attester generates has to be appraised by one or more appropriate Verifiers. This document defines a procedure that enables the discovery of resources or services in support of RATS, including:

1. Reference Values,
2. Trust Anchors,
3. Endorsements and Endorsement Distribution APIs,
4. (remote) Verifier APIs,
5. Transparency Logs, or
6. Appraisal Policies.

MUD URIs can be embedded in any data item that was signed with trusted key material. One common way to establish trust in a signed data item is to associate the signing key material with a trust anchor via a certification path (see for trust anchor and certification path). This document defines the use of MUD URIs embedded in two types of signed data items that typically are trusted via certification paths:

1. Secure Device Identifiers (IEEE 802.1AR DevIDs) as defined by and
2. Entity Attestation Tokens (EAT) as defined by .

DevIDs and EATs (essentially CWTs ) are two very prominent examples of "trustworthy documents" (TDs) with a binary format and the embedding of MUD URIs in theses TDs can be applied to other TD types, for example, Selective Disclosure CWTs . Other TDs are out-of-scope of this specification, though. The TDs are typically enrolled on Attesters by manufacturers or provisioned by supply chain entities with appropriate authority. The TDs can be presented to local Network Management Systems, AAA-services (e.g., via IEEE 802.1X), or other points of first contact (POFC), for example, . These POFC are typically trusted third parties (TTP) that can digest the TDs and then base trust decisions on the associated certification paths and trust anchors. If a TD presented by the Attester is deemed to be trusted by a local trust authority, the MUD URI embedded is considered to be a trusted source for viable resources and services in support of remote attestation of the Attester. This specification does not define the shape or format of any resource or service that is referenced by the MUD file. In support of a unified mechanism to categorize the formats of referenced resources, a conceptual message wrapper (CMW, is used for each type of resource. An example of a referenced resource is a CoRIM tag .

Requirements Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

MUD URIs in Trusted Documents (TDs) This document does neither modify nor augment the definition about how to compose a MUD URI. The two types of trusted documents (TDs) covered by this specification are Secure Device Identifiers and Entity Attestation Tokens.

MUD URIs in DevIDs defines the format of how to embed MUD URIs in DevIDs and that specification is used in this document.

MUD URIs in EATs To embed a MUD URI in an EAT, the mud-uri claim specified in this document MUST be used.

MUD File Signatures As the resources required by a Verifier's appraisal procedures have to be trustworthy, a MUD signature file for a corresponding MUD File MUST be available. The MUD File MUST include a reference to its MUD signature file via the 'mud-signature' statement. The MUD File Signature generation as specified in applies. If a MUD file changed (i.e., the checking of the MUD File Signature fails) or the corresponding MUD File Signer certificate is expired (see , the reference in the changed MUD File MUST point to a new valid MUD Signature File and that new MUD File Signature MUST be available. If a corresponding MUD File Signer certificate is expired (see ) or a MUD File Signature referenced by a MUD File cannot be checked successfully, the MUD File MUST NOT be trusted.

MUD File Signer in DevIDs defines the format of how to embed a reference to the signing certificate in DevIDs and that specification applies to this specification.

MUD File Signer in EATs To embed a reference to a MUD File Signer in an EAT, the mud-signer claim specified in this document MUST be used and the mud-uri claim MUST be present. The value of the mud-signer claim is a CBOR byte-wrapped subject field of the signing certificate of the MUD File as specified in .

Trusting MUD URIs and MUD Files The level of assurance about the authenticity of a MUD URI embedded in a TD is based on the level of trust put into the corresponding trust anchor associated with the key material that signed the TD. If it is not possible to establish a level of trust towards the entity that signed a TD, the embedded MUD URI SHOULD NOT be trusted. In some usage scenarios it might suffice to trust a MUD File, if the referenced MUD File Signer's certificate is not expired, but that behavior is NOT RECOMMENDED. The level of assurance about the authenticity of a MUD file is based on the level of trust put into the entity that created the corresponding MUD File Signer's certificate. If it is not possible to establish a level of trust into the corresponding trust anchor associated with the MUD Signer's certificate, the MUD File that references that MUD Signer MUST NOT be trusted.

Trusting RATS Resources Referenced by a MUD File Resources, e.g., RATS Conceptual Messages, that are referenced by a MUD File MUST be signed (e.g., via a COSE_Sign1 envelope). The signing procedures, the format of corresponding identity documents, and the establishment of trust relationships associated with these resources are out-of-scope of this document.

Specification of RATS MUD Files Referenced by MUD URIs The MUD URI embedded in a TD presented by an Attester points to a MUD File. MUD URIs typically point to a piece of data that is a YANG-modeled XML file with a structure specified in the style of a YANG module definition ( and corresponding updates: , ). This document specifies a YANG module augment definition for generic MUD files to create RATS MUD files. The following definition MUST be used, if a MUD URI points to a RATS MUD file.

Tree Diagram The following tree diagram provides an overview of the data model for the "ietf-mud-rats" module augment.

YANG Module This YANG module has normative references to and augments . <CODE BEGINS> file ietf-mud-rats@2025-02-09.yang module ietf-mud-rats { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-mud-rats"; prefix "mud-rats"; import ietf-mud { prefix "mud"; } import ietf-inet-types { prefix "inet"; } organization "IETF RATS (Remote ATtestation procedureS) Working Group"; contact "WG Web: http://tools.ietf.org/wg/rats/ WG List: rats@ietf.org Author: Eliot Lear <lear@cisco.com> Author: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>"; description "This YANG module augments the ietf-mud model to provide for three optional lists to enable Remote Attestation Procedures so that this device type may be used as a controller for other MUD-enabled devices. Copyright (c) 2020 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself for full legal notices. The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, they appear in all capitals, as shown here."; revision 2020-03-09 { description "Initial proposed standard."; reference "RFC XXXX: MUD Extension to find RATS supply chain entity resources: remote attestation services, endorsement documents, and reference integrity measurement"; } grouping mud-rats-grouping { description "Grouping to locate RATS services"; container ras { description "Lists of Remote Attestation Service (RAS/Verifiers) candidates."; leaf-list ras-uris { type inet:uri; description "A list of Verifiers that can appraise evidence produced by the entity that presents a DevID including this MUD URI."; } } container rim { description "Lists of Reference Integrity Measurement (RIM) candidates."; leaf-list rim-uris { type inet:uri; description "A list of RIM CoSWID that provide reference integrity measurements represented as signed CoSWID using the CoSWID RIM extension."; } } container edt { description "List of Endorsements for Roots of Trusts (e.g. Endorsement Key Certificates)."; leaf-list edt-uris { type inet:uri; description "A list of Endorsements that vouch for the characteristics of Roots of Trusts the entity possesses."; } } } augment "/mud:mud" { uses mud-rats-grouping; description "add mud-rats URI resources"; } } <CODE ENDS>

Privacy Considerations The privacy considerations of RFC 9334 apply.

Security Considerations The trust model and Security Considerations of RFC 8520 and RFC 9334 apply.

IANA Considerations RFC Editor: Please replace "RFCthis" with the RFC number assigned to this document. RFC Editor: This document uses the CPA (code point allocation) convention described in . For each usage of the term "CPA", please remove the prefix "CPA" from the indicated value and replace the residue with the value assigned by IANA; perform an analogous substitution for all other occurrences of the prefix "CPA" in the document. Finally, please remove this note.

CWT mud-uri Claim Registration IANA is requested to add the new mud-uri CBOR Web Token claim to the "CBOR Web Token (CWT) Claims" registry in the Standards Action Range as follows:

• Claim Name: mud-uri
• Claim Description: A CBOR byte-wrapped MUD URI as specified in
• JWT Claim Name: mud-uri
• Claim Key: CPA109
• Claim Value Type(s): CBOR byte string
• Change Controller: IETF
• Specification Document(s): of RFCthis

CWT mud-signer Claim Registration IANA is requested to add the new mud-signer CBOR Web Token claim to the "CBOR Web Token (CWT) Claims" registry group in the Standards Action Range as follows:

• Claim Name: mud-uri
• Claim Description: A CBOR byte-wrapped subject field of the signing certificate for a MUD file as specified in
• JWT Claim Name: mud-signer
• Claim Key: CPA110
• Claim Value Type(s): CBOR byte string
• Change Controller: IETF
• Specification Document(s): of RFCthis

JWT mud-uri Claim Registration IANA is requested to add the new mud-signer JSON Web Token Claim to the "JSON Web Token (JWT)" registry group as follows:

• Claim Name: mud-signer
• Claim Description: A MUD signer reference represented via a URI text string as defined by
• Change Controller: IETF
• Specification Document(s): of RFCthis

JWT mud-signer Claim Registration IANA is requested to add the new mud-signer JSON Web Token Claim to the "JSON Web Token (JWT)" registry group as follows:

• Claim Name: mud-signer
• Claim Description: A MUD signer reference represented via a URI text string as defined by
• Change Controller: IETF
• Specification Document(s): of RFCthis

References Normative References In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. This document introduces a collection of common data types to be used with the YANG data modeling language. This document obsoletes RFC 6021. YANG is a data modeling language used to model configuration data, state data, Remote Procedure Calls, and notifications for network management protocols. This document describes the syntax and semantics of version 1.1 of the YANG language. YANG version 1.1 is a maintenance release of the YANG language, addressing ambiguities and defects in the original specification. There are a small number of backward incompatibilities from YANG version 1. This document also specifies the YANG mappings to the Network Configuration Protocol (NETCONF). This RFC presents NETCONF Call Home and RESTCONF Call Home, which enable a NETCONF or RESTCONF server to initiate a secure connection to a NETCONF or RESTCONF client, respectively. This document captures the current syntax used in YANG module tree diagrams. The purpose of this document is to provide a single location for this definition. This syntax may be updated from time to time based on the evolution of the YANG language. Datastores are a fundamental concept binding the data models written in the YANG data modeling language to network management protocols such as the Network Configuration Protocol (NETCONF) and RESTCONF. This document defines an architectural framework for datastores based on the experience gained with the initial simpler model, addressing requirements that were not well supported in the initial model. This document updates RFC 7950. This memo specifies a component-based architecture for Manufacturer Usage Descriptions (MUDs). The goal of MUD is to provide a means for end devices to signal to the network what sort of access and network functionality they require to properly function. The initial focus is on access control. Later work can delve into other aspects. This memo specifies two YANG modules, IPv4 and IPv6 DHCP options, a Link Layer Discovery Protocol (LLDP) TLV, a URL, an X.509 certificate extension, and a means to sign and verify the descriptions. This document extends the Network Configuration Protocol (NETCONF) defined in RFC 6241 in order to support the Network Management Datastore Architecture (NMDA) defined in RFC 8342. This document updates RFCs 6241 and 7950. The update to RFC 6241 adds new and operations and augments existing,, and operations. The update to RFC 7950 requires the usage of the YANG library (described in RFC 8525) by NETCONF servers implementing the NMDA. In network protocol exchanges, it is often useful for one end of a communication to know whether the other end is in an intended operating state. This document provides an architectural overview of the entities involved that make such tests possible through the process of generating, conveying, and evaluating evidentiary Claims. It provides a model that is neutral toward processor architectures, the content of Claims, and protocols. Security Theory LLC Mediatek USA Qualcomm Technologies Inc. Red Hound Software, Inc. An Entity Attestation Token (EAT) provides an attested claims set that describes state and characteristics of an entity, a device like a smartphone, IoT device, network equipment or such. This claims set is used by a relying party, server or service to determine the type and degree of trust placed in the entity. An EAT is either a CBOR Web Token (CWT) or JSON Web Token (JWT) with attestation-oriented claims. Fraunhofer SIT Independent Linaro University of Applied Sciences Bonn-Rhein-Sieg Google LLC The Conceptual Messages introduced by the RATS architecture (RFC 9334) are protocol-agnostic data units that are conveyed between RATS roles during remote attestation procedures. Conceptual Messages describe the meaning and function of such data units within RATS data flows without specifying a wire format, encoding, transport mechanism, or processing details. The initial set of Conceptual Messages is defined in Section 8 of RFC 9334 and includes Evidence, Attestation Results, Endorsements, Reference Values, and Appraisal Policies. This document introduces the Conceptual Message Wrapper (CMW) that provides a common structure to encapsulate these messages. It defines a dedicated CBOR tag, corresponding JSON Web Token (JWT) and CBOR Web Token (CWT) claims, and an X.509 extension. This allows CMWs to be used in CBOR-based protocols, web APIs using JWTs and CWTs, and PKIX artifacts like X.509 certificates. Additionally, the draft defines a media type and a CoAP content format to transport CMWs over protocols like HTTP, MIME, and CoAP. The goal is to improve the interoperability and flexibility of remote attestation protocols. By introducing a shared message format like the CMW, we can consistently support different attestation message types, evolve message serialization formats without breaking compatibility, and avoid having to redefine how messages are handled in each protocol. Fraunhofer SIT Linaro arm Independent Huawei Technologies Remote Attestation Procedures (RATS) enable Relying Parties to assess the trustworthiness of a remote Attester and therefore to decide whether or not to engage in secure interactions with it. Evidence about trustworthiness can be rather complex and it is deemed unrealistic that every Relying Party is capable of the appraisal of Evidence. Therefore that burden is typically offloaded to a Verifier. In order to conduct Evidence appraisal, a Verifier requires not only fresh Evidence from an Attester, but also trusted Endorsements and Reference Values from Endorsers and Reference Value Providers, such as manufacturers, distributors, or device owners. This document specifies the information elements for representing Endorsements and Reference Values in CBOR format. IANA IANA RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. Informative References This Glossary provides definitions, abbreviations, and explanations of terminology for information system security. The 334 pages of entries offer recommendations to improve the comprehensibility of written material that is generated in the Internet Standards Process (RFC 2026). The recommendations follow the principles that such writing should (a) use the same term or definition whenever the same concept is mentioned; (b) use terms in their plainest, dictionary sense; (c) use terms that are already well-established in open publications; and (d) avoid terms that either favor a particular vendor or favor a particular technology or mechanism over other, competing techniques that already exist or could be developed. This memo provides information for the Internet community. mesur.io Tradeverifyd Fraunhofer SIT This specification describes a data minimization technique for use with CBOR Web Tokens (CWTs). The approach is based on the Selective Disclosure JSON Web Token (SD-JWT), with changes to align with CBOR Object Signing and Encryption (COSE) and CWTs. Universität Bremen TZI CBOR-based protocols often make use of numbers allocated in a registry. During development of the protocols, those numbers may not yet be available. This impedes the generation of data models and examples that actually can be used by tools. This short draft proposes a common way to handle these situations, without any changes to existing tools. Also, in conjunction with the application-oriented EDN literal e'', a further reduction in editorial processing of CBOR examples around the time of approval can be achieved.