| < draft-ietf-rats-yang-tpm-charra-18.txt | draft-ietf-rats-yang-tpm-charra-19.txt > | |||
|---|---|---|---|---|
| RATS Working Group H. Birkholz | RATS Working Group H. Birkholz | |||
| Internet-Draft M. Eckel | Internet-Draft M. Eckel | |||
| Intended status: Standards Track Fraunhofer SIT | Intended status: Standards Track Fraunhofer SIT | |||
| Expires: 21 September 2022 S. Bhandari | Expires: 17 October 2022 S. Bhandari | |||
| ThoughtSpot | ThoughtSpot | |||
| E. Voit | E. Voit | |||
| B. Sulzen | B. Sulzen | |||
| Cisco | Cisco | |||
| L. Xia | L. Xia | |||
| Huawei | Huawei | |||
| T. Laffey | T. Laffey | |||
| HPE | HPE | |||
| G. Fedorkow | G. Fedorkow | |||
| Juniper | Juniper | |||
| 20 March 2022 | 15 April 2022 | |||
| A YANG Data Model for Challenge-Response-based Remote Attestation | A YANG Data Model for Challenge-Response-based Remote Attestation | |||
| Procedures using TPMs | Procedures using TPMs | |||
| draft-ietf-rats-yang-tpm-charra-18 | draft-ietf-rats-yang-tpm-charra-19 | |||
| Abstract | Abstract | |||
| This document defines YANG RPCs and a few configuration nodes | This document defines YANG RPCs and a few configuration nodes | |||
| required to retrieve attestation evidence about integrity | required to retrieve attestation evidence about integrity | |||
| measurements from a device, following the operational context defined | measurements from a device, following the operational context defined | |||
| in TPM-based Network Device Remote Integrity Verification. | in TPM-based Network Device Remote Integrity Verification. | |||
| Complementary measurement logs are also provided by the YANG RPCs, | Complementary measurement logs are also provided by the YANG RPCs, | |||
| originating from one or more roots of trust for measurement (RTMs). | originating from one or more roots of trust for measurement (RTMs). | |||
| The module defined requires at least one TPM 1.2 or TPM 2.0 as well | The module defined requires at least one TPM 1.2 or TPM 2.0 as well | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 21 September 2022. | This Internet-Draft will expire on 17 October 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 2, line 36 ¶ | skipping to change at page 2, line 36 ¶ | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 | |||
| 2. The YANG Module for Basic Remote Attestation Procedures . . . 3 | 2. The YANG Module for Basic Remote Attestation Procedures . . . 3 | |||
| 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3 | 2.1. YANG Modules . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 4 | 2.1.1. 'ietf-tpm-remote-attestation' . . . . . . . . . . . . 4 | |||
| 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 33 | 2.1.2. 'ietf-tcg-algs' . . . . . . . . . . . . . . . . . . . 33 | |||
| 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 48 | 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 48 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 49 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 49 | |||
| 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 50 | 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 | |||
| 5.1. Normative References . . . . . . . . . . . . . . . . . . 51 | 5.1. Normative References . . . . . . . . . . . . . . . . . . 51 | |||
| 5.2. Informative References . . . . . . . . . . . . . . . . . 55 | 5.2. Informative References . . . . . . . . . . . . . . . . . 56 | |||
| Appendix A. Integrity Measurement Architecture (IMA) . . . . . . 56 | Appendix A. Integrity Measurement Architecture (IMA) . . . . . . 56 | |||
| Appendix B. IMA for Network Equipment Boot Logs . . . . . . . . 57 | Appendix B. IMA for Network Equipment Boot Logs . . . . . . . . 57 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 58 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 58 | |||
| 1. Introduction | 1. Introduction | |||
| This document is based on the general terminology defined in the | This document is based on the general terminology defined in the | |||
| [I-D.ietf-rats-architecture] and uses the operational context defined | [I-D.ietf-rats-architecture] and uses the operational context defined | |||
| in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the | in [I-D.ietf-rats-tpm-based-network-device-attest] as well as the | |||
| interaction model and information elements defined in | interaction model and information elements defined in | |||
| skipping to change at page 10, line 4 ¶ | skipping to change at page 10, line 4 ¶ | |||
| specific TPM to identify to which 'compute-node' it belongs. | specific TPM to identify to which 'compute-node' it belongs. | |||
| +--rw compute-nodes {tpm:mtpm}? | +--rw compute-nodes {tpm:mtpm}? | |||
| +--ro compute-node* [node-id] | +--ro compute-node* [node-id] | |||
| +--ro node-id string | +--ro node-id string | |||
| +--ro node-physical-index? int32 {hw:entity-mib}? | +--ro node-physical-index? int32 {hw:entity-mib}? | |||
| +--ro node-name? string | +--ro node-name? string | |||
| +--ro node-location? string | +--ro node-location? string | |||
| 2.1.1.6. YANG Module | 2.1.1.6. YANG Module | |||
| <CODE BEGINS> file "ietf-tpm-remote-attestation@2022-03-15.yang" | <CODE BEGINS> file "ietf-tpm-remote-attestation@2022-03-23.yang" | |||
| module ietf-tpm-remote-attestation { | module ietf-tpm-remote-attestation { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; | namespace "urn:ietf:params:xml:ns:yang:ietf-tpm-remote-attestation"; | |||
| prefix tpm; | prefix tpm; | |||
| import ietf-yang-types { | import ietf-yang-types { | |||
| prefix yang; | prefix yang; | |||
| } | } | |||
| import ietf-hardware { | import ietf-hardware { | |||
| prefix hw; | prefix hw; | |||
| skipping to change at page 11, line 13 ¶ | skipping to change at page 11, line 13 ¶ | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | |||
| itself for full legal notices. | itself for full legal notices. | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | |||
| NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | |||
| 'MAY', and 'OPTIONAL' in this document are to be interpreted as | 'MAY', and 'OPTIONAL' in this document are to be interpreted as | |||
| described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | |||
| they appear in all capitals, as shown here."; | they appear in all capitals, as shown here."; | |||
| revision 2022-03-18 { | revision 2022-03-23 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | "RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | |||
| Attestation Procedures using TPMs"; | Attestation Procedures using TPMs"; | |||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Features */ | /* Features */ | |||
| /*****************/ | /*****************/ | |||
| skipping to change at page 12, line 12 ¶ | skipping to change at page 12, line 12 ¶ | |||
| https://www.trustedcomputinggroup.org/wp-content/uploads/ | https://www.trustedcomputinggroup.org/wp-content/uploads/ | |||
| TCG_IWG_CEL_v1_r0p41_pub.pdf Section 5.1.6"; | TCG_IWG_CEL_v1_r0p41_pub.pdf Section 5.1.6"; | |||
| } | } | |||
| feature netequip_boot { | feature netequip_boot { | |||
| description | description | |||
| "The device supports the netequip_boot logs."; | "The device supports the netequip_boot logs."; | |||
| reference | reference | |||
| "netequip-boot-log: | "netequip-boot-log: | |||
| RFC AAAA Appendix B"; | RFC XXXX Appendix B"; | |||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Typedefs */ | /* Typedefs */ | |||
| /*****************/ | /*****************/ | |||
| typedef pcr { | typedef pcr { | |||
| type uint8 { | type uint8 { | |||
| range "0..31"; | range "0..31"; | |||
| } | } | |||
| skipping to change at page 13, line 44 ¶ | skipping to change at page 13, line 44 ¶ | |||
| "The cryptographic algorithm used to hash the TPM2 PCRs. This | "The cryptographic algorithm used to hash the TPM2 PCRs. This | |||
| must be from the list of platform supported options."; | must be from the list of platform supported options."; | |||
| leaf tpm20-hash-algo { | leaf tpm20-hash-algo { | |||
| type identityref { | type identityref { | |||
| base taa:hash; | base taa:hash; | |||
| } | } | |||
| must '. = /tpm:rats-support-structures' | must '. = /tpm:rats-support-structures' | |||
| + '/tpm:attester-supported-algos/tpm:tpm20-hash' { | + '/tpm:attester-supported-algos/tpm:tpm20-hash' { | |||
| error-message "This platform does not support tpm20-hash-algo"; | error-message "This platform does not support tpm20-hash-algo"; | |||
| } | } | |||
| default "taa:TPM_ALG_SHA256"; | ||||
| description | description | |||
| "The hash scheme that is used to hash a TPM2.0 PCR. This | "The hash scheme that is used to hash a TPM2.0 PCR. This | |||
| must be one of those supported by a platform."; | must be one of those supported by a platform. | |||
| Where this object does not appear, the default value of | ||||
| 'taa:TPM_ALG_SHA256' will apply."; | ||||
| } | } | |||
| } | } | |||
| grouping tpm12-hash-algo { | grouping tpm12-hash-algo { | |||
| description | description | |||
| "The cryptographic algorithm used to hash the TPM1.2 PCRs."; | "The cryptographic algorithm used to hash the TPM1.2 PCRs."; | |||
| leaf tpm12-hash-algo { | leaf tpm12-hash-algo { | |||
| type identityref { | type identityref { | |||
| base taa:hash; | base taa:hash; | |||
| } | } | |||
| must '. = /tpm:rats-support-structures' | must '. = /tpm:rats-support-structures' | |||
| + '/tpm:attester-supported-algos/tpm:tpm12-hash' { | + '/tpm:attester-supported-algos/tpm:tpm12-hash' { | |||
| error-message "This platform does not support tpm12-hash-algo"; | error-message "This platform does not support tpm12-hash-algo"; | |||
| } | } | |||
| default "taa:TPM_ALG_SHA1"; | ||||
| description | description | |||
| "The hash scheme that is used to hash a TPM1.2 PCR. This | "The hash scheme that is used to hash a TPM1.2 PCR. This | |||
| MUST be one of those supported by a platform."; | MUST be one of those supported by a platform. | |||
| Where this object does not appear, the default value of | ||||
| 'taa:TPM_ALG_SHA1' will apply."; | ||||
| } | } | |||
| } | } | |||
| grouping nonce { | grouping nonce { | |||
| description | description | |||
| "A random number intended to guarantee freshness and for use | "A random number intended to guarantee freshness and for use | |||
| as part of a replay-detection mechanism."; | as part of a replay-detection mechanism."; | |||
| leaf nonce-value { | leaf nonce-value { | |||
| type binary; | type binary; | |||
| mandatory true; | mandatory true; | |||
| skipping to change at page 19, line 44 ¶ | skipping to change at page 19, line 45 ¶ | |||
| } | } | |||
| } | } | |||
| leaf event-size { | leaf event-size { | |||
| type uint32; | type uint32; | |||
| description | description | |||
| "Size of the event data"; | "Size of the event data"; | |||
| } | } | |||
| leaf-list event-data { | leaf-list event-data { | |||
| type binary; | type binary; | |||
| description | description | |||
| "The event data size determined by event-size. For more | "The event data. This is a binary structure | |||
| see "; | of size 'event-size'. For more on what | |||
| might be recorded within this object | ||||
| see [bios-log] Section 9 which details | ||||
| viable events which might be recorded."; | ||||
| } | } | |||
| } | } | |||
| grouping bios-event-log { | grouping bios-event-log { | |||
| description | description | |||
| "Measurement log created by the BIOS/UEFI."; | "Measurement log created by the BIOS/UEFI."; | |||
| list bios-event-entry { | list bios-event-entry { | |||
| key "event-number"; | key "event-number"; | |||
| description | description | |||
| "Ordered list of TCG described event log | "Ordered list of TCG described event log | |||
| that extended the PCRs in the order they | that extended the PCRs in the order they | |||
| were logged"; | were logged"; | |||
| uses boot-event-log; | uses boot-event-log; | |||
| skipping to change at page 20, line 37 ¶ | skipping to change at page 20, line 41 ¶ | |||
| } | } | |||
| leaf ima-template { | leaf ima-template { | |||
| type string; | type string; | |||
| description | description | |||
| "Name of the template used for event logs | "Name of the template used for event logs | |||
| for e.g. ima, ima-ng, ima-sig"; | for e.g. ima, ima-ng, ima-sig"; | |||
| } | } | |||
| leaf filename-hint { | leaf filename-hint { | |||
| type string; | type string; | |||
| description | description | |||
| "File that was measured"; | "File name (including the path) that was measured."; | |||
| } | } | |||
| leaf filedata-hash { | leaf filedata-hash { | |||
| type binary; | type binary; | |||
| description | description | |||
| "Hash of filedata as updated based upon the | "Hash of filedata as updated based upon the | |||
| filedata-hash-algorithm"; | filedata-hash-algorithm"; | |||
| } | } | |||
| leaf filedata-hash-algorithm { | leaf filedata-hash-algorithm { | |||
| type string; | type string; | |||
| description | description | |||
| skipping to change at page 34, line 4 ¶ | skipping to change at page 34, line 6 ¶ | |||
| 2. API specifications for TPM types: 'tpm12' and 'tpm20' | 2. API specifications for TPM types: 'tpm12' and 'tpm20' | |||
| 3. Specific algorithm types: Each algorithm type defines what | 3. Specific algorithm types: Each algorithm type defines what | |||
| cryptographic functions may be supported, and on which type of | cryptographic functions may be supported, and on which type of | |||
| API specification. It is not required that an implementation of | API specification. It is not required that an implementation of | |||
| a specific TPM will support all algorithm types. The contents of | a specific TPM will support all algorithm types. The contents of | |||
| each specific algorithm mirrors what is in Table 3 of | each specific algorithm mirrors what is in Table 3 of | |||
| [TCG-Algos]. | [TCG-Algos]. | |||
| 2.1.2.3. YANG Module | 2.1.2.3. YANG Module | |||
| <CODE BEGINS> file "ietf-tcg-algs@2022-03-09.yang" | ||||
| <CODE BEGINS> file "ietf-tcg-algs@2022-03-23.yang" | ||||
| module ietf-tcg-algs { | module ietf-tcg-algs { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; | namespace "urn:ietf:params:xml:ns:yang:ietf-tcg-algs"; | |||
| prefix taa; | prefix taa; | |||
| organization | organization | |||
| "IETF RATS (Remote ATtestation procedureS) Working Group"; | "IETF RATS (Remote ATtestation procedureS) Working Group"; | |||
| contact | contact | |||
| "WG Web: <https://datatracker.ietf.org/wg/rats/> | "WG Web: <https://datatracker.ietf.org/wg/rats/> | |||
| WG List: <mailto:rats@ietf.org> | WG List: <mailto:rats@ietf.org> | |||
| Author: Eric Voit <mailto:evoit@cisco.com>"; | Author: Eric Voit <mailto:evoit@cisco.com>"; | |||
| description | description | |||
| "This module defines identities for asymmetric algorithms. | "This module defines identities for asymmetric algorithms. | |||
| Copyright (c) 2022 IETF Trust and the persons identified | Copyright (c) 2022 IETF Trust and the persons identified as | |||
| as authors of the code. All rights reserved. | authors of the code. All rights reserved. | |||
| Redistribution and use in source and binary forms, with | Redistribution and use in source and binary forms, with | |||
| or without modification, is permitted pursuant to, and | or without modification, is permitted pursuant to, and | |||
| subject to the license terms contained in, the Simplified | subject to the license terms contained in, the Revised | |||
| BSD License set forth in Section 4.c of the IETF Trust's | BSD License set forth in Section 4.c of the IETF Trust's | |||
| Legal Provisions Relating to IETF Documents | Legal Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info). | (https://trustee.ietf.org/license-info). | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself | |||
| itself for full legal notices. | for full legal notices. | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | |||
| 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | |||
| 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | |||
| are to be interpreted as described in BCP 14 (RFC 2119) | are to be interpreted as described in BCP 14 (RFC 2119) | |||
| (RFC 8174) when, and only when, they appear in all | (RFC 8174) when, and only when, they appear in all | |||
| capitals, as shown here."; | capitals, as shown here."; | |||
| revision 2022-03-09 { | revision 2022-03-23 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | "RFC XXXX: A YANG Data Model for Challenge-Response-based Remote | |||
| Attestation Procedures using TPMs"; | Attestation Procedures using TPMs"; | |||
| } | } | |||
| /*****************/ | /*****************/ | |||
| /* Features */ | /* Features */ | |||
| /*****************/ | /*****************/ | |||
| skipping to change at page 44, line 26 ¶ | skipping to change at page 44, line 29 ¶ | |||
| "Prime field ECC"; | "Prime field ECC"; | |||
| reference | reference | |||
| "TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | |||
| ISO/IEC 15946-1. ALG_ID: 0x0023"; | ISO/IEC 15946-1. ALG_ID: 0x0023"; | |||
| } | } | |||
| identity TPM_ALG_SYMCIPHER { | identity TPM_ALG_SYMCIPHER { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| base symmetric; | base symmetric; | |||
| base object_type; | ||||
| description | description | |||
| "Object type for a symmetric block cipher"; | "Object type for a symmetric block cipher"; | |||
| reference | reference | |||
| "TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | "TCG-Algos:TCG Algorithm Registry Rev1.32 Table 3 and | |||
| TCG TPM 2.0 library specification. ALG_ID: 0x0025"; | TCG TPM 2.0 library specification. ALG_ID: 0x0025"; | |||
| } | } | |||
| identity TPM_ALG_CAMELLIA { | identity TPM_ALG_CAMELLIA { | |||
| if-feature "tpm20"; | if-feature "tpm20"; | |||
| base tpm20; | base tpm20; | |||
| skipping to change at page 51, line 38 ¶ | skipping to change at page 51, line 48 ¶ | |||
| Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | Birkholz, H., Thaler, D., Richardson, M., Smith, N., and | |||
| W. Pan, "Remote Attestation Procedures Architecture", Work | W. Pan, "Remote Attestation Procedures Architecture", Work | |||
| in Progress, Internet-Draft, draft-ietf-rats-architecture- | in Progress, Internet-Draft, draft-ietf-rats-architecture- | |||
| 15, 8 February 2022, <https://www.ietf.org/archive/id/ | 15, 8 February 2022, <https://www.ietf.org/archive/id/ | |||
| draft-ietf-rats-architecture-15.txt>. | draft-ietf-rats-architecture-15.txt>. | |||
| [I-D.ietf-rats-tpm-based-network-device-attest] | [I-D.ietf-rats-tpm-based-network-device-attest] | |||
| Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | Fedorkow, G., Voit, E., and J. Fitzgerald-McKay, "TPM- | |||
| based Network Device Remote Integrity Verification", Work | based Network Device Remote Integrity Verification", Work | |||
| in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | in Progress, Internet-Draft, draft-ietf-rats-tpm-based- | |||
| network-device-attest-13, 1 March 2022, | network-device-attest-14, 22 March 2022, | |||
| <https://www.ietf.org/archive/id/draft-ietf-rats-tpm- | <https://www.ietf.org/archive/id/draft-ietf-rats-tpm- | |||
| based-network-device-attest-13.txt>. | based-network-device-attest-14.txt>. | |||
| [IEEE-Std-1363-2000] | [IEEE-Std-1363-2000] | |||
| "IEEE 1363-2000 - IEEE Standard Specifications for Public- | "IEEE 1363-2000 - IEEE Standard Specifications for Public- | |||
| Key Cryptography", n.d., | Key Cryptography", n.d., | |||
| <https://standards.ieee.org/standard/1363-2000.html>. | <https://standards.ieee.org/standard/1363-2000.html>. | |||
| [IEEE-Std-1363a-2004] | [IEEE-Std-1363a-2004] | |||
| "1363a-2004 - IEEE Standard Specifications for Public-Key | "1363a-2004 - IEEE Standard Specifications for Public-Key | |||
| Cryptography - Amendment 1: Additional Techniques", n.d., | Cryptography - Amendment 1: Additional Techniques", n.d., | |||
| <https://ieeexplore.ieee.org/document/1335427>. | <https://ieeexplore.ieee.org/document/1335427>. | |||
| End of changes. 26 change blocks. | ||||
| 27 lines changed or deleted | 34 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||