File formats:

Also available: XML file for editing

 

Status:

PROPOSED STANDARD

Authors:

H. Birkholz
M. Eckel
S. Bhandari
E. Voit
B. Sulzen
L. Xia
T. Laffey
G. C. Fedorkow

Stream:

IETF

Source:

rats (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9684

Discuss this RFC: Send questions or comments to the mailing list [email protected]

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9684

Abstract

This document defines the YANG Remote Procedure Calls (RPCs) and configuration nodes that are required to retrieve attestation evidence about integrity measurements from a device, following the operational context defined in RFC 9683 "TPM-based Network Device Remote Integrity Verification". Complementary measurement logs originating from one or more Roots of Trust for Measurement (RTMs) are also provided by the YANG RPCs. The defined module requires the inclusion of the following in the device components of the composite device on which the YANG server is running: at least one Trusted Platform Module (TPM) of either version 1.2 or 2.0 as well as a corresponding TPM Software Stack (TSS), or an equivalent hardware implementation that includes the protected capabilities as provided by TPMs as well as a corresponding software stack.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.